CVE-2025-49113
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-49113
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-49113
GitHub
GitHub - B1ack4sh/Blackash-CVE-2025-49113: CVE-2025-49113
CVE-2025-49113. Contribute to B1ack4sh/Blackash-CVE-2025-49113 development by creating an account on GitHub.
CVE-2021-31956
Windows NTFS Elevation of Privilege Vulnerability
Github link:
https://github.com/deletehead/Pool-Overflow-CVE-2021-31956
Windows NTFS Elevation of Privilege Vulnerability
Github link:
https://github.com/deletehead/Pool-Overflow-CVE-2021-31956
GitHub
GitHub - deletehead/Pool-Overflow-CVE-2021-31956: Kernel Pool Overflow Exploit targeting CVE-2021-31956
Kernel Pool Overflow Exploit targeting CVE-2021-31956 - deletehead/Pool-Overflow-CVE-2021-31956
CVE-2025-33053
External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network.
Github link:
https://github.com/TheTorjanCaptain/CVE-2025-33053-Checker-PoC
External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network.
Github link:
https://github.com/TheTorjanCaptain/CVE-2025-33053-Checker-PoC
GitHub
GitHub - TheTorjanCaptain/CVE-2025-33053-Checker-PoC: CVE-2025-33053 Checker and PoC
CVE-2025-33053 Checker and PoC. Contribute to TheTorjanCaptain/CVE-2025-33053-Checker-PoC development by creating an account on GitHub.
CVE-2025-0133
A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft—particularly if you enabled Clientless VPN.
There is no availability impact to GlobalProtect features or GlobalProtect users. Attackers cannot use this vulnerability to tamper with or modify contents or configurations of the GlobalProtect portal or gateways. The integrity impact of this vulnerability is limited to enabling an attacker to create phishing and credential-stealing links that appear to be hosted on the GlobalProtect portal.
For GlobalProtect users with Clientless VPN enabled, there is a limited impact on confidentiality due to inherent risks of Clientless VPN that facilitate credential theft. You can read more about this risk in the in
Github link:
https://github.com/wiseep/CVE-2025-0133
A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft—particularly if you enabled Clientless VPN.
There is no availability impact to GlobalProtect features or GlobalProtect users. Attackers cannot use this vulnerability to tamper with or modify contents or configurations of the GlobalProtect portal or gateways. The integrity impact of this vulnerability is limited to enabling an attacker to create phishing and credential-stealing links that appear to be hosted on the GlobalProtect portal.
For GlobalProtect users with Clientless VPN enabled, there is a limited impact on confidentiality due to inherent risks of Clientless VPN that facilitate credential theft. You can read more about this risk in the in
Github link:
https://github.com/wiseep/CVE-2025-0133
GitHub
GitHub - wiseep/CVE-2025-0133: Palo Alto - Global Protect - Reflected XSS
Palo Alto - Global Protect - Reflected XSS. Contribute to wiseep/CVE-2025-0133 development by creating an account on GitHub.
CVE-2023-26136
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.
Github link:
https://github.com/uriyahav/tough-cookie-2.5.0-cve-2023-26136-fix
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.
Github link:
https://github.com/uriyahav/tough-cookie-2.5.0-cve-2023-26136-fix
GitHub
GitHub - uriyahav/tough-cookie-2.5.0-cve-2023-26136-fix: ecurity patch for CVE-2023-26136 in tough-cookie 2.5.0 - Prototype pollution…
ecurity patch for CVE-2023-26136 in tough-cookie 2.5.0 - Prototype pollution vulnerability fix with backward compatibility - uriyahav/tough-cookie-2.5.0-cve-2023-26136-fix
CVE-2025-33053
External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network.
Github link:
https://github.com/kra1t0/CVE-2025-33053-WebDAV-RCE-PoC-and-C2-Concept
External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network.
Github link:
https://github.com/kra1t0/CVE-2025-33053-WebDAV-RCE-PoC-and-C2-Concept
GitHub
GitHub - kra1t0/CVE-2025-33053-WebDAV-RCE-PoC-and-C2-Concept: Proof-of-Concept for CVE-2025-33053 Exploiting WebDAV with .url…
Proof-of-Concept for CVE-2025-33053 Exploiting WebDAV with .url file delivery to demonstrate realistic remote code execution. Includes a decoy PDF payload and a video-only showcase of potential co...
CVE-2025-3248
Langflow versions prior to 1.3.0 are susceptible to code injection in
the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary
code.
Github link:
https://github.com/0xgh057r3c0n/CVE-2025-3248
Langflow versions prior to 1.3.0 are susceptible to code injection in
the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary
code.
Github link:
https://github.com/0xgh057r3c0n/CVE-2025-3248
GitHub
GitHub - 0xgh057r3c0n/CVE-2025-3248: Exploit for Langflow AI Remote Code Execution (Unauthenticated)
Exploit for Langflow AI Remote Code Execution (Unauthenticated) - 0xgh057r3c0n/CVE-2025-3248
CVE-2025-1094
Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the function result to construct input to psql, the PostgreSQL interactive terminal. Similarly, improper neutralization of quoting syntax in PostgreSQL command line utility programs allows a source of command line arguments to achieve SQL injection when client_encoding is BIG5 and server_encoding is one of EUC_TW or MULE_INTERNAL. Versions before PostgreSQL 17.3, 16.7, 15.11, 14.16, and 13.19 are affected.
Github link:
https://github.com/aninfosec/CVE-2025-1094
Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the function result to construct input to psql, the PostgreSQL interactive terminal. Similarly, improper neutralization of quoting syntax in PostgreSQL command line utility programs allows a source of command line arguments to achieve SQL injection when client_encoding is BIG5 and server_encoding is one of EUC_TW or MULE_INTERNAL. Versions before PostgreSQL 17.3, 16.7, 15.11, 14.16, and 13.19 are affected.
Github link:
https://github.com/aninfosec/CVE-2025-1094
GitHub
GitHub - aninfosec/CVE-2025-1094: It is an input sanitization flaw caused by an encoding mismatch, allowing crafted input to bypass…
It is an input sanitization flaw caused by an encoding mismatch, allowing crafted input to bypass filters. If a server is vulnerable, an attacker can inject malicious SQL that the backend executes....
CVE-2025-3248
Langflow versions prior to 1.3.0 are susceptible to code injection in
the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary
code.
Github link:
https://github.com/zapstiko/CVE-2025-3248
Langflow versions prior to 1.3.0 are susceptible to code injection in
the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary
code.
Github link:
https://github.com/zapstiko/CVE-2025-3248
GitHub
GitHub - zapstiko/CVE-2025-3248: CVE-2025-3248 — Langflow RCE Exploit
CVE-2025-3248 — Langflow RCE Exploit. Contribute to zapstiko/CVE-2025-3248 development by creating an account on GitHub.
CVE-2015-1578
Multiple open redirect vulnerabilities in u5CMS before 3.9.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) pidvesa cookie to u5admin/pidvesa.php or (2) uri parameter to u5admin/meta2.php.
Github link:
https://github.com/yaldobaoth/CVE-2015-1578-PoC
Multiple open redirect vulnerabilities in u5CMS before 3.9.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) pidvesa cookie to u5admin/pidvesa.php or (2) uri parameter to u5admin/meta2.php.
Github link:
https://github.com/yaldobaoth/CVE-2015-1578-PoC
GitHub
GitHub - yaldobaoth/CVE-2015-1578-PoC: This is a proof-of-concept exploit for CVE-2015-1578, a buffer overflow vulnerability in…
This is a proof-of-concept exploit for CVE-2015-1578, a buffer overflow vulnerability in Achat 0.150 beta7 on Windows. Exploitation leads to remote code execution via a crafted UDP packet. - yaldob...
CVE-2025-0108
An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact integrity and confidentiality of PAN-OS.
You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
This issue does not affect Cloud NGFW or Prisma Access software.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-0108
An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact integrity and confidentiality of PAN-OS.
You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
This issue does not affect Cloud NGFW or Prisma Access software.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-0108
Paloaltonetworks
Critical Recommendations for Deployment Guides: How to Secure the Management Access to your Palo Alto Networks Device
Protecting your network begins with a secure firewall deployment. It is very important to secure the management interface and management network to prevent exploitation. So even when an attacker knows the login credentials of your devices, you can still…
CVE-2019-15107
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
Github link:
https://github.com/bayazid-bit/CVE-2019-15107
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
Github link:
https://github.com/bayazid-bit/CVE-2019-15107
GitHub
GitHub - bayazid-bit/CVE-2019-15107: exploit for CVE-2019-15107
exploit for CVE-2019-15107. Contribute to bayazid-bit/CVE-2019-15107 development by creating an account on GitHub.
CVE-2011-2523
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
Github link:
https://github.com/lghost256/vsftpd234-exploit
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
Github link:
https://github.com/lghost256/vsftpd234-exploit
GitHub
GitHub - lghost256/vsftpd234-exploit: Exploit for CVE-2011-2523.
Exploit for CVE-2011-2523. Contribute to lghost256/vsftpd234-exploit development by creating an account on GitHub.
CVE-2024-3094
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. The tarballs included extra .m4 files, which contained instructions for building with automake that did not exist in the repository. These instructions, through a series of complex obfuscations, extract a prebuilt object file from one of the test archives, which is then used to modify specific functions in the code while building the liblzma package. This issue results in liblzma being used by additional software, like sshd, to provide functionality that will be interpreted by the modified functions.
Github link:
https://github.com/24Owais/threat-intel-cve-2024-3094
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. The tarballs included extra .m4 files, which contained instructions for building with automake that did not exist in the repository. These instructions, through a series of complex obfuscations, extract a prebuilt object file from one of the test archives, which is then used to modify specific functions in the code while building the liblzma package. This issue results in liblzma being used by additional software, like sshd, to provide functionality that will be interpreted by the modified functions.
Github link:
https://github.com/24Owais/threat-intel-cve-2024-3094
GitHub
GitHub - 24Owais/threat-intel-cve-2024-3094: Threat intelligence report analyzing the xz-utils backdoor vulnerability (CVE-2024…
Threat intelligence report analyzing the xz-utils backdoor vulnerability (CVE-2024-3094) - 24Owais/threat-intel-cve-2024-3094