CVE-2022-30190
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.
Github link:
https://github.com/ethicalblue/Follina-CVE-2022-30190-Sample
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.
Github link:
https://github.com/ethicalblue/Follina-CVE-2022-30190-Sample
GitHub
GitHub - ethicalblue/Follina-CVE-2022-30190-Sample: Educational exploit for CVE-2022-30190
Educational exploit for CVE-2022-30190. Contribute to ethicalblue/Follina-CVE-2022-30190-Sample development by creating an account on GitHub.
CVE-2024-34102
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.
Github link:
https://github.com/ex-ARnX/CVE-2024-34102-PoC
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.
Github link:
https://github.com/ex-ARnX/CVE-2024-34102-PoC
GitHub
GitHub - ex-ARnX/CVE-2024-34102-PoC: CVE-2024-34102 unauthenticated RCE PoC for Magento/adobe commerce and (NEW 0DAY)?
CVE-2024-34102 unauthenticated RCE PoC for Magento/adobe commerce and (NEW 0DAY)? - ex-ARnX/CVE-2024-34102-PoC
CVE-2024-24590
Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI’s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user’s system when interacted with.
Github link:
https://github.com/sviim/ClearML-CVE-2024-24590
Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI’s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user’s system when interacted with.
Github link:
https://github.com/sviim/ClearML-CVE-2024-24590
GitHub
GitHub - sviim/ClearML-CVE-2024-24590-RCE: With this script you can exploit the CVE-2024-24590
With this script you can exploit the CVE-2024-24590 - sviim/ClearML-CVE-2024-24590-RCE
CVE-2022-37017
Symantec Endpoint Protection (Windows) agent, prior to 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This CVE applies narrowly to the Client User Interface Password protection and Policy Import/Export Password protection, if it has been enabled.
Github link:
https://github.com/apeppels/CVE-2022-37017
Symantec Endpoint Protection (Windows) agent, prior to 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This CVE applies narrowly to the Client User Interface Password protection and Policy Import/Export Password protection, if it has been enabled.
Github link:
https://github.com/apeppels/CVE-2022-37017
GitHub
GitHub - apeppels/CVE-2022-37017: Bypass for Symantec Endpoint Protection's Client User Interface Password
Bypass for Symantec Endpoint Protection's Client User Interface Password - apeppels/CVE-2022-37017
CVE-2023-22515
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
For more details, please review the linked advisory on this CVE.
Github link:
https://github.com/Onedy1703/CVE-2023-22515
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
For more details, please review the linked advisory on this CVE.
Github link:
https://github.com/Onedy1703/CVE-2023-22515
GitHub
GitHub - Onedy1703/CVE-2023-22515: CVE 2023-22515
CVE 2023-22515. Contribute to Onedy1703/CVE-2023-22515 development by creating an account on GitHub.
CVE-2020-13945
In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. This affects versions 1.2, 1.3, 1.4, 1.5.
Github link:
https://github.com/K3ysTr0K3R/CVE-2020-13945-EXPLOIT
In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. This affects versions 1.2, 1.3, 1.4, 1.5.
Github link:
https://github.com/K3ysTr0K3R/CVE-2020-13945-EXPLOIT
GitHub
GitHub - K3ysTr0K3R/CVE-2020-13945-EXPLOIT: A PoC exploit for CVE-2020-13945 - Apache APISIX Remote Code Execution (RCE)
A PoC exploit for CVE-2020-13945 - Apache APISIX Remote Code Execution (RCE) - K3ysTr0K3R/CVE-2020-13945-EXPLOIT
CVE-2024-24919
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Github link:
https://github.com/H3KEY/CVE-2024-24919
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Github link:
https://github.com/H3KEY/CVE-2024-24919
GitHub
GitHub - H3KEY/CVE-2024-24919: Hello everyone, I am sharing a modified script from CVE-2024-24919 which can extract paths categorized…
Hello everyone, I am sharing a modified script from CVE-2024-24919 which can extract paths categorized as critical. - H3KEY/CVE-2024-24919
CVE-2013-2028
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
Github link:
https://github.com/xiw1ll/CVE-2013-2028_Checker
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
Github link:
https://github.com/xiw1ll/CVE-2013-2028_Checker
GitHub
GitHub - xiw1ll/CVE-2013-2028_Checker: Tool for checking Nginx CVE-2013-2028
Tool for checking Nginx CVE-2013-2028. Contribute to xiw1ll/CVE-2013-2028_Checker development by creating an account on GitHub.
CVE-2023-38831
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through August 2023.
Github link:
https://github.com/MaorBuskila/Windows-X64-RAT
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through August 2023.
Github link:
https://github.com/MaorBuskila/Windows-X64-RAT
GitHub
GitHub - MaorBuskila/Windows-X64-RAT: Remote Access Trojan (RAT) for Windows x64 using a combination of vulnerability CVE-2023…
Remote Access Trojan (RAT) for Windows x64 using a combination of vulnerability CVE-2023-38831 (WinRAR < 6.23 vulnerability) and Shellcode exploitation technique. - MaorBuskila/Windows-X64-RAT