CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/below0day/Honeypot-Logs-CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/below0day/Honeypot-Logs-CVE-2025-5777
GitHub
GitHub - below0day/Honeypot-Logs-CVE-2025-5777: CitrixBleed 2 NetScaler honeypot logs
CitrixBleed 2 NetScaler honeypot logs. Contribute to below0day/Honeypot-Logs-CVE-2025-5777 development by creating an account on GitHub.
CVE-2025-27591
A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.
Github link:
https://github.com/Cythonic1/CVE-2025-27591
A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.
Github link:
https://github.com/Cythonic1/CVE-2025-27591
GitHub
GitHub - Cythonic1/CVE-2025-27591: a C exploit for CVE-2025-27591, which allow an attacker to escalate privilege to root.
a C exploit for CVE-2025-27591, which allow an attacker to escalate privilege to root. - Cythonic1/CVE-2025-27591
CVE-2023-0159
The Extensive VC Addons for WPBakery page builder WordPress plugin before 1.9.1 does not validate a parameter passed to the php extract function when loading templates, allowing an unauthenticated attacker to override the template path to read arbitrary files from the hosts file system.
Github link:
https://github.com/Sn20393873/Extensive
The Extensive VC Addons for WPBakery page builder WordPress plugin before 1.9.1 does not validate a parameter passed to the php extract function when loading templates, allowing an unauthenticated attacker to override the template path to read arbitrary files from the hosts file system.
Github link:
https://github.com/Sn20393873/Extensive
GitHub
GitHub - Sn20393873/Extensive: Automatic Mass Tool for checking vulnerability in CVE-2023-0159 - Extensive VC Addons for WPBakery…
Automatic Mass Tool for checking vulnerability in CVE-2023-0159 - Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated… - Sn20393873/Extensive
CVE-2023-23752
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
Github link:
https://github.com/0xVoodoo/CVE-2023-23752
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
Github link:
https://github.com/0xVoodoo/CVE-2023-23752
GitHub
GitHub - 0xVoodoo/CVE-2023-23752: CVE-2023-23752 - Joomla Information Disclosure Vulnerability
CVE-2023-23752 - Joomla Information Disclosure Vulnerability - 0xVoodoo/CVE-2023-23752
CVE-2016-4631
ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF file.
Github link:
https://github.com/l3onkers/FuxiOS
ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF file.
Github link:
https://github.com/l3onkers/FuxiOS
GitHub
GitHub - l3onkers/FuxiOS: 🎯 FuxiOS.py v2.0 - CVE-2016-4631 Exploit PoC modernizado
🎯 FuxiOS.py v2.0 - CVE-2016-4631 Exploit PoC modernizado - l3onkers/FuxiOS
CVE-2016-5195
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
Github link:
https://github.com/mohammadamin382/dirtycow-lab
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
Github link:
https://github.com/mohammadamin382/dirtycow-lab
GitHub
GitHub - mohammadamin382/dirtycow-lab: Educational PoC for Dirty COW (CVE-2016-5195) with logging, ptrace fallback, and binary…
Educational PoC for Dirty COW (CVE-2016-5195) with logging, ptrace fallback, and binary payload support. - mohammadamin382/dirtycow-lab
CVE-2023-46818
An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled.
Github link:
https://github.com/vulnerk0/CVE-2023-46818
An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled.
Github link:
https://github.com/vulnerk0/CVE-2023-46818
GitHub
GitHub - vulnerk0/CVE-2023-46818: Python PoC for CVE-2023-46818
Python PoC for CVE-2023-46818. Contribute to vulnerk0/CVE-2023-46818 development by creating an account on GitHub.
CVE-2025-30406
Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. This enables threat actors (who know the machineKey) to serialize a payload for server-side deserialization to achieve remote code execution. NOTE: a CentreStack admin can manually delete the machineKey defined in portal\web.config.
Github link:
https://github.com/mchklt/CVE-2025-30406
Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. This enables threat actors (who know the machineKey) to serialize a payload for server-side deserialization to achieve remote code execution. NOTE: a CentreStack admin can manually delete the machineKey defined in portal\web.config.
Github link:
https://github.com/mchklt/CVE-2025-30406
GitHub
GitHub - mchklt/CVE-2025-30406: CVE-2025-30406 ViewState Exploit PoC
CVE-2025-30406 ViewState Exploit PoC. Contribute to mchklt/CVE-2025-30406 development by creating an account on GitHub.
CVE-2025-48384
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.
Github link:
https://github.com/f1shh/CVE-2025-48384
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.
Github link:
https://github.com/f1shh/CVE-2025-48384
GitHub
GitHub - f1shh/CVE-2025-48384: test for CVE-2025-48384
test for CVE-2025-48384. Contribute to f1shh/CVE-2025-48384 development by creating an account on GitHub.