CVE-2024-3094
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. The tarballs included extra .m4 files, which contained instructions for building with automake that did not exist in the repository. These instructions, through a series of complex obfuscations, extract a prebuilt object file from one of the test archives, which is then used to modify specific functions in the code while building the liblzma package. This issue results in liblzma being used by additional software, like sshd, to provide functionality that will be interpreted by the modified functions.
Github link:
https://github.com/Ikram124/CVE-2024-3094-analysis
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. The tarballs included extra .m4 files, which contained instructions for building with automake that did not exist in the repository. These instructions, through a series of complex obfuscations, extract a prebuilt object file from one of the test archives, which is then used to modify specific functions in the code while building the liblzma package. This issue results in liblzma being used by additional software, like sshd, to provide functionality that will be interpreted by the modified functions.
Github link:
https://github.com/Ikram124/CVE-2024-3094-analysis
GitHub
GitHub - Ikram124/CVE-2024-3094-analysis: Security analysis project: Real-world CVE breakdown
Security analysis project: Real-world CVE breakdown - Ikram124/CVE-2024-3094-analysis
CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
Github link:
https://github.com/ArtemCyberLab/Project-Field-Analysis-and-Memory-Leak-Demonstration
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
Github link:
https://github.com/ArtemCyberLab/Project-Field-Analysis-and-Memory-Leak-Demonstration
GitHub
GitHub - ArtemCyberLab/Project-Field-Analysis-and-Memory-Leak-Demonstration: The objective of this project was to assess a remote…
The objective of this project was to assess a remote host for the Heartbleed vulnerability (CVE-2014-0160), verify its presence, and exploit it to extract potentially sensitive information from ser...
CVE-2025-49144
Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory (typically Downloads folder - which is known as Vulnerable directory). Upon running the installer, the attack executes automatically with SYSTEM privileges. This issue has been fixed and will be released in version 8.8.2.
Github link:
https://github.com/65-75-65-83-72/65-75-65-83-72.github.io
Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory (typically Downloads folder - which is known as Vulnerable directory). Upon running the installer, the attack executes automatically with SYSTEM privileges. This issue has been fixed and will be released in version 8.8.2.
Github link:
https://github.com/65-75-65-83-72/65-75-65-83-72.github.io
CVE-2023-30258
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.
Github link:
https://github.com/delldevmann/CVE-2023-30258
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.
Github link:
https://github.com/delldevmann/CVE-2023-30258
GitHub
GitHub - delldevmann/CVE-2023-30258: BILLING THM
BILLING THM. Contribute to delldevmann/CVE-2023-30258 development by creating an account on GitHub.
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
Github link:
https://github.com/ZapcoMan/spring4shell-vulnerable-application
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
Github link:
https://github.com/ZapcoMan/spring4shell-vulnerable-application
GitHub
GitHub - ZapcoMan/spring4shell-vulnerable-application: (CVE-2022-22965)PoC 应用程序和漏洞利用
(CVE-2022-22965)PoC 应用程序和漏洞利用. Contribute to ZapcoMan/spring4shell-vulnerable-application development by creating an account on GitHub.
CVE-2024-4367
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
Github link:
https://github.com/pS3ud0RAnD0m/CVE-2024-4367-POC
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
Github link:
https://github.com/pS3ud0RAnD0m/CVE-2024-4367-POC
GitHub
GitHub - pS3ud0RAnD0m/cve-2024-4367-poc: POC for PDF JS' CVE-2024-4367 vuln
POC for PDF JS' CVE-2024-4367 vuln. Contribute to pS3ud0RAnD0m/cve-2024-4367-poc development by creating an account on GitHub.
CVE-2025-30208
Vite, a provider of frontend development tooling, has a vulnerability in versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10. `@fs` denies access to files outside of Vite serving allow list. Adding `?raw??` or `?import&raw??` to the URL bypasses this limitation and returns the file content if it exists. This bypass exists because trailing separators such as `?` are removed in several places, but are not accounted for in query string regexes. The contents of arbitrary files can be returned to the browser. Only apps explicitly exposing the Vite dev server to the network (using `--host` or `server.host` config option) are affected. Versions 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10 fix the issue.
Github link:
https://github.com/TH-SecForge/CVE-2025-30208
Vite, a provider of frontend development tooling, has a vulnerability in versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10. `@fs` denies access to files outside of Vite serving allow list. Adding `?raw??` or `?import&raw??` to the URL bypasses this limitation and returns the file content if it exists. This bypass exists because trailing separators such as `?` are removed in several places, but are not accounted for in query string regexes. The contents of arbitrary files can be returned to the browser. Only apps explicitly exposing the Vite dev server to the network (using `--host` or `server.host` config option) are affected. Versions 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10 fix the issue.
Github link:
https://github.com/TH-SecForge/CVE-2025-30208
GitHub
GitHub - TH-SecForge/CVE-2025-30208: CVE‑2025‑30208 is a medium-severity arbitrary file read vulnerability in the Vite development…
CVE‑2025‑30208 is a medium-severity arbitrary file read vulnerability in the Vite development server (a popular frontend build tool) - TH-SecForge/CVE-2025-30208
CVE-2025-49144
Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory (typically Downloads folder - which is known as Vulnerable directory). Upon running the installer, the attack executes automatically with SYSTEM privileges. This issue has been fixed and will be released in version 8.8.2.
Github link:
https://github.com/b0ySie7e/Notepad-8.8.1_CVE-2025-49144
Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory (typically Downloads folder - which is known as Vulnerable directory). Upon running the installer, the attack executes automatically with SYSTEM privileges. This issue has been fixed and will be released in version 8.8.2.
Github link:
https://github.com/b0ySie7e/Notepad-8.8.1_CVE-2025-49144
GitHub
GitHub - b0ySie7e/Notepad-8.8.1_CVE-2025-49144: Proof of Concept (PoC) that exploits the CVE-2025-49144 vulnerability in the Notepad++…
Proof of Concept (PoC) that exploits the CVE-2025-49144 vulnerability in the Notepad++ 8.8.1 installer. - GitHub - b0ySie7e/Notepad-8.8.1_CVE-2025-49144: Proof of Concept (PoC) that exploits the C...
CVE-2022-33679
Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33647.
Github link:
https://github.com/vpxuser/CVE-2022-33679
Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33647.
Github link:
https://github.com/vpxuser/CVE-2022-33679
GitHub
GitHub - vpxuser/CVE-2022-33679: 直接获取TGT,而不是获取TGS
直接获取TGT,而不是获取TGS. Contribute to vpxuser/CVE-2022-33679 development by creating an account on GitHub.
CVE-2025-6543
Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/seabed-atavism/CVE-2025-6543
Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/seabed-atavism/CVE-2025-6543
GitHub
GitHub - seabed-atavism/CVE-2025-6543: Citrix Bleed 2 PoC
Citrix Bleed 2 PoC. Contribute to seabed-atavism/CVE-2025-6543 development by creating an account on GitHub.
CVE-2024-40898
SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests.
Users are recommended to upgrade to version 2.4.62 which fixes this issue.
Github link:
https://github.com/ForceEA001/CVE-2024-40898-SSL-Bypass-Detection
SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests.
Users are recommended to upgrade to version 2.4.62 which fixes this issue.
Github link:
https://github.com/ForceEA001/CVE-2024-40898-SSL-Bypass-Detection
GitHub
GitHub - ForceEA001/CVE-2024-40898-SSL-Bypass-Detection: This Python script is a Proof-of-Concept (PoC) scanner for detecting the…
This Python script is a Proof-of-Concept (PoC) scanner for detecting the vulnerability CVE-2024-40898, which affects Apache HTTP Server’s SSL certificate validation. - GitHub - ForceEA001/CVE-202...
CVE-2022-33647
Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33679.
Github link:
https://github.com/vpxuser/CVE-2022-33647
Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33679.
Github link:
https://github.com/vpxuser/CVE-2022-33647
GitHub
GitHub - vpxuser/CVE-2022-33647: fork from https://github.com/skelsec/minikerberos/blob/8691e6ae92870f4dc8c117f6e1068907f6396e…
fork from https://github.com/skelsec/minikerberos/blob/8691e6ae92870f4dc8c117f6e1068907f6396e09/minikerberos/examples/CVE_2022_33647.py - vpxuser/CVE-2022-33647
CVE-2025-4664
Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/amalmurali47/cve-2025-4664
Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/amalmurali47/cve-2025-4664
GitHub
GitHub - amalmurali47/cve-2025-4664: PoC and Setup for CVE-2025-4664
PoC and Setup for CVE-2025-4664. Contribute to amalmurali47/cve-2025-4664 development by creating an account on GitHub.