CVE-2025-4664.zip
950 B
CVE-2025-4664
Author: mingijunggrape
Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
GitHub Link:
https://github.com/mingijunggrape/CVE-2025-4664
Author: mingijunggrape
Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
GitHub Link:
https://github.com/mingijunggrape/CVE-2025-4664
CVE-2025-33073.zip
12.1 KB
CVE-2025-33073
Author: B1ack4sh
Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
GitHub Link:
https://github.com/B1ack4sh/Blackash-CVE-2025-33073
Author: B1ack4sh
Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
GitHub Link:
https://github.com/B1ack4sh/Blackash-CVE-2025-33073
CVE-2023-46604.zip
2.1 KB
CVE-2023-46604
Author: pavanaa4k
Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.
Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue.
GitHub Link:
https://github.com/pavanaa4k/CVE-2023-46604-LAB
Author: pavanaa4k
Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.
Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue.
GitHub Link:
https://github.com/pavanaa4k/CVE-2023-46604-LAB
CVE-2025-32463.zip
3.4 KB
CVE-2025-32463
Author: ankitpandey383
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
GitHub Link:
https://github.com/ankitpandey383/CVE-2025-32463-Sudo-Privilege-Escalation
Author: ankitpandey383
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
GitHub Link:
https://github.com/ankitpandey383/CVE-2025-32463-Sudo-Privilege-Escalation
CVE-2023-2598
Author: guard-wait
A flaw was found in the fixed buffer registration code for iouring (iosqebufferregister in iouring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.
GitHub Link:
https://github.com/guard-wait/CVE-2023-2598EXP
Author: guard-wait
A flaw was found in the fixed buffer registration code for iouring (iosqebufferregister in iouring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.
GitHub Link:
https://github.com/guard-wait/CVE-2023-2598EXP
CVE-2025-5777.zip
789 B
CVE-2025-5777
Author: mr-r3b00t
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
GitHub Link:
https://github.com/mr-r3b00t/CVE-2025-5777
Author: mr-r3b00t
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
GitHub Link:
https://github.com/mr-r3b00t/CVE-2025-5777