| 994875918 |
l4rm4nd/PoC-CVE-2024-39924 |
PoC for CVE-2024-39924 |
Link |
2025-06-02T16:05:07Z |
| 994741164 |
voyagken/CVE-2025-5280-V8-OOB |
Remote Code Execution via Out-of-Bounds Write in V8 (CVE-2025-5280) |
Link |
2025-06-02T12:12:00Z |
| 994735970 |
voyagken/CVE-2025-22224-PoC |
Privilege Escalation via TOCTOU in VMware VMX (CVE-2025-22224) |
Link |
2025-06-02T12:02:13Z |
| 994616278 |
its-anya/DVR_Credential_Scanner |
A tool for scanning DVR systems vulnerable to CVE-2018-9995 credential disclosure. Educational purposes only - demonstrates how attackers exploit authentication bypasses in DVR/IP camera systems. Includes detailed guides for finding, testing, and understanding the vulnerability. |
Link |
2025-06-02T08:05:05Z |
| 994234952 |
oOCyginXOo/CVE-2023-25690-POC |
CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability. |
Link |
2025-06-01T14:09:58Z |
| 993961114 |
tiemio/RCE-CVE-2025-3248 |
This Python script exploits CVE-2025-3248 to execute arbitrary commands or spawn a reverse shell on a vulnerable system. Authentication is required to use this exploit. |
Link |
2025-05-31T22:25:35Z |
| 993954951 |
Quelvara/Anydesk-Exploit-CVE-2025-12654-RCE-Builder |
Exploit development targets vulnerabilities using tools like exploitation frameworks. CVE databases list risks, while CVE-2025-44228 is an example of a flaw. AnyDesk exploits highlight security gaps. |
Link |
2025-05-31T22:02:13Z |
| 993920679 |
Cythonic1/CVE-2024-9264 |
A go implementation for CVE-2024-9264 which effect grafana versions 11.0.x, 11.1.x, and 11.2.x. |
Link |
2025-05-31T20:06:53Z |
| 993813766 |
wiseep/CVE-2025-48827 |
Vbullettin RCE - CVE-2025-48827 |
Link |
2025-05-31T15:23:51Z |
| 993769648 |
fatkz/CVE-2025-27590 |
no description |
Link |
2025-05-31T13:39:00Z |
| 993739629 |
mbanyamer/CVE-2025-30397---Windows-Server-2025-JScript-RCE-Use-After-Free- |
Remote Code Execution via Use-After-Free in JScript.dll (CVE-2025-30397) |
Link |
2025-05-31T12:20:36Z |
| 993732095 |
Nxploited/CVE-2025-4631 |
Profitori 2.0.6.0 - 2.1.1.3 - Missing Authorization to Unauthenticated Privilege Escalation |
Link |
2025-05-31T12:00:22Z |
| 993718588 |
wiseep/CVE-2025-5287 |
WordPress Likes and Dislikes - SQL Injection |
Link |
2025-05-31T11:22:47Z |
| 993687843 |
voyagken/CVE-2025-20188 |
CVE-2025-20188: Unauthenticated RCE in Cisco IOS XE WLC via Hard-Coded JWT |
Link |
2025-05-31T09:55:13Z |
| 993565101 |
huynguyen12536/CVE-2025-2995 |
no description |
Link |
2025-05-31T03:11:50Z |
| 993418298 |
Yucaerin/CVE-2025-47577 |
WordPress TI WooCommerce Wishlist Plugin <= 2.9.2 Arbitrary File Upload |
Link |
2025-05-30T18:55:14Z |
| 993326207 |
davidxbors/CVE-2024-7399-POC |
no description |
Link |
2025-05-30T15:42:34Z |
| 993246713 |
DelphineTan/Murdoch-CVE-2021-2560 |
no description |
Link |
2025-05-30T13:13:57Z |
| 993246058 |
DelphineTan/Murdoch-CVE-2022-0847 |
no description |
Link |
2025-05-30T13:12:48Z |
| 993208444 |
MQKGitHub/Moniker-Link-CVE-2024-21413 |
no description |
Link |
2025-05-30T11:57:00Z |
| 993144775 |
sahici/CVE-2025-5329 |
USOM Tarafından resmi yayın beklenmektedir. |
Link |
2025-05-30T09:41:09Z |
| 993144580 |
sahici/CVE-2025-5319 |
USOM Tarafından resmi yayın beklenmektedir. |
Link |
2025-05-30T09:40:46Z |
| 992991204 |
HuangYanQwQ/CVE-2023-49496_PoC |
no description |
Link |
2025-05-30T03:15:25Z |
| 992988061 |
cyivor/CVE-2024-11234 |
practicing assembly by recreating an exploit i wrote in python, in x86-64 nasm |
Link |
2025-05-30T03:05:53Z |
| 992948486 |
ridpath/CVE-2021-26828-Ultimate |
ScadaFlare Authenticated RCE Exploit Framework for ScadaBR (CVE-2021-26828) OpenPLC ScadaBR |
Link |
2025-05-30T00:59:31Z |
| 992833788 |
spbavarva/CVE-2025-46204 |
PoC of CVE-2025-46204 |
Link |
2025-05-29T19:34:43Z |
| 992705950 |
spbavarva/CVE-2025-46203 |
PoC of CVE-2025-46203 |
Link |
2025-05-29T15:27:14Z |
| 992634998 |
Yuri08loveElaina/CVE-2023-1234 |
no description |
Link |
2025-05-29T13:23:16Z |
| 992606524 |
Humbug52542/DLang-file-encryptor |
This is my biggest project yet: a DLang file encryptor that escalates privileges using CVE-2024-49138 and disables Windows Defender. |
Link |
2025-05-29T12:31:34Z |
| 992548182 |
octodi/CVE-2021-22911 |
Updated exploit for CVE-2021-22911 (Rocket.Chat 3.12.1 - NoSQL Injection to RCE (Unauthenticated)) |
Link |
2025-05-29T10:34:04Z |
| 992520451 |
thompson005/CVE-2023-22527 |
no description |
Link |
2025-05-29T09:37:04Z |
| 992073220 |
engranaabubakar/CVE-2023-46818 |
no description |
Link |
2025-05-28T15:18:04Z |
| 992019343 |
StellarDriftLabs/CVE-2018-8097-PoC |
POC for CVE-2018-8097 This script exploits CVE-2018-8097 and can retrieve files and contents using a blind RCE method. |
Link |
2025-05-28T13:49:12Z |
| 992014162 |
afrojack1/cve202338600test.github.io |
CVE-2023-38600 Test in html |
Link |
2025-05-28T13:40:14Z |
| 991915223 |
ibrahimsql/CVE-2024-28995 |
SolarWinds Serv-U Directory Traversal |
Link |
2025-05-28T10:41:13Z |
| 991746561 |
SpiralBL0CK/CVE-2024-32462 |
CVE-2024-32462 code exec sbx escape |
Link |
2025-05-28T05:07:05Z |
| 991698537 |
Ask-os/CVE-2021-41773 |
no description |
Link |
2025-05-28T02:57:44Z |
| 991536016 |
KimJuhyeong95/cve-2024-4577 |
no description |
Link |
2025-05-27T19:19:55Z |
| 991214377 |
4minx/CVE-2024-8682 |
no description |
Link |
2025-05-27T09:44:45Z |
| 991206184 |
wrlu/CVE-2023-40130 |
PoC of CVE-2023-40130 |
Link |
2025-05-27T09:29:31Z |
| 991060283 |
SerpilRivas/log4shell-homework9 |
Log4Shell (CVE-2021-44228) exploit demo for SEAS 8405. Includes a vulnerable Spring Boot app, fake LDAP server, Docker setup, MITRE mapping, incident response, and a full screen recording. |
Link |
2025-05-27T04:23:26Z |
| 990938182 |
JackHars/cve-2020-14008 |
no description |
Link |
2025-05-26T22:03:43Z |
| 990661980 |
Leviticus-Triage/ChromSploit-Framework |
Advanced AI-Powered Exploitation Framework | CVE-2025-4664 & CVE-2025-2783 & CVE-2025-2857 & CVE-2025-30397 | |
Link |
2025-05-26T12:51:16Z |
| 990629751 |
UMChacker/CVE-2024-55591-POC |
no description |
Link |
2025-05-26T11:57:32Z |
| 990329884 |
Foxer131/CVE-2024-42008-9-exploit |
The scripts in this repository are made to abuse CVE-2024-42008 and CVE-2024-42009. Both of these CVEs are vulnerabilities found on Roundcube 1.6.7 |
Link |
2025-05-26T00:31:36Z |
| 990324822 |
SpiralBL0CK/CVE-2020-11097-POC |
POC TO CRASH FREERDP USING CVE-2020-11097 |
Link |
2025-05-26T00:12:42Z |
| 990249135 |
ibrahimsql/CVE-2024-0204 |
CVE-2024-0204 was discovered in January 2024 and affects all GoAnywhere MFT versions prior to 7.4.1. This vulnerability has been rated as Critical (CVSS 9.8) due to its ease of exploitation and the complete administrative access it provides to vulnerable instances. |
Link |
2025-05-25T19:52:39Z |
| 990191055 |
SpiralBL0CK/PoC-crash-CVE-2020-13398- |
CVE-2020-13398 PoC |
Link |
2025-05-25T17:25:52Z |
| 990093175 |
mbanyamer/-Pymatgen-2024.1---Remote-Code-Execution-RCE- |
Pymatgen 2024.1 - Remote Code Execution (RCE) CVE: 2024-23346 |
Link |
2025-05-25T13:44:44Z |
| 990031720 |
personnumber3377/windows_tcpip_fuzz |
This is my attempt at fuzzing the tcpip.sys driver in windows via using scapy. This is inspired by this vulnerability here: https://doar-e.github.io/blog/2021/04/15/reverse-engineering-tcpipsys-mechanics-of-a-packet-of-the-death-cve-2021-24086/ |
Link |
2025-05-25T11:08:45Z |
| 990013873 |
black7024/BadParcel |
CVE-2023-20963 PoC (Android WorkSource parcel/unparcel logic mismatch) |
Link |
2025-05-25T10:20:50Z |
| 989760983 |
DaniTheHack3r/CVE-2024-42009-PoC |
CVE-2024-42009 Proof of Concept |
Link |
2025-05-24T19:15:11Z |
| 989682547 |
glynzr/CVE-2023-50564 |
Pluck v4.7.18 - Remote Code Execution (RCE) |
Link |
2025-05-24T15:55:45Z |
| 989354822 |
WildWestCyberSecurity/CVE-2019-13288 |
Replicated using afl fuzzer instrumentation! Shoutz to antonio-morales. |
Link |
2025-05-23T23:50:58Z |
| 989327326 |
fatkz/CVE-2022-24112 |
no description |
Link |
2025-05-23T22:09:27Z |
| 989277001 |
dact91/CVE-2019-25137-RCE |
CVE-2019-25137 is an Umbraco RCE vulnerability, the script within this repo is slightly altered |
Link |
2025-05-23T19:41:51Z |
| 989115095 |
Shuhaib88/Baron-Samedit-Heap-Buffer-Overflow-CVE-2021-3156 |
no description |
Link |
2025-05-23T15:20:51Z |
| 989076825 |
pouriam23/CVE-2024-12583 |
no description |
Link |
2025-05-23T14:16:19Z |
| 989037115 |
FraMarcuccio/CVE-2025-29094-Multiple-Stored-Cross-Site-Scripting-XSS |
This repository reveals a security vulnerability discovered in Motivian Content Management System v.41.0.0. |
Link |
2025-05-23T13:09:36Z |
| 989029496 |
FraMarcuccio/CVE-2025-29093-Arbitrary-File-Upload |
This repository reveals a security vulnerability discovered in Motivian Content Management System v.41.0.0 |
Link |
2025-05-23T12:55:46Z |
| 988826081 |
Eros-Adrian-Figueroa-Cortes/CVE-2023-48795 |
Python tool to identify SSH servers potentially vulnerable to CVE-2023-48795 (Terrapin) by analyzing OpenSSH version banners via netcat. Useful for internal audits, penetration testing, and vulnerability assessments. |
Link |
2025-05-23T06:14:57Z |
| 987999913 |
maximo896/CVE-2025-4322 |
no description |
Link |
2025-05-21T22:55:35Z |
| 987989561 |
AUSK1LL9/CVE-2021-34527 |
CVE-2021-34527 is a critical remote code execution and local privilege escalation vulnerability dubbed "PrintNightmare." |
Link |
2025-05-21T22:23:30Z |
| 987907541 |
dodiorne/cve-2022-31813 |
tester for cve-2022-31813 |
Link |
2025-05-21T19:08:23Z |
| 987698830 |
RdBBB3/SHELL-POC-CVE-2022-46169 |
no description |
Link |
2025-05-21T13:04:46Z |
| 987555567 |
volodymyr-hladkyi-symphony/demo-cve-2022-21449 |
no description |
Link |
2025-05-21T08:45:22Z |
| 987412676 |
finn79426/CVE-2020-10199 |
no description |
Link |
2025-05-21T03:29:03Z |
| 987354047 |
windingacqui/bw-dump |
A proof-of-concept for (CVE-2023-38840) that extracts plaintext master passwords from a locked Bitwarden vault. forensics, password-manager, redteam, security, windows, windowsapi |
Link |
2025-05-21T00:46:18Z |
| 987190671 |
hacefresko/CVE-2025-40634 |
Exploit for stack-based buffer overflow found in the conn-indicator binary in the TP-Link Archer AX50 router |
Link |
2025-05-20T17:54:36Z |
| 987053597 |
rick2600/redis-stack-CVE-2024-55656 |
no description |
Link |
2025-05-20T14:01:46Z |
| 986557352 |
caffeinedoom/CVE-2021-38003 |
Write Up & Exploitation For CVE-2021-38003 |
Link |
2025-05-19T19:39:42Z |
| 986407131 |
Housma/CVE-2019-9978-Social-Warfare-WordPress-Plugin-RCE |
The `swp_debug` parameter in `admin-post.php` allows remote attackers to include external files containing malicious PHP code, which are evaluated on the server. By supplying a crafted URL that hosts a reverse shell payload, an attacker can gain command execution. |
Link |
2025-05-19T15:01:53Z |
| 986394021 |
qalvynn/CVE-2021-41773 |
Proof of Concept for CVE-2021-41773: Apache path traversal exploit primarily used by Mirai botnets |
Link |
2025-05-19T14:40:41Z |
| 986178073 |
abuyazeen/CVE-2021-43798-Grafana-path-traversal-tester |
Automated path traversal testing tool for Grafana plugin endpoints using curl and Bash. |
Link |
2025-05-19T08:19:30Z |
| 986004018 |
Loucy1231/Nexus-Repository-Manager3-EL-CVE-2018-16621-https-www.cve.org-CVERecord-id-CVE-2018-16621- |
no description |
Link |
2025-05-19T00:43:04Z |
| 985280949 |
tdevworks/CVE-2020-1472-ZeroLogon-Demo-Detection-Mitigation |
no description |
Link |
2025-05-17T12:40:24Z |
| 985273717 |
tdevworks/CVE-2020-0796-SMBGhost-Exploit-Demo |
no description |
Link |
2025-05-17T12:22:35Z |
| 985146878 |
platypus-perry03/CVE-2023-25813 |
no description |
Link |
2025-05-17T06:47:11Z |
| 985112599 |
kali-guru/Pwnkit-CVE-2021-4034 |
Automation Exploit |
Link |
2025-05-17T05:02:27Z |
| 984758507 |
CyprianAtsyor/LetsDefend-CVE-2022-41082-Exploitation-Attempt |
no description |
Link |
2025-05-16T13:08:50Z |
| 984651163 |
Milad-Rafie/PwnKit-Local-Privilege-Escalation-Vulnerability-Discovered-in-polkit-s-pkexec-CVE-2021-4034 |
Software Vulnerabilities and mitigation university course, to show exploitation and remediation caused by this vulnerability |
Link |
2025-05-16T09:25:35Z |
| 984631760 |
lucadibello/tmux-fuzzing |
Enhanced fuzzing for tmux using OSS-Fuzz. Includes custom `cmd-fuzzer` and `argument-fuzzer` harnesses for improved code coverage and a PoC for `CVE-2020-27347` |
Link |
2025-05-16T08:46:17Z |
| 984370405 |
DOMINIC471/qub-network-security-cve-2023-20198 |
Analysis, detection, and mitigation of CVE-2023-20198 exploitation in Cisco IOS XE – QUB CSC3064 Network Security Assessment |
Link |
2025-05-15T20:25:58Z |
| 983948842 |
duongdz96/CVE-2021-3156-main |
no description |
Link |
2025-05-15T06:56:01Z |
| 983852037 |
ghost-zz/test |
CVE-2020-999999, CVE-2020-999998 |
Link |
2025-05-15T02:44:03Z |
| 983815796 |
BODE987/CVE-2025-31258-PoC |
1day practice - Escape macOS sandbox (partial) using RemoteViewServices |
Link |
2025-05-15T00:55:10Z |
| 983703911 |
fatkz/CVE-2020-17530 |
no description |
Link |
2025-05-14T19:34:05Z |
| 983452848 |
k271266/CVE-2021-42694 |
no description |
Link |
2025-05-14T12:02:51Z |
| 983379277 |
faccimatteo/CVE-2018-25031 |
no description |
Link |
2025-05-14T09:45:52Z |
| 983231659 |
Z3R0-0x30/CVE-2021-4034 |
This contains single-file exploit for cve-2021-4034 which is a Polkit Local Privilege Escalation. Use it wisely! |
Link |
2025-05-14T04:43:50Z |
| 982910085 |
MandipJoshi/CVE-2021-3560 |
no description |
Link |
2025-05-13T15:27:51Z |
| 982822888 |
h31md4llr/libjpeg_cve-2018-14498_2 |
no description |
Link |
2025-05-13T13:08:46Z |
| 982778606 |
h31md4llr/libjpeg_cve-2018-14498 |
no description |
Link |
2025-05-13T11:50:52Z |
| 982601758 |
Fauzan-Aldi/CVE-2022-21661 |
A Python PoC for CVE-2022-21661, adapted from z92g's Go PoC, designed to demonstrate the vulnerability in a more accessible scripting environment. |
Link |
2025-05-13T06:20:13Z |
| 982263701 |
saykino/CVE-2023-34732 |
no description |
Link |
2025-05-12T16:04:33Z |
| 982036921 |
WHW0x455/CVE-2023-41992 |
no description |
Link |
2025-05-12T09:26:37Z |
| 981990225 |
shishirpandey18/CVE-2021-3156 |
no description |
Link |
2025-05-12T08:00:34Z |
| 981852578 |
laishouchao/Apache-RocketMQ-RCE-CVE-2023-37582-poc |
no description |
Link |
2025-05-12T02:06:03Z |
| 981806799 |
ajf8729/BlackLotus |
BlackLotus aka CVE-2023-24932 Detection/Remediation Scripts for Intune, ConfigMgr, and generic use |
Link |
2025-05-11T23:10:53Z |
| 981794829 |
shpaw415/CVE-2020-24913-exploit |
automated SQL injection for QCubed profile.php file |
Link |
2025-05-11T22:22:54Z |
| 981348174 |
Ravibr87/dirtyZero |
Basic customization app using CVE-2025-24203. Patched in iOS 18.4. |
Link |
2025-05-10T22:38:58Z |
| 980358536 |
Almandev/Sub-folderFetcher |
A script to download specific Vulhub repository folder (kibana/CVE-2018-17246) from GitHub. |
Link |
2025-05-09T02:14:42Z |
| 980244029 |
tiemio/RCE-PoC-CVE-2021-25646 |
A proof-of-concept for the CVE-2021-25646, which allows for Command Injection |
Link |
2025-05-08T20:06:27Z |
| 980091326 |
Be-Innova/CVE-2021-42392-exploit-lab |
no description |
Link |
2025-05-08T14:47:42Z |
| 979875144 |
Fauzan-Aldi/Log4j-_Vulnerability |
The Web Is Vulnerable to CVE-2021-44228 |
Link |
2025-05-08T07:52:54Z |
| 979810990 |
BBO513/CVE-2023-7231 |
PoC and Disclosure for CVE-2023-7231 – Memcached Gopher RCE chain |
Link |
2025-05-08T05:28:29Z |
| 979730235 |
h31md4llr/libjpeg_cve-2018-19664 |
no description |
Link |
2025-05-08T01:30:13Z |
| 979694324 |
moften/CVE-2022-41741-742-Nginx-Vulnerability-Scanner |
CVE-2022-41741/742 Nginx Vulnerability Scanner |
Link |
2025-05-07T23:26:48Z |
| 979688251 |
moften/Symfony-CVE-Scanner-PoC- |
CVE-2021-21424 - CRLF Injection - CVE-2021-41268 - Host Header Injection - CVE-2022-24894 - WebProfiler abierto - CVE-2019-10909 - Directory Traversal |
Link |
2025-05-07T23:07:11Z |
| 978874642 |
moften/CVE-2021-23017 |
NGINX DNS Overflow Vulnerability Check - CVE-2021-23017 PoC |
Link |
2025-05-06T16:32:48Z |
| 978597771 |
ankadien203/roundcube |
CVE-2020_35730 |
Link |
2025-05-06T08:27:15Z |
| 978484424 |
hackaholicguy/CVE-2019-16891-Liferay-deserialization-RCE |
no description |
Link |
2025-05-06T04:05:41Z |
| 978003087 |
Moniruzzaman995/CVE-2020-13405 |
no description |
Link |
2025-05-05T10:15:17Z |
| 977568806 |
FakeShell/CVE-2021-1931-BBRY-KEY2 |
proof of concept CVE-2021-1931 exploit for the blackberry key2 (le) that allows to flash unsigned images temporarily |
Link |
2025-05-04T14:04:45Z |
| 976937130 |
ByteMe1001/CVE-2020-13151-POC-Aerospike-Server-Host-Command-Execution-RCE- |
no description |
Link |
2025-05-03T03:50:32Z |
| 976847118 |
katseyres2/CVE-2022-44268-pilgrimage |
no description |
Link |
2025-05-02T21:31:39Z |
| 976337212 |
SkyW4r33x/CVE-2023-4226 |
Vulnerabilidad de carga de archivos sin restricciones en **Chamilo LMS** (<= v1.11.24). |
Link |
2025-05-01T23:42:25Z |
| 976180151 |
Caztemaz/Phantom-Registy-Exploit-Cve2025-20682-Runtime-Fud-Lnk |
Exploit development involves tools like exploitation frameworks and CVE databases. Registry exploits, such as reg exploit or registry-based payloads, leverage vulnerabilities for silent execution, often using FUD techniques to evade detection. |
Link |
2025-05-01T16:35:56Z |
| 976180143 |
Caztemaz/Lnk-Exploit-FileBinder-Certificate-Spoofer-Reg-Doc-Cve-Rce |
Exploit development involves tools like exploitation frameworks and CVE databases. LNK exploits, such as LNK builder or LNK payload techniques, leverage vulnerabilities like CVE-2025-44228 for silent RCE execution through shortcut files. |
Link |
2025-05-01T16:35:56Z |
| 976180146 |
Caztemaz/Office-Exploit-Cve2025-Xml-Doc-Docx-Rce-Builder-Fud |
Exploit development targets vulnerabilities like CVE-2025-44228, often using tools like silent exploit builders. Office documents, including DOC files, are exploited through malware payloads and CVE exploits, impacting platforms like Office 365. |
Link |
2025-05-01T16:35:56Z |
| 976134652 |
Geinasz/CMD-Exploit-CVE-2024-RCE-AboRady-FUD-25765-Injection |
Exploit development uses tools like exploitation frameworks and CVE databases. Cmd exploits, such as cmd fud or cmd exploit, enable silent execution while avoiding detection through proper setups. |
Link |
2025-05-01T15:01:47Z |
| 975546766 |
isabelacostaz/CVE-2019-0708-POC |
no description |
Link |
2025-04-30T13:47:35Z |
| 974839209 |
Chrisync/CVE-Scanner |
CVE-2021-42287/CVE-2021-42278/OTHER Scanner & Exploiter. |
Link |
2025-04-29T11:39:11Z |
| 974573539 |
G4sp4rCS/CVE-2022-25012-POC |
Improved PoC of CVE-2022-25012 |
Link |
2025-04-29T01:44:33Z |
| 974310155 |
OP3R4T0R/CVE-2022-29806 |
ZoneMinder up to 1.36.12 Language privilege escalation (and RCE) - Poc Exploit |
Link |
2025-04-28T15:20:22Z |
| 973790605 |
BakalMode/CVE-2022-3552 |
CVE-2022-3552 RCE with explanation |
Link |
2025-04-27T18:37:51Z |
| 973773497 |
ajdumanhug/CVE-2022-42092 |
CVE-2023-46818 Python3 Exploit for Backdrop CMS <= 1.22.0 Authenticated Remote Command Execution (RCE) |
Link |
2025-04-27T17:54:27Z |
| 973624057 |
hyunjin0334/CVE-2019-19781 |
Whitehat school_Docker assignement_CVE-2019-19781_PoC |
Link |
2025-04-27T11:47:59Z |
| 973601009 |
Dowonkwon/drupal-cve-2018-7600-poc |
no description |
Link |
2025-04-27T10:45:06Z |
| 973575067 |
yeahhbean/Laravel-CVE-2018-15133 |
no description |
Link |
2025-04-27T09:32:50Z |
| 973025924 |
GangTaegyeong/CVE-2020-7842 |
no description |
Link |
2025-04-26T05:14:27Z |
| 972836911 |
gunzf0x/CVE-2023-1545 |
Python Proof of Concept for CVE-2023-1545 (SQL Injection for Teampass versions prior to 3.0.0.23). |
Link |
2025-04-25T18:43:06Z |
| 972818938 |
sealldeveloper/CVE-2019-5420-PoC |
A PoC of CVE-2019-5420 I made for PentesterLab |
Link |
2025-04-25T18:03:50Z |
| 972730226 |
sealldeveloper/CVE-2018-0114-PoC |
A PoC of CVE-2018-0114 I made for PentesterLab |
Link |
2025-04-25T15:04:39Z |
| 972300368 |
rizky412/CVE-2025-32433 |
CVE-2025-32433 https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2 |
Link |
2025-04-24T21:14:12Z |
| 972254312 |
Jasurbek-Masimov/CVE-2018-15745 |
no description |
Link |
2025-04-24T19:23:11Z |
| 971548230 |
ismail0x01/CVE-2019 |
no description |
Link |
2025-04-23T17:31:13Z |
| 970947834 |
mhagnumdw/richfaces-vulnerability-cve-2018-12533-rf-14310 |
no description |
Link |
2025-04-22T19:23:36Z |
| 969894410 |
zhuowei/apple-positional-audio-codec-invalid-header |
CVE-2025-31200 - @Noahhw46 figured it out |
Link |
2025-04-21T05:38:06Z |
| 969642286 |
DannyRavi/nmap-scripts |
nmap scripts for vuln cve-2020-0796 & cve-2019-7238 & cve2019-11580 & cve2017-6327 |
Link |
2025-04-20T16:03:38Z |
| 969458059 |
skyllpro/CVE-2021-44026-PoC |
Bug Chain XSS (CVE-2020-35730 and CVE-2023-43770) to SQLi (CVE-2021-44026) |
Link |
2025-04-20T07:30:38Z |
| 969441428 |
mouseos/cve-2019-2215_SH-M08 |
no description |
Link |
2025-04-20T06:36:28Z |
| 969166261 |
byteReaper77/Dirty-Pipe |
Simple Exploit for Dirty Pipe Vulnerability (CVE-2022-0847) This repository contains a simple proof of concept (PoC) for the Dirty Pipe vulnerability (CVE-2022-0847), which affects Linux kernel versions 5.8 to 5.16. This exploit demonstrates local privilege escalation by leveraging improper handling of pipe buffers in the kernel. |
Link |
2025-04-19T14:38:53Z |
| 968976805 |
madanokr001/CVE-2020-0796 |
no description |
Link |
2025-04-19T05:29:17Z |
| 968453187 |
nigartest/CVE-2018-25031 |
CVE-2018-25031 |
Link |
2025-04-18T05:39:19Z |
| 967625218 |
tausifzaman/CVE-2018-14847 |
This is a proof of concept of the critical WinBox vulnerability (CVE-2018-14847) which allows for arbitrary file read of plain text passwords. The vulnerability has long since been fixed, so this project has ended and will not be supported or updated anymore. You can fork it and update it yourself instead. |
Link |
2025-04-16T18:37:08Z |
| 967547393 |
zeeshangondal/c-cpp_CVE-2018-17229 |
no description |
Link |
2025-04-16T16:11:22Z |
| 967544693 |
ZeeshanGondal0007/c-cpp_CVE-2018-17229 |
no description |
Link |
2025-04-16T16:06:40Z |
| 967362335 |
gunzf0x/CVE-2020-0665 |
Proof of Concept for CVE-2020-0665, a.k.a. SID Filter Bypass. |
Link |
2025-04-16T10:41:02Z |
| 967202332 |
MITRE-Cyber-Security-CVE-Database/mitre-cve-database |
mitre-cve-database will be hosted here beginning 16-04-2025 |
Link |
2025-04-16T05:02:38Z |
| 967012515 |
Hackheart-tech/-exploit-lab |
Exploits Python cve-2019-9053– by HackHeart |
Link |
2025-04-15T19:41:33Z |
| 966828731 |
kaizoku73/CVE-2019-9053 |
CMS Made Simple ≤ 2.2.9 SQL Injection Vulnerability CVE-2019-9053 is a vulnerability found in CMS Made Simple (CMSMS) versions up to 2.2.9, where the application is vulnerable to a blind time-based SQL injection |
Link |
2025-04-15T14:11:41Z |
| 966592657 |
del0x3/CVE-2019-9053-port-py3 |
CVE-2019-9053. |
Link |
2025-04-15T06:51:14Z |
| 966422202 |
moften/CVE-2023-44487 |
HTTP/2 Rapid Reset Exploit PoC |
Link |
2025-04-14T22:39:08Z |
| 966221947 |
mbadanoiu/CVE-2020-13941 |
CVE-2020-13941: Abusing UNC Paths in Windows Environments in Apache Solr |
Link |
2025-04-14T15:33:03Z |
| 965348853 |
ArtemCyberLab/Project-Exploiting-a-Vulnerability-in-Fuel-CMS-CVE-2018-16763- |
The goal of this project was to conduct a security audit of a blog recently launched by Ackme Support Incorporated, identifying any critical vulnerabilities before the site goes public. The task involved finding a way to remotely execute code and gain access to the target system. |
Link |
2025-04-13T00:45:30Z |
| 964681119 |
turrab1349/xss-test |
A simple XSS payload host for testing and demonstrating stored/reflected XSS using GitHub Pages. Useful for bug bounty & security research. |
Link |
2025-04-11T15:57:36Z |
| 964670754 |
G4sul1n/Cisco-IOS-XE-CVE-2023-20198 |
Exploit PoC for CVE-2023-20198 |
Link |
2025-04-11T15:37:02Z |
| 964605404 |
VoyagerOnne/Exim-CVE-2019-10149 |
PoC for exploitation of vulnerability CVE-2019-10149 |
Link |
2025-04-11T13:36:34Z |
| 964457607 |
helidem/CVE-2020-16012-PoC |
no description |
Link |
2025-04-11T08:42:46Z |
| 964401580 |
ngyinkit/cve-2019-18634 |
no description |
Link |
2025-04-11T06:48:24Z |
| 964263680 |
Mattb709/CVE-2019-15107-Webmin-RCE-PoC |
A Python proof-of-concept exploit for CVE-2019-15107 - an unauthenticated remote code execution vulnerability in Webmin versions 1.890 through 1.920. |
Link |
2025-04-11T00:09:18Z |
| 964194980 |
Mattb709/CVE-2019-15107-Scanner |
CVE-2019-15107-Scanner is a Python-based scanner that detects vulnerable Webmin (1.890 - 1.920) servers affected by CVE-2019-15107, an unauthenticated remote code execution (RCE) vulnerability in the /password_change.cgi endpoint. |
Link |
2025-04-10T20:46:47Z |
| 962107136 |
daehyeok0618/CVE-2019-5418 |
WHS 3기 장대혁 취약한(CVE) Docker 환경 구성 과제입니다. |
Link |
2025-04-07T16:55:22Z |
| 961693294 |
Gilospy/CVE-2023-23397 |
Demonstration of CVE-2023-23397 Outlook Privellege Escalation vulnerability |
Link |
2025-04-07T02:33:56Z |
| 961358033 |
ediop3SquadALT/TimeInjector |
Time injector is a CVE-2018-14714 exploitation script |
Link |
2025-04-06T10:53:52Z |
| 960241135 |
purpleteam-ru/CVE-2021-38163 |
CVE-2021-38163 - SAP NetWeaver AS Java Desynchronization Vulnerability |
Link |
2025-04-04T05:12:15Z |
| 960189650 |
Drew-Alleman/CVE-2018-19422 |
Subrion File Upload Bypass to RCE and Custom File Upload (Authenticated) |
Link |
2025-04-04T02:22:38Z |
| 959878737 |
cboss43/CVE-2024-25600 |
Unauthenticated RCE exploit for CVE-2024-25600 in WordPress Bricks Builder <= 1.9.6. Executes arbitrary code remotely. |
Link |
2025-04-03T13:54:25Z |
| 959322341 |
corsisechero/CVE-2020-13942byVulHub |
no description |
Link |
2025-04-02T15:51:20Z |
| 957697046 |
user20252228/backdoor.mirai.helloworld |
backdoor.mirai.helloworld cve2018-20561, cve-2018-10562 해킹 |
Link |
2025-03-31T00:51:58Z |
| 957681285 |
user20252228/CVE-2018-0239 |
/CSCOE/ CSCOV |
Link |
2025-03-30T23:44:05Z |
| 957353931 |
Drew-Alleman/CVE-2020-11651 |
A script that exploits SaltStack CVE-2020-11651 and CVE-2020-11652 to add new users to a vulnerable Salt master by injecting entries into /etc/passwd and /etc/shadow. |
Link |
2025-03-30T06:33:04Z |
| 956982168 |
arkede/cve-2020 |
CVE rules for 2020 |
Link |
2025-03-29T09:17:16Z |
| 956982100 |
arkede/cve-2018 |
CVE rules for 2018 |
Link |
2025-03-29T09:17:04Z |
| 956475948 |
user20252228/WebLogic_CVE_2020_14882 |
2020 14882 oracle weblogic consolejndi.portal 이중인코딩 mvel2 인자 rce |
Link |
2025-03-28T10:14:10Z |
| 956235901 |
echoosso/CVE-2019-9978 |
A Remote Code Execution (RCE) vulnerability in the Social Warfare plugin for WordPress, affecting versions below 3.5.3. |
Link |
2025-03-27T23:18:51Z |
| 956001488 |
liemkaka/CVE-2018-9206 |
no description |
Link |
2025-03-27T14:39:59Z |
| 954855431 |
moften/cve-2018-15473-poc |
Check if a username is valid on the SSH server by attempting an authentication. The server response will indicate whether the username exists. |
Link |
2025-03-25T18:08:47Z |
| 948129682 |
dpextreme/7-Zip-CVE-2025-0411-POC |
This repository contains POC scenarios as part of CVE-2025-0411 MotW bypass. |
Link |
2025-03-13T19:53:22Z |
| 947728332 |
0xbinder/android-kernel-exploitation-lab |
This lab guides you through setting up an environment to explore CVE-2019-2215, a critical Android kernel vulnerability in the binder subsystem. |
Link |
2025-03-13T06:42:15Z |
| 941282276 |
alfiecg24/Trigon |
Deterministic kernel exploit based on CVE-2023-32434. |
Link |
2025-03-01T23:07:37Z |
| 940883640 |
clarkvoss/telerik |
CVE-2019-18935: Remote Code Execution |
Link |
2025-03-01T01:28:54Z |
| 936482866 |
Seriousattempts/Bootloader_Unlock_Retroid_Pocket_3Plus |
Bootloader unlock using CVE-2022-38694 for Retroid Pocket 3+ |
Link |
2025-02-21T06:55:15Z |
| 935422265 |
bshyuunn/bandiview-7.05-vuln-PoC |
bandiview (7.05) vuln PoC | CVE-2024-45870, CVE-2024-45871, CVE-2024-45872 |
Link |
2025-02-19T12:21:40Z |
| 931686899 |
mbadanoiu/CVE-2019-12409 |
CVE-2019-12409: RCE Vulnerability Due to Bad Defalut Config in Apache Solr |
Link |
2025-02-12T17:32:56Z |
| 931685940 |
mbadanoiu/CVE-2019-12401 |
CVE-2019-12401: XML Bomb in Apache Solr |
Link |
2025-02-12T17:31:05Z |
| 931684357 |
mbadanoiu/CVE-2019-11287 |
CVE-2019-11287: DoS via Heap Overflow in RabbitMQ Web Management Plugin |
Link |
2025-02-12T17:28:01Z |
| 929066063 |
moften/CVE-2019-20372 |
Nginx CVE-2019-20372 PoC, Unauthenticated File Upload Exploit |
Link |
2025-02-07T18:39:32Z |
| 926102313 |
DRAGOWN/CVE-2024-56903 |
CVE-2024-56903 - Geovision GV-ASManager web application with the version 6.1.1.0 or less allows attackers to modify POST requests with GET in critical functionalities, such as account management. This vulnerability is used in chain with CVE-2024-56901 for a successful CSRF attack. |
Link |
2025-02-02T15:04:25Z |
| 926102291 |
DRAGOWN/CVE-2024-56901 |
CVE-2024-56901 - A Cross-Site Request Forgery (CSRF) vulnerability in Geovision GV-ASManager web application with the version 6.1.1.0 or less that allows attackers to arbitrarily create Admin accounts via a crafted POST request. |
Link |
2025-02-02T15:04:22Z |
| 926084082 |
DRAGOWN/CVE-2024-56902 |
CVE-2024-56902 - Information disclosure vulnerability in GeoVision GV-ASManager web application with the version v6.1.0.0 or less, which discloses account information, including cleartext password. |
Link |
2025-02-02T14:16:34Z |
| 925993047 |
DRAGOWN/CVE-2024-56898 |
CVE-2024-56898 - Broken access control vulnerability in GeoVision GV-ASManager web application with version v6.1.0.0 or less. This vulnerability allows low privilege users perform actions that they aren't authorized to, which can be leveraged to escalate privileges, create, modify or delete accounts. |
Link |
2025-02-02T09:20:32Z |
| 924176696 |
exfil0/CVE-2024-55591-POC |
A comprehensive all-in-one Python-based Proof of Concept script to discover and exploit a critical authentication bypass vulnerability (CVE-2024-55591) in certain Fortinet devices. |
Link |
2025-01-29T14:54:40Z |
| 923029536 |
z-bool/Venom-JWT |
针对JWT渗透开发的漏洞验证/密钥爆破工具,针对CVE-2015-9235/空白密钥/未验证签名攻击/CVE-2016-10555/CVE-2018-0114/CVE-2020-28042的结果生成用于FUZZ,也可使用字典/字符枚举(包括JJWT)的方式进行爆破(JWT Crack) |
Link |
2025-01-27T14:23:31Z |
| 919943347 |
kit4py/CVE-2024-41570 |
Automated Reverse Shell Exploit via WebSocket | Havoc-C2-SSRF with RCE |
Link |
2025-01-21T09:41:05Z |
| 907323398 |
CrazyDaveX86/CVE-2023-28293 |
Exploit for CVE-2023-28293 |
Link |
2024-12-23T10:25:37Z |
| 903400976 |
wezoomagency/GrafXploit |
Automated Exploit Tool for Grafana CVE-2021-43798: Scanning common files that contain juicy informations and extracting SSH keys from compromised users. |
Link |
2024-12-14T14:06:59Z |
| 869670698 |
Agilevatester/FlaskCache_CVE-2021-33026_POC |
no description |
Link |
2024-10-08T17:27:56Z |
| 869360224 |
becrevex/CVE-2022-24706 |
Apache CouchDB 3.2.1 - Remote Code Execution (RCE) Checker |
Link |
2024-10-08T07:02:30Z |
| 849195359 |
lizhianyuguangming/TomcatScanPro |
tomcat自动化漏洞扫描利用工具,支持批量弱口令检测、后台部署war包getshell、CVE-2017-12615 文件上传、CVE-2020-1938/CNVD-2020-10487 文件包含 |
Link |
2024-08-29T06:38:16Z |
| 822788426 |
xaitax/CVE-2024-6387_Check |
CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH |
Link |
2024-07-01T20:33:20Z |
| 813992889 |
ISH2YU/CVE-2023-36802 |
Procedure to Recreate the Exploit for CVE-2023-36802 targeting MSKSSRV.SYS driver |
Link |
2024-06-12T06:19:50Z |
| 811762680 |
amacloudobia/CVE-2020-14883 |
oracle weblogic |
Link |
2024-06-07T08:50:53Z |
| 806370986 |
joelindra/HTMLawedChecker |
Automated CVE 2022 35914 Checker |
Link |
2024-05-27T04:25:12Z |
| 803710130 |
aliask/dinkleberry |
Patch your D-Link device affected by CVE-2024-3272 |
Link |
2024-05-21T08:40:37Z |
| 781441452 |
KubernetesBachelor/CVE-2024-21626 |
POC |
Link |
2024-04-03T11:45:19Z |
| 779402262 |
KubernetesBachelor/CVE-2023-5044 |
Poc for CVE 2023 5044 |
Link |
2024-03-29T18:53:50Z |
| 774128871 |
sparrow-labz/CVE-2020-0423 |
Researching CVE published originally by longterm.io |
Link |
2024-03-19T01:47:28Z |
| 773483445 |
rxerium/CVE-2022-24086 |
An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing arbitrary markup to be injected into the document. |
Link |
2024-03-17T19:29:37Z |
| 739141829 |
Xewdy444/Netgrave |
A tool for retrieving login credentials from Netwave IP cameras using a memory dump vulnerability (CVE-2018-17240) |
Link |
2024-01-04T21:44:21Z |
| 713095922 |
uthrasri/jetty-9.4.31.v20200723_CVE-2023-26049 |
no description |
Link |
2023-11-01T20:37:41Z |
| 706412262 |
ZephrFish/CVE-2023-20198-Checker |
CVE-2023-20198 & 0Day Implant Scanner |
Link |
2023-10-17T22:41:14Z |
| 678662540 |
mistymntncop/CVE-2023-3079 |
no description |
Link |
2023-08-15T04:16:46Z |
| 631719735 |
glen-pearson/ProxyLogon-CVE-2021-26855 |
no description |
Link |
2023-04-23T22:26:45Z |
| 608826023 |
SystemVll/CVE-2022-23093 |
The FreeBSD ICMP buffer overflow, freebsd buffer overflow poc |
Link |
2023-03-02T20:18:54Z |
| 593598818 |
DRAGOWN/CVE-2023-24709-PoC |
In Paradox Security System IPR512 web panel, an unauthenticated user can input JavaScript string, such as that will overwrite configurations in the file "login.xml" and cause the login form to crash and make it unavailable. |
Link |
2023-01-26T12:13:51Z |
| 582165833 |
straight-tamago/NoCameraSound |
CVE-2022-46689 |
Link |
2022-12-26T00:08:55Z |
| 573201113 |
SystemVll/CVE-2022-26265 |
The first proof of concept of the Contao CMS RCE |
Link |
2022-12-01T23:11:19Z |
| 547154027 |
ZephrFish/NotProxyShellScanner |
Python implementation for NotProxyShell aka CVE-2022-40140 & CVE-2022-41082 |
Link |
2022-10-07T08:10:00Z |
| 543986246 |
SystemVll/CVE-2022-27925 |
A loader for zimbra 2022 rce (cve-2022-27925) |
Link |
2022-10-01T10:33:55Z |
| 541485417 |
SystemVll/CVE-2022-36804 |
A loader for bitbucket 2022 rce (cve-2022-36804) |
Link |
2022-09-26T08:35:31Z |
| 510946912 |
f4yd4-s3c/cve-2022-26134 |
no description |
Link |
2022-07-06T01:27:21Z |
| 492434082 |
SystemVll/CVE-2022-29464-loader |
A bots loader for CVE-2022-29464 with multithreading |
Link |
2022-05-15T08:51:16Z |
| 492382276 |
PsychoSec2/CVE-2022-1388-POC |
An Improved Proof of Concept for CVE-2022-1388 w/ an Interactive Shell |
Link |
2022-05-15T03:58:21Z |
| 490254474 |
ZephrFish/F5-CVE-2022-1388-Exploit |
Exploit and Check Script for CVE 2022-1388 |
Link |
2022-05-09T11:30:09Z |
| 471566553 |
GhostTroops/TOP |
TOP All bugbounty pentesting CVE-2023- POC Exp RCE example payload Things |
Link |
2022-03-19T01:54:15Z |
| 466801862 |
manuelz120/CVE-2022-23940 |
PoC for CVE-2022-23940 |
Link |
2022-03-06T17:05:02Z |
| 437124793 |
winnpixie/log4noshell |
A Java Agent that disables Apache Log4J's JNDI Lookup to mitigate CVE-2021-44228 ("Log4Shell"). |
Link |
2021-12-10T21:59:31Z |
| 309474524 |
CVEProject/cvelist |
Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023 |
Link |
2020-11-02T19:30:55Z |
| 304044860 |
ZephrFish/CVE-2020-16898 |
HoneyPoC 2.0: Proof-of-Concept (PoC) script to exploit IPv6 (CVE-2020-16898). |
Link |
2020-10-14T14:42:52Z |
| 228155281 |
kosmokato/bad-dicom |
Explotation framework for CVE-2019-11687 |
Link |
2019-12-15T08:52:17Z |
| 122391619 |
alonhr/SecDrvPoolLeak |
A PoC for CVE-2018-7250 |
Link |
2018-02-21T20:47:39Z |
| 122389904 |
alonhr/NotSecDrv |
A PoC for CVE-2018-7249 |
Link |
2018-02-21T20:31:09Z |