CVE-2024-9707
The Hunk Companion plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the /wp-json/hc/v1/themehunk-import REST API endpoint in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated.
Github link:
https://github.com/Nxploited/CVE-2024-9707-Poc
The Hunk Companion plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the /wp-json/hc/v1/themehunk-import REST API endpoint in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated.
Github link:
https://github.com/Nxploited/CVE-2024-9707-Poc
GitHub
GitHub - Nxploited/CVE-2024-9707-Poc: he Hunk Companion Plugin for WordPress: Vulnerable to Unauthorized Plugin Installation/Activation…
he Hunk Companion Plugin for WordPress: Vulnerable to Unauthorized Plugin Installation/Activation (Versions Up to and Including 1.8.4) - Nxploited/CVE-2024-9707-Poc
CVE-2024-35250
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Github link:
https://github.com/Brentlyw/GiveMeKernel
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Github link:
https://github.com/Brentlyw/GiveMeKernel
GitHub
GitHub - 0xROOTPLS/GiveMeKernel: CVE-2024-35250 PoC - Optimized & Condensed Form of Varwara's PoC
CVE-2024-35250 PoC - Optimized & Condensed Form of Varwara's PoC - 0xROOTPLS/GiveMeKernel
CVE-2023-46805
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
Github link:
https://github.com/rxwx/pulse-meter
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
Github link:
https://github.com/rxwx/pulse-meter
GitHub
GitHub - rxwx/pulse-meter: Parses the System Snapshot from an Ivanti Connect Secure applicance to identify possible IOCs related…
Parses the System Snapshot from an Ivanti Connect Secure applicance to identify possible IOCs related to CVE-2023-46805, CVE-2024-21887 and CVE-2025-0282. - rxwx/pulse-meter
CVE-2023-25136
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible."
Github link:
https://github.com/mrmtwoj/CVE-2023-25136
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible."
Github link:
https://github.com/mrmtwoj/CVE-2023-25136
GitHub
GitHub - mrmtwoj/CVE-2023-25136: This vulnerability is of the "double-free" type, which occurs during the processing of key exchange…
This vulnerability is of the "double-free" type, which occurs during the processing of key exchange (KEX) algorithms in OpenSSH. A "double-free" vulnerability ha...