CVE-2011-2553.zip
2.8 KB
CVE-2011-2553
Author: carlosrpastrana
None
GitHub Link:
https://github.com/carlosrpastrana/cve-2011-2553
Author: carlosrpastrana
None
GitHub Link:
https://github.com/carlosrpastrana/cve-2011-2553
CVE-2017-7269.zip
8.8 KB
CVE-2017-7269
Author: nika0x38
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
GitHub Link:
https://github.com/nika0x38/CVE-2017-7269
Author: nika0x38
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
GitHub Link:
https://github.com/nika0x38/CVE-2017-7269
CVE-2024-3400.zip
860 B
CVE-2024-3400
Author: Yafiah-Darwesh
A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.
Fixes for PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 are in development and are expected to be released by April 14, 2024. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. All other versions of PAN-OS are also not impacted.
GitHub Link:
https://github.com/Yafiah-Darwesh/cs50-cyber-paloalto-oauth
Author: Yafiah-Darwesh
A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.
Fixes for PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 are in development and are expected to be released by April 14, 2024. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. All other versions of PAN-OS are also not impacted.
GitHub Link:
https://github.com/Yafiah-Darwesh/cs50-cyber-paloalto-oauth
CVE-2021-4034.zip
4 KB
CVE-2021-4034
Author: kaisen-bot
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
GitHub Link:
https://github.com/kaisen-bot/pwnkit-helper
Author: kaisen-bot
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
GitHub Link:
https://github.com/kaisen-bot/pwnkit-helper
CVE-2025-32463.zip
7.9 KB
CVE-2025-32463
Author: khoazero123
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
GitHub Link:
https://github.com/khoazero123/CVE-2025-32463
Author: khoazero123
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
GitHub Link:
https://github.com/khoazero123/CVE-2025-32463