CVE-2025-5419
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/riemannj/CVE-2025-5419
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/riemannj/CVE-2025-5419
GitHub
riemannj/CVE-2025-5419
Dissecting CVEin Chrome. Contribute to riemannj/CVE-2025-5419 development by creating an account on GitHub.
CVE-2025-24893
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any guest can perform arbitrary remote code execution through a request to `SolrSearch`. This impacts the confidentiality, integrity and availability of the whole XWiki installation. To reproduce on an instance, without being logged in, go to `<host>/xwiki/bin/get/Main/SolrSearch?media=rss&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28"Hello%20from"%20%2B%20"%20search%20text%3A"%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20`. If there is an output, and the title of the RSS feed contains `Hello from search text:42`, then the instance is vulnerable. This vulnerability has been patched in XWiki 15.10.11, 16.4.1 and 16.5.0RC1. Users are advised to upgrade. Users unable to upgrade may edit `Main.SolrSearchMacros` in `SolrSearchMacros.xml` on line 955 to match the `rawResponse` macro in `macros.vm#L2824` with a content type of `application/xml`, instead o
Github link:
https://github.com/CMassa/CVE-2025-24893
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any guest can perform arbitrary remote code execution through a request to `SolrSearch`. This impacts the confidentiality, integrity and availability of the whole XWiki installation. To reproduce on an instance, without being logged in, go to `<host>/xwiki/bin/get/Main/SolrSearch?media=rss&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28"Hello%20from"%20%2B%20"%20search%20text%3A"%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20`. If there is an output, and the title of the RSS feed contains `Hello from search text:42`, then the instance is vulnerable. This vulnerability has been patched in XWiki 15.10.11, 16.4.1 and 16.5.0RC1. Users are advised to upgrade. Users unable to upgrade may edit `Main.SolrSearchMacros` in `SolrSearchMacros.xml` on line 955 to match the `rawResponse` macro in `macros.vm#L2824` with a content type of `application/xml`, instead o
Github link:
https://github.com/CMassa/CVE-2025-24893
GitHub
GitHub - CMassa/CVE-2025-24893: PoC exploit for XWiki Remote Code Execution Vulnerability (CVE-2025-24893)
PoC exploit for XWiki Remote Code Execution Vulnerability (CVE-2025-24893) - CMassa/CVE-2025-24893
CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
Github link:
https://github.com/imkidz0/CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
Github link:
https://github.com/imkidz0/CVE-2017-11882
GitHub
GitHub - imkidz0/CVE-2017-11882: Simple PoC of CVE-2017-11882
Simple PoC of CVE-2017-11882. Contribute to imkidz0/CVE-2017-11882 development by creating an account on GitHub.
CVE-2021-1675
Windows Print Spooler Elevation of Privilege Vulnerability
Github link:
https://github.com/ArtAtrium/PrintNightmare
Windows Print Spooler Elevation of Privilege Vulnerability
Github link:
https://github.com/ArtAtrium/PrintNightmare
GitHub
ArtAtrium/PrintNightmare
C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527 - ArtAtrium/PrintNightmare
CVE-2022-30190
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.
Github link:
https://github.com/seinab-ibrahim/Follina-Vulnerability-CVE-2022-30190-Exploit-Analysis
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.
Github link:
https://github.com/seinab-ibrahim/Follina-Vulnerability-CVE-2022-30190-Exploit-Analysis
GitHub
GitHub - seinab-ibrahim/Follina-Vulnerability-CVE-2022-30190-Exploit-Analysis: Exploration of the Follina (CVE-2022-30190) Microsoft…
Exploration of the Follina (CVE-2022-30190) Microsoft Office vulnerability, including a detailed analysis, proof-of-concept exploitation in a controlled lab, and mitigation strategies. For educatio...
CVE-2018-6574
Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked.
Github link:
https://github.com/solovvway/CVE-2018-6574
Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked.
Github link:
https://github.com/solovvway/CVE-2018-6574
GitHub
solovvway/CVE-2018-6574
POC of CVE-2018-6574 to solve Pentestlab challenge - solovvway/CVE-2018-6574
CVE-2022-37418
The Remote Keyless Entry (RKE) receiving unit on certain Nissan, Kia, and Hyundai vehicles through 2017 allows remote attackers to perform unlock operations and force a resynchronization after capturing two consecutive valid key fob signals over the radio, aka a RollBack attack. The attacker retains the ability to unlock indefinitely.
Github link:
https://github.com/thomasarmel/rollback_car_attack_proverif
The Remote Keyless Entry (RKE) receiving unit on certain Nissan, Kia, and Hyundai vehicles through 2017 allows remote attackers to perform unlock operations and force a resynchronization after capturing two consecutive valid key fob signals over the radio, aka a RollBack attack. The attacker retains the ability to unlock indefinitely.
Github link:
https://github.com/thomasarmel/rollback_car_attack_proverif
GitHub
GitHub - thomasarmel/rollback_car_attack_proverif: ProVerif proof of concept of the Rollback attack on car keyfob (CVE-2022-37418…
ProVerif proof of concept of the Rollback attack on car keyfob (CVE-2022-37418, CVE-2022-36945 and CVE-2022-37305) - thomasarmel/rollback_car_attack_proverif
CVE-2025-31324
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.
Github link:
https://github.com/antichainalysis/sap-netweaver-0day-CVE-2025-31324
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.
Github link:
https://github.com/antichainalysis/sap-netweaver-0day-CVE-2025-31324
GitHub
GitHub - antichainalysis/sap-netweaver-0day-CVE-2025-31324: sap netweaver 0day poc by shinyhunters (scattered lapsus$ hunters)…
sap netweaver 0day poc by shinyhunters (scattered lapsus$ hunters) affecting all 7.x CVE-2025-31324 - antichainalysis/sap-netweaver-0day-CVE-2025-31324