CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-5777
GitHub
GitHub - B1ack4sh/Blackash-CVE-2025-5777: CVE-2025-5777
CVE-2025-5777. Contribute to B1ack4sh/Blackash-CVE-2025-5777 development by creating an account on GitHub.
CVE-2025-22870
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-22870
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-22870
GitHub
GitHub - B1ack4sh/Blackash-CVE-2025-22870: CVE-2025-22870
CVE-2025-22870. Contribute to B1ack4sh/Blackash-CVE-2025-22870 development by creating an account on GitHub.
CVE-2025-32463
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
Github link:
https://github.com/92gmuz/CVE-2025-32463
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
Github link:
https://github.com/92gmuz/CVE-2025-32463
GitHub
GitHub - 92gmuz/CVE-2025-32463: Privilege escalation to root via sudo without gcc. Exploit works on vulnerable sudo versions. Clone…
Privilege escalation to root via sudo without gcc. Exploit works on vulnerable sudo versions. Clone the repo and run the script. 🐙💻 - 92gmuz/CVE-2025-32463
CVE-2025-32463
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
Github link:
https://github.com/Rajneeshkarya/CVE-2025-32463
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
Github link:
https://github.com/Rajneeshkarya/CVE-2025-32463
GitHub
GitHub - Rajneeshkarya/CVE-2025-32463: This is the exploit for the CVE-2025-32463
This is the exploit for the CVE-2025-32463. Contribute to Rajneeshkarya/CVE-2025-32463 development by creating an account on GitHub.
CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/cyberleelawat/ExploitVeer
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/cyberleelawat/ExploitVeer
GitHub
GitHub - cyberleelawat/ExploitVeer: An advanced, powerful, and easy-to-use tool designed to detect and exploit CVE-2025-5777 (CitrixBleed…
An advanced, powerful, and easy-to-use tool designed to detect and exploit CVE-2025-5777 (CitrixBleed 2). This script not only identifies the vulnerability but also helps in demonstrating its impac...
CVE-2016-6210
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.
Github link:
https://github.com/KiPhuong/cve-2016-6210
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.
Github link:
https://github.com/KiPhuong/cve-2016-6210
GitHub
GitHub - KiPhuong/cve-2016-6210: PoC of cve-2016-6210
PoC of cve-2016-6210. Contribute to KiPhuong/cve-2016-6210 development by creating an account on GitHub.
CVE-2025-47812
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default). This is thus a remote code execution vulnerability that guarantees a total server compromise. This is also exploitable via anonymous FTP accounts.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-47812
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default). This is thus a remote code execution vulnerability that guarantees a total server compromise. This is also exploitable via anonymous FTP accounts.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-47812
GitHub
GitHub - B1ack4sh/Blackash-CVE-2025-47812: CVE-2025-47812
CVE-2025-47812. Contribute to B1ack4sh/Blackash-CVE-2025-47812 development by creating an account on GitHub.
CVE-2025-30065
Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code
Users are recommended to upgrade to version 1.15.1, which fixes the issue.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-30065
Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code
Users are recommended to upgrade to version 1.15.1, which fixes the issue.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-30065
GitHub
GitHub - B1ack4sh/Blackash-CVE-2025-30065: CVE-2025-30065
CVE-2025-30065. Contribute to B1ack4sh/Blackash-CVE-2025-30065 development by creating an account on GitHub.
CVE-2025-27591
A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.
Github link:
https://github.com/incommatose/CVE-2025-27591-PoC
A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.
Github link:
https://github.com/incommatose/CVE-2025-27591-PoC
GitHub
GitHub - incommatose/CVE-2025-27591-PoC: A Proof of Concept for CVE-2025-27591, a local privilege escalation in Below < v0.9.0
A Proof of Concept for CVE-2025-27591, a local privilege escalation in Below < v0.9.0 - incommatose/CVE-2025-27591-PoC
CVE-2021-3156
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Github link:
https://github.com/Maalfer/Sudo-CVE-2021-3156
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Github link:
https://github.com/Maalfer/Sudo-CVE-2021-3156
GitHub
GitHub - Maalfer/Sudo-CVE-2021-3156: Exploit para explotar la vulnerabilidad CVE-2021-3156.
Exploit para explotar la vulnerabilidad CVE-2021-3156. - Maalfer/Sudo-CVE-2021-3156
CVE-2025-32463
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
Github link:
https://github.com/MGunturG/CVE-2025-32463
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
Github link:
https://github.com/MGunturG/CVE-2025-32463
GitHub
GitHub - MGunturG/CVE-2025-32463: Local Privilege Escalation to Root via Sudo chroot in Linux
Local Privilege Escalation to Root via Sudo chroot in Linux - GitHub - MGunturG/CVE-2025-32463: Local Privilege Escalation to Root via Sudo chroot in Linux
CVE-2022-44136
Zenario CMS 9.3.57186 is vulnerable to Remote Code Excution (RCE).
Github link:
https://github.com/Ch35h1r3c47/CVE-2022-44136-poc
Zenario CMS 9.3.57186 is vulnerable to Remote Code Excution (RCE).
Github link:
https://github.com/Ch35h1r3c47/CVE-2022-44136-poc
GitHub
GitHub - Ch35h1r3c47/CVE-2022-44136-poc: Zenar CMS 9.3 suffers from an unrestricted file upload vulnerability in its file management…
Zenar CMS 9.3 suffers from an unrestricted file upload vulnerability in its file management module, allowing authenticated attackers (with minimal privileges) to upload arbitrary files, includi...
CVE-2021-32099
A SQL injection vulnerability in the pandora_console component of Artica Pandora FMS 742 allows an unauthenticated attacker to upgrade his unprivileged session via the /include/chart_generator.php session_id parameter, leading to a login bypass.
Github link:
https://github.com/magicrc/CVE-2021-32099
A SQL injection vulnerability in the pandora_console component of Artica Pandora FMS 742 allows an unauthenticated attacker to upgrade his unprivileged session via the /include/chart_generator.php session_id parameter, leading to a login bypass.
Github link:
https://github.com/magicrc/CVE-2021-32099
GitHub
GitHub - magicrc/CVE-2021-32099: PoC for CVE-2021-32099
PoC for CVE-2021-32099. Contribute to magicrc/CVE-2021-32099 development by creating an account on GitHub.
CVE-2025-25257
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and below 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.
Github link:
https://github.com/mrmtwoj/CVE-2025-25257
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and below 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.
Github link:
https://github.com/mrmtwoj/CVE-2025-25257
GitHub
GitHub - mrmtwoj/CVE-2025-25257: CVE‑2025‑25257 is a critical pre-authentication SQL injection vulnerability affecting Fortinet…
CVE‑2025‑25257 is a critical pre-authentication SQL injection vulnerability affecting Fortinet FortiWeb’s - mrmtwoj/CVE-2025-25257