CVE-2025-4664.zip
950 B
CVE-2025-4664
Author: mingijunggrape
Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
GitHub Link:
https://github.com/mingijunggrape/CVE-2025-4664
Author: mingijunggrape
Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
GitHub Link:
https://github.com/mingijunggrape/CVE-2025-4664
CVE-2025-33073.zip
12.1 KB
CVE-2025-33073
Author: B1ack4sh
Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
GitHub Link:
https://github.com/B1ack4sh/Blackash-CVE-2025-33073
Author: B1ack4sh
Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
GitHub Link:
https://github.com/B1ack4sh/Blackash-CVE-2025-33073
CVE-2023-46604.zip
2.1 KB
CVE-2023-46604
Author: pavanaa4k
Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.
Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue.
GitHub Link:
https://github.com/pavanaa4k/CVE-2023-46604-LAB
Author: pavanaa4k
Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.
Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue.
GitHub Link:
https://github.com/pavanaa4k/CVE-2023-46604-LAB
CVE-2025-32463.zip
3.4 KB
CVE-2025-32463
Author: ankitpandey383
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
GitHub Link:
https://github.com/ankitpandey383/CVE-2025-32463-Sudo-Privilege-Escalation
Author: ankitpandey383
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
GitHub Link:
https://github.com/ankitpandey383/CVE-2025-32463-Sudo-Privilege-Escalation
CVE-2023-2598
Author: guard-wait
A flaw was found in the fixed buffer registration code for iouring (iosqebufferregister in iouring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.
GitHub Link:
https://github.com/guard-wait/CVE-2023-2598EXP
Author: guard-wait
A flaw was found in the fixed buffer registration code for iouring (iosqebufferregister in iouring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.
GitHub Link:
https://github.com/guard-wait/CVE-2023-2598EXP
CVE-2025-5777.zip
789 B
CVE-2025-5777
Author: mr-r3b00t
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
GitHub Link:
https://github.com/mr-r3b00t/CVE-2025-5777
Author: mr-r3b00t
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
GitHub Link:
https://github.com/mr-r3b00t/CVE-2025-5777
CVE-2011-2523.zip
2 KB
CVE-2011-2523
Author: avivyap
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
GitHub Link:
https://github.com/avivyap/CVE-2011-2523
Author: avivyap
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
GitHub Link:
https://github.com/avivyap/CVE-2011-2523
CVE-2021-44228.zip
709 B
CVE-2021-44228
Author: mgueye3
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
GitHub Link:
https://github.com/mgueye3/Log4Shell
Author: mgueye3
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
GitHub Link:
https://github.com/mgueye3/Log4Shell
CVE-2025-21479.zip
25.7 KB
CVE-2025-21479
Author: sarabpal-dev
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
GitHub Link:
https://github.com/sarabpal-dev/cheese-cake
Author: sarabpal-dev
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
GitHub Link:
https://github.com/sarabpal-dev/cheese-cake