CVE-2025-24016
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are a serialized as JSON and deserialized using `as_wazuh_object` (in `framework/wazuh/core/cluster/common.py`). If an attacker manages to inject an unsanitized dictionary in DAPI request/response, they can forge an unhandled exception (`__unhandled_exc__`) to evaluate arbitrary python code. The vulnerability can be triggered by anybody with API access (compromised dashboard or Wazuh servers in the cluster) or, in certain configurations, even by a compromised agent. Version 4.9.1 contains a fix.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-24016
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are a serialized as JSON and deserialized using `as_wazuh_object` (in `framework/wazuh/core/cluster/common.py`). If an attacker manages to inject an unsanitized dictionary in DAPI request/response, they can forge an unhandled exception (`__unhandled_exc__`) to evaluate arbitrary python code. The vulnerability can be triggered by anybody with API access (compromised dashboard or Wazuh servers in the cluster) or, in certain configurations, even by a compromised agent. Version 4.9.1 contains a fix.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-24016
GitHub
GitHub - B1ack4sh/Blackash-CVE-2025-24016: CVE-2025-24016
CVE-2025-24016. Contribute to B1ack4sh/Blackash-CVE-2025-24016 development by creating an account on GitHub.
CVE-2025-24016
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are a serialized as JSON and deserialized using `as_wazuh_object` (in `framework/wazuh/core/cluster/common.py`). If an attacker manages to inject an unsanitized dictionary in DAPI request/response, they can forge an unhandled exception (`__unhandled_exc__`) to evaluate arbitrary python code. The vulnerability can be triggered by anybody with API access (compromised dashboard or Wazuh servers in the cluster) or, in certain configurations, even by a compromised agent. Version 4.9.1 contains a fix.
Github link:
https://github.com/rxerium/CVE-2025-24016
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are a serialized as JSON and deserialized using `as_wazuh_object` (in `framework/wazuh/core/cluster/common.py`). If an attacker manages to inject an unsanitized dictionary in DAPI request/response, they can forge an unhandled exception (`__unhandled_exc__`) to evaluate arbitrary python code. The vulnerability can be triggered by anybody with API access (compromised dashboard or Wazuh servers in the cluster) or, in certain configurations, even by a compromised agent. Version 4.9.1 contains a fix.
Github link:
https://github.com/rxerium/CVE-2025-24016
GitHub
GitHub - rxerium/CVE-2025-24016: Detection for CVE-2025-24016 - Deserialization of Untrusted Data Vulnerability in the Wazuh software
Detection for CVE-2025-24016 - Deserialization of Untrusted Data Vulnerability in the Wazuh software - rxerium/CVE-2025-24016
CVE-2025-49113
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.
Github link:
https://github.com/BiiTts/Roundcube-CVE-2025-49113
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.
Github link:
https://github.com/BiiTts/Roundcube-CVE-2025-49113
GitHub
GitHub - BiiTts/Roundcube-CVE-2025-49113: Proof-of-concept to CVE-2025-49113
Proof-of-concept to CVE-2025-49113. Contribute to BiiTts/Roundcube-CVE-2025-49113 development by creating an account on GitHub.
CVE-2025-5419
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/alegrason/CVE-2025-5419
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/alegrason/CVE-2025-5419
CVE-2025-26892
Unrestricted Upload of File with Dangerous Type vulnerability in dkszone Celestial Aura allows Using Malicious Files.This issue affects Celestial Aura: from n/a through 2.2.
Github link:
https://github.com/Nxploited/CVE-2025-26892
Unrestricted Upload of File with Dangerous Type vulnerability in dkszone Celestial Aura allows Using Malicious Files.This issue affects Celestial Aura: from n/a through 2.2.
Github link:
https://github.com/Nxploited/CVE-2025-26892
GitHub
GitHub - Nxploited/CVE-2025-26892: WordPress Celestial Aura Theme <= 2.2 is vulnerable to Arbitrary File Upload
WordPress Celestial Aura Theme <= 2.2 is vulnerable to Arbitrary File Upload - GitHub - Nxploited/CVE-2025-26892: WordPress Celestial Aura Theme <= 2.2 is vulnerable to Arbitrary File Upload
CVE-2021-30047
VSFTPD 3.0.3 allows attackers to cause a denial of service due to limited number of connections allowed.
Github link:
https://github.com/Freitandrey/CVE-2021-30047
VSFTPD 3.0.3 allows attackers to cause a denial of service due to limited number of connections allowed.
Github link:
https://github.com/Freitandrey/CVE-2021-30047
GitHub
GitHub - Freitandrey/CVE-2021-30047: Ataque de denial of service no protocolo de rede FTP
Ataque de denial of service no protocolo de rede FTP - Freitandrey/CVE-2021-30047
CVE-2025-32756
A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.8, FortiNDR versions 7.6.0, 7.4.0 through 7.4.7, 7.2.0 through 7.2.4, 7.0.0 through 7.0.6, FortiCamera versions 2.1.0 through 2.1.3, 2.0 all versions, 1.1 all versions, allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.
Github link:
https://github.com/becrevex/CVE-2025-32756
A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.8, FortiNDR versions 7.6.0, 7.4.0 through 7.4.7, 7.2.0 through 7.2.4, 7.0.0 through 7.0.6, FortiCamera versions 2.1.0 through 2.1.3, 2.0 all versions, 1.1 all versions, allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.
Github link:
https://github.com/becrevex/CVE-2025-32756
GitHub
GitHub - becrevex/CVE-2025-32756: CVE-2025-32756: NSE Scanning for RCE in vulnerable FortiVoice, FortiMail, FortiNDR, FortiRecorder…
CVE-2025-32756: NSE Scanning for RCE in vulnerable FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera nodes - becrevex/CVE-2025-32756
CVE-2025-39507
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NasaTheme Nasa Core allows PHP Local File Inclusion. This issue affects Nasa Core: from n/a through 6.3.2.
Github link:
https://github.com/blackgirlinfosec/cve-lfi-lab
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NasaTheme Nasa Core allows PHP Local File Inclusion. This issue affects Nasa Core: from n/a through 6.3.2.
Github link:
https://github.com/blackgirlinfosec/cve-lfi-lab
GitHub
GitHub - blackgirlinfosec/cve-lfi-lab: A hands on lab investigating CVE-2025-39507 from a Tier 1 SOC analyst perspective. Includes…
A hands on lab investigating CVE-2025-39507 from a Tier 1 SOC analyst perspective. Includes log review in Microsoft Sentinel, IP analysis, real world screenshots, and a simple breakdown of a local ...
CVE-2025-2539
The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax() function in all versions up to, and including, 3.9.9.0.1. This makes it possible for unauthenticated attackers, leveraging the use of a reversible weak algorithm, to read the contents of arbitrary files on the server, which can contain sensitive information.
Github link:
https://github.com/Yucaerin/CVE-2025-2539
The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax() function in all versions up to, and including, 3.9.9.0.1. This makes it possible for unauthenticated attackers, leveraging the use of a reversible weak algorithm, to read the contents of arbitrary files on the server, which can contain sensitive information.
Github link:
https://github.com/Yucaerin/CVE-2025-2539
GitHub
GitHub - Yucaerin/CVE-2025-2539: CVE-2025-2539 - WordPress File Away <= 3.9.9.0.1 - Arbitrary File Read
CVE-2025-2539 - WordPress File Away <= 3.9.9.0.1 - Arbitrary File Read - Yucaerin/CVE-2025-2539
CVE-2025-32433
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-32433
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-32433
GitHub
GitHub - B1ack4sh/Blackash-CVE-2025-32433: CVE-2025-32433 Erlang SSH Library Exploit 🛑
CVE-2025-32433 Erlang SSH Library Exploit 🛑. Contribute to B1ack4sh/Blackash-CVE-2025-32433 development by creating an account on GitHub.
CVE-2025-24071
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-24071
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-24071
GitHub
GitHub - B1ack4sh/Blackash-CVE-2025-24071: CVE-2025-24071
CVE-2025-24071. Contribute to B1ack4sh/Blackash-CVE-2025-24071 development by creating an account on GitHub.
CVE-2021-3156
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Github link:
https://github.com/TopskiyPavelQwertyGang/Review.CVE-2021-3156
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Github link:
https://github.com/TopskiyPavelQwertyGang/Review.CVE-2021-3156
GitHub
GitHub - TopskiyPavelQwertyGang/Review.CVE-2021-3156: CVE-2021-3156-Exploit-Demo
CVE-2021-3156-Exploit-Demo. Contribute to TopskiyPavelQwertyGang/Review.CVE-2021-3156 development by creating an account on GitHub.
CVE-2025-24071
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
Github link:
https://github.com/TH-SecForge/CVE-2025-24071
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
Github link:
https://github.com/TH-SecForge/CVE-2025-24071
GitHub
GitHub - TH-SecForge/CVE-2025-24071: Security Vulnerability Report: CVE-2025-24071 - Windows File Explorer Spoofing Vulnerability
Security Vulnerability Report: CVE-2025-24071 - Windows File Explorer Spoofing Vulnerability - TH-SecForge/CVE-2025-24071
CVE-2025-29972
Server-Side Request Forgery (SSRF) in Azure allows an authorized attacker to perform spoofing over a network.
Github link:
https://github.com/TH-SecForge/CVE-2025-29972
Server-Side Request Forgery (SSRF) in Azure allows an authorized attacker to perform spoofing over a network.
Github link:
https://github.com/TH-SecForge/CVE-2025-29972
GitHub
GitHub - TH-SecForge/CVE-2025-29972: CVE-2025-29927 - Critical Security Vulnerability in Next.js
CVE-2025-29927 - Critical Security Vulnerability in Next.js - TH-SecForge/CVE-2025-29972
CVE-2024-10914
A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been declared as critical. Affected by this vulnerability is the function cgi_user_add of the file /cgi-bin/account_mgr.cgi?cmd=cgi_user_add. The manipulation of the argument name leads to os command injection. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
Github link:
https://github.com/TH-SecForge/CVE-2024-10914
A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been declared as critical. Affected by this vulnerability is the function cgi_user_add of the file /cgi-bin/account_mgr.cgi?cmd=cgi_user_add. The manipulation of the argument name leads to os command injection. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
Github link:
https://github.com/TH-SecForge/CVE-2024-10914
GitHub
GitHub - TH-SecForge/CVE-2024-10914: CVE-2024-10914 is a critical command injection vulnerability affecting several legacy D-Link…
CVE-2024-10914 is a critical command injection vulnerability affecting several legacy D-Link Network Attached Storage (NAS) devices. - TH-SecForge/CVE-2024-10914
CVE-2011-0762
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
Github link:
https://github.com/Freitandrey/CVE-2011-0762
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
Github link:
https://github.com/Freitandrey/CVE-2011-0762
GitHub
GitHub - Freitandrey/CVE-2011-0762: Script que corrigi o exploit da CVE que foi publicado no exploit-db
Script que corrigi o exploit da CVE que foi publicado no exploit-db - Freitandrey/CVE-2011-0762
CVE-2022-26134
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
Github link:
https://github.com/thetowsif/CVE-2022-26134
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
Github link:
https://github.com/thetowsif/CVE-2022-26134
GitHub
GitHub - thetowsif/CVE-2022-26134: Atlassian's Confluence Server and Data Center editions (Vulnerable Version > 7.18.1)
Atlassian's Confluence Server and Data Center editions (Vulnerable Version > 7.18.1) - thetowsif/CVE-2022-26134