CVE-2025-5777

Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

Github link:
https://github.com/Jishanluhar/CVE-2025-5777

CVE-2025-48384

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.

Github link:
https://github.com/vinieger/vinieger-CVE-2025-48384-Dockerfile

CVE-2024-4577

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.

Github link:
https://github.com/ZeroMemoryEx/PHP-CGI-INTERNAL-RCE

CVE-2007-2447

The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.

Github link:
https://github.com/MrRoma577/exploit_cve-2007-2447_again

CVE-2025-32462

Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.

Github link:
https://github.com/toohau/CVE-2025-32462-32463-Detection-Script-

CVE-2025-32463

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

Github link:
https://github.com/morgenm/sudo-chroot-CVE-2025-32463

CVE-2025-6514

None

Github link:
https://github.com/ChaseHCS/CVE-2025-6514

CVE-2025-25257

None

Github link:
https://github.com/0xbigshaq/CVE-2025-25257

CVE-2025-52097

None

Github link:
https://github.com/rwilsonecs/CVE-2025-52097

CVE-2025-38001

None

Github link:
https://github.com/0xdevil/CVE-2025-38001

CVE-2025-24813

Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat.

This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98.

If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files:
- writes enabled for the default servlet (disabled by default)
- support for partial PUT (enabled by default)
- a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads
- attacker knowledge of the names of security sensitive files being uploaded
- the security sensitive files also being uploaded via partial PUT

If all of the following were true, a malicious user was able to perform remote code execution:
- writes enabled for the default servlet (disabled by default)
- support for partial

Github link:
https://github.com/sentilaso1/CVE-2025-24813-Apache-Tomcat-RCE-PoC

CVE-2011-2523

vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.

Github link:
https://github.com/krill-x7/CVE-2011-2523

CVE-2025-27591

None

Github link:
https://github.com/rvizx/CVE-2025-27591

CVE-2025-27591

None

Github link:
https://github.com/obamalaolu/CVE-2025-27591

CVE-2025-6058

None

Github link:
https://github.com/Nxploited/CVE-2025-6058

CVE-2025-25257

None

Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-25257

CVE-2025-25257

None

Github link:
https://github.com/adilburaksen/CVE-2025-25257-Exploit-Tool

CVE-2025-24201

None

Github link:
https://github.com/The-Maxu/CVE-2025-24201-WebKit-Vulnerability-Detector-PoC-

CVE-2025-34085

An unrestricted file upload vulnerability in the WordPress Simple File List plugin prior to version 4.2.3 allows unauthenticated remote attackers to achieve remote code execution. The plugin's upload endpoint (ee-upload-engine.php) restricts file uploads based on extension, but lacks proper validation after file renaming. An attacker can first upload a PHP payload disguised as a .png file, then use the plugin’s ee-file-engine.php rename functionality to change the extension to .php. This bypasses upload restrictions and results in the uploaded payload being executable on the server.

Github link:
https://github.com/ill-deed/CVE-2025-34085-Multi-target

CVE-2025-22457

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.

Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-22457