CVE-2016-0792
Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.
Github link:
https://github.com/gonn4cry/CVE-2016-0792
Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.
Github link:
https://github.com/gonn4cry/CVE-2016-0792
GitHub
GitHub - gonn4cry/CVE-2016-0792: CVE-2016-0792 Exploit By XBOW AI
CVE-2016-0792 Exploit By XBOW AI. Contribute to gonn4cry/CVE-2016-0792 development by creating an account on GitHub.
CVE-2024-4577
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Github link:
https://github.com/Skycritch/CVE-2024-4577
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Github link:
https://github.com/Skycritch/CVE-2024-4577
GitHub
GitHub - Skycritch/CVE-2024-4577: Exploit for php-cgi
Exploit for php-cgi. Contribute to Skycritch/CVE-2024-4577 development by creating an account on GitHub.
CVE-2023-2640
On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks.
Github link:
https://github.com/filippo-zullo98/phpMyAdmin-RCE-Exploit-Lab
On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks.
Github link:
https://github.com/filippo-zullo98/phpMyAdmin-RCE-Exploit-Lab
GitHub
GitHub - filippo-zullo98/phpMyAdmin-RCE-Exploit-Lab: Dimostrazione di una vulnerabilità RCE (Remote Code Execution) in phpMyAdmin…
Dimostrazione di una vulnerabilità RCE (Remote Code Execution) in phpMyAdmin 4.8.1, con exploit per reverse shell e analisi di privilege escalation tramite la vulnerabilità CVE-2023-2640/CVE-2023-3...
CVE-2025-32463
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
Github link:
https://github.com/MohamedKarrab/CVE-2025-32463
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
Github link:
https://github.com/MohamedKarrab/CVE-2025-32463
GitHub
GitHub - MohamedKarrab/CVE-2025-32463: Privilege escalation to root using sudo chroot, NO NEED for gcc installed.
Privilege escalation to root using sudo chroot, NO NEED for gcc installed. - MohamedKarrab/CVE-2025-32463
CVE-2025-47812
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default). This is thus a remote code execution vulnerability that guarantees a total server compromise. This is also exploitable via anonymous FTP accounts.
Github link:
https://github.com/rxerium/CVE-2025-47812
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default). This is thus a remote code execution vulnerability that guarantees a total server compromise. This is also exploitable via anonymous FTP accounts.
Github link:
https://github.com/rxerium/CVE-2025-47812
GitHub
GitHub - rxerium/CVE-2025-47812: Improper Neutralization of Null Byte or NUL Character in WingFTP Servers - Detection Script
Improper Neutralization of Null Byte or NUL Character in WingFTP Servers - Detection Script - GitHub - rxerium/CVE-2025-47812: Improper Neutralization of Null Byte or NUL Character in WingFTP Serv...
CVE-2025-27210
None
Github link:
https://github.com/absholi7ly/CVE-2025-27210_NodeJS_Path_Traversal_Exploit
None
Github link:
https://github.com/absholi7ly/CVE-2025-27210_NodeJS_Path_Traversal_Exploit
GitHub
GitHub - absholi7ly/CVE-2025-27210_NodeJS_Path_Traversal_Exploit: (PoC) CVE-2025-27210, a precise Path Traversal vulnerability…
(PoC) CVE-2025-27210, a precise Path Traversal vulnerability affecting Node.js applications running on Microsoft Windows. This vulnerability leverages the specific way Windows handles reserved devi...
CVE-2025-32432
Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Starting from version 3.0.0-RC1 to before 3.9.15, 4.0.0-RC1 to before 4.14.15, and 5.0.0-RC1 to before 5.6.17, Craft is vulnerable to remote code execution. This is a high-impact, low-complexity attack vector. This issue has been patched in versions 3.9.15, 4.14.15, and 5.6.17, and is an additional fix for CVE-2023-41892.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-32432
Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Starting from version 3.0.0-RC1 to before 3.9.15, 4.0.0-RC1 to before 4.14.15, and 5.0.0-RC1 to before 5.6.17, Craft is vulnerable to remote code execution. This is a high-impact, low-complexity attack vector. This issue has been patched in versions 3.9.15, 4.14.15, and 5.6.17, and is an additional fix for CVE-2023-41892.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-32432
GitHub
GitHub - B1ack4sh/Blackash-CVE-2025-32432: CVE-2025-32432
CVE-2025-32432. Contribute to B1ack4sh/Blackash-CVE-2025-32432 development by creating an account on GitHub.
CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-5777
GitHub
GitHub - B1ack4sh/Blackash-CVE-2025-5777: CVE-2025-5777
CVE-2025-5777. Contribute to B1ack4sh/Blackash-CVE-2025-5777 development by creating an account on GitHub.
CVE-2025-22870
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-22870
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-22870
GitHub
GitHub - B1ack4sh/Blackash-CVE-2025-22870: CVE-2025-22870
CVE-2025-22870. Contribute to B1ack4sh/Blackash-CVE-2025-22870 development by creating an account on GitHub.
CVE-2025-32463
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
Github link:
https://github.com/92gmuz/CVE-2025-32463
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
Github link:
https://github.com/92gmuz/CVE-2025-32463
GitHub
GitHub - 92gmuz/CVE-2025-32463: Privilege escalation to root via sudo without gcc. Exploit works on vulnerable sudo versions. Clone…
Privilege escalation to root via sudo without gcc. Exploit works on vulnerable sudo versions. Clone the repo and run the script. 🐙💻 - 92gmuz/CVE-2025-32463
CVE-2025-32463
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
Github link:
https://github.com/Rajneeshkarya/CVE-2025-32463
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
Github link:
https://github.com/Rajneeshkarya/CVE-2025-32463
GitHub
GitHub - Rajneeshkarya/CVE-2025-32463: This is the exploit for the CVE-2025-32463
This is the exploit for the CVE-2025-32463. Contribute to Rajneeshkarya/CVE-2025-32463 development by creating an account on GitHub.
CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/cyberleelawat/ExploitVeer
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/cyberleelawat/ExploitVeer
GitHub
GitHub - cyberleelawat/ExploitVeer: An advanced, powerful, and easy-to-use tool designed to detect and exploit CVE-2025-5777 (CitrixBleed…
An advanced, powerful, and easy-to-use tool designed to detect and exploit CVE-2025-5777 (CitrixBleed 2). This script not only identifies the vulnerability but also helps in demonstrating its impac...
CVE-2016-6210
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.
Github link:
https://github.com/KiPhuong/cve-2016-6210
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.
Github link:
https://github.com/KiPhuong/cve-2016-6210
GitHub
GitHub - KiPhuong/cve-2016-6210: PoC of cve-2016-6210
PoC of cve-2016-6210. Contribute to KiPhuong/cve-2016-6210 development by creating an account on GitHub.
CVE-2025-47812
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default). This is thus a remote code execution vulnerability that guarantees a total server compromise. This is also exploitable via anonymous FTP accounts.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-47812
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default). This is thus a remote code execution vulnerability that guarantees a total server compromise. This is also exploitable via anonymous FTP accounts.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-47812
GitHub
GitHub - B1ack4sh/Blackash-CVE-2025-47812: CVE-2025-47812
CVE-2025-47812. Contribute to B1ack4sh/Blackash-CVE-2025-47812 development by creating an account on GitHub.
CVE-2025-30065
Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code
Users are recommended to upgrade to version 1.15.1, which fixes the issue.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-30065
Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code
Users are recommended to upgrade to version 1.15.1, which fixes the issue.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-30065
GitHub
GitHub - B1ack4sh/Blackash-CVE-2025-30065: CVE-2025-30065
CVE-2025-30065. Contribute to B1ack4sh/Blackash-CVE-2025-30065 development by creating an account on GitHub.
CVE-2025-27591
A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.
Github link:
https://github.com/incommatose/CVE-2025-27591-PoC
A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.
Github link:
https://github.com/incommatose/CVE-2025-27591-PoC
GitHub
GitHub - incommatose/CVE-2025-27591-PoC: A Proof of Concept for CVE-2025-27591, a local privilege escalation in Below ≤ v0.8.1
A Proof of Concept for CVE-2025-27591, a local privilege escalation in Below ≤ v0.8.1 - incommatose/CVE-2025-27591-PoC
CVE-2021-3156
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Github link:
https://github.com/Maalfer/Sudo-CVE-2021-3156
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Github link:
https://github.com/Maalfer/Sudo-CVE-2021-3156
GitHub
GitHub - Maalfer/Sudo-CVE-2021-3156: Exploit para explotar la vulnerabilidad CVE-2021-3156.
Exploit para explotar la vulnerabilidad CVE-2021-3156. - Maalfer/Sudo-CVE-2021-3156