CVE-2023-50564
An arbitrary file upload vulnerability in the component /inc/modules_install.php of Pluck-CMS v4.7.18 allows attackers to execute arbitrary code via uploading a crafted ZIP file.
Github link:
https://github.com/glynzr/CVE-2023-50564
An arbitrary file upload vulnerability in the component /inc/modules_install.php of Pluck-CMS v4.7.18 allows attackers to execute arbitrary code via uploading a crafted ZIP file.
Github link:
https://github.com/glynzr/CVE-2023-50564
GitHub
GitHub - glynzr/CVE-2023-50564: Pluck v4.7.18 - Remote Code Execution (RCE)
Pluck v4.7.18 - Remote Code Execution (RCE). Contribute to glynzr/CVE-2023-50564 development by creating an account on GitHub.
CVE-2024-42009
A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in message_body() in program/actions/mail/show.php.
Github link:
https://github.com/DaniTheHack3r/CVE-2024-42009-PoC
A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in message_body() in program/actions/mail/show.php.
Github link:
https://github.com/DaniTheHack3r/CVE-2024-42009-PoC
GitHub
GitHub - DaniTheHack3r/CVE-2024-42009-PoC: CVE-2024-42009 Proof of Concept
CVE-2024-42009 Proof of Concept. Contribute to DaniTheHack3r/CVE-2024-42009-PoC development by creating an account on GitHub.
CVE-2021-24086
Windows TCP/IP Denial of Service Vulnerability
Github link:
https://github.com/personnumber3377/windows_tcpip_fuzz
Windows TCP/IP Denial of Service Vulnerability
Github link:
https://github.com/personnumber3377/windows_tcpip_fuzz
GitHub
GitHub - personnumber3377/windows_tcpip_fuzz: This is my attempt at fuzzing the tcpip.sys driver in windows via using scapy. This…
This is my attempt at fuzzing the tcpip.sys driver in windows via using scapy. This is inspired by this vulnerability here: https://doar-e.github.io/blog/2021/04/15/reverse-engineering-tcpipsys-mec...
CVE-2023-20963
In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519
Github link:
https://github.com/black7024/BadParcel
In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519
Github link:
https://github.com/black7024/BadParcel
GitHub
GitHub - black7024/BadParcel: CVE-2023-20963 PoC (Android WorkSource parcel/unparcel logic mismatch)
CVE-2023-20963 PoC (Android WorkSource parcel/unparcel logic mismatch) - black7024/BadParcel
CVE-2025-4664
Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/korden-c/CVE-2025-4664
Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/korden-c/CVE-2025-4664
CVE-2025-24813
Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98.
If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files:
- writes enabled for the default servlet (disabled by default)
- support for partial PUT (enabled by default)
- a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads
- attacker knowledge of the names of security sensitive files being uploaded
- the security sensitive files also being uploaded via partial PUT
If all of the following were true, a malicious user was able to perform remote code execution:
- writes enabled for the default servlet (disabled by default)
- support for partial
Github link:
https://github.com/mbanyamer/Apache-Tomcat---Remote-Code-Execution-via-Session-Deserialization-CVE-2025-24813-
Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98.
If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files:
- writes enabled for the default servlet (disabled by default)
- support for partial PUT (enabled by default)
- a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads
- attacker knowledge of the names of security sensitive files being uploaded
- the security sensitive files also being uploaded via partial PUT
If all of the following were true, a malicious user was able to perform remote code execution:
- writes enabled for the default servlet (disabled by default)
- support for partial
Github link:
https://github.com/mbanyamer/Apache-Tomcat---Remote-Code-Execution-via-Session-Deserialization-CVE-2025-24813-
GitHub
GitHub - mbanyamer/Apache-Tomcat---Remote-Code-Execution-via-Session-Deserialization-CVE-2025-24813-: Apache Tomcat - Remote Code…
Apache Tomcat - Remote Code Execution via Session Deserialization (CVE-2025-24813) - mbanyamer/Apache-Tomcat---Remote-Code-Execution-via-Session-Deserialization-CVE-2025-24813-
CVE-2025-24203
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to modify protected parts of the file system.
Github link:
https://github.com/pxx917144686/iDevice_ZH
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to modify protected parts of the file system.
Github link:
https://github.com/pxx917144686/iDevice_ZH
GitHub
GitHub - pxx917144686/iDevice_ZH: CVE-2025-24203漏洞
CVE-2025-24203漏洞. Contribute to pxx917144686/iDevice_ZH development by creating an account on GitHub.
CVE-2024-42008
A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a malicious e-mail attachment served with a dangerous Content-Type header.
Github link:
https://github.com/Foxer131/CVE-2024-42008-9-exploit
A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a malicious e-mail attachment served with a dangerous Content-Type header.
Github link:
https://github.com/Foxer131/CVE-2024-42008-9-exploit
GitHub
GitHub - Foxer131/CVE-2024-42008-9-exploit: The scripts in this repository are made to abuse CVE-2024-42008 and CVE-2024-42009.…
The scripts in this repository are made to abuse CVE-2024-42008 and CVE-2024-42009. Both of these CVEs are vulnerabilities found on Roundcube 1.6.7 - Foxer131/CVE-2024-42008-9-exploit
CVE-2025-22457
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.
Github link:
https://github.com/TRone-ux/CVE-2025-22457
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.
Github link:
https://github.com/TRone-ux/CVE-2025-22457
GitHub
GitHub - TRone-ux/CVE-2025-22457: PoC CVE-2025-22457
PoC CVE-2025-22457. Contribute to TRone-ux/CVE-2025-22457 development by creating an account on GitHub.
CVE-2024-0204
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.
Github link:
https://github.com/ibrahimsql/CVE-2024-0204
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.
Github link:
https://github.com/ibrahimsql/CVE-2024-0204
GitHub
GitHub - ibrahimsql/CVE-2024-0204: CVE-2024-0204 was discovered in January 2024 and affects all GoAnywhere MFT versions prior to…
CVE-2024-0204 was discovered in January 2024 and affects all GoAnywhere MFT versions prior to 7.4.1. This vulnerability has been rated as Critical (CVSS 9.8) due to its ease of exploitation and the...
CVE-2025-29927
Next.js is a React framework for building full-stack web applications. Starting in version 1.11.4 and prior to versions 12.3.5, 13.5.9, 14.2.25, and 15.2.3, it is possible to bypass authorization checks within a Next.js application, if the authorization check occurs in middleware. If patching to a safe version is infeasible, it is recommend that you prevent external user requests which contain the x-middleware-subrequest header from reaching your Next.js application. This vulnerability is fixed in 12.3.5, 13.5.9, 14.2.25, and 15.2.3.
Github link:
https://github.com/sagsooz/CVE-2025-29927
Next.js is a React framework for building full-stack web applications. Starting in version 1.11.4 and prior to versions 12.3.5, 13.5.9, 14.2.25, and 15.2.3, it is possible to bypass authorization checks within a Next.js application, if the authorization check occurs in middleware. If patching to a safe version is infeasible, it is recommend that you prevent external user requests which contain the x-middleware-subrequest header from reaching your Next.js application. This vulnerability is fixed in 12.3.5, 13.5.9, 14.2.25, and 15.2.3.
Github link:
https://github.com/sagsooz/CVE-2025-29927
GitHub
GitHub - sagsooz/CVE-2025-29927: 🔐 Python-based smart scanner for CVE-2025-29927 — Next.js middleware authentication bypass vulnerability.…
🔐 Python-based smart scanner for CVE-2025-29927 — Next.js middleware authentication bypass vulnerability. Detects meta refresh, keyword-based redirects, and more. - sagsooz/CVE-2025-29927
CVE-2025-24071
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
Github link:
https://github.com/f4dee-backup/CVE-2025-24071
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
Github link:
https://github.com/f4dee-backup/CVE-2025-24071
GitHub
GitHub - f4dee-backup/CVE-2025-24071: Windows File Explorer Spoofing Vulnerability - CVE-2025-24071
Windows File Explorer Spoofing Vulnerability - CVE-2025-24071 - f4dee-backup/CVE-2025-24071
CVE-2025-4664
Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/Leviticus-Triage/ChromSploit-Framework
Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/Leviticus-Triage/ChromSploit-Framework
GitHub
GitHub - Leviticus-Triage/ChromSploit-Framework: Advanced AI-Powered Exploitation Framework | CVE-2025-4664 & CVE-2025-2783 &…
Advanced AI-Powered Exploitation Framework | CVE-2025-4664 & CVE-2025-2783 & CVE-2025-2857 & CVE-2025-30397 | - GitHub - Leviticus-Triage/ChromSploit-Framework: Advance...