CVE-2024-4367
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
Github link:
https://github.com/pS3ud0RAnD0m/CVE-2024-4367-POC
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
Github link:
https://github.com/pS3ud0RAnD0m/CVE-2024-4367-POC
GitHub
GitHub - pS3ud0RAnD0m/cve-2024-4367-poc: POC for PDF JS' CVE-2024-4367 vuln
POC for PDF JS' CVE-2024-4367 vuln. Contribute to pS3ud0RAnD0m/cve-2024-4367-poc development by creating an account on GitHub.
CVE-2025-30208
Vite, a provider of frontend development tooling, has a vulnerability in versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10. `@fs` denies access to files outside of Vite serving allow list. Adding `?raw??` or `?import&raw??` to the URL bypasses this limitation and returns the file content if it exists. This bypass exists because trailing separators such as `?` are removed in several places, but are not accounted for in query string regexes. The contents of arbitrary files can be returned to the browser. Only apps explicitly exposing the Vite dev server to the network (using `--host` or `server.host` config option) are affected. Versions 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10 fix the issue.
Github link:
https://github.com/TH-SecForge/CVE-2025-30208
Vite, a provider of frontend development tooling, has a vulnerability in versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10. `@fs` denies access to files outside of Vite serving allow list. Adding `?raw??` or `?import&raw??` to the URL bypasses this limitation and returns the file content if it exists. This bypass exists because trailing separators such as `?` are removed in several places, but are not accounted for in query string regexes. The contents of arbitrary files can be returned to the browser. Only apps explicitly exposing the Vite dev server to the network (using `--host` or `server.host` config option) are affected. Versions 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10 fix the issue.
Github link:
https://github.com/TH-SecForge/CVE-2025-30208
GitHub
GitHub - TH-SecForge/CVE-2025-30208: CVE‑2025‑30208 is a medium-severity arbitrary file read vulnerability in the Vite development…
CVE‑2025‑30208 is a medium-severity arbitrary file read vulnerability in the Vite development server (a popular frontend build tool) - TH-SecForge/CVE-2025-30208
CVE-2025-49144
Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory (typically Downloads folder - which is known as Vulnerable directory). Upon running the installer, the attack executes automatically with SYSTEM privileges. This issue has been fixed and will be released in version 8.8.2.
Github link:
https://github.com/b0ySie7e/Notepad-8.8.1_CVE-2025-49144
Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory (typically Downloads folder - which is known as Vulnerable directory). Upon running the installer, the attack executes automatically with SYSTEM privileges. This issue has been fixed and will be released in version 8.8.2.
Github link:
https://github.com/b0ySie7e/Notepad-8.8.1_CVE-2025-49144
GitHub
GitHub - b0ySie7e/Notepad-8.8.1_CVE-2025-49144: Proof of Concept (PoC) that exploits the CVE-2025-49144 vulnerability in the Notepad++…
Proof of Concept (PoC) that exploits the CVE-2025-49144 vulnerability in the Notepad++ 8.8.1 installer. - GitHub - b0ySie7e/Notepad-8.8.1_CVE-2025-49144: Proof of Concept (PoC) that exploits the C...
CVE-2022-33679
Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33647.
Github link:
https://github.com/vpxuser/CVE-2022-33679
Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33647.
Github link:
https://github.com/vpxuser/CVE-2022-33679
GitHub
GitHub - vpxuser/CVE-2022-33679: 直接获取TGT,而不是获取TGS
直接获取TGT,而不是获取TGS. Contribute to vpxuser/CVE-2022-33679 development by creating an account on GitHub.
CVE-2025-6543
Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/seabed-atavism/CVE-2025-6543
Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/seabed-atavism/CVE-2025-6543
GitHub
GitHub - seabed-atavism/CVE-2025-6543: Citrix Bleed 2 PoC
Citrix Bleed 2 PoC. Contribute to seabed-atavism/CVE-2025-6543 development by creating an account on GitHub.
CVE-2024-40898
SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests.
Users are recommended to upgrade to version 2.4.62 which fixes this issue.
Github link:
https://github.com/ForceEA001/CVE-2024-40898-SSL-Bypass-Detection
SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests.
Users are recommended to upgrade to version 2.4.62 which fixes this issue.
Github link:
https://github.com/ForceEA001/CVE-2024-40898-SSL-Bypass-Detection
GitHub
GitHub - ForceEA001/CVE-2024-40898-SSL-Bypass-Detection: This Python script is a Proof-of-Concept (PoC) scanner for detecting the…
This Python script is a Proof-of-Concept (PoC) scanner for detecting the vulnerability CVE-2024-40898, which affects Apache HTTP Server’s SSL certificate validation. - GitHub - ForceEA001/CVE-202...
CVE-2022-33647
Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33679.
Github link:
https://github.com/vpxuser/CVE-2022-33647
Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33679.
Github link:
https://github.com/vpxuser/CVE-2022-33647
GitHub
GitHub - vpxuser/CVE-2022-33647: fork from https://github.com/skelsec/minikerberos/blob/8691e6ae92870f4dc8c117f6e1068907f6396e…
fork from https://github.com/skelsec/minikerberos/blob/8691e6ae92870f4dc8c117f6e1068907f6396e09/minikerberos/examples/CVE_2022_33647.py - vpxuser/CVE-2022-33647
CVE-2025-4664
Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/amalmurali47/cve-2025-4664
Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/amalmurali47/cve-2025-4664
GitHub
GitHub - amalmurali47/cve-2025-4664: PoC and Setup for CVE-2025-4664
PoC and Setup for CVE-2025-4664. Contribute to amalmurali47/cve-2025-4664 development by creating an account on GitHub.
CVE-2025-6218
RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of file paths within archive files. A crafted file path can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27198.
Github link:
https://github.com/skimask1690/CVE-2025-6218-POC
RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of file paths within archive files. A crafted file path can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27198.
Github link:
https://github.com/skimask1690/CVE-2025-6218-POC
GitHub
GitHub - skimask1690/CVE-2025-6218-POC: Proof of Concept for CVE-2025-6218, demonstrating the exploitation of a vulnerability in…
Proof of Concept for CVE-2025-6218, demonstrating the exploitation of a vulnerability in WinRAR versions 7.11 and under, involving improper handling of archive extraction paths. - skimask1690/CVE-2...
CVE-2021-41773
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.
Github link:
https://github.com/psibot/apache-vulnerable
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.
Github link:
https://github.com/psibot/apache-vulnerable
GitHub
GitHub - psibot/apache-vulnerable: Detects Apache HTTP Server path traversal vulnerabilities (CVE-2021-41773, CVE-2021-42013) …
Detects Apache HTTP Server path traversal vulnerabilities (CVE-2021-41773, CVE-2021-42013) by checking for exposure of /etc/passwd through various traversal techniques. - GitHub - psibot/ap...