CVE-2019-2215.zip
120.4 KB
CVE-2019-2215
Author: i-redbyte
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
GitHub Link:
https://github.com/i-redbyte/android-badbinder-demo
Author: i-redbyte
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
GitHub Link:
https://github.com/i-redbyte/android-badbinder-demo
CVE-2016-5195.zip
289.8 KB
CVE-2016-5195
Author: arturomartinvegue
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
GitHub Link:
https://github.com/arturomartinvegue/escalada-privilegios-kernel-exploit-dirty-cow
Author: arturomartinvegue
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
GitHub Link:
https://github.com/arturomartinvegue/escalada-privilegios-kernel-exploit-dirty-cow
CVE-2020-5902.zip
1.9 KB
CVE-2020-5902
Author: B1ack4sh
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
GitHub Link:
https://github.com/B1ack4sh/Blackash-CVE-2020-5902
Author: B1ack4sh
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
GitHub Link:
https://github.com/B1ack4sh/Blackash-CVE-2020-5902
CVE-2017-12615.zip
970 B
CVE-2017-12615
Author: Fa1c0n35
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
GitHub Link:
https://github.com/Fa1c0n35/CVE-2017-12615
Author: Fa1c0n35
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
GitHub Link:
https://github.com/Fa1c0n35/CVE-2017-12615
CVE-2023-5359.zip
3.8 KB
CVE-2023-5359
Author: enzocipher
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible plugin source. This can allow unauthenticated attackers to impersonate W3 Total Cache and gain access to user account information in successful conditions. This would not impact the WordPress users site in any way.
GitHub Link:
https://github.com/enzocipher/CVE-2023-5359
Author: enzocipher
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible plugin source. This can allow unauthenticated attackers to impersonate W3 Total Cache and gain access to user account information in successful conditions. This would not impact the WordPress users site in any way.
GitHub Link:
https://github.com/enzocipher/CVE-2023-5359
CVE-2023-45612.zip
52.3 KB
CVE-2023-45612
Author: ksaweryr
In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE
GitHub Link:
https://github.com/ksaweryr/CVE-2023-45612-PoC
Author: ksaweryr
In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE
GitHub Link:
https://github.com/ksaweryr/CVE-2023-45612-PoC
CVE-2023-45612.zip
123.9 KB
CVE-2023-45612
Author: stefan-500
In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE
GitHub Link:
https://github.com/stefan-500/ktor-cve-2023-45612-poc
Author: stefan-500
In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE
GitHub Link:
https://github.com/stefan-500/ktor-cve-2023-45612-poc
CVE-2025-12907.zip
3 KB
CVE-2025-12907
Author: DExplo1ted
None
GitHub Link:
https://github.com/DExplo1ted/CVE-2025-12907-Exploit
Author: DExplo1ted
None
GitHub Link:
https://github.com/DExplo1ted/CVE-2025-12907-Exploit
CVE-2025-48384.zip
777 B
CVE-2025-48384
Author: bummie
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.
GitHub Link:
https:...
Author: bummie
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.
GitHub Link:
https:...