CVE-2025-31650
Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service.
This issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5.
Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.
Github link:
https://github.com/assad12341/Dos-exploit-
Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service.
This issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5.
Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.
Github link:
https://github.com/assad12341/Dos-exploit-
GitHub
GitHub - assad12341/Dos-exploit-: CVE-2025-31650
CVE-2025-31650. Contribute to assad12341/Dos-exploit- development by creating an account on GitHub.
CVE-2025-5419
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/itsShotgun/chrome_cve-2025-5419_checker
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/itsShotgun/chrome_cve-2025-5419_checker
GitHub
GitHub - itsShotgun/chrome_v8_cve_checker: Checks if your Chrome version is vulnerable to CVE-2025-5419, from the browser
Checks if your Chrome version is vulnerable to CVE-2025-5419, from the browser - itsShotgun/chrome_v8_cve_checker
CVE-2014-6271
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
Github link:
https://github.com/knightc0de/Shellshock_vuln_Exploit
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
Github link:
https://github.com/knightc0de/Shellshock_vuln_Exploit
GitHub
GitHub - knightc0de/Shellshock_vuln_Exploit: CVE-2014-6271(RCE) poc Exploit
CVE-2014-6271(RCE) poc Exploit. Contribute to knightc0de/Shellshock_vuln_Exploit development by creating an account on GitHub.
CVE-2022-26134
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
Github link:
https://github.com/Yuri08loveElaina/CVE-2022-26134
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
Github link:
https://github.com/Yuri08loveElaina/CVE-2022-26134
GitHub
GitHub - Yuri08loveElaina/CVE-2022-26134: CVE-2022-26134 - Confluence Pre-Auth Remote Code Execution [RCE]
CVE-2022-26134 - Confluence Pre-Auth Remote Code Execution [RCE] - Yuri08loveElaina/CVE-2022-26134
CVE-2024-50379
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration).
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97.
Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue.
Github link:
https://github.com/Yuri08loveElaina/CVE-2024-50379-POC
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration).
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97.
Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue.
Github link:
https://github.com/Yuri08loveElaina/CVE-2024-50379-POC
GitHub
GitHub - Yuri08loveElaina/CVE-2024-50379-POC: Cve exploiting
Cve exploiting . Contribute to Yuri08loveElaina/CVE-2024-50379-POC development by creating an account on GitHub.
CVE-2025-24054
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
Github link:
https://github.com/Yuri08loveElaina/CVE-2025-24054_POC
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
Github link:
https://github.com/Yuri08loveElaina/CVE-2025-24054_POC
GitHub
GitHub - Yuri08loveElaina/CVE-2025-24054_POC: CVE 2025 24054
CVE 2025 24054. Contribute to Yuri08loveElaina/CVE-2025-24054_POC development by creating an account on GitHub.
CVE-2023-46818
An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled.
Github link:
https://github.com/z7Akane/CVE-2023-46818
An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled.
Github link:
https://github.com/z7Akane/CVE-2023-46818
GitHub
GitHub - hunntr/CVE-2023-46818: An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the…
An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled. - hunntr/CVE-2023-46818
CVE-2024-28995
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
Github link:
https://github.com/ibrahmsql/CVE-2024-28995
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
Github link:
https://github.com/ibrahmsql/CVE-2024-28995
GitHub
GitHub - ibrahmsql/CVE-2024-28995: SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal - ibrahmsql/CVE-2024-28995
CVE-2024-0204
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.
Github link:
https://github.com/ibrahmsql/CVE-2024-0204
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.
Github link:
https://github.com/ibrahmsql/CVE-2024-0204
GitHub
GitHub - ibrahmsql/CVE-2024-0204: Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass - ibrahmsql/CVE-2024-0204
CVE-2025-31161
CrushFTP 10 before 10.8.4 and 11 before 11.3.1 allows authentication bypass and takeover of the crushadmin account (unless a DMZ proxy instance is used), as exploited in the wild in March and April 2025, aka "Unauthenticated HTTP(S) port access." A race condition exists in the AWS4-HMAC (compatible with S3) authorization method of the HTTP component of the FTP server. The server first verifies the existence of the user by performing a call to login_user_pass() with no password requirement. This will authenticate the session through the HMAC verification process and up until the server checks for user verification once more. The vulnerability can be further stabilized, eliminating the need for successfully triggering a race condition, by sending a mangled AWS4-HMAC header. By providing only the username and a following slash (/), the server will successfully find a username, which triggers the successful anypass authentication process, but the server will fail to find the expected SignedHeaders entry, resultin
Github link:
https://github.com/ibrahmsql/CVE-2025-31161
CrushFTP 10 before 10.8.4 and 11 before 11.3.1 allows authentication bypass and takeover of the crushadmin account (unless a DMZ proxy instance is used), as exploited in the wild in March and April 2025, aka "Unauthenticated HTTP(S) port access." A race condition exists in the AWS4-HMAC (compatible with S3) authorization method of the HTTP component of the FTP server. The server first verifies the existence of the user by performing a call to login_user_pass() with no password requirement. This will authenticate the session through the HMAC verification process and up until the server checks for user verification once more. The vulnerability can be further stabilized, eliminating the need for successfully triggering a race condition, by sending a mangled AWS4-HMAC header. By providing only the username and a following slash (/), the server will successfully find a username, which triggers the successful anypass authentication process, but the server will fail to find the expected SignedHeaders entry, resultin
Github link:
https://github.com/ibrahmsql/CVE-2025-31161
GitHub
GitHub - ibrahmsql/CVE-2025-31161: CrushFTP 11.3.1 - Authentication Bypass
CrushFTP 11.3.1 - Authentication Bypass. Contribute to ibrahmsql/CVE-2025-31161 development by creating an account on GitHub.
CVE-2024-4577
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Github link:
https://github.com/ibrahmsql/CVE-2024-4577
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Github link:
https://github.com/ibrahmsql/CVE-2024-4577
GitHub
GitHub - ibrahmsql/CVE-2024-4577: CVE-2024-4577.py
CVE-2024-4577.py. Contribute to ibrahmsql/CVE-2024-4577 development by creating an account on GitHub.
CVE-2025-33073
Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
Github link:
https://github.com/joaozixx/CVE-2025-33073
Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
Github link:
https://github.com/joaozixx/CVE-2025-33073
CVE-2023-1698
In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise.
Github link:
https://github.com/ibrahmsql/CVE-2023-1698
In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise.
Github link:
https://github.com/ibrahmsql/CVE-2023-1698
GitHub
GitHub - ibrahmsql/CVE-2023-1698: CVE-2023-1698 exploit with golang
CVE-2023-1698 exploit with golang . Contribute to ibrahmsql/CVE-2023-1698 development by creating an account on GitHub.
CVE-2025-49113
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.
Github link:
https://github.com/Yuri08loveElaina/CVE-2025-49113
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.
Github link:
https://github.com/Yuri08loveElaina/CVE-2025-49113
GitHub
GitHub - Yuri08loveElaina/CVE-2025-49113: Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution…
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload....