CVE-2024-42845
An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file.
Github link:
https://github.com/theexploiters/CVE-2024-42845-Exploit
An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file.
Github link:
https://github.com/theexploiters/CVE-2024-42845-Exploit
GitHub
GitHub - theexploiters/CVE-2024-42845-Exploit: Exploit For: CVE-2024-42845: Remote Code Execution (RCE) in Invesalius 3.1
Exploit For: CVE-2024-42845: Remote Code Execution (RCE) in Invesalius 3.1 - theexploiters/CVE-2024-42845-Exploit
CVE-2023-3824
In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
Github link:
https://github.com/bluefish3r/poc-cve
In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
Github link:
https://github.com/bluefish3r/poc-cve
GitHub
GitHub - bluefish3r/poc-cve: poc-cve-2023-3824
poc-cve-2023-3824. Contribute to bluefish3r/poc-cve development by creating an account on GitHub.
CVE-2019-17240
bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers.
Github link:
https://github.com/0xDTC/Bludit-3.9.2-Auth-Bruteforce-Bypass-CVE-2019-17240
bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers.
Github link:
https://github.com/0xDTC/Bludit-3.9.2-Auth-Bruteforce-Bypass-CVE-2019-17240
GitHub
GitHub - 0xDTC/Bludit-3.9.2-Auth-Bruteforce-Bypass-CVE-2019-17240: Bludit 3.9.2 - Auth Bruteforce Bypass CVE:2019-17240 Refurbish…
Bludit 3.9.2 - Auth Bruteforce Bypass CVE:2019-17240 Refurbish In bash - 0xDTC/Bludit-3.9.2-Auth-Bruteforce-Bypass-CVE-2019-17240
CVE-2024-21338
Windows Kernel Elevation of Privilege Vulnerability
Github link:
https://github.com/hackyboiz/kcfg-bypass
Windows Kernel Elevation of Privilege Vulnerability
Github link:
https://github.com/hackyboiz/kcfg-bypass
GitHub
GitHub - hackyboiz/kcfg-bypass: kcfg bypass example - CVE-2024-21338
kcfg bypass example - CVE-2024-21338. Contribute to hackyboiz/kcfg-bypass development by creating an account on GitHub.
CVE-2021-21551
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.
Github link:
https://github.com/IlanDudnik/CVE-2021-21551
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.
Github link:
https://github.com/IlanDudnik/CVE-2021-21551
GitHub
GitHub - IlanDudnik/CVE-2021-21551: Exploit implementation for CVE-2021-21551
Exploit implementation for CVE-2021-21551. Contribute to IlanDudnik/CVE-2021-21551 development by creating an account on GitHub.
CVE-2024-9707
The Hunk Companion plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the /wp-json/hc/v1/themehunk-import REST API endpoint in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated.
Github link:
https://github.com/Nxploited/CVE-2024-9707-Poc
The Hunk Companion plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the /wp-json/hc/v1/themehunk-import REST API endpoint in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated.
Github link:
https://github.com/Nxploited/CVE-2024-9707-Poc
GitHub
GitHub - Nxploited/CVE-2024-9707-Poc: he Hunk Companion Plugin for WordPress: Vulnerable to Unauthorized Plugin Installation/Activation…
he Hunk Companion Plugin for WordPress: Vulnerable to Unauthorized Plugin Installation/Activation (Versions Up to and Including 1.8.4) - Nxploited/CVE-2024-9707-Poc
CVE-2024-35250
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Github link:
https://github.com/Brentlyw/GiveMeKernel
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Github link:
https://github.com/Brentlyw/GiveMeKernel
GitHub
GitHub - 0xROOTPLS/GiveMeKernel: CVE-2024-35250 PoC - Optimized & Condensed Form of Varwara's PoC
CVE-2024-35250 PoC - Optimized & Condensed Form of Varwara's PoC - 0xROOTPLS/GiveMeKernel