CVE-2025-32433
Author: soltanali0

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.

GitHub Link:
https://github.com/soltanali0/CVE-2025-32433-Eploit

CVE-2010-2075
Author: earthbendergara

UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3DOLOGSYSTEM macro, which allows remote attackers to execute arbitrary commands.

GitHub Link:
https://github.com/earthbendergara/unrealircd3.2.8.1-local-exploit

CVE-2025-66022
Author: wasfyelbaz

None

GitHub Link:
https://github.com/wasfyelbaz/CVE-2025-66022

CVE-2025-65881
Author: MMAKINGDOM

None

GitHub Link:
https://github.com/MMAKINGDOM/CVE-2025-65881

CVE-2024-25600
Author: ranjithxploit

Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6.

GitHub Link:
https://github.com/ranjithxploit/CVE-2024-25600

CVE-2025-13315
Author: Ashwesker

None

GitHub Link:
https://github.com/Ashwesker/Blackash-CVE-2025-13315

CVE-2025-59390
Author: Daeda1usUK

None

GitHub Link:
https://github.com/Daeda1usUK/CVE-2025-59390-

CVE-2025-2011
Author: Ashwesker

The Slider & Popup Builder by Depicter plugin for WordPress is vulnerable to generic SQL Injection via the ‘s' parameter in all versions up to, and including, 3.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

GitHub Link:
https://github.com/Ashwesker/Blackash-CVE-2025-2011

CVE-2024-20666
Author: tazxtazxedu

BitLocker Security Feature Bypass Vulnerability

GitHub Link:
https://github.com/tazxtazxedu/WinRE-Fix

CVE-2023-26360
Author: RyanRodrigues880

Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction.

GitHub Link:
https://github.com/RyanRodrigues880/CVE-2023-26360

CVE-2025-55315
Author: MartinFabianIonut

None

GitHub Link:
https://github.com/MartinFabianIonut/CVE-2025-55315

CVE-2018-10933
Author: opsifiz

A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.

GitHub Link:
https://github.com/opsifiz/CVE-2018-10933

CVE-2018-17254
Author: 7amzahard

The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.

GitHub Link:
https://github.com/7amzahard/script-python-to-detect-CVE-2018-17254

CVE-2025-9435
Author: passtheticket

None

GitHub Link:
https://github.com/passtheticket/CVE-2025-9435

CVE-2023-46136
Author: JawadPy

None

GitHub Link:
https://github.com/JawadPy/WerkGhost

CVE-2021-23394
Author: 0xnemian

The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. NOTE: This only applies if the server parses .phar files as PHP.

GitHub Link:
https://github.com/0xnemian/CVE-2021-23394