CVE-2025-20281
A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device.
Github link:
https://github.com/ill-deed/Cisco-CVE-2025-20281-illdeed
A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device.
Github link:
https://github.com/ill-deed/Cisco-CVE-2025-20281-illdeed
GitHub
GitHub - ill-deed/Cisco-CVE-2025-20281-illdeed: Unauthenticated Remote Code Execution exploit for CVE-2025-20281 in Cisco ISE ERS…
Unauthenticated Remote Code Execution exploit for CVE-2025-20281 in Cisco ISE ERS API. Execute commands or launch reverse shells as root — no authentication required. - ill-deed/Cisco-CVE-2025-2028...
CVE-2024-4040
VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS Sandbox.
Github link:
https://github.com/ill-deed/CrushFTP-CVE-2024-4040-illdeed
VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS Sandbox.
Github link:
https://github.com/ill-deed/CrushFTP-CVE-2024-4040-illdeed
GitHub
GitHub - ill-deed/CrushFTP-CVE-2024-4040-illdeed: Exploit for CVE-2024-4040 – Authentication bypass in CrushFTP via CrushAuth cookie…
Exploit for CVE-2024-4040 – Authentication bypass in CrushFTP via CrushAuth cookie and AWS-style header spoofing. Stealthy Python PoC with secure token generation, SSL bypass, and improved output. ...
CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/RickGeex/CVE-2025-5777-CitrixBleed
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/RickGeex/CVE-2025-5777-CitrixBleed
GitHub
GitHub - RickGeex/CVE-2025-5777-CitrixBleed: CitrixBleed-2 (CVE-2025-5777) – proof-of-concept exploit for NetScaler ADC/Gateway…
CitrixBleed-2 (CVE-2025-5777) – proof-of-concept exploit for NetScaler ADC/Gateway “memory bleed” - RickGeex/CVE-2025-5777-CitrixBleed
CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/idobarel/CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/idobarel/CVE-2025-5777
GitHub
GitHub - idobarel/CVE-2025-5777: CitrixBleed2 poc
CitrixBleed2 poc. Contribute to idobarel/CVE-2025-5777 development by creating an account on GitHub.
CVE-2025-0411
7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, 7-Zip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-25456.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-0411
7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, 7-Zip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-25456.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-0411
GitHub
GitHub - B1ack4sh/Blackash-CVE-2025-0411: CVE-2025-0411
CVE-2025-0411. Contribute to B1ack4sh/Blackash-CVE-2025-0411 development by creating an account on GitHub.
CVE-2023-27350
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18987.
Github link:
https://github.com/Royall-Researchers/CVE-2023-27350
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18987.
Github link:
https://github.com/Royall-Researchers/CVE-2023-27350
GitHub
GitHub - Royall-Researchers/CVE-2023-27350: Papercut Vulnerability, Affected Versions are PaperCut MF or NG version 8.0 or later…
Papercut Vulnerability, Affected Versions are PaperCut MF or NG version 8.0 or later (excluding patched versions) on all OS platforms. - GitHub - Royall-Researchers/CVE-2023-27350: Papercut Vulner...
CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/nocerainfosec/cve-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/nocerainfosec/cve-2025-5777
GitHub
GitHub - nocerainfosec/cve-2025-5777: Memory disclosure vulnerability in Citrix NetScaler ADC and Gateway when configured as a…
Memory disclosure vulnerability in Citrix NetScaler ADC and Gateway when configured as a Gateway (VPN virtual server, ICA proxy, CVPN, RDP Proxy). - nocerainfosec/cve-2025-5777
CVE-2024-9264
The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.
Github link:
https://github.com/ruizii/CVE-2024-9264
The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.
Github link:
https://github.com/ruizii/CVE-2024-9264
GitHub
GitHub - ruizii/CVE-2024-9264: Grafana RCE
Grafana RCE. Contribute to ruizii/CVE-2024-9264 development by creating an account on GitHub.
CVE-2024-36991
In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows.
Github link:
https://github.com/Zin0D/CVE-2024-36991
In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows.
Github link:
https://github.com/Zin0D/CVE-2024-36991
GitHub
GitHub - Zin0D/CVE-2024-36991: Exploit for CVE-2024-36991 , written by me, enumerates a handfull of things, not all, cause not…
Exploit for CVE-2024-36991 , written by me, enumerates a handfull of things, not all, cause not needed. - Zin0D/CVE-2024-36991