Automatic monitor github cve using Github Actions
update time: 2022-10-02 12:52:27.572476 total: 10660
CVE-2022-41040 nuclei template : numanturle/CVE-2022-41040 create time: 2022-10-02T11:26:57Z
no description : L34ked/CVE-2022-41208 create time: 2022-10-02T09:53:33Z
CVE-2022-41082 is a SSRF vulnerability which leads to remote code execution (RCE) when PowerShell is accessible to the attacker. a very problematic issue for sys admins : krc0m/CVE-2022-41082 create time: 2022-10-02T08:51:58Z
no description : Boonjune/POC-CVE-2022-30600 create time: 2022-10-02T08:43:05Z
Check for NotProxyShell CVE-2022-40140 & CVE-2022-41082 : mr-r3b00t/NotProxyShellHunter create time: 2022-10-02T08:14:03Z
C̷̫͙̦͒̈́̕͜V̵̺̟̘̮̩̻͕͎̝͌͆̀̒͗͠Ę̴̻͇͉͍̍͒̈̕-̸͚̰̺̓͑̓̓͂͒̈̈́͠͝2̸̨̳̘̞̰̹̻̟̅̽͐͝0̵̡̭̋̈́̅͐̉1̵̡̧͔͙̋̈́̔ͅ8̴̡̛͓͖̟̣̒̆̈́́̾̓̕ͅ-̸̺̣̰̓̊͗͒͘͝1̴̭̻̰̉̔͜͜͝4̷̤̍̈́͂̊͐8̷̬̠̓̄̈́̂̚͠4̶̨̢̧̢̺͈̰̹̑̾́͊̈́͜͠7̵̬̲̩̎͋͌̅̍́̎͋͝ ̵̨̞̥̪̝̤̻́̐̇̎͘̚M̴̩͆͑̒̆ị̷̰̱͕̗̝̍͂k̵̢̯͍̄́̉̅̚͘r̷̛͍̉̈́́͌͑o̸͕̘̳̫̞̠͎̿t̶̛̼͚̦̼̳̪̳͉̔̿̋̄̆̋̈́̚͜i̶͈̮͙͊̌͛̈́̈́̅̕͝k̸̛̳͙̺͍̫̟̤͉̫͐ͅ ̶̰̼̹̫̝̦͑̈́͌̌̎̽͐͘͠P̴̛͖̦͚̬̈́͐̑͑͒̌́͠͠ͅÿ̵͎̬̦̻̝̮̬́̈͗̑̄̑̄͝ṭ̴̘͔͙͍̙̈́̋̚͝ḩ̴̨̾̃́̿̐̎͋͌o̷̢̠͈̰̪̦͔̮̾̃̽̔̈́̍͊́͑ń̵̢̢̨͓̞̥̳̱͖̔͌̅͂͊̄͐̏̉ ̷̢̣͈͍̭͆̏͜Ë̸̛̲̑͂x̸̢̨̪͓͕̥̽̍̓̚͝͠p̶̖̟͇̮̒̈̈͂̅̀̊̅ļ̵̧̙̣̘̦̪̲͓̈́̃ͅo̴͕̐̈́̚ĭ̸̻̖̩̯̬̤͓̖̱͋́͜t̶̩̟͈̟̠̹̆̌̀́̈̈́ : flux10n/CVE-2018-14847 create time: 2022-10-02T04:21:52Z
PoC of CVE-2022-24086 : akr3ch/CVE-2022-24086 create time: 2022-10-01T13:53:49Z
unauthenticated remote code execution in userportal and webadmin component of sophos firewall : sevous/CVE-2022-3236-RCE create time: 2022-10-01T12:06:28Z
Nmap scripts to detect exchange 0-day (CVE-2022-41082) vulnerability : Diverto/nse-exchange create time: 2022-10-01T11:53:14Z
CVE-2022-41082 is a SSRF vulnerability which leads to remote code execution (RCE) when PowerShell is accessible to the attacker. a very problematic issue for sys admins : spher0X/CVE-2022-41082-RCE create time: 2022-10-01T11:45:34Z
VanillaForum 2.6.3 allows stored XSS. : hacky1997/CVE-2020-8825 create time: 2020-02-10T07:24:37Z
A loader for zimbra 2022 rce (cve-2022-27925) : Inplex-sys/CVE-2022-27925 create time: 2022-10-01T10:33:55Z
Metasploit Framework module for ProxyNotShell – CVE-2022-40140 & CVE-2022-41082 : 0daylabin/ProxyNotShell create time: 2022-10-01T10:03:24Z
no description : cactuschibre/CVE-2022-35914-poc create time: 2022-09-30T16:43:28Z
PoC for CVE-2022-41082 RCE a.k.a ProxyNotShell : jml4da/CVE-2022-41082-POC create time: 2022-10-01T05:30:48Z
WonderCMS 3.1.3 - Authenticated Remote Code Execution : AkashLingayat/WonderCMS-CVE-2020-35314 create time: 2022-10-01T04:14:20Z
Laravel debug mode - Remote Code Execution (RCE) : hupe1980/CVE-2021-3129 create time: 2022-09-30T17:54:17Z
PoC for CVE-2022-41082 RCE as known as ProxyNotShell : R007er/CVE-2022-41082-RCE create time: 2022-09-30T20:59:46Z
no description : kev1n-beaum0nt/CVE-2022-41082-RCE-POC create time: 2022-09-30T19:07:36Z
CVE-2022-41040 Remote Code Exeuction vulnerability : kev1n-beaum0nt/CVE-2022-41040-RCE-POC create time: 2022-09-30T18:25:21Z
PoC for CVE-2022-41082 RCE as known as ProxyNotShell : R007er/CVE-2022-41082-POC create time: 2022-09-30T17:51:47Z
CVE-2022-41082 is a SSRF vulnerability which leads to remote code execution (RCE) when PowerShell is accessible to the attacker. a very problematic issue for sys admins : TimWallbey/CVE-2022-41082-PoC create time: 2022-09-30T17:23:29Z
no description : Rcs55F/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft create time: 2022-09-30T15:10:59Z
no description : Rcs55F/Jpg-Png-Exploit-Downloader-Fud-Cryter-Malware-Builder-Cve-2022 create time: 2022-09-30T15:05:06Z
no description : Rcs55F/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022 create time: 2022-09-30T15:03:35Z
CVE-2022-41082 is a SSRF vulnerability which leads to remote code execution (RCE) when PowerShell is accessible to the attacker. a very problematic issue for sys admains : TimWallbey/CVE-2022-41082-RCE create time: 2022-09-30T12:48:08Z
no description : nidhi7598/external_zlib-1.2.7_CVE-2022-37434 create time: 2022-09-30T10:20:36Z
CVE-2022-41082 RCE as known as ProxyNotShell : revers0id/CVE-2022-41082-PoC create time: 2022-09-30T09:33:39Z
mass adding script for draytek vigor [CVE-2022-32548] : d4rk0x00/CVE-2022-32548-RCE create time: 2022-09-30T07:17:19Z
Vulnerability Details for CVE-2022-41218 : V4bel/CVE-2022-41218 create time: 2022-09-30T07:12:23Z
no description : Yealid/CVE-2018-6574 create time: 2022-09-30T02:26:41Z
Tool for mass testing ZeroLogon vulnerability CVE-2020-1472 : guglia001/MassZeroLogon create time: 2022-09-30T00:03:12Z
Apache 2.4.49 & 2.4.50 LFI to RCE exploit : Juuso1337/CVE-2021-41773 create time: 2022-09-28T20:12:34Z
Golang Proof of Concept Exploit for CVE-2021-44077: PreAuth RCE in ManageEngine ServiceDesk Plus < 11306 : pizza-power/Golang-CVE-2021-44077-POC create time: 2022-09-29T14:07:54Z
Don't be evil. : LovelyWei/CVE-2022-40126 create time: 2022-09-29T13:59:44Z
no description : Trinadh465/external_zlib_4.4_CVE-2018-25032 create time: 2022-09-29T09:59:39Z
no description : d4rk0x00/CVE-2022-32548-batch create time: 2022-09-29T10:25:05Z
no description : ruifi47/cve-2021-21300-PoC create time: 2022-09-29T00:49:29Z
cve2018-6574-gogetRCE : Bj0rn-gungnir/cve2018-6574-gogetRCE create time: 2022-09-28T14:03:14Z
Tiny File Manager v2.4.7 and below are vulnerable to Cross Site Scripting : whitej3rry/CVE-2022-40490 create time: 2022-09-28T14:32:41Z
New 0day sophos firewall(userportal and webadmin) remote code execution cv 9.8 : Ziggy78/CVE-2022-3236-RCE-POC create time: 2022-09-28T14:11:30Z
no description : whitej3rry/CVE-2022-40916 create time: 2022-09-16T14:07:35Z
CVE-2022-30190 (Exploit Microsoft) : flux10n/CVE-2022-30190 create time: 2022-03-02T12:17:56Z
tool for exploiting whatsapp rce : d4rk0x00/CVE-2022-36934-POC create time: 2022-09-28T08:07:21Z
Unauthenticated rce in sophos User Portal and Webadmin components mass exploitation tool : Xu0Tex1/CVE-2022-3236 create time: 2022-09-28T07:41:43Z
DrayTek unauthenticated remote code execution vulnerability (CVE-2022-32548) in /cgi-bin/wlogin.cgi via username field : Xu0Tex1/CVE-2022-32548-RCE-POC create time: 2022-09-28T06:46:07Z
An integer overflow in WhatsApp that results in remote code execution in an established video call. : F1uk369/CVE-2022-36934 create time: 2022-09-28T06:33:03Z
CVE-2016-0010复现 : Sunqiz/CVE-2016-0010-reproduction create time: 2022-09-28T03:00:11Z
ASUS router exploit + PoC : c0resploit/CVE-2021-44158 create time: 2022-09-27T18:17:42Z
DrayTek Vigor Exploit + PoC : c0resploit/CVE-2022-32548 create time: 2022-09-27T18:16:48Z
Fastjson exploit + PoC : c0resploit/CVE-2022-25845 create time: 2022-09-27T18:14:28Z
Cisco Small Business RCE PoC + [included mass exploiter and scanner] : c0resploit/CVE-2022-20841 create time: 2022-09-27T18:09:49Z
A POC of CVE-2022-30206 : Malwareman007/CVE-2022-30206 create time: 2022-09-26T19:38:24Z
no description : RobertRevalo/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft create time: 2022-09-26T17:26:33Z
no description : RobertRevalo/Jpg-Png-Exploit-Downloader-Fud-Cryter-Malware-Builder-Cve-2022 create time: 2022-09-26T17:14:52Z
no description : RobertRevalo/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022 create time: 2022-09-26T17:13:27Z
SonicWall SMA 100 Multiple Vulnerabilities, RCE : MaX0dexpoit/CVE-2021-20038 create time: 2022-09-26T13:36:19Z
no description : sne4ker/apache-CVE-2021-41773-CVE-2021-42013 create time: 2022-09-26T13:13:37Z
DrayTek Vigor Routers RCE : MaX0dexpoit/CVE-2022-32548 create time: 2022-09-26T13:26:58Z
DrayTek unauthenticated remote code execution vulnerability (CVE-2022-32548) in /cgi-bin/wlogin.cgi via username field : Xu0Tex1/CVE-2022-32548-Mass-Rce create time: 2022-09-26T13:06:23Z
CVE-2022-39197 漏洞补丁. CVE-2022-39197 Vulnerability Patch. : burpheart/CVE-2022-39197-patch create time: 2022-09-26T08:58:21Z
A loader for bitbucket 2022 rce (cve-2022-36804) : Inplex-sys/CVE-2022-36804 create time: 2022-09-26T08:35:31Z
cobaltstrike4.5版本破解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等 : lovechoudoufu/about_cobaltstrike4.5_cdf create time: 2022-09-26T05:49:58Z
no description : nidhi7598/linux-4.19.72_CVE-2022-29581 create time: 2022-09-26T04:52:12Z
A somewhat reliable PoC exploit for CVE-2022-36804 (BitBucket Critical Command Injection). : touchmycrazyredhat/CVE-2022-36804-RevSh create time: 2022-09-25T20:09:04Z
CVE-2022-1040 : jam620/Sophos-Vulnerability create time: 2022-09-25T15:15:01Z
CVE-2022-27925 : jam620/Zimbra create time: 2022-09-25T15:09:49Z
A simple PoC for Atlassian Bitbucket RCE [CVE-2022-36804] : tahtaciburak/cve-2022-36804 create time: 2022-09-25T13:16:57Z
PoC for CVE-2022-28282 : Pwnrin/CVE-2022-28282 create time: 2022-09-25T07:46:23Z
Vulnerability to CVE-2021-4034 Pwnkit : flux10n/CVE-2021-4034 create time: 2022-09-25T02:46:20Z
CVE-2016-2098 POC : Shakun8/CVE-2016-2098 create time: 2022-09-24T22:58:04Z
A POC OF CVE-2022-2274 (openssl) : Malwareman007/CVE-2022-2274 create time: 2022-09-24T21:30:34Z
writeup and poc for [CVE-2022-26809] : scoobyd00bi/CVE-2022-26809-RCE create time: 2022-09-24T19:21:48Z
no description : purple-WL/Cobaltstrike-RCE-CVE-2022-39197 create time: 2022-09-24T14:36:47Z
Cobalt Strike RCE CVE-2022-39197 : yqcs/CSPOC create time: 2022-09-24T08:14:36Z
ASUS router exploit : expl0despl0it/CVE-2021-44158 create time: 2022-09-23T20:02:58Z
DrayTek Vigor Exploit : expl0despl0it/CVE-2022-32548 create time: 2022-09-23T20:01:16Z
Fastjson exploit : expl0despl0it/CVE-2022-25845 create time: 2022-09-23T20:00:22Z
Cisco Small Business RCE [included mass exploiter and scanner] : expl0despl0it/CVE-2022-20841 create time: 2022-09-23T19:57:53Z
no description : trhacknon/CVE-2022-36804-ReverseShell create time: 2022-09-23T18:06:20Z
CVE-2022-31798 Proof of Concept : omarhashem123/CVE-2022-31798 create time: 2022-09-23T14:13:26Z
CVE-2022-31499 Proof of Concept : omarhashem123/CVE-2022-31499 create time: 2022-09-23T14:11:30Z
CVE-2022-31269 Proof of Concept : omarhashem123/CVE-2022-31269 create time: 2022-09-23T14:04:20Z
metasploit and python module for CVE-2022-26809 windows rpc rce via smb 445 : Ziggy78/CVE-2022-26809-FULL-RCE create time: 2022-09-23T12:27:06Z
PoC exploit for CVE-2022-36804 (BitBucket Critical Command Injection) : Chocapikk/CVE-2022-36804-ReverseShell create time: 2022-09-23T11:05:22Z
Mass rce exploit for CVE-2022-36804 BITBUCKET SERVER UNAUTHENTICATED RCE : CEOrbey/CVE-2022-36804-MASS-RCE create time: 2022-09-23T08:43:52Z
CVE-2022-39197(CobaltStrike XSS <=4.7) POC : xzajyjs/CVE-2022-39197-POC create time: 2022-09-23T08:20:07Z
Docker CVE-2022-37708 : thekevinday/docker_lightman_exploit create time: 2022-09-22T23:06:08Z
cobaltstrike4.5版本破/解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等 : Security-Rules/cobaltstrike4.5_cdf create time: 2022-09-22T10:04:36Z
cobaltstrike4.5版本破/解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等 : atomxw/cobaltstrike4.5_cdf create time: 2022-09-22T08:55:36Z
cobaltstrike4.5版本破/解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等 : shen771/cobaltstrike4.5_cdf create time: 2022-09-22T08:50:45Z
cobaltstrike4.5版本破/解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等 : ginipropro/cobaltstrike4.5_cdf create time: 2022-09-22T07:15:06Z
cobaltstrike4.5版本破/解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等 : zeoday/cobaltstrike4.5_cdf-1 create time: 2022-09-22T02:50:45Z
cobaltstrike4.5版本破/解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等 : wwl012345/cobaltstrike4.5_cdf create time: 2022-09-22T02:30:09Z
cobaltstrike4.5版本破/解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等 : LztCode/cobaltstrike4.5_cdf create time: 2022-09-22T02:25:13Z
WSO2 Arbitrary File Upload to Remote Command Execution (RCE) : hupe1980/CVE-2022-29464 create time: 2022-09-22T14:04:49Z
cve-2022-39197 poc : burpheart/cve-2022-39197 create time: 2022-09-22T14:39:02Z
PoC for exploiting CVE-2019-2729 on WebLogic : Luchoane/CVE-2019-2729_creal create time: 2022-09-22T11:57:08Z
For detection of sitecore RCE - CVE-2021-42237 : crankyyash/SiteCore-RCE-Detection create time: 2022-09-22T12:32:11Z
CVE-2018-6574 : moorada/goGetRCE create time: 2022-09-22T08:26:28Z
cobaltstrike4.5版本破/解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等 : lovechoudoufu/cobaltstrike4.5_cdf create time: 2022-08-02T08:20:46Z
CVE-2021-44228 POC / Example : bcdunbar/CVE-2021-44228-poc create time: 2022-09-21T20:33:06Z
no description : pswalia2u/CVE-2020-7246 create time: 2022-09-16T10:36:19Z
Creosote is our solution to searching for the tarfile vulnerability described by CVE-2007-4559. : advanced-threat-research/Creosote create time: 2022-09-20T17:03:57Z
Bitbucket CVE-2022-36804 unauthenticated remote command execution : kljunowsky/CVE-2022-36804-POC create time: 2022-09-21T10:36:50Z
no description : j-jasson/CVE-2015-5531-POC create time: 2022-09-21T09:57:58Z
no description : EmaVirgRep/CVE-2018-11235 create time: 2022-09-21T09:21:59Z
A Proof-Of-Concept for the CVE-2021-44228 vulnerability. : ocastel/log4j-shell-poc create time: 2022-09-21T07:43:15Z
no description : Caihuar/Joomla-cve-2015-8562 create time: 2022-09-21T07:40:02Z
no description : Caihuar/Joomla-cve-2015-8562 create time: 2022-09-21T06:21:07Z
CVE-2022-39197 : safe3s/CVE-2022-39197 create time: 2022-09-21T06:22:10Z
ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page. This vulnerability allows attackers to escalate normal users to Administrators. : sornram9254/CVE-2022-38577-Processmaker create time: 2022-09-21T04:29:42Z
CROSS SITE SCRIPTING (XSS) ON "ACADEMY LEARNING MANAGEMENT SYSTEM" - PROOF OF CONCEPT (POC) CVE-2022-38553 : 4websecurity/CVE-2022-38553 create time: 2022-09-20T14:51:52Z
Cisco RV series unauthenticated RCE laoder + mass scanner : Zerf0X/CVE-2022-20841-RCE create time: 2022-09-20T14:51:26Z
CVE-2022-37059 Cross Site Scripting (XSS) in Admin Panel of Subrion CMS 4.2.1 : RashidKhanPathan/Security-Research create time: 2022-09-20T11:38:47Z
Cisco Small Business RCE [included mass exploiter and scanner] : Expl0desploit/CVE-2022-20841 create time: 2022-09-20T13:26:04Z
Proof of Concept exploit for CVE-2022-36804 affecting BitBucket versions <8.3.1 : N0pch/CVE-2022-36804-mass-rce create time: 2022-09-20T10:41:47Z
CVE-2022-36804 Atlassian Bitbucket Command Injection Vulnerability : Vulnmachines/bitbucket-cve-2022-36804 create time: 2022-09-20T10:08:47Z
Pentesterlab - CVE-2018-6574: go get RCE : EmaVirgRep/cve-2018-6574 create time: 2022-09-20T08:54:06Z
no description : nidhi7598/packages_apps_Settings_AOSP_10_r33_CVE-2022-20347 create time: 2022-09-20T09:00:40Z
no description : dileepdkumar/LayarKacaSiber-CVE-2021-41773 create time: 2022-09-20T03:45:24Z
Somewhat Reliable PoC Exploit for CVE-2022-36804 (BitBucket Critical Command Injection) : BenHays142/CVE-2022-36804-PoC-Exploit create time: 2022-09-20T02:35:53Z
CVE-2022-31814 Exploitation Toolkit. : EvergreenCartoons/SenselessViolence create time: 2022-09-18T11:10:04Z
Proof of Concept exploit for CVE-2022-36804 affecting BitBucket versions <8.3.1 : notxesh/CVE-2022-36804-PoC create time: 2022-09-19T13:15:13Z
no description : CEOrbey/CVE-2022-36804-POC-RCE create time: 2022-09-19T12:46:33Z
no description : astring0/CVE-2022-99999-TCP-RCE create time: 2022-09-19T09:25:15Z
DrayTek unauthenticated remote code execution vulnerability (CVE-2022-32548) in /cgi-bin/wlogin.cgi via username field : rftg1000/CVE-2022-32548-draytek create time: 2022-09-19T07:24:30Z
CVE-2022-32548-RCE-POC : alexmention/CVE-2022-32548-RCE-POC create time: 2022-09-19T06:55:03Z
New #WordPress #0Day #BackupBuddy Plugin #LFI : Administrative2022/CVE-2022-31474-wordpress create time: 2022-09-19T05:28:06Z
no description : trhacknon/CVE-2022-0847-DirtyPipe-Exploit create time: 2022-09-19T00:35:15Z
A PoC for CVE-2022-2588 that triggers a WARNING : sang-chu/CVE-2022-2588 create time: 2022-09-18T21:35:19Z
Turning Your Computer Into a GPS Tracker With Apple Maps : breakpointHQ/CVE-2022-32883 create time: 2022-09-18T15:51:52Z
Magento store rce/shell upload exploit tool : N0pch/CVE-2022-24086-magento-rce create time: 2022-09-18T11:52:59Z
All Credit to MaherAzzouzi (https://github.com/MaherAzzouzi/CVE-2022-37706-LPE-exploit). This is a copy of the exploit for CTFs : ECU-10525611-Xander/CVE-2022-37706 create time: 2022-09-18T08:04:08Z
no description : touchmycrazyredhat/CVE-2022-27925-Revshell create time: 2022-09-17T22:24:32Z
Mass Unauthenticated Remote Code Execution in DrayTek Vigor(CVE-2022-32548) botnet version : n0zxRY0/CVE-2022-32548-RCE create time: 2022-09-17T11:54:56Z
no description : W1ngLess/CVE-2021-39172-RCE create time: 2022-09-17T07:58:33Z
CVE-2019-0708, A tool which mass hunts for bluekeep vulnerability for exploitation. : Ravaan21/Bluekeep-Hunter create time: 2022-09-17T05:41:15Z
APPLE IOS/IPADOS UP TO 15.6.1 KERNEL LOCAL PRIVILEGE ESCALATION : Administrative2022/CVE-2022-32917-POC create time: 2022-09-16T17:50:58Z
no description : danbudris/CVE-2022-23773-repro-target create time: 2022-09-16T16:30:29Z
PoC repro of CVE-2022-23773 in Go : danbudris/CVE-2022-23773-repro create time: 2022-09-16T16:28:35Z
github-fundamentals-CVenegas2022 created by GitHub Classroom : CS208/github-fundamentals-CVenegas2022 create time: 2022-09-16T14:21:21Z
Windows TCP/IP unauthenticated Remote Code Execution Vulnerability. : Administrative2022/CVE-2022-34718-RCE-POC create time: 2022-09-16T13:43:52Z
no description : nidhi7598/frameworks_base_AOSP_10_r33_CVE-2021-39696 create time: 2022-09-16T11:28:52Z
Mass exploitation scripts for 12 software which are affected by log4j rce : Administrative2022/CVE-2021-44228-RCE create time: 2022-09-16T10:59:58Z
no description : nidhi7598/frameworks_base_AOSP_10_r33_CVE-2021-39696 create time: 2022-09-16T10:47:24Z
Unauthenticated RCE in sophos webadmin and administrative console : Administrative2022/CVE-2022-1040 create time: 2022-09-16T10:44:26Z
A critical vulnerability (CVE-2022-36804) in Atlassian Bitbucket Server and Data Center could be exploited by unauthorized attackers to execute malicious code on vulnerable instances. : CEOrbey/CVE-2022-36804-RCE create time: 2022-09-16T10:14:26Z
no description : Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2022-20347 create time: 2022-09-16T09:59:04Z
cve-2010-2553复现 : Sunqiz/cve-2010-2553-reproduction create time: 2022-09-16T08:51:40Z
CVE-2012-0003复现 : Sunqiz/CVE-2012-0003-reproduction create time: 2022-09-16T08:59:43Z
Unauthenticated Remote Code Execution in DrayTek Vigor. CVE-2022-32548 : Administrative2022/CVE-2022-32548-MASS-RCE create time: 2022-09-16T08:48:40Z
CVE-2022-37210 POC : AgainstTheLight/CVE-2022-37210 create time: 2022-09-16T08:17:56Z
CVE-2022-37209 POC : AgainstTheLight/CVE-2022-37209 create time: 2022-09-16T08:15:13Z
PoC for CVE-2022-34729 : Pwnrin/CVE-2022-34729 create time: 2022-09-16T06:07:04Z
DrayTek unauthenticated remote code execution vulnerability (CVE-2022-32548) in /cgi-bin/wlogin.cgi via username field : rftg1000/CVE-2022-32548-POC-RCE create time: 2022-09-15T17:21:39Z
no description : kernel-cyber/CVE-2009-4623 create time: 2022-09-15T15:38:30Z
Proof of concept for CVE-2022-30190 (Follina). : winstxnhdw/CVE-2022-30190 create time: 2022-09-15T16:12:57Z
no description : stealthcopter/CVE-2022-39841 create time: 2022-09-05T12:54:26Z
no description : mightysai1997/CVE-2021-41773S create time: 2022-09-15T14:17:45Z
no description : mightysai1997/CVE-2021-41773m create time: 2022-09-15T12:37:59Z
no description : mightysai1997/CVE-2021-41773.git1 create time: 2022-09-15T12:35:06Z
no description : mightysai1997/cve-2021-42013.get create time: 2022-09-15T12:15:00Z
no description : mightysai1997/cve-2021-42013L create time: 2022-09-15T11:35:00Z
no description : mightysai1997/cve-2021-42013 create time: 2022-09-15T11:28:39Z
DrayTek unauthenticated remote code execution vulnerability (CVE-2022-32548) in /cgi-bin/wlogin.cgi via username field : rftg1000/CVE-2022-32548-MASS-RCE create time: 2022-09-15T11:31:04Z
no description : mightysai1997/CVE-2021-41773-PoC create time: 2022-09-15T11:01:45Z
no description : nidhi7598/external_tcpdump-4.9.2_AOSP_10_r33_CVE-2018-14463 create time: 2022-09-15T10:21:14Z
no description : mightysai1997/CVE-2021-41773-L- create time: 2022-09-15T10:08:36Z
no description : mightysai1997/CVE-2021-41773-i- create time: 2022-09-15T09:38:04Z
no description : mightysai1997/cve-2021-41773-v- create time: 2022-09-15T09:36:17Z
no description : mightysai1997/CVE-2021-41773h create time: 2022-09-15T09:27:04Z
CVE-2022-37208 : AgainstTheLight/CVE-2022-37208 create time: 2022-09-15T09:55:49Z
CVE-2022-37207 POC : AgainstTheLight/CVE-2022-37207 create time: 2022-09-15T09:53:06Z
CVE-2022-37206 POC : AgainstTheLight/CVE-2022-37206 create time: 2022-09-15T09:48:18Z
CVE-2022-37205 POC : AgainstTheLight/CVE-2022-37205 create time: 2022-09-15T09:46:06Z
CVE-2022-37204 POC : AgainstTheLight/CVE-2022-37204 create time: 2022-09-15T09:43:39Z
CVE-2022-37203 POC : AgainstTheLight/CVE-2022-37203 create time: 2022-09-15T09:38:52Z
CVE-2022-37202 POC : AgainstTheLight/CVE-2022-37202 create time: 2022-09-15T09:29:39Z
no description : mightysai1997/cve-2021-41773 create time: 2022-09-15T09:08:58Z
CVE-2022-37201 POC : AgainstTheLight/CVE-2022-37201 create time: 2022-09-15T09:21:30Z
no description : nidhi7598/external_tcpdump_AOSP_10_r33_CVE-2018-14463 create time: 2022-09-15T08:03:36Z
Minimal PoC for CVE-2022-29856 : Flo451/CVE-2022-29856-PoC create time: 2022-09-15T08:29:15Z
DrayTek unauthenticated remote code execution vulnerability (CVE-2022-32548) in /cgi-bin/wlogin.cgi via username field : rftg1000/CVE-2022-32548-RCE create time: 2022-09-15T05:39:42Z
ZeroLogon exploitation script,One-click recovery of domain controller machine Hash : zha0/CVE-2020-1474 create time: 2022-09-01T14:40:28Z
CVE-2022-2546 explained : 0xvinix/CVE-2022-2546 create time: 2022-09-14T19:03:43Z
HIP2022 presentation materials. : EgeBalci/CVE-2022-29154 create time: 2022-09-14T13:59:21Z
no description : ProxyStaffy/Airties-CVE-2022-38789 create time: 2022-09-14T12:43:05Z
no description : ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2022-20347 create time: 2022-09-14T12:06:24Z
Unauthenticated Remote Code Execution in DrayTek Vigor. CVE-2022-32548 : Administrative2022/CVE-2022-32548-RCE create time: 2022-09-14T10:51:42Z
Exploit code for CVE-2021-1961 : tamirzb/CVE-2021-1961 create time: 2022-09-03T13:31:13Z
no description : nidhi7598/external_zlib-1.2.11_AOSP_10_r33_CVE-2022-37434 create time: 2022-09-14T07:28:23Z
no description : trhacknon/CVE-2020-8515-PoC create time: 2022-09-14T04:28:51Z
no description : trhacknon/CVE-2020-8515 create time: 2022-09-14T04:25:09Z
Free MP3 CD Ripper 2.6 版本中存在栈缓冲区溢出漏洞 (CVE-2019-9766),远程攻击者可借助特制的 .mp3 文件利用该漏洞执行任意代码。 : zeronohacker/CVE-2019-9766 create time: 2022-09-14T02:19:57Z
Automation to validate the impact of the vulnerability CVE-2022-1292 on a specific system. : und3sc0n0c1d0/CVE-2022-1292 create time: 2022-09-13T22:01:05Z
Amanda Information Disclosure bug. : MaherAzzouzi/CVE-2022-37703 create time: 2022-09-13T19:26:38Z
small writeup on EnterpriseModernAppManager::ProvisionApplication bug : Wack0/CVE-2022-35841 create time: 2022-09-13T17:53:56Z
no description : bl4ck574r/CVE-2019-17662 create time: 2022-09-13T09:53:45Z
CVE-2022-34715-POC pcap : Starssgo/CVE-2022-34715-POC create time: 2022-09-13T08:33:03Z
ApacheSolrRCE(CVE-2019-0193)一键写shell,原理是通过代码执行的java文件流写的马。 : jdr2021/ApacheSolrRCE create time: 2022-09-13T08:02:20Z
A reliable exploit + write-up to elevate privileges to root. (Tested on Ubuntu 22.04) : MaherAzzouzi/CVE-2022-37706-LPE-exploit create time: 2022-09-12T19:22:44Z
no description : nidhi7598/system_bt_AOSP_10_r33_CVE-2022-20361 create time: 2022-09-12T11:10:15Z
DrayTek unauthenticated remote code execution vulnerability (CVE-2022-32548) in /cgi-bin/wlogin.cgi via username field : rftg1000/CVE-2022-32548-RCE-POC create time: 2022-09-12T09:31:26Z
CVE-2022-27925 nuclei template : akincibor/CVE-2022-27925 create time: 2022-09-12T08:30:30Z
no description : nidhi7598/frameworks_native_AOSP_10_r33_CVE-2022-20344 create time: 2022-09-12T07:53:33Z
no description : M4fiaB0y/CVE-2022-30075 create time: 2022-09-12T07:28:13Z
no description : xnyuq/cve-2021-42321 create time: 2022-09-12T05:13:40Z
SmarterMail 16.x Exploit : secunnix/CVE-2019-7213 create time: 2022-09-11T21:01:53Z
CVE-2022-0847(Dirty Pipe) vulnerability exploits. : Gustavo-Nogueira/Dirty-Pipe-Exploits create time: 2022-09-11T19:50:53Z
DrayTek Vigor Exploit : Expl0desploit/CVE-2022-32548 create time: 2022-09-11T16:24:25Z
Unauthenticated Blind Command injection in the enable_user function of DroboAccess v 2.1 : RevoCain/CVE-2018-14699 create time: 2022-09-10T20:11:08Z
metasploit and python(Multi and single target) module for CVE-2022-26809 windows rpc rce via smb 445 : Ziggy78/CVE-2022-26809-RCE-MASS create time: 2022-09-11T14:41:10Z
Write-up for Sekhmet HackTheBox, CVE-2022-3506, Active Directory Exploitation : hackthebox-writeups/Sekhmet-HackTheBox-Writeup create time: 2022-09-10T20:27:55Z
no description : Pwnrin/CVE-2022-30206 create time: 2022-09-10T13:44:40Z
Unauthicated RCE for open-web-analytics(1.7.3) : garySec/CVE-2022-24637 create time: 2022-09-10T09:11:44Z
A critical vulnerability (CVE-2022-36804) in Atlassian Bitbucket Server and Data Center could be exploited by unauthorized attackers to execute malicious code on vulnerable instances. : CEOrbey/CVE-2022-36804-MASS-RCE create time: 2022-09-10T08:51:08Z
PhpMyAdmin 4.0.x—4.6.2 Remote Code Execution Vulnerability (CVE-2016-5734) : miko550/CVE-2016-5734-docker create time: 2022-09-10T03:12:41Z
CVE-2021-38163 - exploit for SAP Netveawer : core1impact/CVE-2021-38163 create time: 2022-09-10T03:41:52Z
Primefaces 5.X EL Injection Exploit (CVE-2017-1000486) : oppsec/pwnfaces create time: 2022-09-09T23:09:40Z
CVE-2022-22629 Proof of Concept : parsdefense/CVE-2022-22629 create time: 2022-09-09T17:21:27Z
no description : izdiwho/CVE-2022-40317 create time: 2022-09-09T15:27:12Z
Android Debug Bridge (adb) was vulnerable to directory traversal attacks that could have been mounted by rogue/compromised adb daemons during an adb pull operation. : irsl/CVE-2022-20128 create time: 2022-09-09T12:40:21Z
Proof of concept code to exploit flaw in adb that allowed opening network connections on the host to arbitrary destinations : irsl/CVE-2022-3168-adb-unexpected-reverse-forwards create time: 2022-09-09T12:31:56Z
CVE-2022-40297 - Proof of Concept: Privilage escalation in Ubuntu Touch 16.04 - by PIN Bruteforce : filipkarc/PoC-ubuntutouch-pin-privesc create time: 2022-09-04T13:05:58Z
[CVE-2014-6271] Apache Shellshock Remote Command Injection tool for quick reverse shell and file browsing : FilipStudeny/-CVE-2014-6271-Shellshock-Remote-Command-Injection- create time: 2022-09-09T10:44:25Z
CVE-2022-31188 - OpenCV CVAT (Computer Vision Annotation Tool) SSRF : emirpolatt/CVE-2022-31188 create time: 2022-09-09T10:36:59Z
CVE-2022-36446 - Webmin 1.996 Remote Code Execution : emirpolatt/CVE-2022-36446 create time: 2022-09-09T10:34:53Z
no description : nidhi7598/packages_apps_Settings_AOSP_10_r33_CVE-2022-20360 create time: 2022-09-09T06:09:15Z
no description : coco0x0a/CTF_CVE-2022-34265 create time: 2022-09-08T21:22:28Z
no description : coco0x0a/CTF_CVE-2022-34265 create time: 2022-09-08T18:34:54Z
no description : coco0x0a/CVE-2022-34265-mysql create time: 2022-09-08T14:15:03Z
no description : Trinadh465/packages_apps_Bluetooth_AOSP10_r33_CVE-2022-20126 create time: 2022-09-08T10:51:13Z
ASUS RT-AC87U TFTP is vulnerable to Denial of Service(DoS) attack : santokum/CVE-2020-25478--ASUS-RT-AC87U-TFTP-is-vulnerable-to-Denial-of-Service-DoS-attack create time: 2022-09-08T09:04:27Z
CVE-2021-38314 Python Exploit : akhilkoradiya/CVE-2021-38314 create time: 2022-09-08T09:08:48Z
no description : nidhi7598/system_bt_AOSP_10_r33_CVE-2021-39674 create time: 2022-09-08T06:53:02Z
This powershell script is intended to be used by anyone looking to remediate the Log4j Vulnerability within their environment. It can target multiple machines and run remotely as a job on all or only affected devices. : digital-dev/Log4j-CVE-2021-44228-Remediation create time: 2022-09-08T00:22:57Z
The issue is due to the fact that when installing a package, Golang will build native extensions. This can be used to pass additional flags to the compiler to gain code execution. For example, CFLAGS can be used. : hasharmujahid/CVE-2018-6574-go-get-RCE create time: 2022-09-07T18:09:38Z
Insecure Permissions WeDayCare : Fopje/CVE-2022-36539 create time: 2022-09-07T07:58:08Z
CVE-2022-2639 Linux kernel openvswitch local privilege escalation : avboy1337/CVE-2022-2639-PipeVersion create time: 2022-09-05T15:31:56Z
ManageEngine PAM360, Password Manager Pro, and Access Manager Plus unauthenticated remote code execution vulnerability PoC : viniciuspereiras/CVE-2022-35405 create time: 2022-07-18T20:52:01Z
Remediation for CVE-2013-3900 : snoopopsec/vulnerability-CVE-2013-3900 create time: 2022-09-06T16:37:51Z
CVE-2021-34527 AddPrinterDriverEx() Privilege Escalation : hackerhouse-opensource/cve-2021-34527 create time: 2022-09-05T23:48:44Z
no description : trhacknon/CVE-2022-24706-CouchDB-Exploit create time: 2022-09-06T00:17:19Z
no description : s1204IT/CVE-2022-20186_CTXZ create time: 2022-09-05T15:26:30Z
no description : s1204-inspect/CVE-2022-20186_CTXZ create time: 2022-09-05T15:00:13Z
no description : jet-pentest/CVE-2022-39838 create time: 2022-09-05T14:21:12Z
CVE-2022-2639 Linux kernel openvswitch local privilege escalation : veritas501/CVE-2022-2639-PipeVersion create time: 2022-09-05T14:12:06Z
Wordpress Vulnerability - XSS ( Cross-Site Scripting ) : akhilkoradiya/CVE-2022-29455 create time: 2022-09-05T12:08:50Z
A critical vulnerability (CVE-2022-36804) in Atlassian Bitbucket Server and Data Center could be exploited by unauthorized attackers to execute malicious code on vulnerable instances. : CEOrbey/CVE-2022-36804-POC create time: 2022-09-04T17:03:13Z
cve-2022-9099 test : gnaw1ng/cve-2022-9099 create time: 2022-09-04T13:15:49Z
CVE-2022-2586: Linux kernel nft_object UAF : aels/CVE-2022-2586-LPE create time: 2022-09-03T19:04:31Z
Unauthenticated RCE in Laravel Debug Mode <8.4.2 : JacobEbben/CVE-2021-3129 create time: 2022-09-03T15:25:35Z
Remote Code Execution exploit for CVE-2022-36804 (BitBucket Server and DataCenter). : cryptolakk/CVE-2022-36804-RCE create time: 2022-09-03T14:53:29Z
no description : 0xrobiul/CVE-2018-15473 create time: 2022-09-03T11:44:12Z
Zabbix-SAML-Bypass: CVE-2022-23131 : Vulnmachines/Zabbix-CVE-2022-23131 create time: 2022-09-02T13:24:13Z
no description : Y3A/CVE-2021-31956 create time: 2022-09-02T10:35:11Z
Black board CMS Escalation of Privileges : DayiliWaseem/CVE-2022-39196- create time: 2022-09-02T09:35:35Z
CVE-2021-31800 POC : Louzogh/CVE-2021-31800 create time: 2022-09-02T09:02:19Z
iTop < 2.7.6 - (Authenticated) Remote command execution : Acceis/exploit-CVE-2022-24780 create time: 2022-09-02T07:46:36Z
Powertek PDU身份绕过 : Henry4E36/CVE-2022-33174 create time: 2022-09-02T02:27:31Z
pwnkit auto exploiter written in Go, no network connectivity required. : 1337Rin/CVE-2021-4034 create time: 2022-09-01T22:48:09Z
PoC for CVE-2022-25260: semi-blind SSRF in JetBrains Hub : yuriisanin/CVE-2022-25260 create time: 2022-09-01T21:08:19Z
Unauthenticated RCE in Open Web Analytics (OWA) 1.7.3 : Lay0us1/CVE-2022-24637 create time: 2022-08-30T17:31:14Z
no description : raheel0x01/CVE-2022-34265-modified create time: 2022-07-09T10:25:48Z
Redis RCE through Lua Sandbox Escape vulnerability : JacobEbben/CVE-2022-0543 create time: 2022-09-01T16:44:56Z
fastjson 1.2.80 CVE-2022-25845 : hosch3n/FastjsonVulns create time: 2022-09-01T04:36:50Z
no description : 75ACOL/CVE-2022-22963 create time: 2022-09-01T09:13:59Z
Metasploit exploit for CVE-2022-30526 : greek0x0/CVE-2022-30526 create time: 2022-09-01T07:15:09Z
OpenSSL : greek0x0/CVE-2022-1292 create time: 2022-09-01T07:00:00Z
Proof-of-concept exploit for the Dirty Pipe vulnerability (CVE-2022-0847) : notl0cal/dpipe create time: 2022-08-31T23:19:28Z
Casdoor是一个基于OAuth 2.0/OIDC 的中心化的单点登录(SSO)身份验证平台,此漏洞属于Sql注入漏洞,在查询API 存在与字段和值参数相关的SQL注入漏洞 : cukw/CVE-2022-24124_POC create time: 2022-08-31T16:23:16Z
no description : TakenoSite/RemoteUploader-CVE-2021-36260 create time: 2022-08-28T03:11:00Z
CVE-2020-1472 C++ : Rvn0xsy/ZeroLogon create time: 2022-08-31T06:01:02Z
Unauthenticated RCE in Open Web Analytics (OWA) 1.7.3 : JacobEbben/CVE-2022-24637 create time: 2022-08-30T16:38:01Z
Oracle Weblogic RCE - CVE-2022-2109 : Vulnmachines/oracle-weblogic-CVE-2021-2109 create time: 2022-08-30T11:50:17Z
CVE-2010-2553-reproduction : Sunqiz/CVE-2010-2553-reproduction create time: 2022-08-30T09:46:14Z
no description : Deepak983/CVE-2020-19587 create time: 2022-08-30T10:08:07Z
Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI : Deepak983/CVE-2020-19586 create time: 2022-08-30T10:00:01Z
repo showcasing generating "psychic signatures for java" : davwwwx/CVE-2022-21449 create time: 2022-08-30T08:12:24Z
This repository contains a test case for CVE-2020-0796 : awareseven/eternalghosttest create time: 2020-03-12T09:35:57Z
no description : DShankle/VLC_CVE-2021-25804_Analysis create time: 2022-05-23T20:58:56Z
no description : DShankle/CVE-2022-28381_PoC create time: 2022-08-24T20:04:58Z
no description : TakenoSite/Simple-CVE-2021-36260 create time: 2022-08-29T15:21:11Z
Adobe Acrobat Reader UAF vulnerability Exploit code : WonjunChun/CVE-2020-9715 create time: 2022-08-29T14:33:40Z
CVE-2017-8917 - Joomla 3.7.0 'com_fields' SQL Injection : Siopy/CVE-2017-8917 create time: 2022-08-29T11:51:00Z
CVE-2022-36200 PoC : afaq1337/CVE-2022-36200 create time: 2022-08-29T11:03:09Z
Apache Spark RCE - CVE-2022-33891 : Vulnmachines/Apache-spark-CVE-2022-33891 create time: 2022-08-29T08:48:38Z
CVE-2017-7269 implemented in C# : denchief1/CVE-2017-7269 create time: 2022-08-29T03:05:06Z
CVE-2017-7269 implemented in python3 : denchief1/CVE-2017-7269_Python3 create time: 2022-08-28T23:14:02Z
Based on https://devel0pment.de/?p=2494 : watchdog2000/cve-2022-24637_open-web-analytics-info-disclosure-to-rce create time: 2022-08-28T20:30:24Z
nameko Arbitrary code execution due to YAML deserialization : s-index/CVE-2021-41078 create time: 2022-08-28T06:42:59Z
no description : jturner786/magento-CVE-2022-24086 create time: 2022-08-28T02:48:05Z
A Docker image vulnerable to CVE-2020-7246. : arafatansari/SecAssignment create time: 2022-08-27T19:47:23Z
CVE-2022-37177 - HireVue-Broken-Or-Risky-Cryptographic-Algorithm : JC175/CVE-2022-37177 create time: 2022-08-27T15:00:23Z
Simple checker for CVE-2022-27255 using poc_crash and telnet availability : stryker-project/CVE-2022-27255-checker create time: 2022-08-27T15:56:44Z
CVE-2022-0492-Container-Escape : yoeelingBin/CVE-2022-0492-Container-Escape create time: 2022-08-27T04:02:24Z
Python Script to exploit Zimbra Auth Bypass + RCE (CVE-2022-27925) : Chocapikk/CVE-2022-27925-Revshell create time: 2022-08-26T20:19:48Z
Rust POC for CVE-2018-1932X kernel driver vulnerabilities : BKreisel/CVE-2018-1932X create time: 2022-08-26T18:42:13Z
PoC for vulnerability in Renault ZOE Keyless System(CVE-2022-38766) : AUTOCRYPT-IVS-VnV/CVE-2022-38766 create time: 2022-08-26T08:43:40Z
Search for BTC coins on earlier versions of Bitcoin Core with critical vulnerability OpenSSL 0.9.8 CVE-2008-0166 : demining/Vulnerable-to-Debian-OpenSSL-bug-CVE-2008-0166 create time: 2022-08-26T12:18:39Z
no description : pazhanivel07/frameworks_base_AOSP10_r33_CVE-2022-20142 create time: 2022-08-26T10:35:11Z
no description : pazhanivel07/frameworks_base_AOSP10_r33_CVE-2022-20007 create time: 2022-08-26T09:25:36Z
ZeroLogon exploitation script,One-click recovery of domain controller machine Hash : lele8/CVE-2020-1472 create time: 2022-08-26T09:06:04Z
Exploit for zerologon cve-2020-1472,And automatically recover the domain control machine hash : 30579096/CVE-2020-1473 create time: 2022-08-08T07:03:59Z
CVE-2022-26134 web payload : 1337in/CVE-2022-26134web create time: 2022-08-26T07:38:29Z
There is a XSS vulnerability in Artica Proxy 4.30.000000 : 5l1v3r1/CVE-2022-37153 create time: 2022-08-25T08:27:51Z
no description : Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2020-0416 create time: 2022-08-26T05:44:57Z
no description : nidhi7598/frameworks_base_AOSP_10_r33_CVE-2022-20007 create time: 2022-08-26T05:17:14Z
CVE-2021-25642 : safe3s/CVE-2021-25642 create time: 2022-08-26T03:51:58Z
Simple Java Front and Back end with bad log4j version featuring CVE-2021-44228 : eurogig/jankybank create time: 2022-08-25T21:35:32Z
no description : HunnahRcs/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft create time: 2022-08-25T19:00:12Z
no description : HunnahRcs/Jpg-Png-Exploit-Downloader-Fud-Cryter-Malware-Builder-Cve-2022 create time: 2022-08-25T18:48:39Z
no description : HunnahRcs/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022 create time: 2022-08-25T18:47:38Z
Oracle WebLogic CVE-2022-21371 : Vulnmachines/Oracle-WebLogic-CVE-2022-21371 create time: 2022-08-25T14:12:33Z
Zimbra CVE-2022-37042 Nuclei weaponized template : aels/CVE-2022-37042 create time: 2022-08-25T10:43:13Z
An SQL injection was discovered inOnline Diagnostic Lab Management System : Fjowel/CVE-2022-37152 create time: 2022-08-25T01:45:35Z
There is an unauthorized access vulnerability in Online Diagnostic Lab Management System 1.0 : Fjowel/CVE-2022-37151 create time: 2022-08-25T01:27:03Z
Online Diagnostic Lab Management System Stored XSS : Fjowel/CVE-2022-37150 create time: 2022-08-25T00:58:52Z
no description : theori-io/CVE-2022-32250-exploit create time: 2022-08-24T06:00:47Z
no description : nvchungkma/CVE-2021-40444-Microsoft-Office-Word-Remote-Code-Execution- create time: 2022-08-24T14:55:11Z
PrintNightmare (CVE-2021-34527) PoC Exploit : m8sec/CVE-2021-34527 create time: 2022-08-23T20:20:45Z
CVE-2022-2588,CVE-2022-2586,CVE-2022-2585 : konoha279/2022-LPE-UAF create time: 2022-08-24T02:20:35Z
RCE Exploit within the RPC Library (CVE-2022-26809) : F1uk369/CVE-2022-26809 create time: 2022-08-24T09:51:39Z
no description : ZhaoQi99/CVE-2022-34265 create time: 2022-08-24T07:29:30Z
Internal Hostname Disclosure Vulnerability : Vulnmachines/Zoho_CVE-2022-23779 create time: 2022-08-24T07:58:45Z
multi vuls of odlms : Fjowel/CVE-2022-37150-CVE-2022-37151-CVE-2022-37152 create time: 2022-08-24T02:43:22Z
no description : hanch7274/CVE-2021-36749 create time: 2022-08-24T02:01:17Z
There is a XSS vulnerability in Artica Proxy 4.30.000000 : Fjowel/CVE-2022-37153 create time: 2022-08-24T02:17:37Z
no description : irwx777/CVE-2022-0847 create time: 2022-08-24T00:06:15Z
CVE-2022-2588,CVE-2022-2586,CVE-2022-2585 : pirenga/2022-LPE-UAF create time: 2022-08-23T13:23:29Z
Cortex XDR PoC ft. CVE-2021-3560 : mikefak/XDR-PoC create time: 2022-08-23T18:57:21Z
CVE-2022-2588 : ASkyeye/2022-LPE-UAF create time: 2022-08-22T23:42:00Z
no description : SiJiDo/CVE-2022-22947 create time: 2022-08-23T06:38:46Z
CVE-2022-2588 : greek0x0/2022-LPE-UAF create time: 2022-08-22T23:08:40Z
THE FINAL POC FOR CVE-2022-26809 TO ACHIEVE RCE : ToomArni65/CVE-2022-26809-RCE create time: 2022-08-22T16:09:50Z
no description : ahajnik/CVE-2022-34919 create time: 2022-08-16T16:39:17Z
The test report of this exploit. : baka9moe/CVE-2021-3156-TestReport create time: 2022-08-22T09:36:14Z
CVE-2022-26134-Console : shiftsansan/CVE-2022-26134-Console create time: 2022-08-22T09:40:43Z
no description : peanut-cc/CVE-2022-36446 create time: 2022-08-22T09:16:02Z
WordPress JSmol2WP Plugin 1.07版本中存在安全漏洞。攻击者可利用该漏洞读取任意文件。 : Henry4E36/CVE-2018-20463 create time: 2022-08-22T00:37:14Z
no description : PyterSmithDarkGhost/IoT-CVE202227255 create time: 2022-08-21T19:41:55Z
This is a modified version of the original GhostCat Exploit : YounesTasra-R4z3rSw0rd/CVE-2020-1938 create time: 2022-08-21T15:44:45Z
This is a script for version detection of Webmin remote server interface. : monzaviman/CVE_2022_36446 create time: 2022-08-21T10:35:50Z
awslabs/sockeye Code injection via unsafe YAML loading CVE-2021-43811 : s-index/CVE-2021-43811 create time: 2022-08-21T08:44:31Z
CVE-2022-0847 used to achieve container escape 利用CVE-2022-0847 (Dirty Pipe) 实现容器逃逸 : yoeelingBin/CVE-2022-0847-Container-Escape create time: 2022-08-18T03:06:15Z
CVE_2021_24212 : EmmanuelCruzL/CVE_2021_24212 create time: 2022-08-20T22:06:47Z
Zimbra CVE-2022-27925 : Josexv1/CVE-2022-27925 create time: 2022-08-20T15:58:29Z
no description : navokus/CVE-2022-27925 create time: 2022-08-20T11:01:05Z
PKEXEC Shell Executor for CVE-2021-4034 Pwnkit : Naughty-SEC/pkexec-shell-executor create time: 2022-08-20T05:31:59Z
no description : mistymntncop/CVE-2022-1802 create time: 2022-08-20T03:01:30Z
PoC Advanced Comment System 1.0 - Remote Command Execution (RCE) : hupe1980/CVE-2009-4623 create time: 2022-08-19T09:46:03Z
no description : miko550/CVE-2022-27925 create time: 2022-08-19T04:46:08Z
CVE-2018-0798复现 : Sunqiz/CVE-2018-0798-reproduction create time: 2022-08-19T02:17:50Z
no description : xpgdgit/CVE-2022-31793 create time: 2022-08-19T01:42:08Z
no description : superhac/CVE-2022-2414-POC create time: 2022-08-18T19:58:53Z
no description : GreyNoise-Intelligence/Zimbra_CVE-2022-37042-_CVE-2022-27925 create time: 2022-08-18T18:39:39Z
Example payload for CVE-2022-21894 : sm0ke1337/CVE-2022-21894-Payload create time: 2022-08-18T13:37:56Z
no description : tharindudh/tharindudh-Log4j-Vulnerability-in-Ghidra-tool-CVE-2021-44228 create time: 2022-08-18T07:27:32Z
no description : ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20229 create time: 2022-08-18T07:02:43Z
no description : ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20224 create time: 2022-08-18T06:04:41Z
A powershell poc to load and automatically run Certify and Rubeus from memory. : lsecqt/CVE-2022-26923-Powershell-POC create time: 2022-08-17T21:13:49Z
BLURtooth: Exploiting Cross-Transport Key Derivation in Bluetooth Classic and Bluetooth Low Energy [CVE-2020-15802] [CVE-2022-20361] : francozappa/blur create time: 2022-08-17T19:05:38Z
Exploits of different CVE IDs (CVE-2021-37910, CVE-2021-40288, CVE-2021-41435, CVE-2021-41436, CVE-2021-41437, CVE-2021-41441, CVE-2021-41442, CVE-2021-41445, CVE-2021-41449, CVE-2021-41450, CVE-2021-41451, CVE-2021-41753, CVE-2021-41788, CVE-2021-46353) : efchatz/easy-exploits create time: 2022-05-27T21:09:03Z
Remote code execution in CA APM Team Center (Wily Introscope) : gquere/CVE-2020-6364 create time: 2022-08-17T12:57:29Z
This is working POC of CVE-2022-36271 : SaumyajeetDas/POC-of-CVE-2022-36271 create time: 2022-08-16T19:48:36Z
no description : kenyon-wong/cve-2022-3452 create time: 2022-08-16T17:48:12Z
no description : a1ise/CVE-2022-29247 create time: 2022-08-16T14:06:15Z
no description : nidhi7598/packages_apps_Settings_AOSP_10_r33_CVE-2022-20223 create time: 2022-08-16T12:21:34Z
no description : ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20229 create time: 2022-08-16T12:08:11Z
no description : ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20224 create time: 2022-08-16T11:14:27Z
HTTP3-attacks (CVE-2022-30592) : efchatz/HTTP3-attacks create time: 2022-08-06T09:57:43Z
no description : docfate111/CVE-2022-21789 create time: 2022-05-25T01:20:14Z
no description : MaherAzzouzi/CVE-2022-36163 create time: 2022-08-15T20:43:53Z
no description : MaherAzzouzi/CVE-2022-36162 create time: 2022-08-15T20:36:51Z
ApacheOfBiz 17.12.01 - Unauthorized Remote Code Executión : Ly0nt4r/CVE-2020-9496 create time: 2022-08-15T18:15:11Z
### Awesome Penetration Testing 
docker pull kalilinux/kali-linux-docker official Kali Linux * docker pull owasp/zap2docker-stable - official OWASP ZAP * docker pull wpscanteam/wpscan - official WPScan * docker pull pandrew/metasploit - docker-metasploit * docker pull citizenstig/dvwa - Damn Vulnerable Web Application (DVWA) * docker pull wpscanteam/vulnerablewordpress - Vulnerable WordPress Installation * docker pull hmlio/vaas-cve-2014-6271 - Vulnerability as a service: Shellshock * docker pull hmlio/vaas-cve-2014-0160 - Vulnerability as a service: Heartbleed * docker pull opendns/security-ninjas - Security Ninjas * docker pull diogomonica/docker-bench-security - Docker Bench for Security * docker pull ismisepaul/securityshepherd - OWASP Security Shepherd * docker pull danmx/docker-owasp-webgoat - OWASP WebGoat Project docker image * docker-compose build && docker-compose up - OWASP NodeGoat * docker pull citizenstig/nowasp - OWASP Mutillidae II Web Pen-Test Practice Application * docker pull bkimminich/juice-shop - OWASP Juice Shop #### Vulnerability Scanners * Nexpose - Vulnerability Management & Risk Management Software * Nessus - Vulnerability, configuration, and compliance assessment * Nikto - Web application vulnerability scanner * OpenVAS - Open Source vulnerability scanner and manager * OWASP Zed Attack Proxy - Penetration testing tool for web applications * Secapps - Integrated web application security testing environment * w3af - Web application attack and audit framework * Wapiti - Web application vulnerability scanner * WebReaver - Web application vulnerability scanner for Mac OS X * DVCS Ripper - Rip web accessible (distributed) version control systems: SVN/GIT/HG/BZR * arachni - Web Application Security Scanner Framework #### Network Tools * nmap - Free Security Scanner For Network Exploration & Security Audits * pig - A Linux packet crafting tool * tcpdump/libpcap - A common packet analyzer that runs under the command line * Wireshark - A network protocol analyzer for Unix and Windows * Network Tools - Different network tools: ping, lookup, whois, etc * netsniff-ng - A Swiss army knife for for network sniffing * Intercepter-NG - a multifunctional network toolkit * SPARTA - Network Infrastructure Penetration Testing Tool * dnschef - A highly configurable DNS proxy for pentesters * DNSDumpster - Online DNS recon and search service * dnsenum - Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results * dnsmap - Passive DNS network mapper * dnsrecon - DNS Enumeration Script * dnstracer - Determines where a given DNS server gets its information from, and follows the chain of DNS servers * passivedns-client - Provides a library and a query tool for querying several passive DNS providers * passivedns - A network sniffer that logs all DNS server replies for use in a passive DNS setup * Mass Scan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. * Zarp - Zarp is a network attack tool centered around the exploitation of local networks * mitmproxy - An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers * mallory - HTTP/HTTPS proxy over SSH * Netzob - Reverse engineering, traffic generation and fuzzing of communication protocols * DET - DET is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time * pwnat - punches holes in firewalls and NATs * dsniff - a collection of tools for network auditing and pentesting * tgcd - a simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls * smbmap - a handy SMB enumeration tool * scapy - a python-based interactive packet manipulation program & library * Dshell - Network forensic analysis framework * Debookee (MAC OS X) - Intercept traffic from any device on your network * Dripcap - Caffeinated packet analyzer #### Wireless Network Tools * Aircrack-ng - a set of tools for auditing wireless network * Kismet - Wireless network detector, sniffer, and IDS * Reaver - Brute force attack against Wifi Protected Setup * Wifite - Automated wireless attack tool * wifiphisher - Automated phishing attacks against Wi-Fi networks #### SSL Analysis Tools * SSLyze - SSL configuration scanner * sslstrip - a demonstration of the HTTPS stripping attacks * sslstrip2 - SSLStrip version to defeat HSTS * tls_prober - fingerprint a server's SSL/TLS implementation #### Web exploitation * WPScan - Black box WordPress vulnerability scanner * SQLmap - Automatic SQL injection and database takeover tool * weevely3 - Weaponized web shell * Wappalyzer - Wappalyzer uncovers the technologies used on websites * cms-explorer - CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running. * joomscan - Joomla CMS scanner * WhatWeb - Website Fingerprinter * BlindElephant - Web Application Fingerprinter * fimap - Find, prepare, audit, exploit and even google automatically for LFI/RFI bugs * Kadabra - Automatic LFI exploiter and scanner * Kadimus - LFI scan and exploit tool * liffy - LFI exploitation tool #### Hex Editors * HexEdit.js - Browser-based hex editing * Hexinator (commercial) - World's finest Hex Editor * HxD - Freeware Hex Editor and Disk Editor #### Crackers * John the Ripper - Fast password cracker * Online MD5 cracker - Online MD5 hash Cracker * Hashcat - The more fast hash cracker * THC Hydra - Another Great Password Cracker #### Windows Utils * Sysinternals Suite - The Sysinternals Troubleshooting Utilities * Windows Credentials Editor - security tool to list logon sessions and add, change, list and delete associated credentials * mimikatz - Credentials extraction tool for Windows OS * PowerSploit - A PowerShell Post-Exploitation Framework * Windows Exploit Suggester - Detects potential missing patches on the target * Responder - A LLMNR, NBT-NS and MDNS poisoner * Bloodhound - A graphical Active Directory trust relationship explorer * Empire - Empire is a pure PowerShell post-exploitation agent * Fibratus - Tool for exploration and tracing of the Windows kernel #### Linux Utils * Linux Exploit Suggester - Linux Exploit Suggester; based on operating system release number. #### DDoS Tools * LOIC - An open source network stress tool for Windows * JS LOIC - JavaScript in-browser version of LOIC * T50 - The more fast network stress tool #### Social Engineering Tools * SET - The Social-Engineer Toolkit from TrustedSec #### OSInt Tools * Maltego - Proprietary software for open source intelligence and forensics, from Paterva. * theHarvester - E-mail, subdomain and people names harvester * creepy - A geolocation OSINT tool * metagoofil - Metadata harvester * Google Hacking Database - a database of Google dorks; can be used for recon * Censys - Collects data on hosts and websites through daily ZMap and ZGrab scans * Shodan - Shodan is the world's first search engine for Internet-connected devices * recon-ng - A full-featured Web Reconnaissance framework written in Python * github-dorks - CLI tool to scan github repos/organizations for potential sensitive information leak * vcsmap - A plugin-based tool to scan public version control systems for sensitive information * Spiderfoot - multi-source OSINT automation tool with a Web UI and report visualizations #### Anonymity Tools * Tor - The free software for enabling onion routing online anonymity * I2P - The Invisible Internet Project * Nipe - Script to redirect all traffic from the machine to the Tor network. #### Reverse Engineering Tools * IDA Pro - A Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger * IDA Free - The freeware version of IDA v5.0 * WDK/WinDbg - Windows Driver Kit and WinDbg * OllyDbg - An x86 debugger that emphasizes binary code analysis * Radare2 - Opensource, crossplatform reverse engineering framework * x64_dbg - An open-source x64/x32 debugger for windows * Immunity Debugger - A powerful new way to write exploits and analyze malware * Evan's Debugger - OllyDbg-like debugger for Linux * Medusa disassembler - An open source interactive disassembler * plasma - Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code * peda - Python Exploit Development Assistance for GDB * dnSpy - dnSpy is a tool to reverse engineer .NET assemblies #### CTF Tools * Pwntools - CTF framework for use in CTFs ### Books #### Penetration Testing Books * The Art of Exploitation by Jon Erickson, 2008 * Metasploit: The Penetration Tester's Guide by David Kennedy et al., 2011 * Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman, 2014 * Rtfm: Red Team Field Manual by Ben Clark, 2014 * The Hacker Playbook 2: Practical Guide To Penetration Testing * The Basics of Hacking and Penetration Testing by Patrick Engebretson, 2013 * Professional Penetration Testing by Thomas Wilhelm, 2013 * Advanced Penetration Testing for Highly-Secured Environments by Lee Allen, 2012 * Violent Python by TJ O'Connor, 2012 * Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton et al., 2007 * Black Hat Python: Python Programming for Hackers and Pentesters by Justin Seitz, 2014 * Penetration Testing: Procedures & Methodologies by EC-Council, 2010 * Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp, 2010 * Advanced Persistent Threat Hacking: The Art and Science of Hacking Any Organization by Tyler Wrightson, 2014 * Bug Hunter's Diary by Tobias Klein, 2011 #### Hackers Handbook Series * The Database Hacker's Handbook, David Litchfield et al., 2005 * The Shellcoders Handbook by Chris Anley et al., 2007 * The Mac Hacker's Handbook by Charlie Miller & Dino Dai Zovi, 2009 * The Web Application Hackers Handbook by D. Stuttard, M. Pinto, 2011 * iOS Hackers Handbook by Charlie Miller et al., 2012 * Android Hackers Handbook by Joshua J. Drake et al., 2014 * The Browser Hackers Handbook by Wade Alcorn et al., 2014 * The Mobile Application Hackers Handbook by Dominic Chell et al., 2015 * Car Hacker's Handbook by Craig Smith, 2016 #### Defensive Development * Holistic Info-Sec for Web Developers (Fascicle 0) * Holistic Info-Sec for Web Developers (Fascicle 1) #### Network Analysis Books * Nmap Network Scanning by Gordon Fyodor Lyon, 2009 * Practical Packet Analysis by Chris Sanders, 2011 * Wireshark Network Analysis by by Laura Chappell & Gerald Combs, 2012 * Network Forensics: Tracking Hackers through Cyberspace by Sherri Davidoff & Jonathan Ham, 2012 #### Reverse Engineering Books * Reverse Engineering for Beginners by Dennis Yurichev * Hacking the Xbox by Andrew Huang, 2003 * The IDA Pro Book by Chris Eagle, 2011 * Practical Reverse Engineering by Bruce Dang et al., 2014 * Gray Hat Hacking The Ethical Hacker's Handbook by Daniel Regalado et al., 2015 #### Malware Analysis Books * Practical Malware Analysis by Michael Sikorski & Andrew Honig, 2012 * The Art of Memory Forensics by Michael Hale Ligh et al., 2014 * Malware Analyst's Cookbook and DVD by Michael Hale Ligh et al., 2010 #### Windows Books * Windows Internals by Mark Russinovich et al., 2012 #### Social Engineering Books * The Art of Deception by Kevin D. Mitnick & William L. Simon, 2002 * The Art of Intrusion by Kevin D. Mitnick & William L. Simon, 2005 * Ghost in the Wires by Kevin D. Mitnick & William L. Simon, 2011 * No Tech Hacking by Johnny Long & Jack Wiles, 2008 * Social Engineering: The Art of Human Hacking by Christopher Hadnagy, 2010 * Unmasking the Social Engineer: The Human Element of Security by Christopher Hadnagy, 2014 * Social Engineering in IT Security: Tools, Tactics, and Techniques by Sharon Conheady, 2014 #### Lock Picking Books * Practical Lock Picking by Deviant Ollam, 2012 * Keys to the Kingdom by Deviant Ollam, 2012 * CIA Lock Picking Field Operative Training Manual * Lock Picking: Detail Overkill by Solomon * Eddie the Wire books ### Vulnerability Databases * NVD - US National Vulnerability Database * CERT - US Computer Emergency Readiness Team * OSVDB - Open Sourced Vulnerability Database * Bugtraq - Symantec SecurityFocus * Exploit-DB - Offensive Security Exploit Database * Fulldisclosure - Full Disclosure Mailing List * MS Bulletin - Microsoft Security Bulletin * MS Advisory - Microsoft Security Advisories * Inj3ct0r - Inj3ct0r Exploit Database * Packet Storm - Packet Storm Global Security Resource * SecuriTeam - Securiteam Vulnerability Information * CXSecurity - CSSecurity Bugtraq List * Vulnerability Laboratory - Vulnerability Research Laboratory * ZDI - Zero Day Initiative * Vulners - Security database of software vulnerabilities ### Security Courses * Offensive Security Training - Training from BackTrack/Kali developers * SANS Security Training - Computer Security Training & Certification * Open Security Training - Training material for computer security classes * CTF Field Guide - everything you need to win your next CTF competition * ARIZONA CYBER WARFARE RANGE - 24x7 live fire exercises for beginners through real world operations; capability for upward progression into the real world of cyber warfare. * Cybrary - Free courses in ethical hacking and advanced penetration testing. Advanced penetration testing courses are based on the book 'Penetration Testing for Highly Secured Enviroments'. * Computer Security Student - Many free tutorials, great for beginners, $10/mo membership unlocks all content * European Union Agency for Network and Information Security - ENISA Cyber Security Training material ### Information Security Conferences * DEF CON - An annual hacker convention in Las Vegas * Black Hat - An annual security conference in Las Vegas * BSides - A framework for organising and holding security conferences * CCC - An annual meeting of the international hacker scene in Germany * DerbyCon - An annual hacker conference based in Louisville * PhreakNIC - A technology conference held annually in middle Tennessee * ShmooCon - An annual US east coast hacker convention * CarolinaCon - An infosec conference, held annually in North Carolina * CHCon - Christchurch Hacker Con, Only South Island of New Zealand hacker con * SummerCon - One of the oldest hacker conventions, held during Summer * Hack.lu - An annual conference held in Luxembourg * HITB - Deep-knowledge security conference held in Malaysia and The Netherlands * Troopers - Annual international IT Security event with workshops held in Heidelberg, Germany * Hack3rCon - An annual US hacker conference * ThotCon - An annual US hacker conference held in Chicago * LayerOne - An annual US security conference held every spring in Los Angeles * DeepSec - Security Conference in Vienna, Austria * SkyDogCon - A technology conference in Nashville * SECUINSIDE - Security Conference in Seoul * DefCamp - Largest Security Conference in Eastern Europe, held anually in Bucharest, Romania * AppSecUSA - An annual conference organised by OWASP * BruCON - An annual security conference in Belgium * Infosecurity Europe - Europe's number one information security event, held in London, UK * Nullcon - An annual conference in Delhi and Goa, India * RSA Conference USA - An annual security conference in San Francisco, California, USA * Swiss Cyber Storm - An annual security conference in Lucerne, Switzerland * Virus Bulletin Conference - An annual conference going to be held in Denver, USA for 2016 * Ekoparty - Largest Security Conference in Latin America, held annually in Buenos Aires, Argentina * 44Con - Annual Security Conference held in London * BalCCon - Balkan Computer Congress, annualy held in Novi Sad, Serbia * FSec - FSec - Croatian Information Security Gathering in Varaždin, Croatia ### Information Security Magazines * 2600: The Hacker Quarterly - An American publication about technology and computer "underground" * Phrack Magazine - By far the longest running hacker zine Please have a look at * Top Hacking Books * Top Reverse Engineering Books * Top Machine learning Books * Top 5 books Programming Books * Top Java Books : sidd3009/PenTesting create time: 2022-08-15T13:40:44Z
A tool for extracting, modifying, and crafting ASDM binary packages (CVE-2022-20829) : jbaines-r7/theway create time: 2022-04-28T17:04:58Z
metasploit and python module for CVE-2022-26809 windows rpc rce via smb 445 : Ziggy78/CVE-2022-26809-MASS-RCE create time: 2022-08-15T12:06:18Z
https://nvd.nist.gov/vuln/detail/CVE-2022-34169 : bor8/CVE-2022-34169 create time: 2022-08-15T09:43:08Z
CVE-2022-24500 Windows SMB Unauthenticated Remote Code Execution Vulnerability : Daro1967/CVE-2022-24500-MASS-RCE create time: 2022-08-15T07:52:50Z
CVE-2010-3333复现 : Sunqiz/CVE-2010-3333-reproduction create time: 2022-08-15T06:54:55Z
CVE-2011-0104复现 : Sunqiz/CVE-2011-0104-reproduction create time: 2022-08-15T07:04:20Z
CVE-2012-0158复现 : Sunqiz/CVE-2012-0158-reproduction create time: 2022-08-15T06:59:06Z
CVE-2013-2028复现 : Sunqiz/CVE-2013-2028-reproduction create time: 2022-08-15T07:06:23Z
CVE-2017-0199复现 : Sunqiz/CVE-2017-0199-reprofuction create time: 2022-08-15T07:15:55Z
CVE-2017-11882复现 : Sunqiz/CVE-2017-11882-reproduction create time: 2022-08-15T07:09:23Z
🕵️ Yet another CVE-2019-9670 exploit, but in Golang. : oppsec/zaber create time: 2022-08-15T00:54:44Z
no description : MeDx64/CVE-2022-27925 create time: 2022-08-14T22:22:55Z
no description : MeDx64/CVE-2022-27925 create time: 2022-08-14T22:20:25Z
no description : Geni0r/cve-2021-4034-poc create time: 2022-08-14T16:07:29Z
Nortek Control Linear eMerge E3-Series 信息泄露 : Henry4E36/CVE-2022-31269 create time: 2022-08-14T16:23:54Z
Trying to reproduce CVE-2021-43908 : Sudistark/vscode-rce-electrovolt create time: 2022-08-12T05:18:43Z
CVE-2022-33891 Exploit For Apache Spark : DrLinuxOfficial/CVE-2022-33891 create time: 2022-08-13T23:02:56Z
Modified dirtypipe script into auto root without have to search a file manually to hijack suid binary. : EagleTube/CVE-2022-0847 create time: 2022-08-13T16:58:40Z
Autopwn Log4Shell (CVE-2021-44228)!!! : nemesi-ita/autoL4s create time: 2022-08-13T15:42:27Z
the payload of CVE-2021-21300 : Roboterh/CVE-2021-21300 create time: 2022-08-13T13:00:58Z
Zimbra RCE simple poc : vnhacker1337/CVE-2022-27925-PoC create time: 2022-08-12T18:35:52Z
CVE-2022-35513 | blink1-pass-decrypt : p1ckzi/CVE-2022-35513 create time: 2022-07-05T18:27:36Z
GOG Galaxy LPE Exploit : secure-77/CVE-2022-31262 create time: 2022-08-11T19:33:02Z
PoC for CVE-2022-24654 : leonardobg/CVE-2022-24654 create time: 2022-08-11T15:06:49Z
no description : Silencecyber/cve-2021-4034 create time: 2022-08-11T14:10:39Z
A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997. : p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE create time: 2022-08-11T11:47:17Z
CVE-2021-4154 exploit : Markakd/CVE-2021-4154 create time: 2022-08-11T05:46:27Z
exploit for CVE-2022-2588 : Markakd/CVE-2022-2588 create time: 2022-08-11T06:01:24Z
Similarity Measure percentage calculation between CVE (2021,2022) and USA Jobs (Cybersecurity job description), Indeed (Cybersecurity job description), LinkedIn (Historically marginalized Populations from Non MSA Data Description) : team-v-2022/Cosine-Percentage-Calculation create time: 2022-08-11T00:54:32Z
no description : J0EP/CVE-2022-X create time: 2022-08-10T19:12:06Z
An issue was discovered in BS_RCIO64.sys in Biostar RACING GT Evo 2.1.1905.1700. A low-integrity process can open the driver's device object and issue IOCTLs to read or write to arbitrary physical memory locations (or call an arbitrary address), leading to execution of arbitrary code. This is associated with 0x226040, 0x226044, and 0x226000. : Exploitables/CVE-2021-44852 create time: 2022-08-10T15:53:44Z
baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability : Wack0/CVE-2022-21894 create time: 2022-08-09T15:53:48Z
RSA Key Checker for CVE-2022-20866 : CiscoPSIRT/CVE-2022-20866 create time: 2022-07-13T12:48:49Z
This vulnerability allows an attacker to gain unauthorized access to the firewall management space by bypassing authentication : APTIRAN/CVE-2022-1040 create time: 2022-08-10T10:38:59Z
CVE : HKirito/CVE-2022-33980 create time: 2022-08-10T03:21:19Z
no description : markisback/CVE-2018-6574 create time: 2022-08-09T23:45:13Z
Exploit PoC for CVE-2022-29968 by Joseph Ravichandran and Michael Wang : jprx/CVE-2022-29968 create time: 2022-04-19T19:38:25Z
no description : 0xNix/CVE-2021-4034 create time: 2022-08-09T17:54:27Z
POC of CVE-2022-21881 exploited at TianfuCup 2021 to escape Chrome Sandbox : theabysslabs/CVE-2022-21881 create time: 2022-08-09T14:16:40Z
Exploit for PrestaShop bockwishlist module 2.1.0 SQLi (CVE-2022-31101) : karthikuj/CVE-2022-31101 create time: 2022-08-09T10:29:48Z
no description : poxicity/CVE-2015-1328 create time: 2022-08-09T04:10:28Z
no description : poxicity/CVE-2015-1328 create time: 2022-08-09T03:54:03Z
Webkit (Safari) - Exploit : springsec/CVE-2022-22620 create time: 2022-08-04T07:11:39Z
no description : vesperp/CVE-2021-20038-SonicWall-RCE create time: 2022-08-08T03:38:06Z
PoC for GLPI CVE-2022-31061 : Vu0r1/CVE-2022-31061 create time: 2022-08-07T18:14:54Z
SambaCry exploit (CVE-2017-7494) : 00mjk/exploit-CVE-2017-7494 create time: 2022-05-29T16:27:13Z
CVE-2007-2447 exploit written in python to get reverse shell : HerculesRD/PyUsernameMapScriptRCE create time: 2022-08-07T00:34:38Z
CallStranger (CVE-2020-12695) vulnerability. : Xcod3bughunt3r/CallStranger create time: 2022-08-06T14:12:23Z
CVE-2022-1015 : pr0ln/bob_kern_exp1 create time: 2022-08-06T12:34:22Z
CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15 : zxj-52031/mai-lang-chain create time: 2022-08-06T06:55:15Z
Exploit for CVE-2022-29582 targeting Google's Kernel CTF : Ruia-ruia/CVE-2022-29582-Exploit create time: 2022-08-04T15:29:04Z
no description : Satheesh575555/Openssl_1_1_0_CVE-2021-23841 create time: 2022-08-05T10:52:16Z
PHPMailer < 5.2.18 Remote Code Execution : zeeshanbhattined/exploit-CVE-2016-10033 create time: 2022-08-05T08:24:14Z
Vulnerability in Crow prior v1.0+4 : 0xhebi/CVE-2022-34970 create time: 2022-07-29T00:19:33Z
A Fullstack Academy Cybersecurity project examining the full cycle of the Follina (CVE-2022-30190) vulnerability, from exploit to detection and defense. : jeffymcjeffface/five-nights-at-follina-s create time: 2022-08-01T16:47:50Z
CVE-2021-41773 Gaurav Raj's exploit modified by Plunder : Plunder283/CVE-2021-41773 create time: 2022-08-04T16:19:42Z
no description : 0x414141414/Silent-Word-Exploit-CVE-2022 create time: 2022-08-04T13:51:17Z
海康威视RCE漏洞 批量检测和利用工具 : Cuerz/CVE-2021-36260 create time: 2022-08-03T17:27:59Z
Exploit to capitalize on vulnerability CVE-2020-2038. : und3sc0n0c1d0/CVE-2020-2038 create time: 2022-08-03T17:21:51Z
no description : timb-machine-mirrors/cve-2021-3060.py create time: 2022-08-03T17:14:13Z
no description : aweiiy/CVE-2021-43617 create time: 2022-08-03T10:18:44Z
no description : LY613313/CVE-2022-22947 create time: 2022-08-03T02:51:26Z
no description : ro-fes/CVE2019-10092 create time: 2022-08-02T20:14:54Z
no description : Reysbumb/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft create time: 2022-08-02T19:57:34Z
no description : Reysbumb/Jpg-Png-Exploit-Downloader-Fud-Cryter-Malware-Builder-Cve-2022 create time: 2022-08-02T19:48:05Z
no description : Reysbumb/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022 create time: 2022-08-02T19:47:19Z
CVE-2022-36946 linux kernel panic in netfilter_queue : XmasSnowISBACK/CVE-2022-36946 create time: 2022-08-02T18:57:19Z
COMPILED : XmasSnowISBACK/CVE-2022-0847-DirtyPipe-Exploits create time: 2022-08-02T18:53:26Z
CVE-2022-21661 exp for Elementor custom skin. : XmasSnowISBACK/CVE-2022-21661 create time: 2022-08-02T18:51:31Z
CVE-2022-33891 - Apache Spark Command Injection : XmasSnowISBACK/CVE-2022-33891 create time: 2022-08-02T18:41:39Z
This paper is about manual exploitation of android open port vulnerability found in ES file manager. This open TCP 59777 port allows the attacker to install a backdoor and gather all the user’s data. Further in this paper there will be a proof of concept presented to consolidate the vulnerability. Download the PDF and enjoy !!! Cheers !!! : vino-theva/CVE-2019-6447 create time: 2022-08-02T17:16:34Z
Apache Log4j is a logging tool written in Java. This paper focuses on what is Log4j and log4shell vulnerability and how it works, how it affects the victim, and how can this be mitigated : vino-theva/CVE-2021-44228 create time: 2022-08-02T17:03:55Z
建立一個概念類似 CVE-2022-28219 的測試環境 : aeifkz/CVE-2022-28219-Like create time: 2022-07-27T09:03:10Z
no description : guialvesf/CVE-2018-6574 create time: 2022-08-02T13:21:20Z
no description : veritas501/CVE-2022-34918 create time: 2022-08-02T09:52:02Z
COMPILED : eduquintanilha/CVE-2022-0847-DirtyPipe-Exploits create time: 2022-08-01T14:14:40Z
no description : Blackyguy/-CVE-2022-29464 create time: 2022-08-01T07:27:29Z
no description : xpgdgit/CVE-2015-5531 create time: 2022-08-01T07:21:43Z
no description : xpgdgit/CVE-2014-3120 create time: 2022-08-01T04:39:04Z
Analaysis of cve-2016-0728 : tndud042713/cve-2016-0728 create time: 2022-07-31T18:51:15Z
PoC exploit for CVE-2017-1000251 (modified) : istanescu/CVE-2017-1000251_Exploit create time: 2022-07-31T12:17:41Z
CVE-2022-21661 exp for Elementor custom skin. : QWERTYisme/CVE-2022-21661 create time: 2022-07-31T11:53:06Z
Exploit for SpringShell. : iyamrotrix/CVE-2022-22965 create time: 2022-07-31T08:21:59Z
「💥」CVE-2022-33891 - Apache Spark Shell Command Injection : AmoloHT/CVE-2022-33891 create time: 2022-07-30T23:02:16Z
Script to exploit CVE-2018-1042 in order to do internal port scans. : UDPsycho/Moodle-CVE-2018-1042 create time: 2022-07-30T17:06:57Z
CVE 2022.07.30 : redclip44/CVE create time: 2022-07-30T17:20:08Z
Script to exploit CVE-2018-1042 in order to do internal port scans. : UDPsycho/Moodle-CVE-2018-1042 create time: 2022-07-30T16:08:50Z
Microsoft Exchange Server Spoofing Vulnerability Exploit! : 0xrobiul/CVE-2021-41349-Exploit create time: 2022-07-30T10:51:55Z
Confluence CVE-2022-26138 POC : z92g/CVE-2022-26138 create time: 2022-07-30T07:14:52Z
DistCC exploit : angelpimentell/distcc_cve_2004-2687_exploit create time: 2022-03-15T18:25:27Z
no description : Skipper7718/CVE-2022-21449-showcase create time: 2022-07-29T16:33:10Z
no description : fazaroot/cve-2021-pwnkit create time: 2022-07-29T13:12:36Z
wo ee cve-2022-2185 gitlab authenticated rce : ESUAdmin/CVE-2022-2185 create time: 2022-07-29T11:14:03Z
no description : xpgdgit/CVE-2015-1427 create time: 2022-07-29T09:14:56Z
WordPress Simple File List FileRead POC : z92g/CVE-2022-1119 create time: 2022-07-29T05:04:26Z
libSSH-Authentication-Bypass : EmmanuelCruzL/CVE-2018-10933 create time: 2022-07-28T13:49:47Z
WordPress WP_Query SQL Injection POC : z92g/CVE-2022-21661 create time: 2022-07-28T13:12:51Z
PHP CGI Argument Injection RCE : theykillmeslowly/CVE-2012-1823 create time: 2022-07-28T11:51:03Z
no description : Pwnzer0tt1/CVE-2022-36946 create time: 2022-07-28T11:22:13Z
Atlassian Confluence Server and Data Center: CVE-2022-26138 : Vulnmachines/Confluence-Question-CVE-2022-26138- create time: 2022-07-28T09:48:21Z
Apache 2.4.49-50 Remote Code Execution Exploit : khidhir-ibrahim/CVE-2021-42013 create time: 2022-07-28T09:21:50Z
Reports on post-exploitation on honeypot exploiting vulnerable wu-ftpd (CVE-2001-0550) : gilberto47831/Network-Filesystem-Forensics create time: 2022-07-28T04:52:58Z
QNAP N-Day (Probably not CVE-2020-2509) : jbaines-r7/overkill create time: 2022-07-27T19:58:40Z
警惕 一种针对红队的新型溯源手段! : fuckjsonp/FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp create time: 2022-07-27T15:48:19Z
Java classpath enumeration, focussed on CVE-2014-0043 for Apache Wicket 6.x : JJK96/JavaClasspathEnum create time: 2022-07-27T14:43:54Z
CVE-2022-* : GREENHAT7/pxplan create time: 2021-11-22T12:57:22Z
Vulnerability Polkit's pkexec : carloscast1llo/CVE-2021-4034 create time: 2022-07-27T10:15:37Z
weblogic-cve-2018-2628-exp : cscadoge/weblogic-cve-2018-2628 create time: 2022-07-27T06:10:28Z
Additional exploits for XSS in Cisco ASA devices discovered by PTSwarm : catatonicprime/CVE-2020-3580 create time: 2022-07-15T00:11:29Z
Zimbra unrar vulnerability. Now there are already POC available, it is safe to release our POC. : aslitsecurity/Zimbra-CVE-2022-30333 create time: 2022-07-26T13:28:12Z
no description : nidhi7598/openssl-OpenSSL_1_1_1g_AOSP_10_r33_CVE-2022-1292 create time: 2022-07-26T11:33:10Z
no description : yuxblank/CVE-2022-2466---Request-Context-not-terminated-with-GraphQL create time: 2022-07-26T09:45:46Z
A demo for cve-2019-12735 : st9007a/CVE-2019-12735 create time: 2022-07-26T08:45:21Z
WebMin Versions <= 1.920 [CVE-2019-15107] RCE PoC : TheAlpha19/MiniExploit create time: 2022-07-26T07:38:03Z
Module for PrestaShop 1.7.X to fix CVE-2022-31181 vulnerability (Chain SQL Injection) : drkbcn/lblfixer_cve_2022_31181 create time: 2022-07-26T05:55:53Z
CVE-2021-38647 is an unauthenticated RCE vulnerability effecting the OMI agent as root. : Vulnmachines/OMIGOD_cve-2021-38647 create time: 2021-09-24T10:53:52Z
no description : ExploitCN/CVE-2018-11321 create time: 2022-07-26T02:28:16Z
no description : Walker-00/CVE-2021-22911 create time: 2022-07-25T12:36:30Z
no description : nidhi7598/frameworks_av_AOSP_10_r33_CVE-2021-0520 create time: 2022-07-25T11:57:50Z
no description : ShaikUsaf/frameworks_av_AOSP10_r33_CVE-2021-0520 create time: 2022-07-25T11:51:11Z
Unauthenticated RCE via CVE-2022-26138 confluence : Daro1967/CVE-2022-26138-RCE create time: 2022-07-25T09:30:27Z
no description : Ziggy78/CVE-2022-26809-RCE-POC create time: 2022-07-25T08:58:46Z
Joplin CVE-2022-35131, RCE : ly1g3/Joplin-CVE-2022-35131 create time: 2022-07-25T06:25:52Z
no description : linulinu/CVE-2022-34918 create time: 2022-07-25T06:13:41Z
Major Security Vulnerability on PrestaShop Websites - CVE-2022-31101 : MathiasReker/blm-vlun create time: 2022-07-24T21:50:13Z
CVE-2014-7169 Shell Shock : prince-stark/SHELL-SCHOCK create time: 2022-07-24T18:03:30Z
no description : merlinepedra/CVE-2022-34918-LPE-PoC create time: 2022-07-24T14:47:55Z
no description : merlinepedra25/CVE-2022-34918-LPE-PoC create time: 2022-07-24T14:47:40Z
Apache Spark RCE : llraudseppll/cve-2022-33891 create time: 2022-07-24T07:45:46Z
An unrestricted file upload vulnerability in the Add New Assets function of Strapi v4.1.12 allows attackers to execute arbitrary code via a crafted file. : bypazs/CVE-2022-32114 create time: 2022-05-29T15:25:08Z
远程攻击者在Confluence未经身份验证的情况下,可构造OGNL表达式进行注入,实现在Confluence Server或Data Center上执行任意代码,在现有脚本上修改了poc,方便getshell。 : keven1z/CVE-2022-26134 create time: 2022-07-23T14:38:11Z
EXPLOIT FOR CVE IDRAC 8 2021 : krdsploit/DELL-IDRAC-8-EXPLOIT create time: 2022-07-23T08:55:55Z
The New Exploit there no available on metasploit framework ! : krdsploit/CVE-2002-2420 create time: 2022-07-22T21:33:26Z
no description : AkbarTrilaksana/CVE-2022-32832 create time: 2022-07-22T17:37:27Z
THE FINAL POC FOR CVE-2022-26809 TO ACHIEVE RCE : ToomArni65/CVE-2022-26809-FINAL-POC create time: 2022-07-22T17:31:21Z
Re Updating - Re Writing The 2004 CVE : krdsploit/CVE-2004 create time: 2022-07-22T13:57:03Z
Re Updated & Re Wrtiting : krdsploit/CVE-2004-TFTP create time: 2022-07-22T13:55:51Z
no description : d4rkduck/CVE-2022-0666 create time: 2022-07-22T09:38:20Z
Mitigation/fix of CVE-2021-41773 A Path Traversal And File Disclosure Vulnerability In Apache : EkamSinghWalia/Mitigation-CVE-2021-41773- create time: 2022-07-22T09:11:47Z
CVE-2022-23131漏洞批量检测与利用脚本 : 1324132494/CVE-2022-23131poc-exp-zabbix- create time: 2022-07-22T05:48:23Z
no description : 1mxml/CVE-2022-26138 create time: 2022-07-22T05:43:14Z
no description : J0hnbX/CVE-2022-30333 create time: 2022-07-22T01:14:29Z
no description : trhacknon/CVE-2022-34918-LPE-PoC create time: 2022-07-21T22:06:19Z
THE FINAL POC FOR CVE-2022-26809 TO ACHIEVE RCE : ToomArni65/CVE-2022-26809-POC create time: 2022-07-21T17:32:15Z
Proof-of-concept and write-up for the CVE-2022-32832 vulnerability patched in iOS 15.6 : Muirey03/CVE-2022-32832 create time: 2022-07-21T13:09:50Z
no description : rahul-masal/ubuntu22.04-cve2022 create time: 2022-07-21T14:47:55Z
no description : ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2020-0137 create time: 2022-07-21T11:57:43Z
Atlassian Questions Hardcoded Password (CVE-2022-26138) : alcaparra/CVE-2022-26138 create time: 2022-07-21T09:28:06Z
Detection and Remdiation of the Follina MSDT Vulnerability (CVE-2022-30190) : EkamSinghWalia/Follina-MSDT-Vulnerability-CVE-2022-30190- create time: 2022-07-21T06:49:44Z
no description : 2ntt/CVE-2022-30333 create time: 2022-07-21T06:54:26Z
no description : AkbarTrilaksana/cve-2022-33891 create time: 2022-07-20T22:52:43Z
The Hight Speed MSF Console For Metasploit Framework To Exploit CVE 2015-2523 : krdsploit/MSFu-Extentions- create time: 2022-07-20T21:02:41Z
CVE-2021-22205 检测脚本,支持getshell和命令执行 : keven1z/CVE-2021-22205 create time: 2022-07-20T16:57:57Z
no description : NeoWans/CVE-2018-19246 create time: 2022-07-20T13:06:26Z
no description : randorisec/CVE-2022-34918-LPE-PoC create time: 2022-07-19T12:46:45Z
CVE-2019-17621 DLink_RCE : Ler2sq/CVE-2019-17621 create time: 2022-07-20T09:39:36Z
vuln ejs 3.1.6 docker : miko550/CVE-2022-29078 create time: 2022-07-20T10:10:01Z
CVE-2007-2447 samba remote code execution : mr-l0n3lly/CVE-2007-2447 create time: 2022-07-20T08:11:11Z
CVE-2017-7921-EXP Hikvision camera : 201646613/CVE-2017-7921 create time: 2022-07-20T07:07:07Z
no description : Nivaskumark/packages_apps_Settings_CVE-2020-0188_A10_R33 create time: 2022-07-20T04:04:11Z
PoC for CVE-2022-33891 : west-wind/CVE-2022-33891 create time: 2022-07-19T23:16:27Z
PoC for CVE-2022-33891 : west-wind/CVE-2022-33891-POC create time: 2022-07-19T21:52:23Z
Apache Spark Shell Command Injection Vulnerability : HuskyHacks/cve-2022-33891 create time: 2022-07-19T18:52:12Z
samAccountName Spoofing (CVE-2021–42278) & Domain Controller Impersonation (CVE-2021–42287) : IAMinZoho/sAMAccountName-Spoofing create time: 2022-07-19T19:36:14Z
This script will remediate the BootHole bug identified in CVE-2020-25632 and/or CVE-2021-20233. : pauljrowland/BootHoleFix create time: 2022-07-19T18:56:51Z
cve-2022-29455 elementor wordpress plugin xss exploit : alirezasalehizadeh/cve-2022-29455 create time: 2022-07-16T15:29:26Z
no description : abhyanandsharma311099/cve2021-41073 create time: 2022-07-19T14:00:51Z
CVE–2019–8985 Netis WF2411 RCE : Ler2sq/CVE-2019-8985 create time: 2022-07-19T13:30:07Z
📃 A report about CVE-2021-44228 : vidrez/Ethical-Hacking-Report-Log4j create time: 2022-07-19T08:03:05Z
CVE-2021-44228 Log4J multithreaded Mass Exploitation tool compatible with URL/IP lists. : cybersecurityresearcher/CVE-2021-44228-Mass-RCE-Log4j create time: 2022-07-19T07:13:28Z
CVE-2022-26809 is a vulnerability in Remote Procedure Call Runtime : cybersecurityresearcher/CVE-2022-26809-RCE-POC create time: 2022-07-19T07:18:45Z
Unquoted Service Path Asus GameSdk : AngeloPioAmirante/CVE-2022-35899 create time: 2022-07-18T14:06:58Z
Remote Code Execution attacks are one of the most frequent methods employed by cybercriminals to compromise susceptible computers. In the previous year, a serious zero-day vulnerability was identified in Log4j, a java program used by developers for debugging and application modification loggings. This is also a significant vulnerability that affects the so-called Ghidra reverse engineering tool. : tharindudh/Log4j-Vulnerability-in-Ghidra-tool-CVE-2021-44228 create time: 2022-07-18T20:33:10Z
Verifed Proof of Concept on CVE-2022-24086 RCE : Cory65/CVE-2022-24086-POC create time: 2022-07-18T17:49:03Z
This is a revised version of MITRE's CICAT, made for use with modern (2022) ATT&CK and CVE data. : ShayanNGC/MITRE-CICAT-Revised create time: 2022-07-18T17:14:15Z
cve-2022-33891-poc : W01fh4cker/cve-2022-33891 create time: 2022-07-18T16:16:51Z
no description : rbowes-r7/unrar-cve-2022-30333-poc create time: 2022-07-15T22:29:42Z
no description : rwincey/Oracle-GoldenGate---CVE-2016-0451 create time: 2022-07-18T14:08:58Z
no description : ShaikUsaf/ShaikUsaf-frameworks_base_AOSP10_r33_CVE-2022-20138 create time: 2022-07-18T11:36:28Z
no description : ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-20138 create time: 2022-07-18T11:01:39Z
PoC for CVE-2022-23614 (Twig sort filter code execution) : davwwwx/CVE-2022-23614 create time: 2022-07-18T10:14:50Z
CVE-2021-36955 : JiaJinRong12138/CVE-2021-36955-EXP create time: 2022-07-18T07:08:56Z
no description : mchoudhary15/CVE-2022-22029-NFS-Server- create time: 2022-07-18T06:23:53Z
Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. : Shehzadcyber/CVE-2017-7529 create time: 2022-07-18T05:14:55Z
no description : trhacknon/CVE-2022-32119 create time: 2022-07-17T19:20:51Z
nDay exploit for CVE-2021-27239 : WizardsOfTheInternet/CVE-2021-27239 create time: 2022-07-17T18:03:15Z
CVE-2022-24500 Windows SMB Unauthenticated Remote Code Execution Vulnerability : Daro1967/CVE-2022-24500-RCE create time: 2022-07-17T11:25:12Z
no description : ooooooo-q/cve-2022-32224-rails create time: 2022-07-17T04:09:03Z
no description : 5xxxxx-Y/cve-2022 create time: 2022-07-17T08:29:42Z
PoC for CVE-2022–30507 : yosef0x01/CVE-2022-30507 create time: 2022-07-16T15:55:28Z
Zoo Management System 1.0 - Reflected Cross-Site-Scripting (XSS) : AngeloPioAmirante/CVE-2022-31897 create time: 2022-07-16T10:55:32Z
Zoo Management System 1.0 - Stored Cross-Site-Scripting (XSS) : AngeloPioAmirante/CVE-2022-33075 create time: 2022-07-16T10:44:52Z
cve-2022-29455 elementor wordpress plugin xss exploit : alyrezo/cve-2022-29455 create time: 2022-07-16T01:29:13Z
no description : n0v4mx/cve-2021-4034 create time: 2022-07-15T20:58:48Z
🤖 List of useful resources for pentesters and hackers. • Exploits Database: https://www.shodan.io/ http://www.exploit-db.com http://packetstormsecurity.com • Vulnerabilities Database: https://nvd.nist.gov/ http://www.secdocs.org/ https://cve.mitre.org/cve/ http://www.cvedetails.com/ https://www.kb.cert.org/vuls/ http://lwn.net/Vulnerabilities/ http://www.vulnerability-lab.com http://www.securityfocus.com/bid https://secunia.com/community/advisories/search/ http://denimgroup.com/resources-threadfix/ • Hacking Tutorials: http://www.ehacking.net/ http://www.securitytube.net/ http://www.hacking-tutorial.com/ https://www.offensive-security.com/ http://breakthesecurity.cysecurity.org/ http://www.spacerogue.net/wordpress/ https://www.youtube.com/user/Hak5Darren https://www.youtube.com/user/sansinstitute https://vimeo.com/channels/fullscopesecurity http://www.kalitutorials.net/2013/08/kali-linux.html https://www.youtube.com/c/Nahamsec https://www.youtube.com/c/NetworkChuck https://www.youtube.com/c/BittenTech https://www.youtube.com/c/LoiLiangYang https://www.youtube.com/c/DavidBombal https://www.youtube.com/c/LiveOverflow https://www.youtube.com/user/DEFCONConference https://www.youtube.com/c/TheTechCherBD https://www.youtube.com/c/SimplilearnOfficial https://www.youtube.com/c/CyberTraining365official https://en.wikibooks.org/wiki/Metasploit/VideoTutorials • Virus Scan: http://fuckingscan.me/ http://v2.scan.majyx.net/ http://nodistribute.com/ http://www.file2scan.net/ http://anubis.iseclab.org/ https://anonscanner.com/ http://virusscan.jotti.org/it https://www.virustotal.com/nl/ • Tools Download: http://insecure.org/ http://www.kitploit.com/ http://www.toolswatch.org/ http://tools.kali.org/tools-listing http://www.romhacking.net/utilities/ http://www.blackarch.org/tools.html http://www.hackersonlineclub.com/hacking-tools https://www.concise-courses.com/hacking-tools/ https://gexos.github.io/Hacking-Tools-Repository/ http://www.darknet.org.uk/category/hacking-tools/ https://pentest-tools.com/reconnaissance/google-hacking • Network Online Tools: http://bgp.he.net/ http://www.dnswatch.info/ http://www.tcpiputils.com/ http://services.ce3c.be/ciprg/ http://www.yougetsignal.com/ http://www.coffer.com/mac_find/ http://www.nirsoft.net/countryip/ http://www.sockets.com/services.htm https://t.me/thegeeksnetwork • IP Lookup: http://ip-api.com/ http://ipaddress.com http://whatstheirip.com http://www.whatismyip.com/ http://www.ip2location.com/demo http://www.my-ip-neighbors.com/ http://freegeoip.net/static/index.html http://www.ip-adress.com/ipaddresstolocation/ • Join for more - https://t.me/BengalBlackDiamond • Encrypt / Decrypt: http://crypo.in.ua/tools/ http://codebeautify.org/encrypt-decrypt http://www.yellowpipe.com/yis/tools/encrypter/ http://www.tools4noobs.com/online_tools/decrypt/ http://textmechanic.com/Encryption-Generator.html • Online Hash Crackers: http://www.cmd5.org/ http://hashcrack.in/en https://crackstation.net/ http://passcracking.com/ http://md5.rednoize.com/ http://www.hashkiller.co.uk/ http://www.md5online.org/ http://www.md5crack.com/ http://md5decryption.com/ http://www.cloudcracker.net/ https://hdb.insidepro.com/en http://www.onlinehashcrack.com/ http://www.md5this.com/index.php http://www.netmd5crack.com/cracker/ http://www.tydal.nu/article/md5-crack/ https://isc.sans.edu/tools/reversehash.html • Anonymous Test: https://ipleak.net/ https://www.dnsleaktest.com/ https://diafygi.github.io/webrtc-ips/ • Github Resources: https://github.com/backdatedbackdoor/Cyber-Security-Resources https://github.com/blackhatethicalhacking/bugbountytools-methodology https://github.com/0x4rk0/Methodology https://github.com/BugBountyResources/ • Tor check: http://5deqglhxcoy3gbx6.onion - Xenobite http://tmkloc6vhxos3nde.onion • SMS: http://receive-sms-now.com/ http://www.receivesmsonline.net/ http://www.receive-sms-online.info/ • Fake Identity: https://fakena.me/ http://www.fakenamegenerator.com/ http://names.igopaygo.com/people/fake_person আমাদের অফিশিয়াল কমিউনিটিতে যুক্ত হতে টেলিগ্রাম চ্যানেলের লিঙ্ক টি দেয়া হলো - https://t.me/BengalBlackDiamond শুভকামনা সবার জন্য। #Happy_Learning #Stay_Safe #Stay_Secure : rana3333s/rs create time: 2022-07-15T18:26:56Z
PoC for a security: potential path traversal with specific configs, if mod_dirlisting were enabled, which is not the default, this would result in listing the contents of the directory above the alias.. : iveresk/cve-2018-19052 create time: 2022-07-15T11:51:13Z
Just simple PoC for the Atlassian Jira exploit. Provides code execution for unauthorised user on a server. : iveresk/cve-2022-26134 create time: 2022-07-15T10:06:15Z
no description : logm1lo/CVE-2022-0848-RCE create time: 2022-07-15T06:28:21Z
CVE-2022-32119 - Arox-Unrestricted-File-Upload : JC175/CVE-2022-32119 create time: 2022-04-06T04:33:47Z
CVE-2022-32118 - Arox-XSS : JC175/CVE-2022-32118 create time: 2022-04-06T04:12:03Z
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 : bughuntar/log4j-scan create time: 2022-07-15T01:07:56Z
CVE-2021-46422_PoC : twoning/CVE-2021-46422_PoC create time: 2022-07-14T01:10:18Z
CVE-2022-26134-PoC : twoning/CVE-2022-26134-PoC create time: 2022-07-14T01:28:16Z
CVE-2022-26134-PoC : twoning/CVE-2022-26134-PoC create time: 2022-07-13T16:27:04Z
CVE_2022_26134 poc : 2212970396/CVE_2022_26134 create time: 2022-07-13T14:42:33Z
spring data mongodb remote code execution | cve-2022-22980 poc : Vulnmachines/Spring_cve-2022-22980 create time: 2022-07-13T14:07:26Z
CVE-2022-34265 Vulnerability : not-xences/CVE-2022-34265 create time: 2022-07-13T13:02:41Z
CVE-2022-22978 POC Project : aeifkz/CVE-2022-22978 create time: 2022-07-13T12:38:26Z
CVE-2022-22978 Lab Project : aeifkz/CVE-2022-22978 create time: 2022-07-13T09:32:30Z
no description : 0xSojalSec/Nuclei-TemplatesNuclei-Templates-CVE-2017-17736 create time: 2022-07-12T17:04:51Z
no description : nb1b3k/CVE-2022-1421 create time: 2022-07-12T14:34:48Z
no description : Lubnan-Skech/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft create time: 2022-07-12T12:38:46Z
no description : Lubnan-Skech/Jpg-Png-Exploit-Downloader-Fud-Cryter-Malware-Builder-Cve-2022 create time: 2022-07-12T12:30:43Z
no description : Lubnan-Skech/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022 create time: 2022-07-12T12:30:21Z
no description : kmahyyg/CVE-2022-22947 create time: 2022-07-12T08:20:02Z
This is a python script that can be used with Shodan CLI to mass hunting Confluence Servers vulnerable to CVE-2022-26134 : p4b3l1t0/confusploit create time: 2022-07-12T05:34:09Z
H3C_SSL_VPN_XSS(Reflected XSS) CVE-2022-35416 : safe3s/CVE-2022-35416 create time: 2022-07-12T04:35:49Z
PoC verification of Django vulnerability (CVE-2022-34265) : NopFault/CVE-2022-34265 create time: 2022-07-11T11:58:09Z
no description : CDACesec/CVE-2022-31901 create time: 2022-07-11T09:47:16Z
no description : CDACesec/CVE-2022-31901 create time: 2022-07-11T07:16:41Z
Mailcow CVE-2022-31138 : ly1g3/Mailcow-CVE-2022-31138 create time: 2022-07-11T06:53:24Z
no description : trhacknon/CVE-2022-33980-Apache-Commons-Configuration-RCE create time: 2022-07-10T18:29:04Z
Tatsu Plugin ZIP File add_custom_font unrestricted upload : xdx57/CVE-2021-25094 create time: 2022-07-10T17:01:43Z
S2-061/S2-062 Struts2 远程命令执行漏洞 POC&EXP : z92g/CVE-2021-31805 create time: 2022-07-10T14:48:52Z
Heap-based buffer overflow in aswRdr.sys (aka the TDI RDR driver) in avast! Home and Professional 4.8.1356.0 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted arguments to IOCTL 0x80002024. : Exploitables/CVE-2009-4049 create time: 2022-07-10T04:16:16Z
The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, by mapping \Device\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection. : Exploitables/CVE-2019-18845 create time: 2022-07-10T04:19:35Z
The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request. : Exploitables/CVE-2021-27965 create time: 2022-07-10T04:22:55Z
GILANG - Exploiter for CVE-2021-25094 : TUANB4DUT/typehub-exploiter create time: 2022-07-10T02:01:11Z
Fastjson exploit : Expl0desploit/CVE-2022-25845 create time: 2022-07-09T21:56:10Z
Attacks against QUIC (CVE 2022 30591) : efchatz/QUIC-attacks create time: 2022-06-30T18:25:23Z
CVE-2022-23222, managed with Rust. : RafaelOrtizRC/CVE-2022-23222 create time: 2022-07-09T19:28:46Z
no description : deidal0s/instagram_CVE_2019 create time: 2022-07-09T15:22:36Z
Script PoC that exploits the Tentacles upload functionality of OctoBot trading bot and which leads to a remote code execution (RCE). CVE-2021-36711 : Nwqda/Sashimi-Evil-OctoBot-Tentacle create time: 2021-09-14T00:10:30Z
no description : iFreeDomain/CVE-2022-GE54JN-YH34E create time: 2022-07-09T05:33:14Z
no description : mmeza-developer/go--CVE-2018-6574 create time: 2022-07-08T22:47:22Z
Exploiting Android Vulnerability in ES File Explorer : Chethine/EsFileExplorer-CVE-2019-6447 create time: 2022-07-08T14:45:50Z
confluence rce : coskper-papa/CVE-2022-26134 create time: 2022-07-08T12:24:21Z
CVE-2022-33980 Apache Commons Configuration 远程命令执行漏洞 : tangxiaofeng7/CVE-2022-33980-Apache-Commons-Configuration-RCE create time: 2022-07-08T09:25:42Z
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the News Feed module. : bypazs/CVE-2022-34963 create time: 2022-06-28T11:32:28Z
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Group Timeline module. : bypazs/CVE-2022-34962 create time: 2022-06-28T13:18:56Z
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Users Timeline module. : bypazs/CVE-2022-34961 create time: 2022-06-28T13:08:40Z
no description : 9lyph/CVE-2022-29593 create time: 2022-03-04T12:03:33Z
CodoForum v5.1 - File Upload Bypass to RCE (Authenticated) exploit code : Vikaran101/CVE-2022-31854 create time: 2022-07-07T15:33:07Z
BIGIP CVE-2020-5902 Exploit POC and automation scanning vulnerability : z3n70/CVE-2020-5902 create time: 2022-07-07T14:48:08Z
CVE-2022-0847 SUID Shell Backdoor : notl0cal/dpipe create time: 2022-03-14T03:58:21Z
no description : yoloskr/CVE-2017-9841-Scan create time: 2022-07-07T08:57:58Z
no description : aeyesec/CVE-2022-34265 create time: 2022-07-07T07:45:28Z
CVE-2022-26135 : safe3s/-CVE-2022-26135- create time: 2022-07-07T08:28:02Z
no description : KasunPriyashan/CVE-2019_6447-ES-File-Explorer-Exploitation create time: 2022-07-07T06:22:06Z
no description : Satheesh575555/libhwbinder_AOSP10_r33_CVE-2020-0136 create time: 2022-07-07T05:42:42Z
CVE-2021-27850 ysoserial : novysodope/CVE-2021-27850 create time: 2022-07-07T01:42:44Z
A script to change OpenSSL versions on Ubuntu to 1.1.1q to protect against CVE-2022-2097. : PeterThomasAwen/OpenSSLUpgrade1.1.1q-Ubuntu create time: 2022-07-06T19:18:58Z
no description : infobyte/cve-2022-27255 create time: 2022-07-06T17:29:04Z
CVE-2022-32250 - Working Proof of Concept & Patch : 0dayCTF/CVE-2022-32250_PoC create time: 2022-07-06T16:27:05Z
Simple PoC-checker for CVE-2022-31749 by 1vere$k : iveresk/cve-2022-31749 create time: 2022-07-06T09:15:49Z
no description : nidhi7598/packages_apps_Bluetooth_AOSP_10_r33_CVE-2022-20133 create time: 2022-07-06T07:33:51Z
no description : nidhi7598/frameworks_base_AOSP_10_r33_CVE-2022-20138 create time: 2022-07-06T06:55:45Z
CVE-2019-1405 CVE-2019-1322 : signfind/COMahawk create time: 2022-07-06T05:42:14Z
no description : z92g/CVE-2022-0543 create time: 2022-07-06T04:35:59Z
no description : f4yd4-s3c/cve-2022-26134 create time: 2022-07-06T01:27:21Z
no description : rbowes-r7/manageengine-auditad-cve-2022-28219 create time: 2022-07-01T22:40:46Z
Exploit code for Jira Mobile Rest Plugin SSRF (CVE-2022-26135) : assetnote/jira-mobile-ssrf-exploit create time: 2022-06-24T07:55:52Z
no description : PyterSmithDarkGhost/CVE-2022-21449-I2P-TLS-POC create time: 2022-07-05T19:51:39Z
exp of CVE-2022-0847 : edr1412/Dirty-Pipe create time: 2022-07-05T19:22:50Z
no description : GULL2100/Wordpress_xss-CVE-2022-29455 create time: 2022-06-25T20:57:55Z
An eBPF detection program for CVE-2022-0847 : airbus-cert/dirtypipe-ebpf_detection create time: 2022-07-05T07:20:59Z
no description : nidhi7598/frameworks_base_AOSP10_r33_CVE-2022-20135- create time: 2022-07-05T10:15:49Z
no description : nidhi7598/Frameworks_base_AOSP10_r33__CVE-2022-20124- create time: 2022-07-05T08:59:44Z
CVE-2022-29464 Exploit : Pasch0/WSO2RCE create time: 2022-07-05T08:27:04Z
no description : Debajyoti0-0/CVE-2022-26134 create time: 2022-07-05T07:04:50Z
Atlassian Confluence (CVE-2022-26134) - Unauthenticated Remote code execution (RCE) : nxtexploit/CVE-2022-26134 create time: 2022-07-05T04:30:42Z
TOTOLINK-A702R-V1.0.0-B20161227.1023 Directory Indexing Vulnerability : swzhouu/CVE-2020-27368 create time: 2022-07-05T03:14:52Z
SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 Cross Site Scripting (XSS) Vulnerability : swzhouu/CVE-2020-26733 create time: 2022-07-05T03:13:42Z
SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set the Secure flag for the session cookie in an HTTPS session : swzhouu/CVE-2020-26732 create time: 2022-07-05T03:11:54Z
EXP for Spring4Shell(CVE-2022-22965) : D1mang/Spring4Shell-CVE-2022-22965 create time: 2022-07-05T03:03:31Z
no description : TheL1ghtVn/CVE-2022-30333-PoC create time: 2022-07-05T02:35:12Z
no description : trhacknon/CVE-2022-22965 create time: 2022-07-05T02:30:29Z
no description : MuallimNaci/CVE-2022-30887 create time: 2022-07-04T19:24:56Z
Atlassian, CVE-2022-26134 An interactive lab showcasing the Confluence Server and Data Center un-authenticated RCE vulnerability. : r1skkam/TryHackMe-Atlassian-CVE-2022-26134 create time: 2022-07-04T15:00:21Z
Fuzzing, visualization and exploit of sudo vulnerability CVE-2021-3156 : FrancescoMarchiori/CVE-2021-3156 create time: 2022-07-04T13:55:24Z
Apache Solr RCE检测脚本 (CVE-2017-12629) : 77Huan/-Wiki create time: 2022-07-04T13:14:36Z
no description : Satheesh575555/frameworks_base_AOSP10_r33_CVE-2022-20142 create time: 2022-07-04T12:16:05Z
no description : nidhi7598/linux-4.19.72_CVE-2022-30594 create time: 2022-07-04T10:01:05Z
metasploit and python module for CVE-2022-26809 windows rpc rce via smb 445 : Ziggy78/CVE-2022-26809-RCE create time: 2022-07-04T09:22:09Z
CVE-2022-1388, bypassing iControl REST authentication : jbharucha05/CVE-2022-1388 create time: 2022-07-04T06:31:56Z
CVE-2022-30929 POC : AgainstTheLight/CVE-2022-30929 create time: 2022-07-04T05:36:18Z
no description : TonightRanger/cve-2018-9995 create time: 2022-07-04T05:07:57Z
CVE-2022-24706 POC exploit : superzerosec/CVE-2022-24706 create time: 2022-07-04T02:06:27Z
The above investigation of the ES file browser security weakness allows us to see the issue in its entirety : Osuni-99/CVE-2019-6447 create time: 2022-07-03T05:57:14Z
PoC for CVE-2022-24342: account takeover via CSRF in GitHub authentication : yuriisanin/CVE-2022-24342 create time: 2022-07-02T22:04:29Z
Ruby反序列化命令执行漏洞(CVE-2019-5420)-vulfocus通关版 : laffray/ruby-RCE-CVE-2019-5420- create time: 2022-07-02T15:44:03Z
no description : macilin/CVE-2021-21300 create time: 2022-07-02T12:19:21Z
CVE-2022-2185 poc : safe3s/CVE-2022-2185-poc create time: 2022-07-02T07:58:01Z
Proof-of-concept for CVE-2022-26766 on macOS 12.3.1 : zhuowei/CoreTrustDemo create time: 2022-07-02T06:16:33Z
PCIDriverKit proof-of-concept for CVE-2022-26763 : zhuowei/PCICrash create time: 2022-07-02T06:15:29Z
PoC for exploiting CVE-2022-1388 on BIG IP F5 : Luchoane/CVE-2022-1388_refresh create time: 2022-07-01T18:08:50Z
no description : Davi-afk/jenkins-cve-CVE-2017-2606 create time: 2022-07-01T15:43:26Z
CVE-2018-6574: go get RCE PentesterLab : Logan-Elliott/CVE-2018-6574-go-get-RCE create time: 2022-07-01T14:41:47Z
ASUS router exploit : Expl0desploit/CVE-2021-44158 create time: 2022-07-01T14:54:42Z
no description : Satheesh575555/external_aac_AOSP10_r33_CVE-2022-20130 create time: 2022-07-01T13:16:14Z
Apache Tomcat DoS (CVE-2022-29885) Exploit : iveresk/CVE-2022-29885 create time: 2022-07-01T09:02:10Z
Features: -Include silent doc exploit -Several exploits, most are sendable via GMail -Compatible with every rat/keylogger/worm -Compatible with Windows XP - Windows 10 32/64 -FUD (DOC CHM) -Works with every MS Office from 2007 to 2016 (excluding Starter edition - there's no macro support) -Startup -base64 encode : notSMods/Hta-Exploit-Downloader-Malware-Builder create time: 2022-06-30T19:56:40Z
no description : notSMods/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft create time: 2022-06-30T20:06:10Z
no description : notSMods/Jpg-Png-Exploit-Downloader-Fud-Cryter-Malware-Builder-Cve-2022 create time: 2022-06-30T19:57:00Z
no description : notSMods/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022 create time: 2022-06-30T19:56:11Z
no description : Asbatel/CBDS_CVE-2022-0847_POC create time: 2022-06-30T13:07:55Z
Apache Tomcat DoS (CVE-2022-29885) Exploit : 4ra1n/CVE-2022-29885 create time: 2022-04-30T02:30:00Z
Navigate CMS <= 2.9.4 - Server-Side Request Forgery (Authenticated) : cheshireca7/CVE-2022-28117 create time: 2022-04-06T13:27:48Z
no description : vesperp/CVE-2021-42237-SiteCore-XP create time: 2022-06-30T10:44:23Z
GitLab-Graphql-CVE-2020-26413 POC : Kento-Sec/GitLab-Graphql-CVE-2020-26413 create time: 2022-06-30T06:29:28Z
GitLab Graphql邮箱信息泄露漏洞 CVE-2020-26413 POC : Kento-Sec/GitLab-Graphql-CVE-2020-26413 create time: 2022-06-30T06:28:27Z
0.6.18 - 1.20.0 Nginx Memory Overwrite Vulnerability PoC : M507/CVE-2021-23017-PoC create time: 2022-06-30T04:39:58Z
REST API for CVE from years '99-2022 : Vicariss/cve-rest create time: 2022-06-23T17:23:10Z
PoC for exploiting CVE-2022-26134 on Confluence : Luchoane/CVE-2022-26134_conFLU create time: 2022-06-29T17:33:18Z
CVE-2019-9729. Transferred from https://github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation : huangyutange0uywlcn/HyperSine create time: 2022-06-29T15:33:05Z
PoC for ManageEngine ADAudit Plus CVE-2022-28219 : horizon3ai/CVE-2022-28219 create time: 2022-06-26T15:48:27Z
CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability : kh4sh3i/ProxyShell create time: 2022-06-29T12:37:31Z
A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability. : flux10n/CVE-2022-0847-DirtyPipe-Exploits create time: 2022-06-29T12:02:13Z
CVE-2022-30190 powerpoint version : Gra3s/CVE-2022-30190-Follina-PowerPoint-Version create time: 2022-06-29T08:48:12Z
$$$$$$$$$$$$$$$ : Vbedtt54e5/interesting-release-of-CVE-2022-63432 create time: 2022-06-29T08:28:18Z
no description : trhacknon/CVE-2021-25003 create time: 2022-06-29T06:51:36Z
[CVE-2022-22980] Spring Data MongoDB SpEL Expression injection : murataydemir/CVE-2022-22980 create time: 2022-06-28T21:42:35Z
Apache Shiro CVE-2022-32532 : 4ra1n/CVE-2022-32532 create time: 2022-06-28T22:38:30Z
🕵️ CVE-2019-9670 Exploit | XXE in Zimbra Collaboration 8.7.X < 8.7.11p10 : oppsec/arbimz create time: 2022-06-28T20:01:11Z
no description : FedericoHeichou/CVE-2022-32988 create time: 2022-06-05T17:56:29Z
Old exploit for Issue 1076708 : kiks7/CVE-2020-6468-Chrome-Exploit create time: 2022-06-28T16:58:51Z
no description : NBAquicknut/CVE-2018-6574 create time: 2022-06-28T16:36:05Z
Dirty Cow exploit - CVE-2016-5195 : flux10n/dirtycow create time: 2022-06-28T10:08:43Z
工控安全,溯源 : Kvi74/CVE-2022-8475 create time: 2022-06-28T09:00:55Z
红队,蓝队,免杀 : Kvi74/CVE-2022-5561 create time: 2022-06-28T09:00:26Z
ARMember < 3.4.8 - Unauthenticated Admin Account Takeover : biulove0x/CVE-2022-1903 create time: 2022-06-28T08:39:12Z
攻击,免杀 : huihuo123/CVE-2022-5555 create time: 2022-06-28T07:42:17Z
An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400). A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An attacker can send an IRP request to trigger this vulnerability. : Exploitables/CVE-2018-3990-TALOS-2018-0658 create time: 2022-06-28T03:48:09Z
A docker container vulnerable to Shellshock - CVE-2014-6271 : anujbhan/shellshock-victim-host create time: 2022-06-27T21:52:28Z
Test CVE-2018-6574 : Bernasv/CVE-2018-6574 create time: 2022-06-27T21:21:49Z
免杀,攻击,钓鱼,蓝队,木马 : huihuo123/CVE2022-0111- create time: 2022-06-27T15:39:52Z
免杀,木马,攻击,防守 : huihuo123/CVE20222- create time: 2022-06-27T15:19:20Z
no description : huihuo123/cve2022-0001- create time: 2022-06-27T14:46:20Z
ProxyLogon (CVE-2021-26855+CVE-2021-27065) Exchange Server RCE (SSRF->GetWebShell) : kh4sh3i/ProxyLogon create time: 2022-06-27T08:07:48Z
CVE-2022-30136 Unauthenticated RCE in Microsoft Windows Network File System : oturu/CVE-2022-30136-POC create time: 2022-06-26T20:54:02Z
Python exploit for CVE-2021-38314 : c0ff33b34n/CVE-2021-38314 create time: 2022-06-26T17:23:40Z
WPCargo < 6.9.0 - Unauthenticated RCE : biulove0x/CVE-2021-25003 create time: 2022-06-26T13:07:47Z
no description : Viniciuspxf/CVE-2019-10742 create time: 2022-06-26T01:14:56Z
Active Directory scanner for MS17-010 MS14-068 CVE-2020-1472 etc... : hadhub/ad-scanner create time: 2022-06-25T23:12:10Z
Educational Follina PoC Tool : ethicalblue/Follina-CVE-2022-30190-PoC-sample create time: 2022-06-25T16:27:59Z
Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551. : tijme/kernel-mii create time: 2022-06-25T11:13:45Z
CVE-2022-30136 Unauthenticated RCE in Microsoft Windows Network File System : oturu/Cve-2022-30136-RCE create time: 2022-06-25T07:28:34Z
WaterDragon:用GithubAction实现代理功能。红队,cve,代理池,隐匿,攻防,对抗,hackone,src,proxy,CVE-2020,CVE-2021,CVE-2022 : sh3d0ww01f/WaterDragon create time: 2022-06-20T15:38:53Z
no description : zeroc00I/CVE-2022-34305 create time: 2022-06-25T05:49:55Z
Nacos下Spring-Cloud-Gateway CVE-2022-22947利用 : B0rn2d/Spring-Cloud-Gateway-Nacos create time: 2022-06-25T05:02:06Z
CVE-2021-26855 : TheDudeD6/ExchangeSmash create time: 2022-06-24T17:42:28Z
no description : cyb3rpeace/CVE-2021-34527 create time: 2022-06-24T13:25:25Z
CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) : arvindshima/CVE-2021-3156 create time: 2022-06-24T11:50:40Z
Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134) : ColdFusionX/CVE-2022-26134 create time: 2022-06-24T10:33:13Z
CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) : arvindshima/CVE-2021-3156 create time: 2022-06-24T09:01:39Z
Cisco ASA XSS CVE-2020-3580 : cruxN3T/CVE-2020-3580 create time: 2022-06-24T02:16:05Z
Mass-Exploit-CVE-2022-1388 : electr0lulz/Mass-CVE-2022-1388 create time: 2022-06-24T00:58:37Z
Tested in HackTheBox - Shocker (Easy) CVE-2014-6271 : Gurguii/shellshock.sh create time: 2022-06-23T19:42:03Z
Admin account registration in Online Student Rate System : StefanDorresteijn/CVE-2021-39409 create time: 2021-08-17T16:48:53Z
XSS vulnerability in Online Student Rate System1.0 : StefanDorresteijn/CVE-2021-39408 create time: 2021-08-17T16:45:06Z
no description : PenteraIO/CVE-2022-23222-POC create time: 2022-06-22T14:01:50Z
Exploit for zerologon cve-2020-1472 : lele8/CVE-2020-1472 create time: 2022-06-23T07:18:17Z
Mass Exploit for CVE 2022-29464 on Carbon : electr0lulz/Mass-exploit-CVE-2022-29464 create time: 2022-06-22T20:58:33Z
CVE-2022-9673 : CVE-2099-2222/CVE-2022-9673 create time: 2022-06-22T10:09:42Z
CVE-2022-22980 漏洞靶场(扫描器可使用) : jweny/cve-2022-22980-exp create time: 2022-06-22T07:51:22Z
CVE-2022-22980环境 : li8u99/Spring-Data-Mongodb-Demo create time: 2022-06-22T07:39:42Z
IceWarp WebMail 11.4.4.1 - Reflective Cross-Site Scripting : trhacknon/CVE-2020-8512 create time: 2022-06-22T07:10:53Z
Spring Data MongoDB SpEL表达式注入漏洞(CVE-2022-22980) Demo环境 : li8u99/Spring-Data-Mongodb-Demo create time: 2022-06-22T06:27:43Z
(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call. : Exploitables/CVE-2015-2291 create time: 2022-06-22T05:22:57Z
no description : trhacknon/CVE-2020-17519 create time: 2022-06-22T03:53:52Z
CVE-2022-111111测试 : thelostworldFree/CVE-2022-111111 create time: 2022-06-21T13:35:55Z
CVE-2022-22980环境 : kuron3k0/Spring-Data-Mongodb-Example create time: 2022-06-21T12:02:00Z
[PoC] Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE) : kh4sh3i/CVE-2022-26134 create time: 2022-06-21T11:49:48Z
Poc of CVE-2022-22980 : trganda/CVE-2022-22980 create time: 2022-06-21T11:39:13Z
no description : delicateByte/CVE-2019-19945_Test create time: 2022-06-21T09:07:10Z
cve-2021-22005vcenter任意文件上传漏洞,可直接上传冰蝎 : InventorMAO/cve-2021-22005 create time: 2022-06-21T07:36:01Z
Windows Network File System Crash PoC : i6c/CVE-2022-26937 create time: 2022-06-21T00:12:32Z
[CVE-2018-4084] : dybrkr/wifi_leak create time: 2022-06-20T21:10:22Z
Telesquare SDT-CW3B1 1.1.0 - OS Command Injection : Chocapikk/CVE-2021-46422 create time: 2022-06-20T19:24:55Z
Golang implementation of CVE-2019-17662 TinyVNC Arbitrary File Read leading to Authentication Bypass Exploit : Tamagaft/CVE-2019-17662 create time: 2022-06-19T16:33:04Z
CVE-2022-1388 | F5 - Big IP Pre Auth RCE via '/mgmt/tm/util/bash' endpoint : Chocapikk/CVE-2022-1388 create time: 2022-06-20T01:58:40Z
burpsuite 的Spring漏洞扫描插件。SpringVulScan:支持检测:路由泄露|CVE-2022-22965|CVE-2022-22963|CVE-2022-22947|CVE-2016-4977 : tpt11fb/SpringVulScan create time: 2022-06-19T13:16:55Z
「💥」CVE-2022-26134 - Confluence Pre-Auth RCE : AmoloHT/CVE-2022-26134 create time: 2022-06-19T13:50:22Z
CVE-2022-30136 Unauthenticated RCE in Microsoft Windows Network File System : zir0x00/CVE-2022-30136-MASS-RCE create time: 2022-06-19T12:13:41Z
MSDT 0-Day Mass Exploitation Tool : zir0x00/CVE-2022-30190-MASS-RCE create time: 2022-06-19T12:10:10Z
CVE-2021-40903 : vulnz/CVE-2021-40903 create time: 2022-06-19T09:01:24Z
no description : PyterSmithDarkGhost/0DAYIPHONE13IOS15.2CVE-2022-22588 create time: 2022-06-19T04:24:54Z
no description : wlensinas/CVE-2002-1614 create time: 2022-06-18T18:43:35Z
no description : PyterSmithDarkGhost/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection-main create time: 2022-06-18T14:42:04Z
PoC for CVE-2022-26809, analisys and considerations are shown in the github.io. : s1ckb017/PoC-CVE-2022-26809 create time: 2022-06-13T11:08:33Z
Research project which I have started working on during my internship conducted at LIF, between April and June 2022. Our goal is to establish a machine learning model, which can predict efficiently if a CVE will be exploited in the wild or not. : rayan776/LIF_predict_cve_exploited create time: 2022-06-18T08:59:05Z
no description : xCodeBossS/CodeBoss-CVE-2022 create time: 2022-06-18T01:53:37Z
metasploit module for CVE-2022-26809 windows rpc rce via smb 445 : Ziggy78/CVE-2022-26809-POC create time: 2022-06-17T20:47:07Z
no description : InitRoot/CVE-2022-23342 create time: 2022-06-17T19:46:45Z
CVE-2021-43229 Walkthrough : Citizen13X/CVE-2021-43229 create time: 2022-06-07T13:32:17Z
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013. : pwn3z/CVE-2021-41773-Apache-RCE create time: 2022-06-17T13:36:42Z
unauthorized RcE exploit for webnin < 1.920 : psw01/CVE-2019-15107_webminRCE create time: 2022-06-17T12:04:38Z
Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite Plus 2010 allows local users to cause a denial of service (pool corruption) and execute arbitrary code via crafted arguments to the 0x88000080 IOCTL, which triggers a buffer overflow. : Exploitables/CVE-2010-4502 create time: 2022-06-17T02:39:13Z
Windows Network File System Crash PoC : omair2084/CVE-2022-26937 create time: 2022-06-17T01:42:55Z
URL Infection (Silent Java Drive By) URL Infection Exploit Silent Java Drive by downloads may happen when visiting a site, opening an e-mail message. It may even happen by clicking on a malicious pop-up window: by clicking on the window in the belief that it concerns an error report from the computer’s OS, for example. : Dexie619/Slient-Url-Exploit-New-Cve-Chrome-Exploit-Html-Downloader-Put-Your-Link create time: 2022-06-16T19:45:02Z
CVE-2022-30136 Unauthenticated RCE in Microsoft Windows Network File System : oturu/Cve-2022-30136-RCE create time: 2022-06-16T21:16:53Z
no description : 34dsfsdf4/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft create time: 2022-06-16T19:52:25Z
no description : 34dsfsdf4/Jpg-Png-Exploit-Downloader-Fud-Cryter-Malware-Builder-Cve-2022 create time: 2022-06-16T19:43:58Z
no description : 34dsfsdf4/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022 create time: 2022-06-16T19:43:00Z
CVE-2022-26757 discovered by @nedwill : Dylbin/flow_divert create time: 2022-06-16T14:58:25Z
关于漂亮鼠的那些精彩事迹(变态的油腻大叔)CVE-2022-6969、CVE-2022-0001 : piaoliangshu/piaoliangshusb create time: 2022-06-16T11:58:36Z
A Insecure direct object references (IDOR) vulnerability in "Simple 2FA Plugin for Moodle" by LMS Doctor : FlaviuPopescu/CVE-2022-28986 create time: 2022-06-16T08:52:28Z
RCE from phpunit 5.6.2 : Invertebr4do/cve-2017-9841 create time: 2022-06-16T06:22:03Z
no description : 0xF331-D3AD/CVE-2012-2982 create time: 2022-06-16T01:59:28Z
follina zero day vulnerability to help Microsoft to mitigate the attack : Cerebrovinny/follina-CVE-2022-30190 create time: 2022-06-15T22:49:21Z
Reflected XSS on /link.cgi/ in Latest Webmin (1.994) : bl4ckmenace/CVE-2022-30709 create time: 2022-06-15T17:46:38Z
no description : Haniwa0x01/CVE-2022-30023 create time: 2022-06-15T16:10:49Z
IOC List : bengisugun/CVE-2022-22972- create time: 2022-06-15T12:34:20Z
no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20004 create time: 2022-06-15T10:29:03Z
These are the source codes of the Python scripts to apply the temporary protection against the CVE-2022-30190 vulnerability (Follina) : SrCroqueta/CVE-2022-30190_Temporary_Fix_Source_Code create time: 2022-06-12T11:48:22Z
These are two Python scripts compiled to easily and quickly apply temporary protection against the CVE-2022-30190 vulnerability (Follina) : SrCroqueta/CVE-2022-30190_Temporary_Fix create time: 2022-06-11T11:16:56Z
no description : notherealhazard/follina-CVE-2022-30190 create time: 2022-06-15T09:13:05Z
some work for exploits cve-2020-2555\2883\14645 to attack ,draw lessons from Weblogic_cmd : minhangxiaohui/Weblogic_Coherence_exploit create time: 2022-06-15T08:28:52Z
This repository is developed to understand CVE-2019-6447 : VinuKalana/CVE-2019-6447-Android-Vulnerability-in-ES-File-Explorer create time: 2022-06-15T05:32:34Z
no description : p4tq/hikvision_CVE-2017-7921_auth_bypass_config_decryptor create time: 2022-06-15T03:49:05Z
Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files : MalwareTech/FollinaExtractor create time: 2022-06-15T02:22:53Z
CVE-2022-22620: Use-after-free in Safari : kmeps4/CVE-2022-22620 create time: 2022-06-14T22:08:14Z
no description : ahaShiyu/CVE-2018-15856 create time: 2022-06-14T19:32:35Z
no description : ahaShiyu/CVE-2018-18839 create time: 2022-06-14T19:21:37Z
no description : ahaShiyu/CVE-2018-19854 create time: 2022-06-14T19:11:55Z
no description : ahaShiyu/CVE-2018-20175 create time: 2022-06-14T19:07:33Z
no description : ahaShiyu/CVE-2019-3560 create time: 2022-06-14T18:47:10Z
no description : ahaShiyu/CVE-2019-12874 create time: 2022-06-14T15:10:15Z
no description : ahaShiyu/CVE-2019-1010319 create time: 2022-06-14T14:42:12Z
WebLogic CNVD-C-2019_48814 CVE-2017-10271 Scan By 7kbstorm : KKsdall/7kbstormq create time: 2022-06-14T12:55:53Z
writeup and poc for [CVE-2022-26809] CVE-2022-26809 Vulnerabillity in cre windows componen(RPC) with a high cvss score of 9.8 : scoobydoobi/CVE-2022-26809-POC-RCE create time: 2022-06-14T12:53:36Z
no description : ernestak/Sigma-Rule-for-CVE-2022-30190 create time: 2022-06-14T09:27:37Z
I wrote a blog post about Apache CouchDB CVE-2022-24706 RCE Exploits : ahmetsabrimert/Apache-CouchDB-CVE-2022-24706-RCE-Exploits-Blog-post- create time: 2022-06-14T08:34:11Z
no description : ernestak/CVE-2022-30190 create time: 2022-06-14T08:29:40Z
no description : l00neyhacker/CVE-2021-40650 create time: 2022-06-13T23:43:19Z
no description : l00neyhacker/CVE-2021-40649 create time: 2022-06-13T23:33:20Z
CVE-2022-26134 - Pre-Auth Remote Code Execution via OGNL Injection : Chocapikk/CVE-2022-26134 create time: 2022-06-13T23:01:39Z
Python file scanner created in 2021 scanning for known and potential vulns : XxToxicScriptxX/CVE-2022-30190 create time: 2022-06-13T21:32:45Z
A python based exploit for CVE-2022-30525 : ProngedFork/CVE-2022-30525 create time: 2022-06-13T21:11:54Z
Haraj Script 3.7 - Post Ads Authenticated Stored XSS : bigzooooz/CVE-2022-31301 create time: 2022-06-13T19:47:04Z
Haraj Script 3.7 - DM Section Authenticated Stored XSS : bigzooooz/CVE-2022-31300 create time: 2022-06-13T19:42:37Z
Haraj Script 3.7 - Reflected XSS : bigzooooz/CVE-2022-31299 create time: 2022-06-13T19:32:23Z
Haraj Script 3.7 - Authenticated Stored XSS : bigzooooz/CVE-2022-31298 create time: 2022-06-13T19:30:12Z
Haraj Script 3.7 - Reflected XSS : bigzooooz/CVE-2022-31297 create time: 2022-06-13T19:25:41Z
Online Discussion Forum Site 1.0 - Blind SQL Injection : bigzooooz/CVE-2022-31296 create time: 2022-06-13T19:21:04Z
no description : bigzooooz/CVE-2022-31295 create time: 2022-06-13T19:16:13Z
no description : bigzooooz/CVE-2022-31294 create time: 2022-06-13T19:03:04Z
no description : randorisec/CVE-2022-1972-infoleak-PoC create time: 2022-06-10T13:15:20Z
dvb-2022-MaksimsCvetkovs created by GitHub Classroom : MaksimsCvetkovs/2022-DP3-3-MaksimsCvetkovs create time: 2022-05-15T08:02:39Z
To determine if an APK is vulnerable to CVE-2017-13156 : M507/CVE-2017-13156 create time: 2022-06-10T23:32:29Z
Safenet Authentication Client Privilege Escalation - CVE-2021-42056 : z00z00z00/Safenet_SAC_CVE-2021-42056 create time: 2021-11-18T14:27:06Z
Missing Authentication on Critical component CVE-2021-38540 : Captain-v-hook/PoC-for-CVE-2021-38540- create time: 2022-06-13T11:43:26Z
4.9 Kernel Exploit for CVE-2020-27786 : kiks7/CVE-2020-27786-Kernel-Exploit create time: 2022-06-13T08:04:19Z
An Unofficial Patch Follina CVE-2022-30190 (patch) by micrisoft Guidelines. for more details goto : https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/ : SonicWave21/Follina-CVE-2022-30190-Unofficial-patch- create time: 2022-06-13T04:20:02Z
no description : trhacknon/CVE-2021-3156 create time: 2022-06-13T02:40:36Z
CVE-2022-26134 - Confluence Pre-Auth Remote Code Execution via OGNL Injection : Chocapikk/CVE-2022-26134 create time: 2022-06-12T22:40:15Z
I'm trying : 1SeaMy/CVE-2022-22954 create time: 2022-06-12T21:41:38Z
no description : trhacknon/CVE-2022-26134-bis create time: 2022-06-12T21:26:17Z
no description : trhacknon/CVE-2022-26134 create time: 2022-06-12T20:24:36Z
no description : ahmetfurkans/CVE-2022-22718 create time: 2022-06-12T20:18:00Z
no description : seymanurmutlu/CVE-2022-24086-CVE-2022-24087 create time: 2022-06-12T19:54:16Z
CVE 2022-21449 : fundaergn/CVE-2022-21449 create time: 2022-06-12T19:41:48Z
A OS Command Injection Vulnerability in the CGI Program of Zyxel : furkanzengin/CVE-2022-30525 create time: 2022-06-12T19:04:41Z
Python3 code to CVE-2019-15107 and CVE-2019-15231 : NullBrunk/WebminExploit create time: 2022-06-12T15:31:38Z
Practicing technical writing with researching CVE-2022-22954 VMware Workspace ONE Access RCE vulnerability. : arzuozkan/CVE-2022-22954 create time: 2022-06-11T14:39:57Z
no description : mel1huc4r/CVE-2022-31983 create time: 2022-06-12T14:59:01Z
no description : heavenswill/CVE-2022-32013 create time: 2022-06-12T13:15:58Z
Log4Shell CVE-2021-44228 Demo : ra890927/Log4Shell-CVE-2121-44228-Demo create time: 2022-06-12T10:57:07Z
Axios Redos (CVE-2021-3749) proof of concept : T-Guerrero/axios-redos create time: 2022-06-12T03:06:45Z
CVE-2022-24806 and CVE-2022-24807 are an unauthenticated RCE vulnerability in magento and adobe commerce : oturu/CVE-2022-24806-MASS-RCE create time: 2022-06-11T18:59:00Z
CVE-2021-35576 : emad-almousa/CVE-2021-35576 create time: 2022-06-11T17:36:01Z
proof of concept to CVE-2022-30190 (follina) : AmitNiz/follina_cve_2022-30190 create time: 2022-06-10T14:57:17Z
writeup and poc for [CVE-2022-26809] : scoobydoobi/CVE-2022-26809-RCE create time: 2022-06-11T13:22:45Z
CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina : safakTamsesCS/PicusSecurity4.Week.Repo create time: 2022-06-10T12:09:37Z
Exploit for CVE-2017-12561: dbman Opcode 10012 Use-After-Free Remote Code Execution : whokilleddb/CVE-2017-12561-Exploit create time: 2022-06-11T11:00:42Z
no description : trhacknon/CVE-2022-30075 create time: 2022-06-11T07:04:55Z
[CVE-2022-26134] Attlasian Confluence RCE : KeepWannabe/BotCon create time: 2022-06-10T18:07:16Z
this is my simple article about CVE 2022-30190 (Follina) analysis. I use the lab from Letsdefend. : Abdibimantara/CVE-2022-30190-Analysis-With-LetsDefends-Lab create time: 2022-06-10T16:29:07Z
no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20004 create time: 2022-06-10T12:23:08Z
no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20005 create time: 2022-06-10T11:56:59Z
no description : google-mirror/CVE-2022-1966 create time: 2022-06-10T11:34:25Z
NEW EXPLOIT FOR TP LINK : SAJIDAMINE/CVE-2022-30075 create time: 2022-06-10T11:09:30Z
[CVE-2022-26134] Confluence Pre-Auth Object-Graph Navigation Language (OGNL) Injection : murataydemir/CVE-2022-26134 create time: 2022-06-10T09:52:22Z
no description : warmachine-57/CVE-2021-44582 create time: 2022-06-10T08:32:28Z
CVE-2022-26134, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. This is CVE-2022-26134 expoitation script : sunny-kathuria/exploit_CVE-2022-26134 create time: 2022-06-10T08:57:30Z
PoC for Sourcegraph Gitserver < 3.37.0 RCE : Altelus1/CVE-2022-23642 create time: 2022-06-10T06:12:15Z
CVE-2018-17240 : BBge/CVE-2018-17240 create time: 2022-06-10T04:34:17Z
no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20007 create time: 2022-06-10T04:26:02Z
hello : buff07/CVE-2022-31403 create time: 2022-06-10T03:25:56Z
CVE-2022-31402 : YavuzSahbaz/CVE-2022-31402 create time: 2022-06-10T03:23:58Z
check CVE-2021-40438 : gassara-kys/CVE-2021-40438 create time: 2022-06-10T00:46:58Z
Mitigation for CVE-2022-30190 : k508/CVE-2022-30190 create time: 2022-06-10T00:23:11Z
no description : 34dsfsdf4/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft create time: 2022-06-09T21:38:51Z
no description : 34dsfsdf4/Jpg-Png-Exploit-Downloader-Fud-Cryter-Malware-Builder-Cve-2022 create time: 2022-06-09T21:31:49Z
no description : 34dsfsdf4/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022 create time: 2022-06-09T21:30:54Z
no description : Trhackno/CVE-2022-23808 create time: 2022-06-09T17:34:46Z
Python exploit for CVE-2011-2523 (VSFTPD 2.3.4 Backdoor Command Execution) : 0xSojalSec/-CVE-2011-2523 create time: 2022-06-09T16:25:25Z
Bash poc for CVE-2022-1609 WordPress Weblizar Backdoor : 0xSojalSec/-CVE-2022-1609 create time: 2022-06-09T14:36:55Z
no description : SamuelGaudemer/POC_CVE-2020-11898 create time: 2022-06-09T13:42:01Z
Information and Scripts to remediate and restore functionality for CVE 2022 30190 : ToddMaxey/CVE-2022-30190 create time: 2022-06-09T13:19:23Z
no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20007 create time: 2022-06-09T11:13:18Z
Repository containing the compromised certificate seen in recent CVE-2022-30190 (Follina) attacks. : b401/Clickstudio-compromised-certificate create time: 2022-06-09T10:03:06Z
Exploit Microsoft Zero-Day Vulnerability Follina (CVE-2022-30190) : Hrishikesh7665/Follina_Exploiter_CLI create time: 2022-06-09T09:32:10Z
CVE-2022-26134 : cai-niao98/CVE-2022-26134 create time: 2022-06-09T02:11:58Z
Exploit modificado para el tito Eu : CronoX1/CVE-2021-4034 create time: 2022-06-08T20:00:39Z
writeup and poc for cve-2022-26809 : scoobydoobi/CVE-2022-26809-RCE-POC create time: 2022-06-08T17:22:21Z
# CVE-2019-1205 Silent Exploit 
no description : emrekara369/cve-2019-12461 create time: 2022-06-08T16:20:44Z
no description : emrekara369/cve-2019-1246 create time: 2022-06-08T16:20:34Z
no description : alpernae/CVE-2022-28132 create time: 2022-06-08T16:19:47Z
Microsoft vulnerability for CVE 2019-1205 in 2022. : razordeveloper/CVE-2019-1205 create time: 2022-06-08T15:51:36Z
no description : sentrium-security/Follina-Workaround-CVE-2022-30190 create time: 2022-06-08T14:20:50Z
no description : Trhackno/CVE-2022-1609 create time: 2022-06-08T11:28:08Z
Proof of Concept of CVE-2022-30190 : Malwareman007/Deathnote create time: 2022-06-08T10:58:23Z
Spring Cloud Gateway 远程代码执行漏洞 Spring_Cloud_Gateway_RCE_POC-CVE-2022-22947 : YDH777/CVE-2022-22947-POC create time: 2022-06-08T09:52:23Z
Atlassian confluence unauthenticated ONGL injection remote code execution scanner (CVE-2022-26134). : redhuntlabs/ConfluentPwn create time: 2022-06-08T04:53:31Z
no description : motherfucker12138/CVE-2020-0796_SMBGhost create time: 2022-06-08T07:52:26Z
no description : hou5/CVE-2022-26134 create time: 2022-06-08T07:54:56Z
Exploit vulnerabilities and vulnerability prevention implementation : TrG-1999/DetectPacket-CVE-2017-8464 create time: 2022-06-08T01:39:48Z
Proof of concept of the Log4Shell vulnerability (CVE-2021-44228) : jaehnri/CVE-2021-44228 create time: 2022-06-08T01:09:28Z
This project files demostrate a proof-of-concept of log4j vulnerability (CVE-2021-44228) on AWS using Terraform Infrastructure-as-a-code means. : moshuum/tf-log4j-aws-poc create time: 2022-06-07T13:30:37Z
PoC exploit for Tp-Link AX50 (CVE-2022-30075) : aaronsvk/CVE-2022-30075 create time: 2022-06-07T23:26:47Z
Server to host/activate Follina payloads & generator of malicious Word documents exploiting the MS-MSDT protocol. (CVE-2022-30190) : dsibilio/follina-spring create time: 2022-06-07T22:46:23Z
no description : PyterSmithDarkGhost/0DAYEXPLOITAtlassianConfluenceCVE-2022-26134 create time: 2022-06-07T19:59:55Z
CVE-2020-0796 explanation and researching vulnerability for term porject CENG325 : arzuozkan/CVE-2020-0796 create time: 2022-06-07T17:16:16Z
Notes related to CVE-2022-30190 : abhirules27/Follina create time: 2022-06-07T17:11:57Z
no description : Y000o/Confluence-CVE-2022-26134 create time: 2022-06-07T16:42:36Z
Simple Honeypot for Atlassian Confluence (CVE-2022-26134) : SIFalcon/confluencePot create time: 2022-06-06T15:44:24Z
CVE-2021-41773 | Apache HTTP Server 2.4.49 is vulnerable to Path Traversal and Remote Code execution attacks : hab1b0x/CVE-2021-41773 create time: 2022-06-07T11:22:08Z
Atlassian Confluence- Unauthenticated OGNL injection vulnerability (RCE) : hab1b0x/CVE-2022-26134 create time: 2022-06-07T11:55:37Z
Apache 2.4.49 RCE CVE-2021-41773 in Ruby : hab1b0x/CVE-2021-41773 create time: 2022-06-07T10:38:23Z
Exploit for CVE-2022-26134: Confluence Pre-Auth Remote Code Execution via OGNL Injection : whokilleddb/CVE-2022-26134-Confluence-RCE create time: 2022-06-07T11:17:25Z
CVE-2022-26134 Confluence OGNL Injection POC : alcaparra/CVE-2022-26134 create time: 2022-06-07T10:36:11Z
Microsoft Support Diagnostic Tool (CVE-2022-30190) : joshuavanderpoll/CVE-2022-30190 create time: 2022-06-07T10:07:52Z
CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation : tr3ee/CVE-2022-23222 create time: 2022-06-07T03:20:23Z
no description : BeichenDream/CVE-2022-26134-Godzilla-MEMSHELL create time: 2022-06-07T09:19:02Z
Implementation of CVE-2022-26134 : reubensammut/cve-2022-26134 create time: 2022-06-07T08:58:07Z
Atlassian Confluence 远程代码执行漏洞(CVE-2022-26134) : li8u99/CVE-2022-26134 create time: 2022-06-07T06:57:02Z
C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode in… : 1342486672/Flangvik create time: 2022-06-07T02:09:10Z
no description : vesperp/CVE-2022-26134-Confluence create time: 2022-06-07T02:16:56Z
no description : PsykoDev/CVE-2022-26134 create time: 2022-06-06T16:45:35Z
Désactivation du protocole MSDT URL (CVE-2022-30190) avec gestion des erreurs et de l'exit code pour un déploiement en masse : Rojacur/FollinaPatcherCLI create time: 2022-06-06T16:25:41Z
CVE-2022-0847 used to achieve container escape : greenhandatsjtu/CVE-2022-0847 create time: 2022-06-04T08:31:32Z
no description : Satheesh575555/system_bt_AOSP10_r33_CVE-2021-0589 create time: 2022-06-06T12:13:41Z
Exploit in Rails Development Mode. With some knowledge of a target application it is possible for an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit. : PenTestical/CVE-2019-5420 create time: 2022-06-06T10:01:35Z
Microsoft MS-MSDT Follina (0-day Vulnerability) CVE-2022-30190 Attack Vector : IamVSM/msdt-follina create time: 2022-06-06T09:17:25Z
This repository talks about Zero-Day Exploitation of Atlassian Confluence, it's defense and analysis point of view from a SecOps or Blue Team perspective : archanchoudhury/Confluence-CVE-2022-26134 create time: 2022-06-06T06:16:47Z
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet. : RakeshShinde97/CVE-2004-0230-TCP-Sequence-Number-Approximation-Based-Denial-of-Service create time: 2022-06-06T04:30:03Z
Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134) : h3v0x/CVE-2022-26134 create time: 2022-06-06T02:43:06Z
no description : Trhackno/CVE-2021-35064 create time: 2022-06-06T00:14:54Z
Proof of Concept/Test for CVE-2022-24713 on Ubuntu : ItzSwirlz/CVE-2022-24713-POC create time: 2022-06-05T22:17:00Z
Challenge for you all to prove that CVE-2022–29622 is not false : keymandll/CVE-2022-29622 create time: 2022-06-05T22:15:21Z
no description : abhishekmorla/CVE-2022-26134 create time: 2022-06-05T20:35:38Z
no description : 0xAgun/CVE-2022-26134 create time: 2022-06-05T18:23:20Z
no description : rodnt/CVE_2022_26134-detect create time: 2022-06-05T17:44:20Z
no description : diurs/CVE-2020-24186-wordpress-wpDiscuz create time: 2022-06-05T17:08:55Z
no description : ItsNee/Folina-CVE-2022-30190-POC create time: 2022-06-05T13:54:04Z
CVE-2022-26134 : 1rm/Confluence-CVE-2022-26134 create time: 2022-06-05T13:51:39Z
Atlassian confluence poc : axingde/CVE-2022-26134 create time: 2022-06-05T13:41:25Z
no description : Vulnmachines/Confluence-CVE-2022-26134 create time: 2022-06-05T12:23:34Z
no description : tej7gandhi/CVE-2022-30190-Zero-Click-Zero-Day-in-msdt create time: 2022-06-05T08:52:11Z
cve2022-26134 : 0x14dli/cve2022-26134exp create time: 2022-06-05T03:11:50Z
Wordpress Plugin WP User Frontend < 3.5.26 - SQL-Injection (Authenticated) : 0xAbbarhSF/CVE-2021-25076 create time: 2022-06-04T21:22:10Z
A file upload restriction bypass vulnerability in Pluck CMS before 4.7.13 allows an admin privileged user to gain access in the host through the "manage files" functionality, which may result in remote code execution. : 0xAbbarhSF/CVE-2020-29607 create time: 2022-06-04T21:09:38Z
Dump SQL database version on host running Casdoor < 1.13.1 : 0xAbbarhSF/CVE-2022-24124 create time: 2022-06-04T21:01:22Z
no description : DerZiad/CVE-2022-30190 create time: 2022-06-04T19:48:37Z
CVE-2022-29464 PoC for WSO2 products : jimidk/Better-CVE-2022-29464 create time: 2022-06-04T16:46:52Z
PoC of CVE-2022-22978 vulnerability in Spring Security framework : ducluongtran9121/CVE-2022-22978-PoC create time: 2022-06-04T16:57:18Z
Remote Access Shell for Windows (based on cve-2021-30190) : CyberTitus/Follina create time: 2022-06-04T14:18:38Z
【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134。 : W01fh4cker/Serein create time: 2022-05-31T07:44:01Z
no description : Sakura-nee/CVE-2022-26134 create time: 2022-06-04T13:02:10Z
no description : e4r23fd/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft create time: 2022-06-04T11:44:51Z
CVE-2022-26133 Exploit : 0xAbbarhSF/CVE-2022-26133 create time: 2022-06-04T11:31:48Z
CVE-2021-3129 : 914525753/Laravel-CVE-2021-3129 create time: 2022-06-04T10:58:47Z
Confluence OGNL expression injected RCE(CVE-2022-26134) poc and exp : SNCKER/CVE-2022-26134 create time: 2022-06-04T11:16:28Z
Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability PoC : shamo0/CVE-2022-26134 create time: 2022-06-04T10:44:38Z
(CVE-2022-26134)an unauthenticated and remote OGNL injection vulnerability resulting in code execution in the context of the Confluence server : Brucetg/CVE-2022-26134 create time: 2022-06-04T10:27:50Z
CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15 : 812262605/mai-lang-chain create time: 2022-06-04T06:23:52Z
no description : kyxiaxiang/CVE-2022-26134 create time: 2022-06-04T05:46:48Z
no description : Trhackno/XSS-CVE-2022-30489 create time: 2022-06-04T02:31:50Z
CVE-2021-45022 and CVE-2021-45024 : cptsticky/xxe-zena create time: 2022-06-04T01:46:53Z
Atlassian Confluence (CVE-2022-26134) - Unauthenticated Remote Code Execution (RCE) : Nwqda/CVE-2022-26134 create time: 2022-06-03T21:07:30Z
no description : Trhackno/CVE-2022-26133 create time: 2022-06-03T19:25:18Z
CVE-2022-26134 - Confluence Pre-Auth RCE | OGNL injection : crowsec-edtech/CVE-2022-26134 create time: 2022-06-03T19:24:30Z
no description : Trhackno/CVE-2020-29597 create time: 2022-06-03T19:12:57Z
CVE-2022-26134 ATLASIAN CONFULENCE UNAUTHETICATED RCE : oturu/CVE-2022-26134-POC create time: 2022-06-03T18:32:35Z
CVE-2022-26134 Proof of Concept : jbaines-r7/through_the_wire create time: 2022-06-03T13:59:19Z
no description : TanmoyG1800/CVE-2021-4034 create time: 2022-06-03T17:03:44Z
Generate SSRF payloads : MKSx/CVE-2021-22054 create time: 2022-06-03T14:06:02Z
CVE-2022-26134 an Unauthenticated Remote Code Execution in Atlassian Confluence (CVE-2022-26134) : konjo4/CVE-2022-26134 create time: 2022-06-03T14:12:58Z
no description : e4r23fd/Jpg-Png-Exploit-Downloader-Fud-Cryter-Malware-Builder-Cve-2022 create time: 2022-06-03T14:09:22Z
no description : th3b3ginn3r/CVE-2022-26134-Exploit-Detection-on-Linux create time: 2022-06-03T13:52:14Z
0-DAY: Unauthenticated Remote Code Execution in Atlassian Confluence (CVE-2022-26134). : cve-hunter/CVE-2022-26134 create time: 2022-06-03T13:42:32Z
Spring exploit (LIMITED COPIES) : Expl0desploit/CVE-2022-22965 create time: 2022-06-03T12:56:08Z
no description : e4r23fd/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022 create time: 2022-06-03T12:53:14Z
CVE-2022-26134 vuln domains : s0rtega/CVE-2022-26134_vuln create time: 2022-06-03T10:38:51Z
0-DAY: Unauthenticated Remote Code Execution in Atlassian Confluence (CVE-2022-26134). : CyberDonkyx0/CVE-2022-26134 create time: 2022-06-03T09:30:51Z
VMware Workspace ONE Access and Identity Manager RCE via SSTI. CVE-2022-22954 - PoC SSTI * exploit+payload+shodan (ну набором) : badboy-sft/CVE-2022-22954 create time: 2022-06-03T09:17:12Z
no description : orwagodfather/CVE-2022-22954 create time: 2022-06-03T08:51:44Z
Information and scripts for the confluence CVE-2022-26134 : offlinehoster/CVE-2022-26134 create time: 2022-06-03T08:01:49Z
Follina POC by John Hammond : SrikeshMaharaj/CVE-2022-30190 create time: 2022-06-03T08:00:01Z
Powershell script to mitigate cve-2022-30190 : hilt86/cve-2022-30190-mitigate create time: 2022-06-03T06:54:35Z
no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20004 create time: 2022-06-03T06:24:34Z
Microsoft's recommended mitigation for CVE-2022-30190 using Powershell : hilt86/cve-2022-30190-mitigate create time: 2022-06-03T06:03:15Z
This is to patch CVE-2022-30190. Use at your own risk. : droidrzrlover/CVE-2022-30190 create time: 2022-06-03T05:52:36Z
Fidelis Network and Deception - Insecure File Permissions Privilege Escalation : henryreed/CVE-2022-0997 create time: 2022-06-03T05:46:10Z
Fidelis Network and Deception - Insecure File Permissions Privilege Escalation - Multiple : henryreed/CVE-2022-0486 create time: 2022-06-03T05:06:52Z
Bash poc for CVE-2022-1609 WordPress Weblizar Backdoor : NullBrunk/CVE-2022-1609 create time: 2022-06-03T02:49:49Z
Python exploit for CVE-2011-2523 : NullBrunk/CVE-2011-2523 create time: 2022-06-03T00:17:18Z
All about CVE-2022-30190, aka follina, that is a RCE vulnerability that affects Microsoft Support Diagnostic Tools (MSDT) on Office apps such as Word. This is a very simple POC, feel free to check the sources below for more threat intelligence. : Noxtal/follina create time: 2022-06-03T00:25:37Z
no description : trhacknon/exploit-CVE-2014-6271 create time: 2022-06-02T21:52:52Z
no description : trhacknon/CVE-2014-6271 create time: 2022-06-02T21:33:59Z
CVE-2022-30190 Zero click rce Mass Exploitation Tool with Multi threading capabilities : Kesinger57/CVE-2022-30190-mass-rce create time: 2022-06-02T17:28:27Z
no description : arozx/CVE-2022-30910 create time: 2022-06-02T16:14:13Z
CVE-2022-30190 | MS-MSDT Follina One Click : AchocolatechipPancake/MS-MSDT-Office-RCE-Follina create time: 2022-06-02T16:09:02Z
no description : intentagmbh/cve_2022-30190 create time: 2022-06-02T15:40:10Z
Simple Follina poc exploit : WesyHub/CVE-2022-30190---Follina---Poc-Exploit create time: 2022-06-02T15:39:20Z
PDQ Package I created for CVE-2022-30190 : castlesmadeofsand/ms-msdt-vulnerability-pdq-package create time: 2022-06-02T15:33:15Z
CVE-2020-2551 Exploiter : 0xAbbarhSF/CVE-Exploit create time: 2022-06-02T14:20:43Z
The CVE-2022-30190-follina Workarounds Patch : suegdu/CVE-2022-30190-Follina-Patch create time: 2022-06-02T13:43:20Z
A proof of concept of an SEH overflow with arbitrary dll injection : lem0nSec/CVE-2010-5301 create time: 2022-06-01T22:12:07Z
no description : tjcim/cve-2018-6574 create time: 2022-06-02T12:52:56Z
no description : aabbcc19191/CVE-2020-13935 create time: 2022-06-02T13:21:25Z
no description : swaiist/CVE-2022-30190-Fix create time: 2022-06-02T13:01:46Z
no description : gyaansastra/CVE-2022-30190 create time: 2022-06-02T12:58:24Z
no description : tjcim/cve-2018-6574-1 create time: 2022-06-02T12:35:08Z
no description : gyaansastra/CVE2022-30190 create time: 2022-06-02T12:44:02Z
CVE-2022-30190-follina.py-修改版,可以自定义word模板,方便实战中钓鱼使用。 : komomon/CVE-2022-30190-follina-Office-MSDT-Fixed create time: 2022-06-02T12:33:18Z
Mitigates the "Folina"-ZeroDay (CVE-2022-30190) : derco0n/mitigate-folina create time: 2022-06-02T09:30:13Z
Bai cuoi ky CVE-2022-24644 : ThanhThuy2908/ATHDH_CVE_2022_24644 create time: 2022-06-02T07:32:15Z
no description : ITMarcin2211/CVE-2022-30190 create time: 2022-06-02T07:01:19Z
A tool written in Go that scans files & directories for the Follina exploit (CVE-2022-30190) : ErrorNoInternet/FollinaScanner create time: 2022-06-02T06:45:19Z
no description : trhacknon/CVE-2021-35064 create time: 2022-06-02T03:07:40Z
Python script to exploit CVE-2021-35064 and CVE-2021-36356 : Chocapikk/CVE-2021-35064 create time: 2022-06-02T02:19:49Z
MSDT protocol disabler (CVE-2022-30190 patch tool) : gamingwithevets/msdt-disable create time: 2022-06-02T02:47:34Z
no description : trhacknon/CVE-2022-22954 create time: 2022-06-02T01:44:07Z
MS-MSDT Follina CVE-2022-30190 PoC document generator : sudoaza/CVE-2022-30190 create time: 2022-06-01T23:27:14Z
Proof of Concept zu MSDT-Follina - CVE-2022-30190. ÜBERPRÜFUNG DER WIRKSAMKEIT VON MICROSOFT DEFNEDER IN DER JEWEILS AKTUELLSTEN WINDOWS 10 VERSION. : ImproveCybersecurityJaro/2022_PoC-MSDT-Follina-CVE-2022-30190 create time: 2022-06-01T23:07:26Z
CVE-2022-30190 or "Follina" 0day proof of concept : rayorole/CVE-2022-30190 create time: 2022-06-01T21:33:18Z
Exploit to trigger RCE for CVE-2018-16763 on FuelCMS <= 1.4.1 and interactive shell. : p0dalirius/CVE-2018-16763-FuelCMS-1.4.1-RCE create time: 2022-05-31T15:31:37Z
no description : trhacknon/CVE-2019-16759 create time: 2022-06-01T20:28:43Z
Removes the ability for MSDT to run, in response to CVE-2022-30190 (Follina) : Cosmo121/Follina-Remediation create time: 2022-06-01T20:26:56Z
Python script to exploit CVE-2022-22954 and then exploit CVE-2022-22960 : Chocapikk/CVE-2022-22954 create time: 2022-06-01T19:33:32Z
An NSIS script that helps deploy and roll back the mitigation registry patch for CVE-2022-30190 as recommended by Microsoft : rouben/CVE-2022-30190-NSIS create time: 2022-06-01T18:58:07Z
no description : trhacknon/CVE-2022-22954-PoC create time: 2022-06-01T18:33:45Z
no description : Vaisakhkm2625/MSDT-0-Day-CVE-2022-30190-Poc create time: 2022-06-01T16:11:33Z
no description : mitespsoc/CVE-2022-30190-POC create time: 2022-06-01T14:55:43Z
no description : Kyleifpossible/CVE202230190test1 create time: 2022-06-01T14:24:00Z
no description : Kyleifpossible/CVE202230190test0 create time: 2021-12-04T06:58:57Z
Just another PoC for the new MSDT-Exploit : drgreenthumb93/CVE-2022-30190-follina create time: 2022-06-01T11:37:08Z
no description : hscorpion/CVE-2022-30190 create time: 2022-06-01T10:13:16Z
no description : Icare1337/CVE-2022-30190 create time: 2022-06-01T09:25:24Z
CVE-2022-30190 Zero click rce Mass Exploitation Tool with Multi threading capabilities : Kesinger57/CVE-2022-30190-mass create time: 2022-06-01T09:19:34Z
Follina MS-MSDT 0-day MS Office RCE (CVE-2022-30190) PoC in Go : dwisiswant0/gollina create time: 2022-06-01T09:02:00Z
no description : gerr-re/cve-2022-27438 create time: 2022-06-01T08:33:16Z
Phone number notification bug : fordsham/CVE-2021-30956 create time: 2022-06-01T07:09:18Z
no description : Ran-Xing/cve-2022-193372 create time: 2022-06-01T05:32:09Z
MSDT 0-Day Mass Exploitation Tool : ExploitPwner/CVE-2022-30190 create time: 2022-06-01T04:15:25Z
no description : trhacknon/CVE-2022-29303 create time: 2022-05-31T23:40:18Z
CVE-2022-30190 remediation via removal of ms-msdt from Windows registry : PaddlingCode/cve-2022-30190 create time: 2022-05-31T23:32:33Z
Python script to exploit CVE-2022-29303 : Chocapikk/CVE-2022-29303 create time: 2022-05-31T22:55:05Z
Node
: Mouhamedtec/CVE-2022-1192 create time: 2022-05-31T20:38:06Zno description : mghostz/CVE202230190 create time: 2022-05-31T20:24:44Z
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights. : sentinelblue/CVE-2022-30190 create time: 2022-05-31T18:00:42Z
no description : trhacknon/CVE-2022-30190 create time: 2022-05-31T18:58:55Z
no description : aymankhder/MSDT_CVE-2022-30190-follina- create time: 2022-05-31T18:45:34Z
no description : trhacknon/CVE-2022-30190 create time: 2022-05-31T18:21:30Z
CVE-2022-30190- A Zero-Click RCE Vulnerability In MSDT : kdk2933/msdt-follina-office create time: 2022-05-31T17:54:20Z
Picking up processes that have triggered ASR related to CVE-2022-30190 : DOV3Y/CVE-2022-30190-ASR-Senintel-Process-Pickup create time: 2022-05-31T16:11:14Z
Aka Follina = benign POC. : rickhenderson/cve-2022-30190 create time: 2022-05-31T14:50:55Z
This Repository Talks about the Follina MSDT from Defender Perspective : archanchoudhury/MSDT_CVE-2022-30190 create time: 2022-05-31T14:10:11Z
no description : anniehelkekpl92/CVE-2022 create time: 2022-05-31T12:38:16Z
Microsoft Office Word Rce 复现(CVE-2022-30190) : bytecaps/CVE-2022-30190 create time: 2022-05-31T12:15:18Z
no description : Exzh34/PentestLab-CVE-2018-6574-go-get-RCE create time: 2022-05-31T11:17:51Z
no description : JCPpeiqi/-cve-2021-46381 create time: 2022-05-31T10:54:40Z
CVE-2022-30190 Follina POC : onecloudemoji/CVE-2022-30190 create time: 2022-05-31T06:45:25Z
no description : JMousqueton/PoC-CVE-2022-30190 create time: 2022-05-30T18:17:38Z
no description : tuannq2299/CVE-2019-8942 create time: 2022-05-31T03:28:22Z
Exploit for Apache 2.4.50 (CVE-2021-42013) : viliuspovilaika/cve-2021-42013 create time: 2022-05-31T03:28:20Z
no description : tuannq2299/CVE-2021-43408 create time: 2022-05-31T03:00:27Z
CVE-2022-22978 Spring-Security bypass Demo : DeEpinGh0st/CVE-2022-22978 create time: 2022-05-31T03:14:55Z
CVE-2022-1292 OpenSSL c_rehash Vulnerability : rama291041610/CVE-2022-1292 create time: 2022-05-30T16:59:54Z
no description : SenpaiX00/CVE-05-2022-0438 create time: 2022-05-30T15:41:44Z
CVE-2022-1292 OpenSSL c_rehash Vulnerability : alcaparra/CVE-2022-1292 create time: 2022-05-30T14:45:15Z
WPQA < 5.5 - Unauthenticated Private Message Disclosure : V35HR4J/CVE-2022-1598 create time: 2022-05-30T10:54:19Z
no description : Trinadh465/System_bt_AOSP10_r33_CVE-2021-0589 create time: 2022-05-30T08:41:07Z
no description : Trinadh465/System_bt_AOSP10_r33_CVE-2021-0589 create time: 2022-05-30T07:49:14Z
CVE-2022-24086 and CVE-2022-24087 are an rce in adobe commerce and magento : TomArni680/CVE-2022-24086-MASS-RCE create time: 2022-05-30T07:08:41Z
Exploit CVE-2021-24160 : hnthuan1998/Exploit-CVE-2021-24160 create time: 2022-05-30T01:48:27Z
no description : hnthuan1998/CVE-2021-24160 create time: 2022-05-30T01:46:50Z
no description : SecurityBoi/TEST-CVE-05-2022-0438 create time: 2022-05-29T18:05:30Z
exploit is already public : TomArni680/CVE-2022-1388-RCE create time: 2022-05-29T15:29:44Z
CVE-2022-26809 | is a remote code execution vulnerablity in rpc runtime and affects a wide versions of windows : seciurdt/CVE-2022-26809-MASS-RCE create time: 2022-05-29T14:58:52Z
no description : Wrong-pixel/CVE-2022-22947-exp create time: 2022-05-29T01:07:26Z
vmware authentication bypass : Dghpi9/CVE-2022-22972 create time: 2022-05-28T20:56:09Z
CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合 : west9b/F5-BIG-IP-POC create time: 2022-05-28T13:30:22Z
Mass RCE VIA CVE-2022-6809 AND THE METASPLOIT MODULE : ChrisopherJohanso/CVE-2022-26809-RCE create time: 2022-05-28T13:52:35Z
no description : trhacknon/CVE-2022-1388-PocExp create time: 2022-05-28T12:46:08Z
no description : trhacknon/Exploit-F5-CVE-2022-1388 create time: 2022-05-28T12:43:18Z
no description : trhacknon/F5-CVE-2022-1388-Exploit create time: 2022-05-28T12:40:56Z
no description : trhacknon/CVE-2022-1388 create time: 2022-05-28T12:35:59Z
Wordpress 5.8.2 CVE-2022-21661 Vuln enviroment POC exploit : 0x4E0x650x6F/Wordpress-cve-CVE-2022-21661 create time: 2022-05-28T10:46:48Z
no description : west9b/CVE-2022-30525 create time: 2022-05-28T07:19:31Z
no description : kuznyJan1972/CVE-2022-23121-MASS-RCE create time: 2022-05-28T05:48:35Z
FreePascal implementation of the UnrealIRCD CVE-2010-2075 : MFernstrom/Offensive-Pascal-CVE-2010-2075 create time: 2022-05-28T02:47:22Z
FreePascal implementation of CVE-2011-2523 : MFernstrom/OffensivePascal-CVE-2011-2523 create time: 2022-05-27T20:47:01Z
CVE-2019-9729. Transferred from https://github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation : recozone/HyperSine create time: 2022-05-27T15:34:39Z
no description : jftierno/CVE-2018-6574-2 create time: 2022-05-27T15:10:11Z
Exploit for Pentester Labs : Cypheer/exploit_CVE-2018-6574 create time: 2022-05-27T14:35:11Z
CVE-2022-1609 WordPress Weblizar后门 : savior-only/CVE-2022-1609 create time: 2022-05-27T13:15:38Z
CVE-2018-17456复现 : jiahuiLeee/test create time: 2022-05-27T11:56:07Z
A PoC / methodology to exploit CVE-2017-6516 : Rubytox/CVE-2017-6516-mcsiwrapper- create time: 2022-05-27T10:24:41Z
no description : pthlong9991/CVE202228346 create time: 2022-05-27T10:08:55Z
CVE-2022-24494 : vportal/AFD create time: 2022-05-27T09:52:52Z
exploit for T3 rce (CVE 2015-4852 \CVE 2016-0638 \CVE 2016-3510) : minhangxiaohui/Weblogic_direct_T3_Rces create time: 2022-05-27T08:04:24Z
no description : trhacknon/CVE-2022-29464-mass create time: 2022-05-26T22:02:45Z
Python script to exploit CVE-2022-29464 (mass mode) : Chocapikk/CVE-2022-29464 create time: 2022-05-26T20:19:53Z
.json and .yaml files used to exploit CVE-2018-25031 : afine-com/CVE-2018-25031 create time: 2022-05-26T19:06:21Z
APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers (all versions prior to V3.5) and TALON TC BACnet Automation Controllers (all versions prior to V3.5). With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. This repository takes advantage of CVE-2017-9947. : RoseSecurity/APOLOGEE create time: 2022-05-26T01:13:42Z
no description : horizon3ai/CVE-2022-22972 create time: 2022-05-24T20:19:55Z
no description : gog1071/Spring4Shell-CVE-2022-22965 create time: 2022-05-26T11:39:25Z
no description : trhacknon/CVE-2019-15107 create time: 2022-05-26T04:57:40Z
no description : trhacknon/CVE-2019-15642 create time: 2022-05-26T04:30:14Z
sudo提权漏洞CVE-2021-3156复现代码 : q77190858/CVE-2021-3156 create time: 2022-05-26T02:47:53Z
Implementation of CVE-2018-6242 (AKA Fusée Gelée, AKA shofel2) : Swiftloke/fusee-toy create time: 2022-05-25T19:51:06Z
School Dormitory Management System 1.0 - Reflected XSS : bigzooooz/CVE-2022-30513 create time: 2022-05-25T16:46:09Z
School Dormitory Management System 1.0 - Reflected XSS : bigzooooz/CVE-2022-30514 create time: 2022-05-25T16:42:25Z
School Dormitory Management System 1.0 - Unauthenticated SQL Injection : bigzooooz/CVE-2022-30511 create time: 2022-05-25T16:35:06Z
School Dormitory Management System 1.0 - Unauthenticated SQL Injection : bigzooooz/CVE-2022-30510 create time: 2022-05-25T16:32:18Z
School Dormitory Management System 1.0 - Unauthenticated SQL Injection : bigzooooz/CVE-2022-30512 create time: 2022-05-25T16:23:53Z
C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command injection vulnerability via the va_cmd parameter in formlanipv6. This vulnerability allows attackers to execute arbitrary commands via a crafted HTTP request. : exploitwritter/CVE-2022-29337 create time: 2022-05-25T13:02:34Z
Atlassian Jira Seraph Authentication Bypass RCE(CVE-2022-0540) : Pear1y/CVE-2022-0540-Preauth-RCE create time: 2022-05-25T10:47:04Z
no description : Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2020-0188_CVE-0219 create time: 2022-05-25T10:01:58Z
no description : Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2020-0219_CVE-2020-0188_old-one create time: 2022-05-25T09:54:40Z
no description : Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2020-0219_CVE-2020-0188_old create time: 2022-05-25T09:31:03Z
no description : Trinadh465/external_lib_AOSP10_r33_CVE-2021-45960_CVE-2021-46143- create time: 2022-05-25T09:03:48Z
no description : Trinadh465/platform_external_gptfdisk_AOSP10_r33_CVE-2021-0308 create time: 2022-05-25T06:50:30Z
no description : trhacknon/CVE-2022-1292 create time: 2022-05-25T07:06:48Z
CVE-2022-29221 Proof of Concept Code : sbani/CVE-2022-29221-PoC create time: 2022-05-25T06:02:23Z
Csrf file upload insecure : trhacknon/CVE-2020-29597 create time: 2022-05-25T01:10:01Z
no description : yuuki1967/CVE-2021-44228-Apache-Log4j-Rce create time: 2022-05-25T01:56:14Z
Triconsole 3.75 - Reflected XSS : trhacknon/CVE-2021-27330 create time: 2022-05-25T00:09:20Z
🍵 Gitea repository migration remote command execution exploit. : wuhan005/CVE-2022-30781 create time: 2022-05-22T05:15:58Z
no description : b1ackros337/CVE-2020-25213 create time: 2022-05-24T16:35:23Z
SDT-CW3B1 1.1.0 - OS Command Injection : nobodyatall648/CVE-2021-46422 create time: 2022-05-24T16:45:41Z
CVE-2022-1292 : li8u99/CVE-2022-1292 create time: 2022-05-24T09:26:29Z
no description : whr819987540/test_CVE-2020-26233 create time: 2022-05-24T08:49:01Z
no description : Satheesh575555/external_expat_AOSP10_r33_CVE-2022-25235 create time: 2022-05-24T07:00:24Z
Tinker Script for CVE-2022-23046 : bernauers/CVE-2022-23046 create time: 2022-05-23T20:44:15Z
Initial POC for the CVE-2022-30525 : iveresk/cve-2022-30525 create time: 2022-05-23T16:51:42Z
Vulnearability Report of the New Jersey official site : korestreet/https-nj.gov---CVE-2018-14042 create time: 2022-05-23T08:27:22Z
Vulnearability Report of the New Jersey official site : korestreet/https-nj.gov---CVE-2018-14040 create time: 2022-05-23T08:11:01Z
Vulnearability Report of the New Jersey official site : korestreet/https-nj.gov---CVE-2018-14041 create time: 2022-05-23T07:59:01Z
Vulnearability Report of the New Jersey official site : korestreet/https-nj.gov---CVE-2019-11358 create time: 2022-05-23T08:51:42Z
Vulnearability Report of the New Jersey official site : korestreet/https-nj.gov---CVE-2019-8331 create time: 2022-05-23T07:48:19Z
Vulnearability Report of the New Jersey official site : korestreet/https-nj.gov---CVE-2020-11023 create time: 2022-05-23T10:49:19Z
Vulnearability Report of the New Jersey official site : korestreet/https-nj.gov---CVE-2020-11022 create time: 2022-05-23T10:26:10Z
Case for CVE-2022-30778 : kang8/CVE-2022-30778 create time: 2022-05-23T07:04:54Z
Aplicação para explorar CVEs e calcular CVSSs. Atividade de segurança de aplicações (2022/1) : Jefh-Graduacao/segapps-cve-exporer create time: 2022-05-23T00:34:07Z
CVE 2005 exploit.Perl in Perl. : RizeKishimaro/CVE-2005-3299 create time: 2022-05-22T15:14:57Z
Apache CouchDB 3.2.1 - Remote Code Execution (RCE) : XmasSnowISBACK/CVE-2022-24706 create time: 2022-05-22T13:37:06Z
MSF screenshot module with privelage escalation/bypass on MacOS : XmasSnowISBACK/CVE-2022-26726 create time: 2022-05-22T13:31:52Z
Case for CVE-2021-43503 : kang8/CVE-2021-43503 create time: 2022-05-22T12:54:39Z
CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE written in Rust : XmasSnowISBACK/CVE-2022-1388 create time: 2022-05-22T13:27:33Z
cve-2022-1040 is an auth bypass and remote code execution in webmin portal of sophos firewall : XmasSnowISBACK/CVE-2022-1040 create time: 2022-05-22T13:23:20Z
PoC for CVE-2022-21971 "Windows Runtime Remote Code Execution Vulnerability" : XmasSnowISBACK/CVE-2022-21971 create time: 2022-05-22T13:20:39Z
cve-2022-1040 is an auth bypass and remote code execution in webmin portal of sophos firewall : cve-hunter/CVE-2022-1040-RCE create time: 2022-05-22T12:21:01Z
Big-Ip auth bypass and rce : seciurdt/CVE-2022-1388-mass create time: 2022-05-22T12:08:25Z
no description : pashayogi/CVE-2020-7961-Mass create time: 2022-05-22T08:40:53Z
no description : trhacknon/CVE-2022-22963 create time: 2022-05-21T22:10:16Z
Exploit for CVE-2020-5844 (Pandora FMS v7.0NG.742) - Remote Code Execution : UNICORDev/exploit-CVE-2020-5844 create time: 2022-05-19T22:50:44Z
A login bypass(CVE-2019-18371) and a command injection vulnerability(CVE-2019-18370) in Xiaomi Router R3G up to versi… : jsnhcuan1997/UltramanGaia create time: 2022-05-21T16:30:37Z
CVE-2022-22916,O2OA RCE 远程命令执行 : aodsec/CVE-2022-22916 create time: 2022-05-21T16:28:23Z
A Simple bash script that patches the CVE-2022-0847 (dirty pipe) kernel vulnerability on Debian 11 : IHenakaarachchi/debian11-dirty_pipe-patcher create time: 2022-05-21T15:14:51Z
no description : sudoninja-noob/CVE-2022-29009 create time: 2022-05-21T11:58:36Z
no description : sudoninja-noob/CVE-2022-29008 create time: 2022-05-21T11:58:26Z
no description : sudoninja-noob/CVE-2022-29007 create time: 2022-05-21T11:57:04Z
no description : sudoninja-noob/CVE-2022-29006 create time: 2022-05-21T11:55:36Z
no description : sudoninja-noob/CVE-2022-29005 create time: 2022-05-21T11:53:35Z
no description : BabyTeam1024/CVE-2022-26318 create time: 2022-05-21T11:51:58Z
no description : sudoninja-noob/CVE-2022-29004 create time: 2022-05-21T11:30:32Z
cve-2021-4034 for single commcand : wudicainiao/cve-2021-4034 create time: 2022-05-21T05:42:01Z
race condition in apport lead to Local Privilege Escalation on Ubuntu : liumuqing/CVE-2021-3899_PoC create time: 2022-05-21T01:52:34Z
Recursive MMIO VM Escape PoC : QiuhaoLi/CVE-2021-3929-3947 create time: 2022-05-13T05:33:28Z
no description : trhacknon/CVE-2022-26717-Safari-WebGL-Exploit create time: 2022-05-20T20:46:40Z
CVE-2022-26809 | is a remote code execution vulnerablity in rpc runtime and affects a wide versions of windows : seciurdt/CVE-2022-26809-MASS create time: 2022-05-20T15:16:30Z
CVE-2022-26809 is a vulnerability in Remote Procedure Call Runtime : XmasSnowISBACK/CVE-2022-26809 create time: 2022-05-20T14:26:38Z
CVE-2017-1000486 : prok3z/Nuclei-Template-Primefaces-RCE create time: 2022-05-20T12:43:10Z
CVE-2022-31245: RCE and domain admin privilege escalation for Mailcow : ly1g3/Mailcow-CVE-2022-31245 create time: 2022-05-20T10:05:55Z
CVE-2021-44228 PoC for more than 12 affected softwares(not publicly disclossed yet) with mass exploitation script for each. : TomArni680/CVE-2021-44228-RCE create time: 2022-05-20T09:48:24Z
no description : ShaikUsaf/packages_apps_PackageInstaller_AOSP10_r33_CVE-2021-0302 create time: 2022-05-20T06:33:47Z
Apache CouchDB 3.2.1 - Remote Code Execution (RCE) : sadshade/CVE-2022-24706-CouchDB-Exploit create time: 2022-05-20T04:28:51Z
CVE-2022-22965 Spring4Shell research & PoC : cxzero/CVE-2022-22965-spring4shell create time: 2022-05-19T23:16:40Z
no description : trhacknon/CVE-2022-28590 create time: 2022-05-19T21:27:09Z
no description : trhacknon/CVE-2022-29464 create time: 2022-05-19T21:24:02Z
no description : corelight/cve-2022-22954 create time: 2022-04-12T18:08:58Z
一个可单独、批量验证的脚本,也可以反弹shell : anansec/CVE-2022-22947_EXP create time: 2022-05-19T14:58:45Z
This repository is developed to analysis and understand DirtyPipe exploit CVE-2022-0847 : VinuKalana/DirtyPipe-CVE-2022-0847 create time: 2022-05-17T04:23:34Z
no description : caiquebaracho/CVE-2021-44228 create time: 2022-05-19T13:49:40Z
This repository contains studies on CVE-2021-44228. I would like to thank everyone who somehow supported the development of this work. : caiquebaracho/CVE-2021-44228 create time: 2022-05-18T22:58:26Z
CVE-2022-30525 Zyxel防火墙命令注入漏洞 POC&EXP : west9b/CVE-2022-30525 create time: 2022-05-19T12:21:08Z
CVE-2022-30525 Zyxel防火墙命令注入漏洞 POC&EXP : 160Team/CVE-2022-30525 create time: 2022-05-19T12:09:42Z
PoC for Dirty COW (CVE-2016-5195) : 1equeneRise/scumjr9 create time: 2022-05-19T10:53:43Z
CVE-2022-26809 RCE Exploit Remote Code Execution : rkxxz/CVE-2022-26809 create time: 2022-05-19T03:35:02Z
CVE-2022-24500 RCE Exploit Remote Code Execution Vulnerability : rkxxz/CVE-2022-24500 create time: 2022-05-19T03:32:12Z
no description : theori-io/CVE-2022-26717-Safari-WebGL-Exploit create time: 2022-05-19T01:16:01Z
Verifed Proof of Concept on CVE-2022-24086 : oK0mo/CVE-2022-24086-RCE-PoC create time: 2022-05-19T01:15:57Z
no description : trhacknon/XSS-CVE-2022-30489 create time: 2022-05-18T23:28:06Z
no description : trhacknon/CVE-2022-23131 create time: 2022-05-18T17:18:45Z
no description : trhacknon/CVE-2022-30525-Reverse-Shell create time: 2022-05-18T15:57:03Z
CVE-2022-30780 - lighttpd remote denial of service : p0dalirius/CVE-2022-30780-lighttpd-denial-of-service create time: 2022-05-18T12:01:17Z
Simple python script to exploit CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection : Chocapikk/CVE-2022-30525-Reverse-Shell create time: 2022-05-18T15:22:17Z
Analysis, POC and Explanation of CVE-2021-1732 : reccoon-dev/CVE-2021-1732 create time: 2022-05-18T13:34:07Z
CVE-2021-44228 PoC for more than 12 affected softwares(not publicly disclossed yet) with mass exploitation script for each. : kuznyJan1972/CVE-2021-44228-mass create time: 2022-05-18T12:30:14Z
zyxel firewall unauthenticated rce mass multi threaded exploit : kuznyJan1972/CVE-2022-30525-mass create time: 2022-05-18T12:10:11Z
The Repository contains documents that explains the explotation of CVE-2016-5195 : malinthag62/The-exploitation-of-Dirty-Cow-CVE-2016-5195 create time: 2022-05-18T10:51:23Z
no description : jakabakos/CVE-2017-9096 create time: 2022-05-18T10:03:53Z
no description : litios/cve_2021_3572-old-pip create time: 2022-05-18T10:08:35Z
Franklin Fueling Systems Colibri Controller Module - Local File Inclusion : Henry4E36/CVE-2021-46417 create time: 2022-05-18T09:14:51Z
A POC for CVE-2021-3572 against old pips (9.x.x) : litios/cve_2021_3572-old-pip create time: 2022-05-18T08:42:31Z
no description : yonggui-li/CVE-2020-4464-and-CVE-2020-4450 create time: 2022-05-18T02:02:51Z
Zyxel multithreaded Mass Exploitation tool compatible with URL/IP lists. : ExploitPwner/CVE-2022-30525-Zyxel-Mass-Exploiter create time: 2022-05-17T15:58:19Z
no description : afaq1337/CVE-2021-41946 create time: 2022-05-17T15:23:12Z
Detects attempts and successful exploitation of CVE-2022-26809 : corelight/cve-2022-26809 create time: 2022-04-14T16:58:09Z
no description : phor3nsic/CVE-2021-40822 create time: 2022-05-17T13:58:11Z
Details regarding the Z-Wave S0-No-More attack : ITSecLab-HSEL/CVE-2022-24611 create time: 2022-05-17T11:55:09Z
CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE written in Rust : aancw/CVE-2022-1388-rs create time: 2022-05-17T10:51:39Z
CVE-2018-6574: go get RCE : ThaFWord/pentesterlab create time: 2022-05-17T08:32:20Z
CVE-2022-1388 : getdrive/F5-BIG-IP-exploit create time: 2022-05-17T03:23:39Z
Multithread Golang application : iveresk/cve-2022-21907 create time: 2022-05-16T17:42:45Z
[Reserved for CVE-2022-30006] : ComparedArray/printix-CVE-2022-30006 create time: 2022-05-16T16:15:52Z
The plugin, used as a companion for the Discy and Himer themes, does not sanitise and escape a parameter on its reset password form which makes it possible to perform Reflected Cross-Site Scripting attacks : V35HR4J/CVE-2022-1598 create time: 2022-05-16T15:33:48Z
Spring Cloud Gateway Actuator API SpEL表达式注入命令执行(CVE-2022-22947) 注入哥斯拉内存马 : 0730Nophone/CVE-2022-22947- create time: 2022-05-16T15:27:41Z
no description : ratiros01/CVE-2014-8609-exploit create time: 2022-05-16T13:24:39Z
no description : user16-et/cve-2021-21972_PoC create time: 2022-05-16T11:57:42Z
Persistent XSS on 'last_known_version' field (My Settings) : patrickdeanramos/CVE-2022-28598 create time: 2022-05-16T10:27:47Z
Persistent XSS on 'last_known_version' field (My Settings) : patrickdeanramos/CVE-2022-28598 create time: 2022-05-16T10:17:37Z
CVE-2022-30525 POC exploit : superzerosec/CVE-2022-30525 create time: 2022-05-16T09:15:43Z
CVE-2021-21315-ENV : H3rmesk1t/CVE-2021-21315-ENV create time: 2022-05-16T08:30:31Z
no description : ratiros01/CVE-2004-1561 create time: 2020-06-09T14:54:00Z
CVE-2022-30525(Zxyel 防火墙命令注入)的概念证明漏洞利用 : YGoldking/CVE-2022-30525 create time: 2022-05-16T04:45:43Z
Exploit for CVE-2021-3560 (Polkit) : UNICORDev/exploit-CVE-2021-3560 create time: 2022-05-02T23:56:31Z
no description : Wrin9/CVE-2022-1388 create time: 2022-05-16T01:49:44Z
MyBB 1.8.29 - Remote Code Execution : lavclash75/mybb-CVE-2022-24734 create time: 2022-05-15T19:18:32Z
Private keys vulnerable to Debian OpenSSL bug (CVE-2008-0166) : badkeys/debianopenssl create time: 2022-05-15T10:28:03Z
Improved POC for CVE-2022-1388 that affects multiple F5 products. : iveresk/cve-2022-1388-iveresk-command-shell create time: 2022-05-15T08:58:22Z
A bots loader for CVE-2022-29464 with multithreading : Inplex-sys/CVE-2022-29464-loader create time: 2022-05-15T08:51:16Z
Private keys generated with vulnerable keypair versions (CVE-2021-41117) : badkeys/keypairvuln create time: 2022-05-15T06:56:53Z
Zyxel Firewall Remote Command Injection Vulnerability (CVE-2022-30525) Batch Detection Script : M4fiaB0y/CVE-2022-30525 create time: 2022-05-15T06:20:06Z
An Improved Proof of Concept for CVE-2022-1388 w/ Interactive an Shell : PsychoSec2/CVE-2022-1388-POC create time: 2022-05-15T03:58:21Z
cve-2021-38314 - Unauthenticated Sensitive Information Disclosure : twseptian/cve-2021-38314 create time: 2022-05-15T02:10:01Z
**An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed kwargs. : ahsentekdemir/CVE-2022-28346 create time: 2022-05-15T00:24:19Z
An improved Proof of Concept for CVE-2022-1388 w/ Interactive Shell. No reverse tcp required! : PsychoSec2/CVE-2022-1388-POC create time: 2022-05-14T19:23:16Z
In essence, the vulnerability allowed a low-privileged user to escalate privileges to domain administrator in a default Active Directory environment with the Active Directory Certificate Services (AD CS) server role installed. : LudovicPatho/CVE-2022-26923_AD-Certificate-Services create time: 2022-05-14T09:27:06Z
Technical Analysis of the SMB vulnerability (CVE-2017-0143) & its impact on the vulnerable system : SampatDhakal/Metasploit-Attack-Report create time: 2022-05-14T07:26:31Z
no description : badboycxcc/XSS-CVE-2022-30489 create time: 2022-05-06T00:47:51Z
no description : cxaqhq/netgear-to-CVE-2022-29383 create time: 2021-12-26T13:33:16Z
no description : badboycxcc/Netgear-ssl-vpn-20211222-CVE-2022-29383 create time: 2021-12-22T10:06:59Z
A proof-of-concept font with a write-up attached. : Exploitables/CVE-2022-26927 create time: 2022-05-14T04:12:23Z
Zyxel 防火墙未经身份验证的远程命令注入 : savior-only/CVE-2022-30525 create time: 2022-05-13T18:16:31Z
no description : testaross4/CVE-2007-2447 create time: 2022-05-13T14:15:28Z
Zyxel 防火墙远程命令注入漏洞(CVE-2022-30525)批量检测脚本 : shuai06/CVE-2022-30525 create time: 2022-05-13T12:58:43Z
Log4Shell Proof-Of-Concept derived from https://github.com/kozmer/log4j-shell-poc : Phineas09/CVE-2021-44228 create time: 2022-05-13T11:35:22Z
Zyxel 防火墙远程命令注入漏洞(CVE-2022-30525) : Henry4E36/CVE-2022-30525 create time: 2022-05-13T12:03:28Z
Tool for CVE-2022-1388 : justakazh/CVE-2022-1388 create time: 2022-05-13T10:18:29Z
Melissa : itstarsec/CVE-2020-0618 create time: 2022-05-13T08:58:16Z
WPQA < 5.2 - Subscriber+ Stored Cross-Site Scripting via Profile fields : V35HR4J/CVE-2022-1051 create time: 2022-05-13T06:50:25Z
Essay (and PoCs) about CVE-2021-41773, a remote code execution vulnerability in Apache 2.4.49 🕸️ : iosifache/ApacheRCEEssay create time: 2022-05-12T13:23:08Z
NETATALK-AFP-PROTO RCE :| This CVE-2022-23121 allows remote malicious users to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parse_entries function. The issue results from the lack of proper error handling when parsing AppleDouble entries. An attacker can leverage this vulnerability to execute code in the context of root. : kuznyJan1972/CVE-2022-23121-RCE create time: 2022-05-12T20:58:01Z
Testing CVE-2022-22968 : MarcinGadz/spring-rce-poc create time: 2022-05-12T18:25:18Z
F5 BIG-IP iControl REST vulnerability RCE exploit with Java including a testing LAB : Zeyad-Azima/CVE-2022-1388 create time: 2022-05-12T16:54:52Z
CVE-2022-23121 中使用到的自定义 nmap 脚本,以及 docker 环境 : kejaly/CVE-2022-23121-nmap create time: 2022-05-12T17:07:08Z
CVE-2022-23253 PoC : nettitude/CVE-2022-23253-PoC create time: 2022-05-12T13:18:47Z
Proof of concept exploit for CVE-2022-30525 (Zxyel firewall command injection) : jbaines-r7/victorian_machinery create time: 2022-05-10T10:31:19Z
Nuclei Template for CVE-2022-1388 : SecTheBit/CVE-2022-1388 create time: 2022-05-12T12:17:11Z
no description : Nivaskumark/external_expat_v2.1.0_CVE-2022-25315 create time: 2022-05-12T11:07:10Z
no description : Calvitz/CVE-2022-26809 create time: 2022-05-12T07:12:08Z
CVE-2022-27134 : Kenun99/CVE-batdappboomx create time: 2022-03-11T09:09:19Z
CVE-2021-41773 Shodan scanner : anldori/CVE-2021-41773-Scanner create time: 2022-05-12T03:42:24Z
no description : Calvitz/CVE-2022-26809 create time: 2022-05-12T03:22:31Z
CVE-2020-0688_Microsoft Exchange default MachineKeySection deserialize vulnerability : 7heKnight/CVE-2020-0688 create time: 2022-05-12T03:17:35Z
CVE-2021-41773 Shodan Scanner : anldori/CVE-2021-41773-Scan create time: 2022-05-12T02:58:14Z
Walkthrough on the exploitation of CVE-2022-26923, a vulnerability in AD Certificate Services : r1skkam/TryHackMe-CVE-2022-26923 create time: 2022-05-12T02:31:50Z
no description : pauloink/CVE-2022-1388 create time: 2022-05-11T21:55:43Z
CVE-2022-26809 | is a remote code execution vulnerablity in rpc runtime and affects a wide versions of windows : seciurdt/CVE-2022-26809-RCE create time: 2022-05-11T20:38:55Z
This repository consists of the python exploit for CVE-2022-1388 (F5's BIG-IP Authentication Bypass to RCE) : omnigodz/CVE-2022-1388 create time: 2022-05-11T20:27:36Z
This repository consists of the python exploit for CVE-2022-1388 (F5's BIG-IP Authentication Bypass to RCE) : omnigodz/CVE-2022-1388 create time: 2022-05-11T20:24:02Z
CVE-2022-1388 : mr-vill4in/CVE-2022-1388 create time: 2022-05-11T20:13:09Z
CVE-2022-1388 Scanner : EvilLizard666/CVE-2022-1388 create time: 2022-05-11T19:33:37Z
no description : AmirHoseinTangsiriNET/CVE-2022-1388-Scanner create time: 2022-05-11T17:43:44Z
big-ip icontrol rest auth bypass RCE MASS with huge list of ip dumped : kuznyJan1972/cve-2022-1388-mass create time: 2022-05-11T14:57:31Z
no description : ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25315 create time: 2022-05-11T09:31:06Z
Android 3.0 through 4.1.x on Disney Mobile, eAccess, KDDI, NTT DOCOMO, SoftBank, and other devices does not properly implement the WebView class, which allows remote attackers to execute arbitrary methods of Java objects or cause a denial of service (reboot) via a crafted web page, as demonstrated by use of the WebView.addJavascriptInterface method, a related issue to CVE-2012-6636. : Snip3R69/CVE-2013-4710-WebView-RCE-Vulnerability create time: 2022-05-11T08:53:56Z
no description : ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25314 create time: 2022-05-11T09:11:39Z
no description : ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25313 create time: 2022-05-11T07:40:30Z
WordPress的文件管理器插件(wp-file-manager)6.9版本之前存在安全漏洞,该漏洞允许远程攻击者上传和执行任意PHP代码。 : adminsec5247/CVE-2020-25213-wordpress-wp-file-manager-fileupload create time: 2022-05-11T07:10:15Z
Home Owners Collection Management System 1.0 - Reflected XSS : bigzooooz/CVE-2022-28078 create time: 2022-05-11T06:28:28Z
Home Owners Collection Management System 1.0 - Reflected XSS : bigzooooz/CVE-2022-28077 create time: 2022-05-11T06:23:46Z
On F5 BIG-IP undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated : ExploitPwner/CVE-2022-1388 create time: 2022-05-11T00:15:07Z
no description : 0xAgun/CVE-2022-1388 create time: 2022-05-10T20:49:12Z
no description : gerr-re/cve-2022-28944 create time: 2022-05-10T17:52:31Z
no description : sprushed/CVE-2022-30292 create time: 2022-05-10T16:39:00Z
An unauthenticated attacker can send an HTTP request with an "Accept-Encoding" HTTP request header triggering a double free in the unknown coding-list inside the HTTP Protocol Stack (http.sys) to process packets, resulting in a kernel crash. : iveresk/cve-2021-43008-1vere-k create time: 2022-05-10T16:00:50Z
CVE-2022-1388-PocExp,新增了多线程,F5 BIG-IP RCE exploitation : aodsec/CVE-2022-1388-PocExp create time: 2022-05-10T15:44:50Z
A Test API for testing the POC against CVE-2022-1388 : bandit92/CVE2022-1388_TestAPI create time: 2022-05-10T15:34:14Z
Test and Exploit Scripts for CVE 2022-1388 (F5 Big-IP) : thatonesecguy/CVE-2022-1388-Exploit create time: 2022-05-10T15:16:12Z
[Reserved For CVE-2022-29554] : ComparedArray/printix-CVE-2022-29554 create time: 2022-05-10T14:37:19Z
[Reserved for CVE-2022-29553] : ComparedArray/printix-CVE-2022-29553 create time: 2022-05-10T14:36:36Z
[Reserved for CVE-2022-29552] : ComparedArray/printix-CVE-2022-29552 create time: 2022-05-10T14:35:57Z
[Reserved For CVE-2022-29551] : ComparedArray/printix-CVE-2022-29551 create time: 2022-05-10T14:35:15Z
CVE-2022-24086 and CVE-2022-24087 are an rce in adobe commerce and magento : TomArni680/CVE-2022-24086-rce create time: 2022-05-10T14:32:06Z
CVE-2007-2447 : Nosferatuvjr/Samba-Usermap-exploit create time: 2022-05-10T09:37:07Z
no description : Satheesh575555/external_expat_AOSP10_r33_CVE-2022-23852 create time: 2022-05-10T09:22:18Z
no description : vesperp/CVE-2022-1388-F5-BIG-IP- create time: 2022-05-10T09:12:22Z
BIG-IP iControl REST vulnerability CVE-2022-1388 PoC : shamo0/CVE-2022-1388 create time: 2022-05-10T08:44:24Z
Simple shell script for the exploit : iveresk/cve-2022-1388-1veresk create time: 2022-05-10T08:22:46Z
CVE-2022-1388-EXP可批量实现攻击 : LinJacck/CVE-2022-1388-EXP create time: 2022-05-10T08:09:30Z
no description : hou5/CVE-2022-1388 create time: 2022-05-10T07:24:33Z
no description : Angus-Team/F5-BIG-IP-RCE-CVE-2022-1388 create time: 2022-05-10T05:30:11Z
POC of CVE-2022-1388 : chesterblue/CVE-2022-1388 create time: 2022-05-10T04:51:06Z
Reverse Shell for CVE-2022-1388 : qusaialhaddad/F5-BigIP-CVE-2022-1388 create time: 2022-05-10T04:44:05Z
may the poc with you! : killvxk/CVE-2022-1388 create time: 2022-05-10T04:13:47Z
CVE-2022-1388 is an authentication bypass vulnerability in the REST component of BIG-IP’s iControl API that was assigned a CVSSv3 score of 9.8. The iControl REST API is used for the management and configuration of BIG-IP devices. CVE-2022-1388 could be exploited by an unauthenticated attacker with network access to the management port or self IP addresses of devices that use BIG-IP. Exploitation would allow the attacker to execute arbitrary system commands, create and delete files and disable services. : MrCl0wnLab/Nuclei-Template-Exploit-CVE-2022-1388-BIG-IP-iControl-REST create time: 2022-05-10T04:10:46Z
PoC For F5 BIG-IP - bash script Exploit one Liner : Stonzyy/Exploit-F5-CVE-2022-1388 create time: 2022-05-10T02:57:31Z
no description : lowkey0808/cve-2020-25540 create time: 2022-05-10T02:33:46Z
no description : trhacknon/CVE-2022-1388-RCE-checker create time: 2022-05-09T17:34:28Z
A Insecure direct object references (IDOR) vulnerability in "Simple 2FA Plugin for Moodle" by LMS Doctor : FlaviuPopescu/CVE-2022-28986 create time: 2022-05-09T17:07:37Z
A Two-Factor Authentication (2FA) bypass vulnerability in "Simple 2FA Plugin for Moodle" by LMS Doctor : FlaviuPopescu/CVE-2022-28601 create time: 2022-05-09T16:57:14Z
CVE-2022-1040 is an authentication bypass and rce in user portal and webadmin of sophos firewall : Seatwe/CVE-2022-1040-rce create time: 2022-05-09T16:49:58Z
CVE-2022-26809 is a vulnerability in Remote Procedure Call Runtime : ExploitPwner/CVE-2022-26809-RCE-POC create time: 2022-05-09T16:48:30Z
CVE-2022-1388 POC exploit : superzerosec/CVE-2022-1388 create time: 2022-05-09T15:42:55Z
Generate primary obfuscated or secondary obfuscated CVE-2021-44228 or CVE-2021-45046 payloads to evade WAF detection. : r3kind1e/Log4Shell-obfuscated-payloads-generator create time: 2022-05-09T15:02:29Z
CVE-2022-1388 : saucer-man/CVE-2022-1388 create time: 2022-05-09T15:24:27Z
CVE-2022-1388 F5 BIG-IP iControl REST身份验证绕过漏洞 : savior-only/CVE-2022-1388 create time: 2022-05-09T14:37:04Z
no description : jcarabantes/CVE-2022-28590 create time: 2022-05-09T14:12:58Z
no description : cve-hunter/CVE-2022-1388-mass create time: 2022-05-09T14:09:49Z
多线程验证 : Angus-Team/F5-BIG-IP-RCE-CVE-2022-1388- create time: 2022-05-09T14:09:34Z
F5 BIG-IP iControl REST身份验证绕过漏洞 : Henry4E36/CVE-2022-1388 create time: 2022-05-09T14:02:34Z
CVE-2022-1388 F5 BIG-IP iControl REST RCE : Al1ex/CVE-2022-1388 create time: 2022-05-09T14:01:38Z
no description : HoAd-sc/CVE_2022_1388 create time: 2022-05-09T13:41:11Z
no description : Trinadh465/device_renesas_kernel_AOSP10_r33_CVE-2022-0492 create time: 2022-05-09T13:20:03Z
Apisix系列漏洞:未授权漏洞(CVE-2021-45232)、默认秘钥(CVE-2020-13945)批量探测。 : YutuSec/Apisix_Crack create time: 2022-05-09T12:26:11Z
Atlassian Bitbucket Data Center反序列化漏洞(CVE-2022-26133)批量验证和利用脚本 : Pear1y/CVE-2022-26133 create time: 2022-05-09T12:07:51Z
Poc Exploit for BIG-IP Pre-Auth RCE - CVE-2022-1388 : crowsec-edtech/CVE-2022-1388 create time: 2022-05-09T11:58:37Z
POC for CVE-2022-1388 : horizon3ai/CVE-2022-1388 create time: 2022-05-09T11:46:45Z
Exploit and Check Script for CVE 2022-1388 : ZephrFish/F5-CVE-2022-1388-Exploit create time: 2022-05-09T11:30:09Z
CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE : 0xf4n9x/CVE-2022-1388 create time: 2022-05-09T10:22:31Z
CVE-2022-1388 F5 Big IP unauth remote code execution : Vulnmachines/F5-Big-IP-CVE-2022-1388 create time: 2022-05-09T10:46:19Z
F5 BIG-IP RCE exploitation (CVE-2022-1388) : alt3kx/CVE-2022-1388_PoC create time: 2022-05-09T10:34:38Z
batch scan CVE-2022-1388 : yukar1z0e/CVE-2022-1388 create time: 2022-05-09T10:06:11Z
PoC for CVE-2022-1388_F5_BIG-IP : sherlocksecurity/CVE-2022-1388_F5_BIG-IP create time: 2022-05-09T07:39:55Z
no description : Hudi233/CVE-2022-1388 create time: 2022-05-09T03:20:46Z
Files required to demonstrate CVE-2022-0847 vulnerability in Linux Kernel v5.8 : isaiahsimeone/COMP3320-VAPT create time: 2022-05-08T20:17:08Z
no description : Altelus1/CVE-2022-24734 create time: 2022-05-08T15:20:41Z
CVE-2022-26809 | is a remote code execution vulnerablity in rpc runtime and affects a wide versions of windows : seciurdt/CVE-2022-26809-POC create time: 2022-05-08T15:00:29Z
no description : blind-intruder/CVE-2022-1388-RCE-checker create time: 2022-05-08T09:28:19Z
UNIT4 TETA Mobile Edition 29HF13 was discovered to contain a SQL injection vulnerability via the ProfileName parameter in the errorReporting page. : LongWayHomie/CVE-2022-27434 create time: 2022-05-07T21:57:15Z
no description : jr64/CVE-2015-0311 create time: 2022-05-07T21:08:23Z
BIG-IP iCONTROL REST AUTH BYPASS RCE POC CVE-2022-1388 : TomArni680/CVE-2022-1388-RCE create time: 2022-05-07T18:02:55Z
CVE-2022-1388 F5 BIG-IP iControl Rest API exposed RCE Check : bytecaps/F5-BIG-IP-RCE-Check create time: 2022-05-07T17:54:08Z
A vulnerability scanner that detects CVE-2021-21980 vulnerabilities. : Osyanina/westone-CVE-2022-1388-scanner create time: 2022-05-07T12:36:41Z
SambaCry exploit (CVE-2017-7494) : eulercode/exploit-CVE-2017-7494 create time: 2022-05-07T11:42:40Z
CVE-2022-25075 totolink command injection vulnerability : kuznyJan1972/CVE-2022-25075-RCE create time: 2022-05-07T11:43:01Z
Just proof of concept for Cisco CVE-2020-3452. Using external or internal file base. : iveresk/cve-2020-3452 create time: 2022-05-07T09:45:25Z
FFMPEG heap overflow exploit CVE-2016-10190 : muzalam/FFMPEG-exploit create time: 2022-05-07T06:51:05Z
I don't own this, but this is from Nmap : WTSTiNy/CVE-2014-3704 create time: 2022-05-07T03:00:27Z
CVE-2021-43287_GoCD_fileread_POC_EXP : Wrin9/CVE-2021-43287 create time: 2022-05-07T02:54:59Z
no description : LinJacck/CVE-2022-29464 create time: 2022-05-07T03:00:08Z
fuzzing with libFuzzer,inlude openssl heartbleed (CVE-2014-0160) : GardeniaWhite/fuzzing create time: 2022-05-07T00:52:46Z
WordPress Plugin MasterStudy LMS 2.7.5 - Unauthenticated Admin Account Creation : biulove0x/CVE-2022-0441 create time: 2022-05-06T17:40:55Z
no description : u201424348/CVE-2022-21984 create time: 2022-05-06T17:08:43Z
may the poc with you : killvxk/CVE-2022-1040 create time: 2022-05-06T08:56:04Z
This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only. : MrCl0wnLab/Nuclei-Template-CVE-2022-1388-BIG-IP-iControl-REST-Exposed create time: 2022-05-06T06:22:47Z
no description : Satheesh575555/external_expat_AOSP10_r33_CVE-2022-25236 create time: 2022-05-06T05:19:11Z
Simple script realizado en bash, para revisión de múltiples hosts para CVE-2022-1388 (F5) : jheeree/CVE-2022-1388-checker create time: 2022-05-05T15:25:53Z
BIG : TomArni680/CVE-2022-1388-POC create time: 2022-05-05T14:55:45Z
no description : 0xRaw/CVE-2021-42183 create time: 2022-05-05T13:45:43Z
K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388 : numanturle/CVE-2022-1388 create time: 2022-05-05T10:35:35Z
no description : Nivaskumark/packages_apps_settings_A10_r33_CVE-2020-0188 create time: 2022-05-05T09:23:04Z
no description : cve-hunter/CVE-2022-1040-sophos-rce create time: 2022-05-05T10:15:38Z
CVE-2022-22954 analyst : nguyenv1nK/CVE-2022-22954 create time: 2022-05-05T10:06:44Z
no description : KrungSalad/POC-CVE-2022-1444 create time: 2022-05-05T09:03:29Z
CVE-2020-0890 | Windows Hyper-V Denial of Service Vulnerability proof-of-concept code : MarcelloTinocor/gerhart01 create time: 2022-05-05T07:56:13Z
no description : crypt0r00t/CVE-2022-26809 create time: 2022-05-05T06:51:05Z
1 : axin2019/CVE-2022-29464 create time: 2022-05-05T06:02:52Z
Improper privilege management vulnerability in Samsung Video Player prior to version 7.3.15.30 allows attackers to execute video files without permission. : heegong/CVE-2022-24924 create time: 2022-05-05T03:08:53Z
CMS Made Simple < 2.2.10 - SQL Injection (rewritten for python3), CVE-2019-905 : xtafnull/CMS-made-simple-sqli-python3 create time: 2022-05-04T09:26:45Z
PoC + vulnerability details for CVE-2022-25262 / JetBrains Hub single-click SAML response takeover : yuriisanin/CVE-2022-25262 create time: 2022-05-03T21:38:58Z
Cachet configuration leak dumper. CVE-2021-39174 PoC. : narkopolo/CVE-2021-39174-PoC create time: 2022-05-03T20:17:23Z
My own python implementation of a CVE-2021-22204 exploit : BBurgarella/CVE-2021-22204 create time: 2022-05-03T16:36:02Z
no description : rhysmcneill/CVE-2021-403 create time: 2022-05-03T09:36:40Z
no description : Trinadh465/packages_apps_Nfc_AOSP10_r33_CVE-2020-0215 create time: 2022-05-03T05:47:48Z
CVE-2018-17553 PoC : MidwintersTomb/CVE-2018-17553 create time: 2022-05-03T02:43:59Z
PoC of CVE-2022-24707 : Altelus1/CVE-2022-24707 create time: 2022-05-03T01:11:56Z
DISCLAIMER: This is a re-upload of my very first spring project from 2019. It contains old dependencies with known CVEs, a lot of bad practices and many poor design decisions. It should not be taken as any kind of reference. It is only here to remind me where I started :) : mockxe/cardatabase create time: 2022-04-25T16:22:14Z
no description : Willian-2-0-0-1/Log4j-Exploit-CVE-2021-44228 create time: 2022-05-02T16:53:26Z
no description : Off3nS3c/CVE-2022-29932 create time: 2022-05-02T13:56:05Z
TOTOLINK A800R/A810R/A830R/A950RG/A3000RU/A3100R setUpgradeFW FileName command injection : ExploitPwner/Totolink-CVE-2022-Exploits create time: 2022-05-02T06:47:00Z
CVE-2022-22954, CVE-2022-22955,CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961 all in one! : kaanymz/2022-04-06-critical-vmware-fix create time: 2022-05-01T20:52:10Z
no description : yuanLink/CVE-2022-26809 create time: 2022-05-01T13:19:10Z
Resolving the CVE-2022-22948 vulnerability : kaanymz/vcenter-cve-fix create time: 2022-05-01T11:28:07Z
TEM FLEX-1080/FLEX-1085 1.6.0 log log.cgi Information Disclosure : MrEmpy/CVE-2022-1077 create time: 2022-04-30T21:55:03Z
This repository contains a PoC for remote code execution CVE-2022-26809 : ZyxelTeam/CVE-2022-26809-RCE create time: 2022-04-30T15:49:28Z
no description : kuangting4231/mitigation-cve-2019-9787 create time: 2022-04-30T12:19:50Z
no description : Trinadh465/external_sonivox_AOSP10_r33_CVE-2020-0381 create time: 2022-04-30T06:37:25Z
no description : Trinadh465/packages_apps_PackageInstaller_AOSP10_r33_CVE-2020-0418 create time: 2022-04-30T06:16:17Z
no description : Trinadh465/platform_art_AOSP10_r33_CVE-2021-0511 create time: 2022-04-30T05:54:11Z
no description : UUFR/CVE-2022-29464 create time: 2022-04-30T04:30:51Z
no description : UUFR/CVE-2022-29464 create time: 2022-04-30T04:21:26Z
no description : Trinadh465/external_curl_AOSP10_r33_CVE-2021-22924 create time: 2022-04-30T03:40:15Z
CVE-2021-44228 Log4j Summary : TPower2112/Writing-Sample-1 create time: 2022-04-30T02:35:38Z
CVE-2022-28508 : YavuzSahbaz/CVE-2022-28508 create time: 2022-04-28T01:10:17Z
SQL injection for Poultry Farm Management System 1.0 : IbrahimEkimIsik/CVE-2022-28099 create time: 2022-04-30T02:01:09Z
This is an edited version of the CVE-2018-19422 exploit to fix an small but annoying issue I had. : Swammers8/SubrionCMS-4.2.1-File-upload-RCE-auth- create time: 2022-04-29T17:23:23Z
no description : Trinadh465/packages_apps_KeyChain_AOSP10_r33_CVE-2021-0963 create time: 2022-04-29T12:36:35Z
no description : ShaikUsaf/external_wpa_supplicant_8_AOSP10_r33CVE-2021-0326 create time: 2022-04-29T11:05:51Z
no description : ShaikUsaf/external_v8_AOSP10_r33_CVE-2020-0240 create time: 2022-04-29T10:25:19Z
no description : Trinadh465/external_boringssl_openssl_1.1.0g_CVE-2021-23841 create time: 2022-04-29T10:16:14Z
no description : Enokiy/spring-RCE-CVE-2022-22965 create time: 2022-04-29T09:58:05Z
CVE-2022-29464 POC exploit : superzerosec/CVE-2022-29464 create time: 2022-04-29T08:24:17Z
no description : Trinadh465/hardware_nxp_nfc_AOSP10_r33_CVE-2020-0155 create time: 2022-04-29T06:33:54Z
no description : Trinadh465/external_v8_AOSP10_r33_CVE-2021-0393 create time: 2022-04-29T07:09:27Z
no description : Satheesh575555/frameworks_minikin_AOSP10_r33_CVE-2021-0313 create time: 2022-04-29T06:30:27Z
no description : Trinadh465/external_libexif_AOSP10_r33_CVE-2020-0198 create time: 2022-04-29T06:08:29Z
no description : Trinadh465/external_libexif_AOSP10_r33_CVE-2020-0181 create time: 2022-04-29T05:24:12Z
no description : Satheesh575555/external_v8_AOSP10_r33_CVE-2021-0396 create time: 2022-04-29T05:28:48Z
no description : Satheesh575555/external_wpa_supplicant_8_AOSP10_r33_CVE-2021-0516 create time: 2022-04-29T04:30:40Z
no description : iczc/Ethermint-CVE-2021-25837 create time: 2022-04-29T03:12:27Z
CVE-2022-28452 : YavuzSahbaz/Red-Planet-Laundry-Management-System-1.0-is-vulnerable-to-SQL create time: 2022-04-29T03:03:25Z
Loops through all Log4j files and remediates CVE-2021-44228 : digital-dev/Log4j-CVE-2021-44228-Remediation create time: 2022-04-28T23:56:01Z
no description : mwina/CVE-2022-21728-test create time: 2022-04-28T23:56:58Z
CVE-2021-30937 vulnerability checking app : realrodri/ExploiteameEsta create time: 2022-04-28T14:50:00Z
no description : Trinadh465/packages_apps_Nfc_AOSP10_r33_CVE-2020-0453 create time: 2022-04-28T13:12:23Z
Astra Pro Addon < 3.5.2 - Unauthenticated SQL Injection - CVE-2021-24507 : RandomRobbieBF/CVE-2021-24507 create time: 2022-04-28T13:10:55Z
Solar Appscreener XXE : jet-pentest/CVE-2022-24449 create time: 2022-04-28T12:51:01Z
no description : Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2021-39706 create time: 2022-04-28T11:30:43Z
no description : ShaikUsaf/external_libexif_AOSP10_CVE-2020-0452 create time: 2022-04-28T10:23:41Z
no description : Trinadh465/device_renesas_kernel_AOSP10_r33_CVE-2021-33034 create time: 2022-04-28T10:04:41Z
no description : ShaikUsaf/packages_apps_Bluetooth_AOSP10_r33_CVE-2021-0329 create time: 2022-04-28T08:41:00Z
no description : ShaikUsaf/packages_apps_Bluetooth_AOSP10_r33_CVE-2021-0328 create time: 2022-04-28T08:28:31Z
no description : Satheesh575555/linux-4.19.72_CVE-2021-45485 create time: 2022-04-28T07:38:04Z
no description : Satheesh575555/external_expat_AOSP10_r33_CVE-2022-23990 create time: 2022-04-28T05:39:11Z
for kernel 3.18.x : enceka/cve-2019-2215-3.18 create time: 2022-04-28T03:47:00Z
no description : RedLeavesChilde/CVE-2021-40444 create time: 2022-04-28T02:14:10Z
CVE-2022-28454 : YavuzSahbaz/Limbas-4.3.36.1319-is-vulnerable-to-Cross-Site-Scripting-XSS- create time: 2022-04-28T01:12:19Z
no description : QwertyStack/CVE-2021-40444_PoC create time: 2022-04-27T20:38:22Z
CVE-2021-41773&CVE-2021-42013 : wangfly-me/Apache_Penetration_Tool create time: 2022-04-27T15:17:38Z
no description : Nivaskumark/A10_system_bt_CVE-2021-0589 create time: 2022-04-27T12:08:18Z
no description : Nivaskumark/expat_A10_r33_2_2_6_CVE-2022-23990 create time: 2022-04-27T11:46:00Z
OS X 10.11.6 LPE PoC for CVE-2016-4655 / CVE-2016-4656 : liangle1986126z/jndok create time: 2022-04-27T09:11:28Z
no description : khidottrivi/CVE-2022-22965 create time: 2022-04-27T07:57:50Z
no description : pazhanivel07/Settings_10-r33_CVE-2020-0394_02 create time: 2022-04-27T04:59:22Z
no description : pazhanivel07/Settings_10-r33_CVE-2020-0394 create time: 2022-04-27T04:42:49Z
no description : nanopathi/frameworks_base1_CVE-2021-0315 create time: 2022-04-27T05:01:30Z
no description : nanopathi/packages_apps_Settings_CVE-2021-0394 create time: 2022-04-27T04:40:51Z
Image Magick Exploit for CVE-2016–3714 : MrrRaph/pandagik create time: 2022-04-26T17:12:36Z
no description : nanopathi/Packages_wpa_supplicant8_CVE-2021-0326 create time: 2022-04-26T14:41:51Z
no description : Satheesh575555/external_wpa_supplicant_8_AOSP10_r33_CVE-2021-0326 create time: 2022-04-26T14:33:04Z
CVE-2021-4034 PoC : 0x4ndy/CVE-2021-4034-PoC create time: 2022-04-20T19:44:03Z
Django QuerySet.annotate(), aggregate(), extra() SQL 注入 : DeEpinGh0st/CVE-2022-28346 create time: 2022-04-26T14:47:56Z
no description : nanopathi/wpa_supplicant_8_CVE-2021-0326. create time: 2022-04-26T14:19:31Z
no description : nanopathi/packages_apps_ManagedProvisioning_CVE-2021-39692 create time: 2022-04-26T13:03:35Z
no description : pazhanivel07/frameworks_base_Aosp10_r33_CVE-2021-0315 create time: 2022-04-26T12:46:33Z
no description : nanopathi/linux-4.19.72_CVE-2021-3347 create time: 2022-04-26T11:32:34Z
dingdingtest : w1023913214/CVE-2022-8899 create time: 2022-04-26T11:26:18Z
no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-39704 create time: 2022-04-26T11:04:14Z
no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0315 create time: 2022-04-26T10:38:35Z
PoC for Dirty COW (CVE-2016-5195) : passionchenjianyegmail8/scumjrs create time: 2022-04-26T08:54:16Z
no description : w1023913214/CVE-2022-15213 create time: 2022-04-26T08:34:37Z
no description : lavclash75/CVE-2021-36394-Pre-Auth-RCE-in-Moodle create time: 2022-04-26T07:52:24Z
test dingding : w1023913214/CVE-2022-3333 create time: 2022-04-26T08:05:12Z
CVE-2022-22947 注入Godzilla内存马 : whwlsfb/cve-2022-22947-godzilla-memshell create time: 2022-04-26T05:48:27Z
no description : lowkey0808/cve-2022-29464 create time: 2022-04-26T05:28:39Z
CVE-2021-20038 multithreaded Mass Scanner and Exploiter tool. SonicWall SMA-100 Unauth RCE Exploit : XmasSnowREAL/CVE-2021-20038-Mass-RCE create time: 2022-04-26T04:38:11Z
Make it possible to build a vulnerable webmin virtual environment as a container using docker : dnr6419/CVE-2021-32157 create time: 2022-04-26T01:49:11Z
CVE-2021-43857(gerapy命令执行) : lowkey0808/CVE-2021-43857 create time: 2022-04-26T01:38:06Z
JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component. : XmasSnowREAL/CVE-2020-15823 create time: 2022-04-25T19:16:00Z
A Zeek package to detect CVE-2021-42292, a Microsoft Excel local privilege escalation exploit. : XmasSnowREAL/CVE-2021-42292 create time: 2022-04-25T18:48:42Z
CVE-2022-26809 is a vulnerability in Remote Procedure Call Runtime : XmasSnowREAL/CVE-2022-26809-RCE create time: 2022-04-25T18:40:24Z
Test tool to demonstrate the vulnerability of CVE-2022-21449 : Damok82/SignChecker create time: 2022-04-25T16:02:24Z
The RRS v500 application is vulnerable to a Local File Inclusion (LFI) vulnerability. : TheGetch/CVE-2022-29597 create time: 2022-04-21T20:22:38Z
The RRS v500 application is vulnerable to a reflected Cross-Site Scripting (XSS) vulnerability. : TheGetch/CVE-2022-29598 create time: 2022-04-21T20:14:29Z
SXF VPN RCE : shirouQwQ/CVE-2022-2333 create time: 2022-04-25T10:13:40Z
no description : anldori/Drupal-CVE-2018-7600 create time: 2022-04-25T08:46:00Z
no description : nanopathi/packages_apps_Settings_CVE-2021-0586 create time: 2022-04-25T07:58:29Z
SQL injection in QuerySet.annotate(), aggregate(), and extra() : YouGina/CVE-2022-28346 create time: 2022-04-25T08:27:34Z
no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0339 create time: 2022-04-25T07:09:36Z
cve-2021-32849(gerapy命令执行) : lowkey0808/cve-2021-32849 create time: 2022-04-25T06:44:46Z
no description : nanopathi/framework_base_AOSP10_r33_CVE-2020-0227 create time: 2022-04-25T06:18:58Z
no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0954 create time: 2022-04-25T05:13:39Z
A basic analysis about CVE-2021-35942. SQL injection in Django. : WynSon/CVE-2021-35042 create time: 2022-04-25T02:50:00Z
no description : k4u5h41/CVE-2022-29464 create time: 2022-04-24T22:40:38Z
😭 WSOB is a python created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. : oppsec/WSOB create time: 2022-04-24T18:25:26Z
My research about CVE-2021-4034 : antoinenguyen-09/CVE-2021-4034 create time: 2022-04-24T14:52:55Z
POC Code for gaining foothold on a server vulnerable to CVE_2019_15107 : merlin-ke/CVE_2019_15107 create time: 2019-09-24T19:02:19Z
Zeek script to detect exploitation attempts of CVE-2022-21449 for TLS connections : thack1/CVE-2022-21449 create time: 2022-04-24T10:59:11Z
no description : LogSec/CVE-2013-2006 create time: 2022-04-24T07:42:14Z
no description : LogSec/CVE-2013-0212 create time: 2022-04-24T06:13:43Z
Proof of concept exploit for CVE-2021-42697: Akka HTTP 10.1.x before 10.1.15 and 10.2.x before 10.2.7 can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a User-Agent header with deeply nested comments. : cxosmo/CVE-2021-42697 create time: 2022-04-24T05:51:24Z
Proof of concept exploit for CVE-2022-29548: A reflected XSS issue exists in the Management Console of several WSO2 products. This affects API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0, 6.4.0, 6.5.0, and 6.6.0; IS as Key Manager 5.5.0, 5.6.0, 5.7.0, 5.9.0, and 5.10.0; Identity Server 5.5.0, 5.6.0, 5.7.0, 5.9.0, 5.10.0, and 5.11.0; Identity Server Analytics 5.5.0 and 5.6.0; and WSO2 Micro Integrator 1.0.0. : cxosmo/CVE-2022-29548 create time: 2022-04-24T06:00:25Z
CVE-2021-20038 multithreaded Mass Scanner and Exploiter tool. SonicWall SMA-100 Unauth RCE Exploit : ExploitPwner/CVE-2021-20038-Mass-RCE create time: 2022-04-24T02:02:54Z
no description : B0nfee/CVE-2022-21882 create time: 2022-04-23T17:49:59Z
no description : B0nfee/CVE-2022-25636 create time: 2022-04-23T17:49:30Z
no description : B0nfee/CVE-2022-0995 create time: 2022-04-23T17:48:40Z
no description : roger109/CVE-2022-26809-RCE-POC create time: 2022-04-23T16:05:36Z
CVE-2022-26809-RCE : oppongjohn/CVE-2022-26809-RCE create time: 2022-04-23T16:01:44Z
no description : nanopathi/frameworks_native_AOSP10_r33_CVE-2021-0318 create time: 2022-04-23T12:43:31Z
no description : LogSec/CVE-2010-2387 create time: 2022-04-23T12:24:23Z
no description : rafaelchriss/CVE-2021-3279 create time: 2022-04-23T12:30:21Z
no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0306_CVE-2021-0317 create time: 2022-04-23T10:05:37Z
no description : mariomamo/CVE-2022-22965 create time: 2022-04-23T09:01:22Z
no description : nanopathi/framework_base_AOSP10_r33_CVE-2020-0401 create time: 2022-04-23T08:17:35Z
no description : nanopathi/framework_base_AOSP10_r33_CVE-2020-0137 create time: 2022-04-23T07:02:41Z
no description : ShaikUsaf/linux-4.19.72_CVE-2020-14356 create time: 2022-04-23T06:45:44Z
no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0513 create time: 2022-04-23T05:50:23Z
no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2021-0705 create time: 2022-04-23T04:47:32Z
no description : ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-0337 create time: 2022-04-23T04:41:42Z
no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0327 create time: 2022-04-23T03:01:52Z
Repository containing nse script for vulnerability CVE-2022-29464 known as WSO2 RCE. : gpiechnik2/nmap-CVE-2022-29464 create time: 2022-04-22T21:23:57Z
no description : 0xAgun/CVE-2022-29464 create time: 2022-04-22T22:13:45Z
A python script/generator, for generating and exploiting Microsoft vulnerability : BRAINIAC22/CVE-2017-0199 create time: 2022-04-22T19:10:16Z
no description : ShaikUsaf/ShaikUsaf-packages_apps_settings_AOSP10_r33_CVE-2020-0188 create time: 2022-04-22T10:24:13Z
no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0683_CVE-2021-0708 create time: 2022-04-22T09:39:02Z
no description : jones199023/CVE-2022-26809 create time: 2022-04-22T10:21:30Z
no description : ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2021-0481 create time: 2022-04-22T09:10:38Z
no description : martinfrancois/CVE-2021-36460 create time: 2022-04-22T08:33:47Z
CVE-2022-25943 : webraybtl/CVE-2022-25943 create time: 2022-04-22T08:30:55Z
no description : Satheesh575555/external_tcpdump_AOSP10_r33_CVE-2019-15166 create time: 2022-04-22T07:43:37Z
no description : CberryAIRDROP/CVE-2022-26809-RCE create time: 2021-09-01T09:48:31Z
no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2020-0203 create time: 2022-04-22T06:59:37Z
no description : pazhanivel07/frameworks_av-CVE-2020-0218 create time: 2022-04-22T06:32:40Z
no description : Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2021-0336 create time: 2022-04-22T06:36:57Z
no description : nanopathi/packages_providers_MediaProvider_AOSP10_r33_CVE-2021-0340 create time: 2022-04-22T06:24:14Z
no description : pazhanivel07/frameworks_base_Aosp10_r33_CVE-2021-0595 create time: 2022-04-22T06:09:00Z
no description : nanopathi/packages_apps_Bluetooth_AOSP10_r33_CVE-2020-0183 create time: 2022-04-22T05:28:45Z
no description : nanopathi/system_bt_AOSP10_r33_CVE-2021-0522 create time: 2022-04-22T04:59:56Z
no description : gudyrmik/CVE-2021-44142 create time: 2022-04-22T04:46:54Z
WSO2 RCE (CVE-2022-29464) : h3v0x/CVE-2022-29464 create time: 2022-04-22T05:19:51Z
cve-2022-29464 批量脚本 : Lidong-io/cve-2022-29464 create time: 2022-04-22T02:01:39Z
A Zeek detector for CVE-2022-24497. : corelight/CVE-2022-24497 create time: 2022-04-13T17:12:59Z
no description : nanopathi/external_libavc_AOSP10_r33_CVE-2021-0519 create time: 2022-04-21T18:47:00Z
Demos the Psychic Signatures vulnerability (CVE-2022-21449) : marschall/psychic-signatures create time: 2022-04-21T16:26:50Z
Pre-auth RCE bug CVE-2022-29464 : mr-r3bot/WSO2-CVE-2022-29464 create time: 2022-04-21T14:47:18Z
no description : nanopathi/system_core_AOSP10_r33_CVE-2020-0409 create time: 2022-04-21T11:30:46Z
no description : Trinadh465/frameworks_base_AOSP_r33_CVE_2021-0334 create time: 2022-04-21T12:22:55Z
no description : nanopathi/frameworks_av_AOSP10_r33_CVE-2021-0437 create time: 2022-04-21T10:37:06Z
no description : nanopathi/frameworks_av_AOSP10_r33_CVE-2020-0160 create time: 2022-04-21T09:36:45Z
just demo an exploit : killvxk/CVE-2021-3972 create time: 2022-04-21T10:25:32Z
no description : c4mx/CVE-2022-22965_PoC create time: 2022-04-21T10:17:42Z
CVE-2016-10924 - Directory traversal vulnerability in WordPress ebook-download plugin(<1.2). PoC + PID Bruteforce in Python. : rvizx/CVE-2016-10924 create time: 2022-04-21T09:21:56Z
no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2021-0640 create time: 2022-04-21T08:53:08Z
no description : c4mx/CVE-2022-22965_PoC create time: 2022-04-21T08:37:48Z
no description : nanopathi/frameworks_av_AOSP10_r33_CVE-2021-0508 create time: 2022-04-21T08:15:00Z
no description : pazhanivel07/system_bt_A10_r33_CVE-2021-0474 create time: 2022-04-21T07:22:59Z
no description : nanopathi/system_bt_AOSP10_r33_CVE-2021-0431 create time: 2022-04-21T07:20:59Z
no description : achuna33/CVE-2022-0265 create time: 2022-04-21T08:24:26Z
no description : c4mx/CVE-2022-22965_PoC create time: 2022-04-21T08:20:37Z
no description : ShaikUsaf/system_bt_AOSP10_r33_CVE-2021-0431 create time: 2022-04-21T07:05:53Z
no description : ShaikUsaf/system_bt_AOSP10_r33_CVE-2021-0435 create time: 2022-04-21T06:54:34Z
no description : nanopathi/system_bt_AOSP10_r33_CVE-2021-0435 create time: 2022-04-21T06:37:09Z
no description : tufanturhan/wso2-rce-cve-2022-29464 create time: 2022-04-21T06:48:35Z
no description : nanopathi/system_media_AOSP10_r33_CVE-2020-0458 create time: 2022-04-21T06:20:46Z
no description : Trinadh465/frameworks_av_AOSP10_r33_CVE-2021-0509 create time: 2022-04-21T06:23:26Z
no description : nanopathi/system_media_AOSP10_r33_CVE-2020-0458 create time: 2022-04-21T05:28:58Z
no description : 0xUhaw/CVE-2022-0778 create time: 2022-04-21T04:04:27Z
WSO2 RCE (CVE-2022-29464) exploit. : hakivvi/CVE-2022-29464 create time: 2022-04-20T21:23:52Z
This repository contains a PoC for remote code execution CVE-2022-26809 : DESC0N0C1D0/CVE-2022-26809-RCE create time: 2022-04-20T20:54:26Z
CVE-2022-21449 Proof of Concept demonstrating its usage with a vulnerable client and a malicious TLS server : khalednassar/CVE-2022-21449-TLS-PoC create time: 2022-04-20T20:31:15Z
CVE-2018-14714 PoC RCE : sunn1day/CVE-2018-14714-POC create time: 2022-04-20T20:12:36Z
CVE-2020-36109 PoC causing DoS : sunn1day/CVE-2020-36109-POC create time: 2022-04-20T20:07:51Z
Tool which leverages CVE-2021-36798 (HotCobalt) and related work from SentinelOne to DoS CobaltStrike 4.2 and 4.3 servers : hariomenkel/CobaltSploit create time: 2022-04-20T16:36:23Z
no description : yavolo/CVE-2018-6574 create time: 2022-04-20T16:03:00Z
no description : pazhanivel07/system_bt_A10-r33_CVE-2020-0176 create time: 2022-04-20T13:17:24Z
no description : pazhanivel07/hardware_interfaces-A10_r33_CVE-2021-0510 create time: 2022-04-20T12:29:25Z
no description : 0xBrAinsTorM/CVE-2021-36981 create time: 2022-04-20T12:26:24Z
no description : Trinadh465/frameworks_base_AOSP10_r33_CVE-2021-0433 create time: 2022-04-20T12:03:35Z
CVE-2022-21449 Vulnerability tester : jmiettinen/CVE-2022-21449-vuln-test create time: 2022-04-20T11:47:55Z
no description : jfrog/jfrog-CVE-2022-21449 create time: 2022-04-20T10:23:07Z
no description : Phantomlancer123/CVE-2017-0199 create time: 2022-04-20T09:07:52Z
CVE-2017-9841批量扫描及利用脚本。PHPUnit是其中的一个基于PHP的测试框架。 PHPUnit 4.8.28之前的版本和5.6.3之前的5.x版本中的Util/PHP/eval-stdin.php文件存在安全漏洞。远程攻击者可通过发送以‘<?php’字符串开头的HTTP POST数据利用该漏洞执行任意PHP代码。 : jax7sec/CVE-2017-9841 create time: 2022-04-20T07:01:20Z
no description : ShaikUsaf/system_bt_AOSP10_r33_CVE-2021-0475 create time: 2022-04-20T06:36:43Z
no description : ShaikUsaf/system_bt_AOSP10_r33_CVE-2020-0380 create time: 2022-04-20T06:19:13Z
no description : Grazee/CVE-2022-1329-WordPress-Elementor-RCE create time: 2022-04-20T01:06:01Z
no description : khalednassar/CVE-2020-27301-hostapd create time: 2022-04-19T17:07:23Z
no description : ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2020-0416 create time: 2022-04-19T18:12:43Z
no description : ixSly/CVE-2021-43515 create time: 2022-04-19T16:35:57Z
no description : XHSecurity/CVE-2022-26809 create time: 2022-04-19T14:26:33Z
ms15-034 or CVE-2015-1635 批量扫描 : SkinAir/ms15-034-Scan create time: 2022-04-19T13:32:56Z
no description : Satheesh575555/packages_providers_MediaProvider_AOSP10_r33_CVE-2021-0340 create time: 2022-04-19T13:15:49Z
no description : Satheesh575555/system_bt_AOSP10_r33_CVE-2021-0589 create time: 2022-04-19T11:37:01Z
no description : ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2020-0394 create time: 2022-04-19T11:06:28Z
no description : pazhanivel07/openjpeg-2.3.0_CVE-2020-27824 create time: 2022-04-19T10:53:52Z
no description : Satheesh575555/frameworks_base_AOSP10_r33_CVE-2020-0401 create time: 2022-04-19T10:24:11Z
cve-2022-26809 Remote Code Execution Exploit in the RPC Library : XmasSnow1/cve-2022-26809 create time: 2022-04-19T10:01:54Z
CVE-2022-26809 exploit : BugHunter010/CVE-2022-26809 create time: 2022-04-19T09:28:28Z
CVE-2021-4034 : karaname/pkexec-exploit create time: 2022-04-19T08:46:43Z
no description : Satheesh575555/frameworks_native_AOSP10_r33_CVE-2021-0332 create time: 2022-04-19T06:06:57Z
XmasSnow-is-scammer : XmasSnow-is-scammer/CVE-2022-26809 create time: 2022-04-19T06:14:28Z
A pkexec CVE-2021-4034 vulnerability exploit : rhin0cer0s/CVE-2021-4034 create time: 2022-04-19T05:01:19Z
A web application vulnerable to CVE-2020-14343 insecure deserialization leading to command execution in PyYAML package. : j4k0m/loader-CVE-2020-14343 create time: 2022-04-19T02:06:41Z
no description : hemazoher/CVE-2022-26809-RCE create time: 2022-04-18T22:30:32Z
vuln scaner and exploit : HellKnightsCrew/CVE-2022-26809 create time: 2022-04-18T19:26:59Z
7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. : sentinelblue/CVE-2022-29072 create time: 2022-04-18T18:59:01Z
no description : puneetbehl/grails3-cve-2022-27772 create time: 2022-04-18T17:32:49Z
Powershell to mitigate CVE-2022-29072 : tiktb8/CVE-2022-29072 create time: 2022-04-18T17:08:43Z
no description : ShaikUsaf/frameworks_native_AOSP10_r33_ShaikUsaf-frameworks_native_AOSP10_r33_CVE-2020-0226 create time: 2022-04-18T15:24:51Z
Watchguard RCE POC CVE-2022-26318 : h3llk4t3/Watchguard-RCE-POC-CVE-2022-26318 create time: 2022-04-18T15:14:30Z
CVE-2019-15107 : f0rkr/CVE-2019-15107 create time: 2022-04-18T11:25:42Z
no description : Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2020-0219 create time: 2022-04-18T11:45:18Z
no description : Satheesh575555/frameworks_base_AOSP10_r33_CVE-2021-0478 create time: 2022-04-18T11:16:45Z
no description : Satheesh575555/frameworks_base_AOSP10_r33_CVE-2021-0319 create time: 2022-04-18T09:31:22Z
CVE-2021-44228 Log4J multithreaded Mass Exploitation tool compatible with URL/IP lists. : ExploitPwner/CVE-2021-44228-Mass-RCE-Log4j create time: 2022-04-18T09:16:05Z
no description : jkakavas/CVE-2022-0778-POC create time: 2022-04-18T07:51:18Z
no description : ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-0705 create time: 2022-04-18T06:51:16Z
no description : Satheesh575555/packages_apps_Nfc_AOSP10_r33_CVE-2021-0594 create time: 2022-04-18T06:06:42Z
no description : 3SsFuck/CVE-2021-31805-POC create time: 2022-04-18T05:28:52Z
no description : w1023913214/CVE-2022-18852 create time: 2022-04-18T06:08:08Z
GitLab 13.10.2 - Remote Code Execution (RCE) (Unauthenticated) cve-2021-22205 : momika233/cve-2021-22205-GitLab-13.10.2---Remote-Code-Execution-RCE-Unauthenticated- create time: 2022-04-18T04:56:18Z
A proof of concept of the CVE-2022-26809-RCE vulnerability. : F1uk369/CVE-2022-26809 create time: 2022-04-18T03:45:45Z
first golang implementation ever : qasj/CVE-2021-4034 create time: 2022-04-18T01:20:16Z
CVE-2015-1635-POC,指定IP与端口验证HTTP.sys漏洞是否存在 : w01ke/CVE-2015-1635-POC create time: 2022-04-17T16:48:44Z
PoC for CVE-2021-28476 a guest-to-host "Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys. : dengyang123x/0vercl0k create time: 2022-04-17T17:00:49Z
A Log4j vulnerability scanner is used to identify the CVE-2021-44228 and CVE_2021_45046 : manishkanyal/log4j-scanner create time: 2022-04-17T11:01:24Z
List of CVE-2021-* : mcdulltii/CVE-2021 create time: 2022-04-17T05:56:34Z
WordPress Elementor 3.6.0 3.6.1 3.6.2 RCE POC : mcdulltii/CVE-2022-1329 create time: 2022-04-17T05:44:45Z
Scripted Linux Privilege Escalation for the CVE-2022-0847 "Dirty Pipe" vulnerability : rexpository/Linux-privilege-escalation create time: 2022-04-17T04:28:24Z
Seowon 130-SLC router - 'queriesCnt' Remote Code Execution (Unauthenticated) : TAPESH-TEAM/CVE-2021-42230-Seowon-130-SLC-router-queriesCnt-Remote-Code-Execution-Unauthenticated create time: 2021-12-01T20:12:56Z
Exploit for CVE-2021-22204. : UNICORDev/exploit-CVE-2021-22204 create time: 2022-04-16T22:49:47Z
Repository containing nse script for vulnerability CVE-2022-21907. It is a component (IIS) vulnerability on Windows. It allows remote code execution. The vulnerability affects the kernel module http. sys, which handles most basic IIS operations. : gpiechnik2/nmap-CVE-2022-21907 create time: 2022-04-16T19:13:27Z
Metabase NTLM Attack : secure-77/CVE-2022-24853 create time: 2022-04-16T19:41:15Z
Laravel RCE (CVE-2021-3129) : joshuavanderpoll/CVE-2021-3129 create time: 2022-04-16T17:22:55Z
PoC for CVE-2021-39749, allowing starting arbitrary Activity on Android 12L Beta : michalbednarski/OrganizerTransaction create time: 2022-04-16T16:36:48Z
CVE 2022-22954 - VMWare Workspace ONE Acess SSTI : astraztech/vmware4shell create time: 2022-04-16T15:54:43Z
CVE-2021-44529 Ivanti EPM 云服务设备 (CSA) 中的代码注入漏洞允许未经身份验证的用户以有限的权限(nobody)执行任意代码。 : jax7sec/CVE-2021-44529 create time: 2022-04-16T15:19:39Z
no description : XmasSnow/CVE-2022-26809-RCE create time: 2022-04-16T14:09:59Z
no description : AkuCyberSec/CVE-2022-1329-WordPress-Elementor-3.6.0-3.6.1-3.6.2-Remote-Code-Execution-Exploit create time: 2022-04-15T19:37:35Z
PoC for CVE-2021-31805 (Apache Struts2) : aeyesec/CVE-2021-31805 create time: 2022-04-15T16:09:52Z
vulnerability in version 20.21.7 of D2L Learning Management System (LMS) : Skotizo/CVE-2021-43129 create time: 2022-04-12T21:04:44Z
7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. : kagancapar/CVE-2022-29072 create time: 2022-04-15T22:59:03Z
CVE-2022-0185 solution : E1efuntik/CVE-2022-0185 create time: 2022-04-15T20:56:54Z
CVE-2022-22954 VMware Workspace ONE Access free marker SSTI : MLX15/CVE-2022-22954 create time: 2022-04-15T19:26:56Z
Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947) : twseptian/cve-2022-22947 create time: 2022-04-15T15:41:36Z
spring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP,CVE-2022-22963 : hktalent/spring-spel-0day-poc create time: 2022-03-26T01:40:04Z
Apache Struts2 S2-062远程代码执行漏洞(CVE-2021-31805) 支持批量扫描漏洞及漏洞利用 : jax7sec/S2-062 create time: 2022-04-15T11:30:26Z
Apache Struts2 S2-062远程代码执行漏洞(CVE-2021-31805) : Axx8/Struts2_S2-062_CVE-2021-31805 create time: 2022-04-15T10:28:29Z
no description : tufanturhan/CVE-2022-21971-Windows-Runtime-RCE create time: 2022-04-15T09:14:22Z
no description : tufanturhan/CVE-2022-0847-L-nux-PrivEsc create time: 2022-04-15T09:11:43Z
no description : MagicPiperSec/WPS-CVE-2022-24934 create time: 2022-04-15T09:08:00Z
no description : Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2021-0331 create time: 2022-04-15T05:45:49Z
S2-062 (CVE-2021-31805) / S2-061 / S2-059 RCE : Wrin9/CVE-2021-31805 create time: 2022-04-15T04:23:44Z
CVE-2022-26809-RCE-EXP-POC : SeptS9119/CVE-2022-26809 create time: 2022-04-15T04:35:41Z
CVE-2022-26809-RCE-EXP : gitcomit/scemer2 create time: 2022-04-15T04:27:58Z
CVE-2022-26809-RCE-EXP : genieyou/CVE-2022-26809-RCE create time: 2022-04-15T04:13:22Z
远程代码执行S2-062 CVE-2021-31805验证POC : YanMu2020/s2-062 create time: 2022-04-15T01:50:14Z
CVE-2022-26809-RCE-EXP : SeptS9119/CVE-2022-26809-RCE create time: 2022-04-15T03:19:22Z
no description : 3SsFuck/CVE-2022-22954-POC create time: 2022-04-15T02:24:22Z
no description : SeptS0/CVE-2022-26809-RCE create time: 2022-04-14T23:42:17Z
Proof of Concept for exploiting VMware CVE-2022-22954 : tyleraharrison/VMware-CVE-2022-22954-Command-Injector create time: 2022-04-14T23:38:06Z
no description : Neimar47574/CVE-2022-24087 create time: 2022-04-14T16:56:08Z
no description : h0cksr/Fastjson--CVE-2017-18349- create time: 2022-04-14T16:31:46Z
no description : astyn9/Exploit-Medium-CVE-2021-41184 create time: 2022-04-14T13:42:54Z
no description : VVeakee/CVE-2017-12149 create time: 2022-04-14T13:24:51Z
Spring Cloud Function SPEL表达式注入漏洞(CVE-2022-22963) : k3rwin/spring-cloud-function-rce create time: 2022-04-14T11:10:50Z
CVE-2022-0185 exploit : featherL/CVE-2022-0185-exploit create time: 2022-04-14T10:46:04Z
no description : auduongxuan/CVE-2022-26809 create time: 2022-04-14T08:21:10Z
Remote Code Execution Exploit in the RPC Library : websecnl/CVE-2022-26809 create time: 2022-04-14T08:12:24Z
no description : mr-r3b00t/cve-2022-26809 create time: 2022-04-14T07:50:16Z
no description : sh-ubh/CVE-2018-1002105 create time: 2022-04-06T22:28:24Z
no description : VVeakee/CVE-2017-12149 create time: 2022-04-14T06:17:18Z
非常感谢yunxu1师傅提供的源码 : VVeakee/CVE-2017-12149 create time: 2022-04-14T03:30:54Z
The poc for CVE-2022-26809 RCE via RPC will be updated here. : sherlocksecurity/Microsoft-CVE-2022-26809 create time: 2022-04-14T03:41:32Z
no description : 0xkasra/CVE-2015-6967 create time: 2022-04-14T01:57:39Z
no description : 0xkasra/CVE-2017-5638 create time: 2022-04-14T02:48:22Z
PoC for CVE-2017-0075 : MarkusCarelli1/4B5F5F4Bp create time: 2022-04-14T02:16:31Z
no description : 0xkasra/CVE-2019-11447 create time: 2022-04-14T01:45:04Z
no description : AkuCyberSec/CVE-2017-8917-Joomla-370-SQL-Injection create time: 2022-04-13T19:44:19Z
PoC of CVE-2021-30731 : osy/WebcamViewer create time: 2022-04-13T06:13:24Z
CVE-2022-26809 PoC : f8al/CVE-2022-26809 create time: 2022-04-13T18:00:01Z
cve-2020-27955 : userxfan/cve-2020-27955 create time: 2022-04-13T17:16:48Z
CVE-2022-22965-PoC : jeremy-cxf/CVE-2022-22965-PoC create time: 2022-04-13T16:25:25Z
CVE-2022-22954 VMware Workspace ONE Access freemarker SSTI 漏洞 命令执行、批量检测脚本 : bewhale/CVE-2022-22954 create time: 2022-04-13T16:18:56Z
POC For CVE-2022-24483 : waleedassar/CVE-2022-24483 create time: 2022-04-12T18:04:29Z
spring4shell | CVE-2022-22965 : 0zvxr/CVE-2022-22965 create time: 2022-04-12T14:59:42Z
no description : Satheesh575555/system_bt_AOSP_10_r33_CVE-2021-0316 create time: 2022-04-13T12:51:46Z
Spring4Shell , Spring Framework RCE (CVE-2022-22965) , Burpsuite Plugin : Loneyers/Spring4Shell create time: 2022-04-11T12:37:58Z
no description : jfrog/jfrog-CVE-2022-24675 create time: 2022-04-13T09:05:33Z
Easy!Appointments < 1.4.3 - Unauthenticated PII (events) disclosure : Acceis/exploit-CVE-2022-0482 create time: 2022-04-13T09:00:44Z
VMware Workspace ONE Access and Identity Manager RCE via SSTI - Test script with in modes. : tunelko/CVE-2022-22954-PoC create time: 2022-04-13T08:52:15Z
not an exploit or a poc : killvxk/CVE-2022-26809 create time: 2022-04-13T07:23:46Z
VMware Workspace ONE Access远程代码执行漏洞 / Code By:Jun_sheng : Jun-5heng/CVE-2022-22954 create time: 2022-04-13T04:25:54Z
exploitation script tryhackme : Omaraitbenhaddi/-Spring4Shell-CVE-2022-22965- create time: 2022-04-13T00:15:55Z
PoC for CVE-2022-22954 - VMware Workspace ONE Access Freemarker Server-Side Template Injection : DrorDvash/CVE-2022-22954_VMware_PoC create time: 2022-04-12T21:15:27Z
no description : Wangsafz/cve-2017-0358.sh create time: 2022-04-12T14:44:13Z
no description : Chocapikk/CVE-2021-41773 create time: 2022-04-12T13:25:58Z
Scanner for network for CVE-2005-1794. : InitRoot/CVE-2005-1794Scanner create time: 2022-04-12T12:18:12Z
no description : Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2020-0188 create time: 2022-04-12T12:25:22Z
no description : Satheesh575555/frameworks_base_AOSP10_r33_CVE-2021-0688 create time: 2022-04-12T11:40:23Z
no description : Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2021-0506 create time: 2022-04-12T11:02:00Z
no description : Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2021-0600 create time: 2022-04-12T10:53:20Z
no description : Greenwolf/CVE-2022-1175 create time: 2022-04-12T11:00:56Z
no description : Greenwolf/CVE-2022-1162 create time: 2022-04-12T10:56:10Z
CVE-2022-22954 Açığı test etme : MSeymenD/CVE-2022-22954-Testi create time: 2022-04-12T09:35:17Z
no description : Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2020-0188 create time: 2022-04-12T08:55:40Z
no description : mumu2020629/-CVE-2022-22954-scanner create time: 2022-04-12T08:36:33Z
no description : lucksec/VMware-CVE-2022-22954 create time: 2022-04-12T06:35:10Z
提供单个或批量URL扫描是否存在CVE-2022-22954功能 : axingde/CVE-2022-22954-POC create time: 2020-10-09T10:14:50Z
CVE-2022-22954-VMware-RCE批量检测POC : chaosec2021/CVE-2022-22954-VMware-RCE create time: 2022-04-12T05:48:24Z
Local privilege escalation for OS X 10.10.5 via CVE-2016-1828. : zqlblingzs/bazad5 create time: 2022-04-12T04:20:14Z
CMPT733 Cybersecurity Lab II Project: GDB plugin for heap exploits inspired by CVE-2021-3156 : ypl6/heaplens create time: 2022-03-22T00:55:51Z
提供批量扫描URL以及执行命令功能。Workspace ONE Access 模板注入漏洞,可执行任意代码 : jax7sec/CVE-2022-22954 create time: 2022-04-12T04:14:36Z
TerraMaster TOS Unauthenticated Attacker Vulnerability CVE-2022-24990 : antx-code/CVE-2022-24990 create time: 2022-04-12T02:45:56Z
no description : aniqfakhrul/CVE-2022-22954 create time: 2022-04-11T23:21:50Z
CVE-2022-22954 is a server-side template injection vulnerability in the VMware Workspace ONE Access and Identity Manager : Vulnmachines/VMWare_CVE-2022-22954 create time: 2022-04-11T19:46:56Z
Exploiting CVE 2003-0264 with a buffer-overflow attack using Python3 : vaknin/SLMail5.5 create time: 2022-04-11T19:13:14Z
POC for VMWARE CVE-2022-22954 : sherlocksecurity/VMware-CVE-2022-22954 create time: 2022-04-11T13:59:23Z
no description : nanopathi/external_expat_AOSP10_r33_CVE-2022-22822toCVE-2022-22827 create time: 2022-04-11T13:57:41Z
Spring4Shell (CVE-2022-22965) : zer0yu/CVE-2022-22965 create time: 2022-04-01T12:37:32Z
no description : nanopathi/external_expat_AOSP10_r33_CVE-2021-46143 create time: 2022-04-11T12:29:22Z
no description : Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2021-0333 create time: 2022-04-11T12:14:18Z
no description : nanopathi/external_expat_AOSP10_r33_CVE-2021-45960 create time: 2022-04-11T11:45:57Z
no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0314 create time: 2022-04-11T10:29:13Z
no description : Satheesh575555/frameworks_base_AOSP10_r33_CVE-2020-0439 create time: 2022-04-11T10:13:43Z
no description : Satheesh575555/system_bt_AOSP10_r33-CVE-2020-0138 create time: 2022-04-11T09:48:51Z
no description : Satheesh575555/system_bt_AOSP10_r33_CVE-2020-0138 create time: 2022-04-11T09:20:41Z
no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0391 create time: 2022-04-11T08:57:29Z
burp被动扫描插件,目前只有CVE-2022-22947 : F6JO/Burp_VulPscan create time: 2022-04-11T06:19:24Z
CVE-2018-4185: iOS 11.2-11.2.6 kernel pointer disclosure introduced by Apple's Meltdown mitigation. : Giler2004/bazad1 create time: 2022-04-10T15:50:41Z
no description : nanopathi/system_bt_AOSP10_r33_CVE-2021-0507 create time: 2022-04-10T08:26:52Z
no description : f01965/CVE-2018-5146 create time: 2022-04-10T02:12:37Z
no description : f01965/CVE-2019-8014 create time: 2022-04-10T00:53:46Z
no description : persian64/CVE-2014-6271 create time: 2022-04-09T21:24:12Z
no description : persian64/CVE-2007-2447 create time: 2022-04-09T21:12:11Z
Script to check for Spring4Shell vulnerability : jrgdiaz/Spring4Shell-CVE-2022-22965.py create time: 2022-04-09T08:40:49Z
phpunit-shell | CVE_2017-9841 : 0zvxr/CVE-2017-9841 create time: 2022-04-09T11:12:58Z
no description : fransvanbuul/CVE-2022-22965-susceptibility create time: 2022-04-09T07:45:08Z
no description : mappl3/CVE-2019-0841 create time: 2022-04-09T05:19:25Z
Config files for my GitHub profile. : cveiga2008/cveiga2008 create time: 2022-04-08T22:15:46Z
Ported golang version of dirtycow.c : ArkAngeL43/CVE-2016-5195 create time: 2022-04-08T18:18:36Z
POC for the priv esc exploit in PKEXEC [ CVE -2021-4034 ] ( needs fixing, not the best) Converted into go : ArkAngeL43/CVE-2021-4034 create time: 2022-04-08T17:55:53Z
A DoS exploit for CVE-2022-21907 : polakow/CVE-2022-21907 create time: 2022-04-04T10:53:28Z
just using this for a some labs : Omega-Void/cve-2018-2574 create time: 2022-04-08T17:14:58Z
no description : CalumHutton/CVE-2022-22965-PoC_Payara create time: 2022-04-07T15:26:15Z
Add revert shell : cuongtop4598/CVE-2021-3129-Script create time: 2022-04-08T06:34:17Z
no description : Adash7/CVE-2021-42013 create time: 2022-04-08T06:07:37Z
no description : 0vercl0k/CVE-2022-28281 create time: 2022-04-08T02:49:09Z
no description : Will-Beninger/CVE-2022-22965_SpringShell create time: 2022-04-07T18:48:43Z
no description : tmatejicek/CVE-2015-1397 create time: 2022-04-07T17:01:22Z
Spring Cloud Config CVE-2019-3799|CVE_2020_5410 漏洞检测 : Corgizz/SpringCloud create time: 2022-04-07T14:51:52Z
no description : mr-r3bot/ManageEngine-CVE-2020-28653 create time: 2022-04-07T14:13:29Z
no description : nanopathi/frameworks_av_AOSP10_r33_CVE-2021-0520 create time: 2022-04-07T13:14:03Z
Spring4Shell PoC (CVE-2022-22965) : t3amj3ff/Spring4ShellPoC create time: 2022-04-07T09:13:11Z
no description : nanopathi/linux-4.19.72_CVE-2020-14381 create time: 2022-04-07T07:28:17Z
no description : persian64/CVE-2012-4869 create time: 2022-04-07T04:13:13Z
no description : persian64/CVE-2019-16113_ create time: 2022-04-07T03:57:15Z
CVE-2022-22965写入冰蝎webshell脚本 : 4nth0ny1130/spring4shell_behinder create time: 2022-04-07T03:50:14Z
CVE-2022-22965 pocsuite3 POC : wikiZ/springboot_CVE-2022-22965 create time: 2022-04-07T02:30:26Z
no description : hoaan1995/CVE-2018-9995 create time: 2022-04-07T00:37:26Z
Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive) : alt3kx/CVE-2022-22965 create time: 2022-04-07T00:08:16Z
springFramework_CVE-2022-22965_RCE简单利用 : liangyueliangyue/spring-core-rce create time: 2022-03-31T13:02:18Z
Unauthenticated RCE exploit for Fantec MWiD25-DS : code-byter/CVE-2022-28113 create time: 2022-03-26T21:39:00Z
no description : irgoncalves/irule-cve-2022-22965 create time: 2022-04-06T02:17:36Z
no description : vuongnv3389-sec/CVE-2019-20372 create time: 2022-04-06T16:53:28Z
[CVE-2010-2078] Exploit for UnrealIrcd 3.2.8.1 version (custom modification from a perl script simplifying all posible for bash scripting) : 0bfxgh0st-secondary/UnrealIrcd-3.2.8.1-cve-2010-2075-exploit create time: 2022-04-06T15:52:57Z
no description : netsectuna/CVE-2022-23909 create time: 2022-04-06T16:18:32Z
no description : vuongnv3389-sec/cve-2021-41773 create time: 2022-04-06T14:53:19Z
CVE-2022-26631 - Automatic Question Paper Generator v1.0 SQLi : Cyb3rR3ap3r/CVE-2022-26631 create time: 2022-04-06T15:05:47Z
Exploit a vulnerable Spring application with the Spring4Shell (CVE-2022-22965) Vulnerability. : FourCoreLabs/spring4shell-exploit-poc create time: 2022-03-31T15:01:12Z
Spring-Cloud-Spel-RCE : Ha0Liu/CVE-2022-22947 create time: 2022-04-06T09:40:05Z
The demo code showing the recent Spring4Shell RCE (CVE-2022-22965) : datawiza-inc/spring-rec-demo create time: 2022-04-06T04:17:51Z
RHSB-2022-002 Dirty Pipe - kernel arbitrary file manipulation - (CVE-2022-0847) : mhanief/dirtypipe create time: 2022-04-06T03:29:03Z
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it. : LudovicPatho/CVE-2022-22965_Spring4Shell create time: 2022-04-05T20:34:36Z
CVE-2022-22963 research : SealPaPaPa/SpringCloudFunction-Research create time: 2022-04-05T17:06:55Z
Exploit Of Spring4Shell! : robiul-awal/CVE-2022-22965 create time: 2022-04-05T15:45:47Z
Spring Framework RCE Exploit : luoqianlin/CVE-2022-22965 create time: 2022-04-05T15:41:26Z
Spring4Shell is a critical RCE vulnerability in the Java Spring Framework and is one of three related vulnerabilities published on March 30 : xnderLAN/CVE-2022-22965 create time: 2022-04-05T15:12:15Z
no description : helGayhub233/CVE-2019-1653 create time: 2022-04-05T14:01:13Z
CVE-2022-22947 reproduce : aesm1p/CVE-2022-22947-POC-Reproduce create time: 2022-04-05T10:11:03Z
Spring has Confirmed the RCE in Spring Framework. The team has just published the statement along with the mitigation guides for the issue. Now, this vulnerability can be tracked as CVE-2022-22965. : Snip3R69/spring-shell-vuln create time: 2022-04-05T09:35:41Z
CVE-2020-24186的攻击脚本 : Sakura-501/CVE-2020-24186-exploit create time: 2022-04-05T08:31:56Z
CVE-2021-22555 exploit rewritten with pipe primitive : veritas501/CVE-2021-22555-PipeVersion create time: 2022-04-05T06:35:25Z
CVE-2022-0185 exploit rewritten with pipe primitive : veritas501/CVE-2022-0185-PipeVersion create time: 2022-04-05T07:48:35Z
CVE-2022-25636 exploit rewritten with pipe primitive : veritas501/CVE-2022-25636-PipeVersion create time: 2022-04-05T07:08:09Z
Exploitation of CVE-2022-22639 : jhftss/CVE-2022-22639 create time: 2022-03-17T06:16:54Z
CVE-2021-41773 | CVE-2021-42013 Exploiter Tool : CalfCrusher/Path-traversal-RCE-Apache-2.4.49-2.4.50-Exploit create time: 2022-04-04T22:07:21Z
Vulnerability scanner for Spring4Shell (CVE-2022-22965) : fracturelabs/go-scan-spring create time: 2022-04-04T21:01:26Z
Another spring4shell (Spring core RCE) POC : netcode/Spring4shell-CVE-2022-22965-POC create time: 2022-04-04T20:16:06Z
no description : yywing/cve-2022-0778 create time: 2022-04-04T18:09:06Z
Spring4Shell - CVE-2022-22965 : twseptian/cve-2022-22965 create time: 2022-04-04T16:43:03Z
POC to prove springshell CVE 2022-22965 : anair-it/springshell-vuln-POC create time: 2022-04-04T16:04:55Z
Spring4Shell vulnerability Proof of Concept : sunnyvale-it/CVE-2022-22965-PoC create time: 2022-04-04T13:44:39Z
Intentionally vulnerable Spring app to test CVE-2022-22965 : fracturelabs/spring4shell_victim create time: 2022-04-04T13:35:56Z
Proof-of-concept exploit for CVE-2016-1827 on OS X Yosemite. : superMan7912002/bazad3 create time: 2022-04-04T12:58:14Z
PowerShell port of CVE-2022-22965 vulnerability check by colincowie. : daniel0x00/Invoke-CVE-2022-22965-SafeCheck create time: 2022-04-04T10:37:27Z
no description : nanopathi/system_bt_AOSP10_r33_CVE-2021-0476 create time: 2022-04-04T07:35:45Z
no description : nanopathi/system_bt_AOSP10_r33_CVE-2020-0471 create time: 2022-04-04T06:41:12Z
no description : Satheesh575555/system_bt_AOSP10_r33_CVE-2020-0377 create time: 2022-04-04T04:52:47Z
no description : Satheesh575555/system_bt_AOSP10_r33_CVE-2020-0413 create time: 2022-04-04T04:44:39Z
Nmap Spring4Shell NSE script for Spring Boot RCE (CVE-2022-22965) : gpiechnik2/nmap-spring4shell create time: 2022-04-03T01:27:28Z
Spring Framework RCE via Data Binding on JDK 9+ / spring4shell / CVE-2022-22965 : me2nuk/CVE-2022-22965 create time: 2022-04-01T13:35:01Z
no description : persian64/CVE-2018-7600 create time: 2022-04-03T22:45:53Z
Atlassian Jira XSS attack via Server Side Request Forgery (SSRF). : labsbots/CVE-2017-9506 create time: 2022-04-03T16:23:13Z
Apache forward request CVE : Kashkovsky/CVE-2021-40438 create time: 2022-04-03T15:24:24Z
no description : selectarget/laravel-CVE-2021-3129-EXP create time: 2022-04-03T14:06:29Z
Linux “Dirty Pipe” vulnerability gives unprivileged users root access : xnderLAN/CVE-2022-0847 create time: 2022-04-03T14:08:54Z
A Java application intentionally vulnerable to CVE-2021-44228 : aajuvonen/log4stdin create time: 2022-01-16T16:39:19Z
List of CVE-2020-* : mcdulltii/CVE-2020 create time: 2022-03-29T09:44:40Z
0day VirtualBox 6.1.2 Escape for RealWorld CTF 2020/2021 CVE-2021-2119 : shi10587s/Sauercloude create time: 2022-04-03T09:46:03Z
Environment for CVE-2021-41773 recreation. : bernardas/netsec-polygon create time: 2022-04-02T16:34:45Z
Spring Cloud Function SpEL - cve-2022-22963 : twseptian/cve-2022-22963 create time: 2022-04-03T06:45:51Z
Docker PoC for CVE-2022-22965 with Spring Boot version 2.6.5 : itsecurityco/CVE-2022-22965 create time: 2022-04-03T06:43:07Z
File upload to Remote Code Execution on Zenario CMS 9.0.54156 : minhnq22/CVE-2021-42171 create time: 2021-09-30T02:44:19Z
no description : zanezhub/CVE-2022-1015-1016 create time: 2022-04-02T22:49:40Z
no description : mwojterski/cve-2022-22965 create time: 2022-04-02T19:47:47Z
CVE-2022-23131漏洞利用工具开箱即用。 : Kazaf6s/CVE-2022-23131- create time: 2022-04-02T18:16:56Z
no description : asurti6783/SAP-memory-pipes-desynchronization-vulnerability-MPI-CVE-2022-22536 create time: 2022-04-02T16:12:56Z
DirtyPipe: Exploit for a new Linux vulnerability known as 'Dirty Pipe(CVE-2022-0847)' allows local users to gain root privileges. The vulnerability is tracked as CVE-2022-0847 and allows a non-privileged user to inject and overwrite data in read-only files, including SUID processes that run as root. : drapl0n/dirtypipe create time: 2022-04-02T13:49:03Z
no description : d0l0sapth3/cve20186574 create time: 2022-04-02T12:50:30Z
CVE-2022-22965\Spring-Core-RCE堪比关于 Apache Log4j2核弹级别漏洞exp的rce一键利用 : wjl110/CVE-2022-22965_Spring_Core_RCE create time: 2022-04-02T09:13:54Z
ActiveMQ系列漏洞探测利用工具,包括ActiveMQ 默认口令漏洞及ActiveMQ任意文件写入漏洞(CVE-2016-3088),支持批量探测利用。 : YutuSec/ActiveMQ_Crack create time: 2022-04-02T08:40:10Z
ShellShock interactive-shell exploit : akr3ch/CVE-2014-6271 create time: 2022-04-02T07:30:31Z
XSS via Host Header injection and Steal Password Reset Token of another user : comrade99/CVE-2022-24181 create time: 2022-03-22T08:06:53Z
spring框架RCE漏洞 CVE-2022-22965 : k3rwin/spring-core-rce create time: 2022-03-31T12:41:29Z
Local privilege escalation for OS X 10.10.5 via CVE-2016-1828. : SideGreenHand100/bazad5 create time: 2022-04-02T03:38:21Z
no description : pqlx/CVE-2022-1015 create time: 2022-04-02T03:27:11Z
no description : Wrin9/CVE-2022-22965 create time: 2022-04-02T03:17:48Z
Prova de conceito para a vulnerabilidade Polkit Pkexec: CVE-2021-4034(Pkexec Local Privilege Escalation) : Nosferatuvjr/PwnKit create time: 2022-04-01T19:51:18Z
no description : rwincey/spring4shell-CVE-2022-22965 create time: 2022-03-31T18:09:58Z
PoC for DoS vulnerability CVE-2021-37740 in firmware v3.0.3 of SCN-IP100.03 and SCN-IP000.03 by MDT. The bug has been fixed in firmware v3.0.4. : robertguetzkow/CVE-2021-37740 create time: 2022-04-01T18:07:42Z
no description : ZephrFish/CVE-2022-28251-POC create time: 2022-04-01T15:21:03Z
no description : nanopathi/external_libavc_AOSP10_r33_CVE-2021-0325 create time: 2022-04-01T14:11:58Z
CVE-2022-22965 : wshon/spring-framework-rce create time: 2022-04-01T13:46:55Z
Proof of Concept for CVE-2022-28251 : mubix/CVE-2022-28251-POC create time: 2022-04-01T13:35:48Z
Spring Cloud Function Vulnerable Application / CVE-2022-22963 : me2nuk/CVE-2022-22963 create time: 2022-03-31T14:32:14Z
CVE-2022-22965 Environment : Joe1sn/CVE-2022-22965 create time: 2022-04-01T12:18:29Z
no description : Satheesh575555/frameworks_av_AOSP10_r33_CVE-2020-0245 create time: 2022-04-01T11:04:45Z
no description : ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-0334 create time: 2022-04-01T11:10:57Z
no description : nanopathi/linux-4.19.72_CVE-2021-32399 create time: 2022-04-01T10:29:20Z
no description : lcarea/CVE-2022-22965 create time: 2022-04-01T10:51:05Z
POC for CVE-2022-22963 : AayushmanThapaMagar/CVE-2022-22963 create time: 2022-04-01T10:47:56Z
no description : nanopathi/external_aac_AOSP10_r33_CVE-2020-0451 create time: 2022-04-01T09:20:38Z
Spring-Cloud-Gateway-CVE-2022-22947 : talentsec/Spring-Cloud-Gateway-CVE-2022-22947 create time: 2022-04-01T10:24:02Z
no description : helsecert/CVE-2022-22965 create time: 2022-04-01T10:16:24Z
Proof-of-Concept for CVE-2022-22965 exploitation on a self-contained .JAR file built with Maven. Based off https://github.com/Kirill89/CVE-2022-22963-PoC and https://github.com/Pizz33/Spring-Cloud-Function-SpEL : JDierberger1/CVE-2022-22965-JAR-SCA-POC create time: 2022-04-01T10:05:44Z
no description : Satheesh575555/frameworks_native_AOSP10_r33_CVE-2020-0392 create time: 2022-04-01T08:43:48Z
CVE-2021-42287/CVE-2021-42278 exploits in powershell : XiaoliChan/Invoke-sAMSpoofing create time: 2022-04-01T09:10:14Z
CVE-2022-22965 spring-core批量检测脚本 : chaosec2021/CVE-2022-22965-POC create time: 2022-04-01T08:37:00Z
批量无损检测 : tangxiaofeng7/CVE-2022-22965-Spring-CachedintrospectionResults-Rce create time: 2022-04-01T07:55:26Z
no description : nanopathi/frameworks_av_AOSP10_r33_CVE-2020-0241 create time: 2022-04-01T06:45:15Z
Spring-0day/CVE-2022-22965 : nu0l/CVE-2022-22965 create time: 2022-04-01T06:50:21Z
no description : Satheesh575555/frameworks_base_AOSP10_r33_CVE-2021-0652 create time: 2022-04-01T06:06:53Z
Showcase of overridding the Spring Framework version in older Spring Boot versions : snicoll-scratches/spring-boot-cve-2022-22965 create time: 2022-04-01T06:16:20Z
Presentation slides and supplementary material : stfnw/Debugging_Dirty_Pipe_CVE-2022-0847 create time: 2022-04-01T05:51:27Z
SpringFramework 远程代码执行漏洞CVE-2022-22965 : Axx8/SpringFramework_CVE-2022-22965_RCE create time: 2022-04-01T04:51:44Z
no description : Satheesh575555/System_bt_AOSP10-r33_CVE-2021-0397 create time: 2022-04-01T03:31:38Z
SpringFramework 远程代码执行漏洞CVE-2022-22965 : Axx8/SpringFramework_RCE_CVE-2022-22965 create time: 2022-04-01T04:15:25Z
BIGIP F5 : DDestinys/CVE-2021-22986 create time: 2022-04-01T02:02:33Z
CSDFASDFAESFAEAEF : l4fu/CVE-2022-3000 create time: 2022-04-01T02:59:03Z
CVE-2022-22965 EXP : likewhite/CVE-2022-22965 create time: 2022-04-01T02:25:46Z
Created after the release of CVE-2022-22965 and CVE-2022-22963. Bash script that detects Spring Framework occurrences in your projects and systems, allowing you to get insight on versions used. Unpacks JARs and analyzes their Manifest files. : mebibite/springhound create time: 2022-04-01T00:34:29Z
This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed "SpringShell". : kh4sh3i/Spring-CVE create time: 2022-03-31T20:19:51Z
Test for cve-2021-3864 : walac/cve-2021-3864 create time: 2022-03-31T20:03:04Z
CVE-2022-22965 poc including reverse-shell support : viniciuspereiras/CVE-2022-22965-poc create time: 2022-03-31T19:19:52Z
Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit : reznok/Spring4Shell-POC create time: 2022-03-31T00:24:28Z
Spring4Shell Proof Of Concept/Information CVE-2022-22965 : BobTheShoplifter/Spring4Shell-POC create time: 2022-03-30T07:54:45Z
A Safer PoC for CVE-2022-22965 (Spring4Shell) : colincowie/Safer_PoC_CVE-2022-22965 create time: 2022-03-31T16:58:56Z
Vulnerabilidad RCE en Spring Framework via Data Binding on JDK 9+ : GuayoyoCyber/CVE-2022-22965 create time: 2022-03-31T16:14:36Z
no description : nanopathi/framework_base_AOSP10_r33_CVE-2021-0472 create time: 2022-03-31T15:28:01Z
Spring Framework RCE (Quick pentest notes) : alt3kx/CVE-2022-22965_PoC create time: 2022-03-31T15:43:06Z
Threat Intelligence on Zero-Day for Spring4Shell (CVE-2010-1622) : strainerart/Spring4Shell create time: 2022-03-31T14:25:54Z
A Proof-of-Concept (PoC) of the Spring Core RCE (Spring4Shell or CVE-2022-22963) in Bash (Linux). : exploitbin/CVE-2022-22963-Spring-Core-RCE create time: 2022-03-31T14:29:24Z
Spring Framework RCE (Quick pentest notes) : alt3kx/CVE-2022-22965_PoC create time: 2022-03-31T02:50:46Z
spring-core单个图形化利用工具,CVE-2022-22965及修复方案已出 : light-Life/CVE-2022-22965-GUItools create time: 2022-03-31T02:00:18Z
CVE-2022-22965 : about spring core rce : Mr-xn/spring-core-rce create time: 2022-03-30T14:35:00Z
no description : Kirill89/CVE-2022-22965-PoC create time: 2022-03-31T13:21:49Z
Exploit for Dirty-Pipe (CVE-2022-0847) : Nekoox/dirty-pipe create time: 2022-03-31T11:47:31Z
no description : puckiestyle/CVE-2022-22963 create time: 2022-03-31T11:14:46Z
no description : nanopathi/system_bt_AOSP10_r33_CVE-2020-0225 create time: 2022-03-31T10:23:25Z
no description : Satheesh575555/system_core_AOSP10_r33-CVE-2021-0330 create time: 2022-03-31T09:36:07Z
no description : webraybtl/CVE-2022-24934 create time: 2022-03-31T09:59:01Z
ColdFusion 8.0.1 - Arbitrary File Upload to RCE : persian64/CVE-2009-2265 create time: 2022-03-31T08:52:08Z
CVE-2010-1622 redux : DDuarte/springshell-rce-poc create time: 2022-03-31T08:06:46Z
no description : nanopathi/system_core_AOSP10_r33_CVE-2020-0421 create time: 2022-03-31T07:42:58Z
no description : nanopathi/system_bt_AOSP10_r33_CVE-2020-0463 create time: 2022-03-31T06:59:38Z
no description : Trinadh465/frameworks_native_CVE-2020-0226 create time: 2022-03-31T06:43:19Z
no description : Satheesh575555/System_bt_AOSP10-r33_CVE-2020-0449 create time: 2022-03-31T06:36:13Z
no description : DoTuan1/Reserch-CVE-2021-41773 create time: 2022-03-31T01:48:33Z
Spring Cloud Gateway RCE - CVE-2022-22947 : sagaryadav8742/springcloudRCE create time: 2022-03-30T23:33:43Z
try to determine if a host is vulnerable to SpringShell CVE‐2022‐22963 : jschauma/check-springshell create time: 2022-03-30T21:30:09Z
{ Spring Core 0day CVE-2022-22963 } : stevemats/Spring0DayCoreExploit create time: 2022-03-30T19:07:35Z
no description : Kirill89/CVE-2022-22963-PoC create time: 2022-03-30T17:37:35Z
Spring Core RCE CVE-2022-22963 : TheGejr/SpringShell create time: 2022-03-30T17:05:46Z
no description : darryk10/CVE-2022-22963 create time: 2022-03-30T15:49:32Z
A TLS server using a vendored fork of the Go TLS stack that has renegotation indication extension forcibly disabled. : johnwchadwick/cve-2009-3555-test-server create time: 2022-03-30T15:02:48Z
Python3 correction for SQLi code CMS Made Simple < 2.2.10 CVE: 2019-9053 : Matthsh/SQLi-correction create time: 2022-03-30T14:37:16Z
no description : spiderz0ne/CVE-2021-41773 create time: 2022-03-30T15:04:27Z
no description : nanopathi/framework_base_AOSP10_r33_CVE-2020-0391 create time: 2022-03-30T12:31:40Z
no description : ShaikUsaf/linux-4.19.72_CVE-2020-10757 create time: 2022-03-30T11:21:21Z
CVE-2022-22963 Spring-Cloud-Function-SpEL_RCE_exploit : RanDengShiFu/CVE-2022-22963 create time: 2022-03-30T11:36:42Z
no description : Satheesh575555/linux-4.19.72_CVE-2020-8428 create time: 2022-03-30T10:50:28Z
no description : pazhanivel07/frameworks_av-CVE-2020-0242_CVE-2020-0243 create time: 2022-03-30T09:35:35Z
no description : nanopathi/linux-4.19.72_CVE-2020-25705 create time: 2022-03-30T09:10:22Z
no description : Satheesh575555/linux-4.19.72_CVE-2019-19252 create time: 2022-03-30T07:51:50Z
no description : Threonic/CVE-2021-28480 create time: 2022-03-30T07:57:43Z
no description : Satheesh575555/linux-4.19.72_CVE-2020-29368 create time: 2022-03-29T12:40:37Z
BatFlat CMS v1.3.6 - Improper Access Control : LeoBreaker1411/CVE-2021-41652 create time: 2022-03-30T06:29:02Z
Details,PoC and patches for CVE-2022-23884 : LuckyDogDog/CVE-2022-23884 create time: 2022-03-30T04:26:31Z
no description : nanopathi/KERNEL_CVE-2020-29370_FIX create time: 2022-03-30T04:52:56Z
CVE-2022-22963 PoC : dinosn/CVE-2022-22963 create time: 2022-03-30T05:04:24Z
no description : bigbigban1/CVE-2022-22947-exp create time: 2022-03-30T03:10:23Z
no description : metapox/CVE-2020-25613 create time: 2022-03-30T00:51:08Z
golang implementation of CVE-2021-403 : hAV9sad/CVE-2021-4034 create time: 2022-03-30T01:20:02Z
CVE-2019–9193 - PostgreSQL 9.3-11.7 Authenticated Remote Code Execution : b4keSn4ke/CVE-2019-9193 create time: 2022-03-29T21:02:02Z
Set of scripts, to test and exploit the zerologon vulnerability (CVE-2020-1472). : Nekoox/zerologon create time: 2022-03-29T21:34:56Z
no description : coco0x0a/CVE-2021-2109 create time: 2022-03-29T19:29:29Z
Powershell script that dumps Chrome and Edge version to a text file in order to determine if you need to update due to CVE-2022-1096 : Maverick-cmd/Chrome-and-Edge-Version-Dumper create time: 2022-03-29T20:06:33Z
no description : horizon3ai/CVE-2021-44142 create time: 2022-03-29T19:03:38Z
no description : T4t4ru/CVE-2020-3187 create time: 2022-03-29T18:06:29Z
no description : hrsman/Samba-CVE-2021-44142 create time: 2022-03-29T17:32:25Z
no description : Vancomycin-g/CVE-2022-22947 create time: 2022-03-29T17:17:34Z
Scanner for CVE-2022-22948 an Information Disclosure in VMWare vCenter : PenteraIO/CVE-2022-22948 create time: 2021-10-17T09:59:20Z
no description : tzwlhack/CVE-2022-24934 create time: 2022-03-29T15:51:29Z
no description : tzwlhack/WPS-CVE-2022-24934 create time: 2022-03-29T15:29:59Z
no description : tzwlhack/CVE-2021-21017 create time: 2022-03-29T14:45:16Z
Veeam Unauth Remote Code Execution : sinsinology/CVE-2022-26500 create time: 2022-03-29T14:34:01Z
CVE-2022-24934 : nanaao/CVE-2022-24934 create time: 2022-03-25T10:29:35Z
no description : nanopathi/CVE-2020-29370_AFTERFIX create time: 2022-03-29T14:17:51Z
no description : nanopathi/CVE-2020-029370_AFTPATCH create time: 2022-03-29T13:35:16Z
no description : nanopathi/aft_KERNEL_KITTORVALDS_CVE2020-29370 create time: 2022-03-29T11:55:26Z
no description : nanopathi/kERNEL_GIT_TORVALDS_AFP_CVE-2020-29370 create time: 2022-03-29T11:45:12Z
no description : nanopathi/packages_apps_Nfc_cve-2020_02453 create time: 2022-03-29T09:29:01Z
no description : Aevanathema/cve2018go create time: 2022-03-29T09:19:58Z
no description : Trinadh465/Nfc-CVE-2020-0453 create time: 2022-03-29T09:03:39Z
no description : nanopathi/Packages_apps_Nfc_CVE-2020-0453 create time: 2022-03-29T08:06:46Z
no description : pazhanivel07/Nfc_CVE-2020-0453 create time: 2022-03-29T06:17:38Z
no description : koleksibot/CVE-2022 create time: 2022-03-29T05:16:07Z
Pasos a seguir para explotar la vulnerabilidad CVE-2021-27928 : GatoGamer1155/CVE-2021-27928 create time: 2022-03-29T02:54:37Z
no description : jcatala/f_poc_cve-2021-4034 create time: 2022-03-29T01:06:32Z
no description : darkpills/CVE-2021-25094-tatsu-preauth-rce create time: 2022-01-03T21:19:42Z
no description : 0xNix/CVE-2021-4034 create time: 2022-03-28T19:26:39Z
Exploit for CVE-2022-27666 : plummm/CVE-2022-27666 create time: 2022-03-23T22:54:28Z
Suzuki connect app is used to get the car information like Fuel, Ignition status, Current location, Seat buckle status etc. In Ignis, Zeta variant car if the Fuel CAN messages and Seat buckle status is spoofed via OBD 2 port with the crafted value (e.g. zero percent fuel and Car seat is buckled ), then the same value is reflected on Suzuki connect app, which can mislead the user. : nsbogam/CVE-2022-26269 create time: 2022-03-28T17:10:24Z
no description : puckiestyle/CVE-2021-41773 create time: 2022-03-28T11:02:46Z
no description : misterxid/watchguard_cve-2022-26318 create time: 2022-03-28T10:53:38Z
no description : Tankirat/CVE-2017-5638 create time: 2022-03-28T07:58:31Z
Check and report for cve_2022_23307 (log4shell) on your system. : buluma/ansible-role-cve_2022-23307 create time: 2022-03-28T08:20:31Z
no description : Gaphuang/CVE-2022-10086-TEST- create time: 2022-03-28T07:41:53Z
CVE-2022-27927 Microfinance Management System V1.0 SQL Injection Vulnerability : erengozaydin/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated create time: 2022-03-27T08:17:47Z
Description of Exploit SMBGhost CVE-2020-0796 : vsai94/ECE9069_SMBGhost_Exploit_CVE-2020-0796- create time: 2022-03-28T04:58:17Z
introduction to hacking second presentation : mehrzad1994/CVE-2021-21193 create time: 2022-03-28T03:51:58Z
no description : chattopadhyaykittu/CVE-2017-0037 create time: 2022-03-28T01:19:58Z
CVE 2020-1034 exploit and presentation : GeorgyFirsov/CVE-2020-1034 create time: 2022-03-23T19:14:26Z
Pasos a seguir para explotar la vulnerabilidad CVE-2021-27928 : GatoGamer1155/CVE-2021-27928 create time: 2022-03-27T23:46:36Z
no description : N3w-elf/CVE-2021-41773- create time: 2022-03-27T20:10:30Z
Watchguard RCE POC CVE-2022-26318 : Throns1956/watchguard_cve-2022-26318 create time: 2022-03-27T12:51:19Z
CVE-2022-0995 exploit : Bonfee/CVE-2022-0995 create time: 2022-03-26T21:46:09Z
Fake WPS Update Server PoC : MagicPiperSec/WPS-CVE-2022-24934 create time: 2022-03-27T07:47:10Z
no description : warmachine-57/CVE-2021-44117 create time: 2022-03-27T05:50:34Z
no description : sreeram281997/CVE-2022-21668-Pipenv-RCE-vulnerability create time: 2022-03-26T22:50:36Z
no description : tzwlhack/CVE-2021-4034 create time: 2022-03-26T14:30:11Z
no description : sysenter-eip/CVE-2022-26629 create time: 2022-03-26T06:06:05Z
no description : scopion/CVE-2022-26629 create time: 2022-03-25T06:16:09Z
Poc : tmoneypenny/CVE-2022-0847 create time: 2022-03-22T03:17:51Z
POC for CVE-2022-23648 : raesene/CVE-2022-23648-POC create time: 2022-03-25T19:43:59Z
CVE 2022-0847 : Patocoh/Research-Dirty-Pipe create time: 2022-03-25T16:27:40Z
Container Excape PoC for CVE-2022-0847 "DirtyPipe" : DataDog/dirtypipe-container-breakout-poc create time: 2022-03-09T19:38:44Z
no description : tzwlhack/CVE-2018-20250 create time: 2022-03-25T13:02:41Z
poc for CVE-2022-22947 : Nathaniel1025/CVE-2022-22947 create time: 2022-03-25T12:43:53Z
CVE-2019-0708 (BlueKeep) proof of concept allowing pre-auth RCE on Windows7 : RICSecLab/CVE-2019-0708 create time: 2020-03-15T19:33:53Z
CVE-2022-24934 : shakeman8/CVE-2022-24934 create time: 2022-03-25T07:13:17Z
no description : sysenter-eip/CVE-2022-26629 create time: 2022-03-25T04:58:20Z
no description : Jiang59991/cve-2021-21300-plus create time: 2022-03-25T02:59:41Z
no description : spasm5/CVE-2018-12326 create time: 2022-03-25T01:44:26Z
A quick python exploit for the Nostromo 1.9.6 remote code execution vulnerability. Only takes in host and port of web server as required arguments. : alexander-fernandes/CVE-2019-16278 create time: 2022-03-24T12:06:55Z
no description : nxtexploit/CVE-2020-3580 create time: 2022-03-24T09:34:04Z
CVE-2021-40373 - remote code execution : maikroservice/CVE-2021-40373 create time: 2021-08-31T13:03:10Z
no description : the-valluvarsploit/CVE-2018-6574 create time: 2022-03-24T08:40:42Z
This is a exploit code for CVE-202-8163 : TKLinux966/CVE-2020-8163 create time: 2022-03-24T06:43:39Z
CVE-2022-0185 analysis write up : chenaotian/CVE-2022-25636 create time: 2022-03-24T07:04:55Z
CVE-2021-44529 PoC : jkana/CVE-2021-44529 create time: 2022-03-24T03:58:16Z
no description : buff07/CVE-2022-10249 create time: 2022-03-24T02:09:28Z
PoC for vulnerability in Honda's Remote Keyless System(CVE-2022-27254) : nonamecoder/CVE-2022-27254 create time: 2022-03-23T15:03:09Z
no description : mtthwstffrd/berdav-CVE-2021-4034 create time: 2022-03-23T11:08:20Z
Proof-of-concept exploit for CVE-2016-1827 on OS X Yosemite. : domain9065v/bazad3 create time: 2022-03-23T06:02:52Z
no description : buff07/CVE-2022-24294 create time: 2022-03-23T06:26:02Z
no description : buff07/CVE-2022-24293 create time: 2022-03-23T06:25:56Z
no description : buff07/CVE-2022-24292 create time: 2022-03-23T06:25:45Z
Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability CVE-2021-41338 Security Vulnerability Released: Oct 12, 2021 Assigning CNA: Microsoft MITRE CVE-2021-41338 CVSS:3.1 5.5 / 5.0 Attack Vector Local Attack Complexity Low Privileges Required Low User Interaction None Scope Unchanged Confidentiality High Integrity None Availability None Exploit Code Maturity Proof-of-Concept Remediation Level Official Fix Report Confidence Confirmed Please see Common Vulnerability Scoring System for more information on the definition of these metrics. Exploitability The following table provides an exploitability assessment for this vulnerability at the time of original publication. Yes No Exploitation Less Likely : Mario-Kart-Felix/firewall-cve create time: 2022-03-22T22:53:32Z
Chamilo LMS v1.11.14 was discovered to contain a zero click code injection vulnerability which allows attackers to execute arbitrary code via a crafted plugin. This vulnerability is triggered through user interaction with the attacker's profile page. : febinrev/CVE-2021-46398_Chamilo-LMS-RCE create time: 2022-03-22T17:35:38Z
CVE-2022-24990 TerraMaster TOS unauthenticated RCE via PHP Object Instantiation : 0xf4n9x/CVE-2022-24990 create time: 2022-03-20T05:15:16Z
CVE-2021-43530 A Universal XSS vulnerability was present in Firefox for Android resulting from improper sanitization when processing a URL scanned from a QR code. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 94. : hfh86/CVE-2021-43530-UXSS-On-QRcode-Reader- create time: 2022-03-22T07:07:42Z
Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990. : cryst4lliz3/CVE-2022-0824 create time: 2022-03-22T03:49:51Z
no description : Enokiy/cve-2022-22947-springcloud-gateway create time: 2022-03-21T23:37:20Z
no description : SivaPriyaRanganatha/CVE-2020-6418 create time: 2022-03-21T23:05:38Z
Reproduction of CVE-2020-36518 in Spring Boot 2.5.10 : ghillert/boot-jackson-cve create time: 2022-03-21T21:13:28Z
no description : yazan828/CVE-2017-1000004 create time: 2022-03-21T13:35:38Z
no description : wy17/CVE-2022-1997 create time: 2022-03-21T15:00:48Z
no description : T4t4ru/CVE-2018-16845 create time: 2022-03-21T13:15:07Z
Simple webhook to block exploitation of CVE-2022-0811 : spiarh/webhook-cve-2022-0811 create time: 2022-03-21T09:39:22Z
Dirty Cow CVE-2016-5195 Vulnerability : gurpreetsinghsaluja/dirtycow create time: 2022-03-21T08:35:21Z
no description : Anonymous-Family/CVE-2015-1701-download create time: 2022-03-21T06:39:18Z
no description : Anonymous-Family/CVE-2015-1701 create time: 2022-03-21T06:26:21Z
no description : LTiDi2000/CVE-2020-2551 create time: 2022-03-21T03:58:29Z
pwncat module that automatically exploits CVE-2022-0847 (dirtypipe) : DanaEpp/pwncat_dirtypipe create time: 2022-03-20T23:02:43Z
Python3 implementation of CVE 2013-0156 : Atreb92/CVE-2013-0156 create time: 2022-03-20T19:22:24Z
Apache APISIX < 2.12.1 Remote Code Execution and Docker Lab : twseptian/cve-2022-24112 create time: 2022-03-20T16:35:55Z
RCE exploit for CVE-2017-9841 : akr3ch/CVE-2017-9841 create time: 2022-03-20T07:01:52Z
CVE-2022-24990信息泄露+RCE 一条龙 : lishang520/CVE-2022-24990 create time: 2022-03-20T05:21:08Z
CVE-2022-22600 Proof of Concept : KlinKlinKlin/MSF-screenrecord-on-MacOS create time: 2022-03-19T04:13:52Z
0day VirtualBox 6.1.2 Escape for RealWorld CTF 2020/2021 CVE-2021-2119 : chatbottesisgmailh/Sauercloude create time: 2022-03-20T03:17:03Z
no description : mtthwstffrd/saleemrashid-sudo-cve-2019-18634 create time: 2022-03-20T01:39:22Z
CVE-2022-24086 and CVE-2022-24087 exploits proof of concept : Sam00rx/CVE-2022-24087 create time: 2022-03-19T23:33:24Z
Remote Code Execution in LocalStack 0.12.6 : TheCyberGeek/CVE-2022-27251 create time: 2022-03-19T20:49:56Z
Documentation and proof of concept code for CVE-2022-24126. : tremwil/ds3-nrssr-rce create time: 2022-01-28T20:37:14Z
CVE-2020-0890 | Windows Hyper-V Denial of Service Vulnerability proof-of-concept code : skasanagottu57gmailv/gerhart01 create time: 2022-03-19T15:47:10Z
WAMpage - A WebOS root LPE exploit chain (CVE-2022-23731) : DavidBuchanan314/WAMpage create time: 2021-12-26T04:29:09Z
PoC for CVE-2017-0075 : belyakovvitagmailt/4B5F5F4Bp create time: 2022-03-19T13:18:12Z
Exploit for CVE-2021_33751 used in PWN2OWN2021 : 1N1T1A/pwn2own_exploit create time: 2022-03-19T11:39:46Z
🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337 : Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera create time: 2022-03-19T08:10:46Z
PoC for Dirty COW (CVE-2016-5195) : vinspiert/scumjrs create time: 2022-03-19T02:18:40Z
PoC for CVE-2021-28476 a guest-to-host "Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys. : 2273852279qqs/0vercl0k create time: 2022-03-19T01:33:04Z
TOP All bugbounty pentesting CVE-2022- POC Exp Things : hktalent/TOP create time: 2022-03-19T01:54:15Z
CVE-2022-22600 Proof of Concept : acheong08/MSF-screenrecord-on-MacOS create time: 2021-12-22T05:03:29Z
Exploit for CVE-2022-27226 : SakuraSamuraii/ez-iRZ create time: 2022-03-16T17:45:12Z
Hacked up Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn a root shell. (and attempts to restore the damaged binary as well) : LudovicPatho/CVE-2022-0847 create time: 2022-03-18T22:51:02Z
Redis沙盒逃逸漏洞复现(CVE-2022-0543) : Newbee740/REDIS-CVE-2022-0543 create time: 2022-03-18T17:15:19Z
A Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager Project’s Tiny File Manager <= 2.4.3 allows remote attackers with valid user accounts to upload malicious PHP files to the webroot and achieve code execution on the target server. : febinrev/CVE-2021-45010-TinyFileManager-Exploit create time: 2022-03-18T14:00:03Z
A test app to check if your device is vulnerable to CVE-2021-30955 : GeoSn0w/Pentagram-exploit-tester create time: 2022-03-18T12:32:10Z
CVE-2022-22947 memshell : viemsr/spring_cloud_gateway_memshell create time: 2022-03-18T07:17:17Z
Local privilege escalation for OS X 10.10.5 via CVE-2016-1828. : berritus163t/bazad5 create time: 2022-03-18T06:59:32Z
no description : tzwlhack/CVE-2017-11882 create time: 2022-03-18T05:38:39Z
CVE-2021-3156 : RodricBr/CVE-2021-3156 create time: 2022-03-18T00:05:48Z
node-ipc is malware / protestware! : scriptzteam/node-ipc-malware-protestware-CVE-2022-23812 create time: 2022-03-17T16:49:22Z
Kibana <6.6.0 RCE written in python3 : Cr4ckC4t/cve-2019-7609 create time: 2022-03-17T15:33:33Z
GLPI automatic exploitation tool for CVE-2020-15175 : Xn2/GLPwn create time: 2022-03-14T13:51:17Z
A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability. : LP-H4cmilo/CVE-2022-0847_DirtyPipe_Exploits create time: 2022-03-17T11:01:48Z
exploits XAR – Arbitrary File Write : poizon-box/CVE-2022-22582 create time: 2022-03-17T10:16:27Z
no description : Wrin9/CVE-2022-22947 create time: 2022-03-17T09:12:51Z
Apache APISIX 2.12.1 Remote Code Execution by IP restriction bypass and using default admin AIP token : kavishkagihan/CVE-2022-24112-POC create time: 2022-03-17T08:22:54Z
CVE-2018-4185: iOS 11.2-11.2.6 kernel pointer disclosure introduced by Apple's Meltdown mitigation. : xigexbh/bazad1 create time: 2022-03-17T03:38:01Z
no description : Jiang59991/cve-2021-21300 create time: 2022-03-17T02:37:58Z
Local Privilege Escalation (LPE) vulnerability found on Polkit's pkexec utility : Hifumi1337/CVE-2021-4034 create time: 2022-03-16T23:05:53Z
A years old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77. : tandasat/CVE-2022-25949 create time: 2022-03-16T14:42:21Z
Exploitation of CVE-2020-256480 using scapy : dim0x69/cve-2022-25640-exploit create time: 2022-03-16T14:59:08Z
IoT CVEs as abnormal events to evaluate a real-time host-based IDS. https://doi.org/10.1016/j.future.2022.03.001 : InesMartins31/iot-cves create time: 2019-10-09T20:41:50Z
no description : Jiang59991/cve-2021-21300 create time: 2022-03-16T13:36:02Z
[CVE-2021-21983] VMware vRealize Operations (vROps) Manager File Path Traversal Leads to Remote Code Execution (RCE) : murataydemir/CVE-2021-21983 create time: 2022-03-16T11:56:25Z
no description : pazhanivel07/frameworks_base-CVE-2021-0595 create time: 2022-03-16T11:07:36Z
no description : pazhanivel07/Settings-CVE-2021-0595 create time: 2022-03-16T10:59:58Z
no description : Jiang59991/cve-2021-21300 create time: 2022-03-16T10:56:23Z
no description : si1ent-le/CVE-2019-5736 create time: 2022-03-16T09:22:20Z
no description : Jiang59991/cve-2021-21300 create time: 2022-03-16T09:28:29Z
Exploit tool for Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability : p0dalirius/CVE-2021-43008-AdminerRead create time: 2021-12-13T17:26:49Z
no description : sinsinology/CVE-2022-26503 create time: 2022-03-16T09:54:16Z
Apache APISIX Remote Code Execution (CVE-2022-24112) proof of concept exploit : M4xSec/Apache-APISIX-CVE-2022-24112 create time: 2022-03-16T09:19:12Z
CVE-2022-0543_RCE,Redis Lua沙盒绕过 命令执行 : aodsec/CVE-2022-0543 create time: 2022-03-16T06:41:50Z
Exploring and exploiting CVE-2022-0778. : BobTheShoplifter/CVE-2022-0778-POC create time: 2022-03-16T06:29:42Z
Proof of concept for CVE-2022-0778, which triggers an infinite loop in parsing X.509 certificates due to a bug in BN_mod_sqrt : drago-96/CVE-2022-0778 create time: 2022-03-15T19:06:33Z
CVE-2018-11235: Git Submodule RCE : SenSecurity/exploit create time: 2022-03-15T17:33:22Z
no description : W0rty/CVE-2021-39165 create time: 2022-03-15T18:14:46Z
Simple python script to exploit Vsftpd 2.3.4 Backdoor Command Execution (CVE-2011-2523) : PrestaDZ/vsftpd-2.3.4 create time: 2022-03-15T13:39:19Z
no description : dmlino/cve-2018-6574 create time: 2022-03-15T14:11:57Z
desc_race exploit for iOS 15.0 - 15.1.1 (with stable kernel r/w primitives) (CVE-2021-30955) : Dylbin/desc_race create time: 2022-03-15T13:30:38Z
Python script to check if your kernel is vulnerable to Dirty pipe CVE-2022-0847 : MrP1xel/CVE-2022-0847-dirty-pipe-kernel-checker create time: 2022-03-15T11:25:19Z
no description : bysinks/CVE-2021-29441 create time: 2022-03-15T08:53:59Z
no description : phuonguno98/CVE-2022-0847-DirtyPipe-Exploits create time: 2022-03-15T08:54:38Z
no description : bysinks/CVE-2022-22947 create time: 2022-03-15T08:50:13Z
no description : githublihaha/DirtyPIPE-CVE-2022-0847 create time: 2022-03-15T08:33:19Z
no description : Mani1325/ka-cve-2021-21341 create time: 2022-03-15T07:28:52Z
no description : phuonguno98/CVE-2022-0847 create time: 2022-03-15T06:06:31Z
Proof of concept app for Android permanent denial-of-service vulnerability, CVE-2020-0443 : Supersonic/CVE-2020-0443 create time: 2022-03-15T04:54:31Z
no description : k0zulzr/CVE-2022-24086-RCE create time: 2022-03-15T05:11:23Z
pkexec --> privilege escalation : TomSgn/CVE-2021-4034 create time: 2022-03-14T22:42:49Z
Implementation of CVE-2022-0847 as a shellcode : Shotokhan/cve_2022_0847_shellcode create time: 2022-03-14T22:54:15Z
CVE-2022-24122 Proof of Concept : meowmeowxw/CVE-2022-24122 create time: 2022-03-10T15:20:04Z
Exploit for the Rails CVE-2019-5420 : trickstersec/CVE-2019-5420 create time: 2022-03-14T17:29:47Z
PoC for CVE-2021-33193 : jeremy-cxf/CVE-2021-33193 create time: 2022-03-14T17:30:22Z
no description : Fa1c0n35/CVE-2021-41773 create time: 2022-03-14T16:43:49Z
Exploits for Hotel Druid 3.0.3 - Remote Code Execution (RCE) CVE-2022-22909 : kaal18/CVE-2022-22909 create time: 2022-03-14T17:10:08Z
CVE-2022-0847 POC : breachnix/dirty-pipe-poc create time: 2022-03-14T15:32:25Z
no description : p0ch4t/CVE-2022-0867 create time: 2022-03-14T14:19:28Z
dirtypipe : CYB3RK1D/CVE-2022-0847 create time: 2022-03-14T13:21:25Z
CVE-2021-30955 iOS 15.1.1 POC for 6GB RAM devices (A14-A15) : markie-dev/desc_race_A15 create time: 2022-03-14T06:42:45Z
Oracle Access Manager Unauthenticated Attacker Vulnerability CVE-2021-35587 : antx-code/CVE-2021-35587 create time: 2022-03-14T05:03:54Z
no description : cryst4lliz3/CVE-2021-44228-vuln-app create time: 2022-03-14T04:13:13Z
no description : cryst4lliz3/CVE-2021-44228 create time: 2022-03-14T04:09:36Z
no description : cryst4lliz3/CVE-2021-22205 create time: 2022-03-14T04:09:18Z
no description : cryst4lliz3/CVE-2021-41773 create time: 2022-03-14T04:08:56Z
no description : cryst4lliz3/CVE-2021-42013 create time: 2022-03-14T04:08:24Z
OPEN AND READ JSON : StepOK10/CVE.NVD.NIST2202-2002 create time: 2022-03-13T21:01:21Z
CVE-2021-4034 (PWNKIT). A memory corruption vulnerability in Polkit's pkexec, which allows any unprivileged user to gain full root privileges on a vulnerable system using default polkit configuration. : Nel0x/pwnkit-vulnerability create time: 2022-03-13T20:24:59Z
Dirty Pipe (CVE-2022-0847) zafiyeti kontrolü : realbatuhan/dirtypipetester create time: 2022-03-13T19:30:14Z
no description : micha3lcve/LOG4J-mass-rce-CVE-2021-44228 create time: 2022-03-13T15:23:49Z
spring-cloud-gateway-rce CVE-2022-22947 : k3rwin/spring-cloud-gateway-rce create time: 2022-03-13T10:00:21Z
no description : Kashiki078/CVE-2021-4034 create time: 2022-03-13T07:40:56Z
CVE-2022-0847 (Dirty Pipe) is an arbitrary file overwrite vulnerability that allows escalation of privileges by modifying or overwriting arbitrary read-only files e.g. /etc/passwd, /etc/shadow. : sa-infinity8888/Dirty-Pipe-CVE-2022-0847 create time: 2022-03-13T05:51:06Z
Apache2 2.4.49 - LFI & RCE Exploit - CVE-2021-41773 : thehackersbrain/CVE-2021-41773 create time: 2022-03-12T21:24:55Z
A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability. : AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits create time: 2022-03-12T20:57:24Z
my personal exploit of CVE-2022-0847(dirty pipe) : arttnba3/CVE-2022-0847 create time: 2022-03-12T11:31:46Z
Small PoC of CVE-2021-41773 : the29a/CVE-2021-41773 create time: 2022-03-11T21:50:35Z
Script en python para crear imagenes maliciosas (reverse shell) : GatoGamer1155/CVE-2021-22204 create time: 2022-03-11T19:02:28Z
Seowon SLR-120S42G RCE Exploit / Remote Code Execution (Unauthenticated) : TAPESH-TEAM/CVE-2020-17456-Seowon-SLR-120S42G-RCE-Exploit-Unauthenticated create time: 2022-03-11T00:16:35Z
Script en python para crear imagenes maliciosas (reverse shell) : GatoGamer1155/CVE-2021-22204 create time: 2022-03-11T17:31:07Z
no description : frarinha/CVE-2018-6574 create time: 2022-03-11T13:40:22Z
LPE on linux kernel based on CVE-2017-14954, CVE-2017-18344, CVE-2017-5123 : echo-devim/exploit_linux_kernel4.13 create time: 2022-03-11T12:54:10Z
MSF Module CVE-2018-15727 : svnsyn/CVE-2018-15727 create time: 2022-03-11T13:20:19Z
Log4j2组件命令执行RCE / Code By:Jun_sheng : Jun-5heng/CVE-2021-44228 create time: 2022-03-11T12:43:15Z
no description : sakib570/CVE-2018-1263-Demo create time: 2022-03-11T12:07:16Z
Log4j2组件命令执行RCE / Code By:Jun_sheng : Jun-5heng/CVE-2021-44228 create time: 2022-03-11T10:08:12Z
A Python-based DirtyPipe (CVE-2022-0847) POC to pop a root shell : crusoe112/DirtyPipePython create time: 2022-03-11T08:22:56Z
CVE-2022-0492 EXP and Analysis write up : chenaotian/CVE-2022-0492 create time: 2022-03-11T08:02:46Z
no description : dskmehra/CVE-2022-0848 create time: 2022-03-11T07:26:04Z
MetaBase 任意文件读取 : Chen-ling-afk/CVE-2021-41277 create time: 2022-03-11T06:39:38Z
no description : Greetdawn/CVE-2022-0847-DirtyPipe- create time: 2022-03-11T02:51:54Z
cve-2022-22947-docker : hh-hunter/cve-2022-22947-docker create time: 2022-03-11T01:27:55Z
no description : VVeakee/CVE-2022-24990-EXP create time: 2022-03-11T01:06:26Z
CVE-2022-0847 Python exploit to get root or write a no write permission, immutable or read-only mounted file. : terabitSec/dirtyPipe-automaticRoot create time: 2022-03-10T20:15:07Z
About Script en python sobre la vulnerabilidad CVE-2021-3156 : GatoGamer1155/CVE-2021-3156 create time: 2022-03-10T19:10:28Z
no description : michaelklaan/CVE-2022-0847-Dirty-Pipe create time: 2022-03-10T16:09:16Z
no description : michaelklaan/CVE-2022-22947-Spring-Cloud create time: 2022-03-10T16:08:23Z
HERRAMIENTA AUTOMATIZADA PARA LA DETECCION DE LA VULNERABILIDAD CVE-2021-44228 : MiguelM001/vulescanjndilookup create time: 2022-03-10T14:57:30Z
CVE-2022-0847 Linux kernel LPE POC : akecha/Dirty-pipe create time: 2022-03-10T14:02:30Z
CVE-2022-0847-DirtyPipe-Exploit : V0WKeep3r/CVE-2022-0847-DirtyPipe-Exploit create time: 2022-03-10T13:23:52Z
no description : mohamedimthiyaj/cve-2018 create time: 2022-03-10T11:20:39Z
no description : ByteHackr/CVE-2022-0853 create time: 2022-03-10T09:10:56Z
no description : PaoPaoLong-lab/Spring-CVE-2022-22947- create time: 2022-03-10T06:01:32Z
CVE-2021-44228 in Container : cryst4lliz3/CVE-2021-44228 create time: 2022-03-10T04:32:07Z
no description : PaoPaoLong-lab/Spring-Cloud-Gateway-CVE-2022-22947- create time: 2022-03-10T05:07:59Z
CVE-2022-22947 Exploit script : An0th3r/CVE-2022-22947-exp create time: 2022-03-10T03:51:47Z
仅仅是poc,并不是exp : VVeakee/CVE-2022-24990-POC create time: 2022-03-10T03:16:04Z
no description : babyshen/CVE-2019-13272 create time: 2022-03-10T01:27:46Z
CVE-2022-0847 POC and Docker and Analysis write up : chenaotian/CVE-2022-0847 create time: 2022-03-10T01:27:29Z
no description : edsonjt81/CVE-2021-4034-Linux create time: 2022-03-10T01:24:14Z
no description : edsonjt81/CVE-2022-0847-Linux create time: 2022-03-10T01:18:26Z
A root exploit for CVE-2022-0847 (Dirty Pipe) : babyshen/CVE-2022-0847 create time: 2022-03-10T00:54:11Z
Exploits CVE-2022-22588 vulnerability on iOS 15.2 and lower. Provided for research purposes only. : trevorspiniolas/homekitdos create time: 2022-01-01T07:38:48Z
no description : T4t4ru/CVE-2022-0847 create time: 2022-03-09T16:47:36Z
Dirty Pipe POC : gyaansastra/CVE-2022-0847 create time: 2022-03-09T15:44:58Z
ThinkAdmin CVE-2020-25540 POC : Rajchowdhury420/ThinkAdmin-CVE-2020-25540 create time: 2022-03-09T13:08:31Z
Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn. a root shell. (and attempts to restore the damaged binary as well) : nanaao/Dirtypipe-exploit create time: 2022-03-09T07:16:57Z
no description : pentestblogin/pentestblog-CVE-2022-0847 create time: 2022-03-09T10:24:42Z
no description : qjh2333/CVE-2019-10999 create time: 2022-03-09T09:35:15Z
no description : AyoubNajim/cve-2022-0847dirtypipe-exploit create time: 2022-03-09T10:05:53Z
Polkit's Pkexec CVE-2021-4034 Proof Of Concept and Patching : ITMarcin2211/Polkit-s-Pkexec-CVE-2021-4034 create time: 2022-03-09T08:44:02Z
no description : Mustafa1986/CVE-2022-0847-DirtyPipe-Exploit create time: 2022-03-09T05:22:20Z
Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn. a root shell. (and attempts to restore the damaged binary as well) : MRNIKO1/Dirtypipe-exploit create time: 2022-03-09T04:42:59Z
no description : tuo4n8/CVE-2020-28653 create time: 2021-07-31T13:00:15Z
CVE-2022-0847 : Al1ex/CVE-2022-0847 create time: 2022-03-09T02:47:08Z
no description : Greetdawn/CVE-2022-0847-DirtyPipe create time: 2022-03-09T02:47:06Z
Springboot web application accepts a name get parameter and logs its value to log4j2. Vulnerable to CVE-2021-44228. : paulvkitor/log4shellwithlog4j2_13_3 create time: 2022-03-09T02:29:58Z
no description : bakhtiyarsierad/CVE-2021-4034-bug-root create time: 2022-03-09T02:04:07Z
A “Dirty Pipe” vulnerability with CVE-2022-0847 and a CVSS score of 7.8 has been identified, affecting Linux Kernel 5.8 and higher. The vulnerability allows attackers to overwrite data in read-only files. Threat actors can exploit this vulnerability to privilege themselves with code injection. : dadhee/CVE-2022-0847_DirtyPipeExploit create time: 2022-03-09T01:55:04Z
This script exploits CVE-2021-41773 to print file or/and execute command. : mauricelambert/CVE-2021-41773 create time: 2022-03-08T21:55:53Z
This script exploits CVE-2021-42013 to print file or/and execute command. : mauricelambert/CVE-2021-42013 create time: 2022-03-08T21:48:40Z
Script en python sobre la vulnerabilidad CVE-2021-3560 : GatoGamer1155/CVE-2021-3560 create time: 2022-03-08T20:27:00Z
Script en python sobre la vulnerabilidad CVE-2021-4034 : GatoGamer1155/CVE-2021-4034 create time: 2022-03-08T20:12:38Z
CVE-2022-0847 : 4luc4rdr5290/CVE-2022-0847 create time: 2022-03-08T20:18:28Z
no description : chompie1337/Linux_LPE_io_uring_CVE-2021-41073 create time: 2022-03-02T19:07:37Z
A script to exploit CVE-2020-14144 - GiTea authenticated Remote Code Execution using git hooks : p0dalirius/CVE-2020-14144-GiTea-git-hooks-rce create time: 2022-03-08T17:14:27Z
Bash script to check for CVE-2022-0847 "Dirty Pipe" : basharkey/CVE-2022-0847-dirty-pipe-checker create time: 2022-03-08T17:13:24Z
CVE-2022-24112: Apache APISIX Remote Code Execution Vulnerability : Mah1ndra/CVE-2022-244112 create time: 2022-03-08T17:08:52Z
Docker exploit : mrchucu1/CVE-2022-0847-Docker create time: 2022-03-08T17:02:40Z
no description : ITMarcin2211/CVE-2022-0847-DirtyPipe-Exploit create time: 2022-03-08T15:33:39Z
Implementation of Max Kellermann's exploit for CVE-2022-0847 : 0xIronGoat/dirty-pipe create time: 2022-03-08T15:30:45Z
no description : puckiestyle/CVE-2022-0847 create time: 2022-03-08T14:46:21Z
The Dirty Pipe Vulnerability : knqyf263/CVE-2022-0847 create time: 2022-03-08T13:48:55Z
CVE-2022-25943 : HadiMed/KINGSOFT-WPS-Office-LPE create time: 2021-07-09T23:34:57Z
CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability : ahrixia/CVE_2022_0847 create time: 2022-03-08T12:43:43Z
CVE-2022-0847 DirtyPipe Exploit. : febinrev/dirtypipez-exploit create time: 2022-03-08T11:49:40Z
An exploit for CVE-2022-0847 dirty-pipe vulnerability : cspshivam/CVE-2022-0847-dirty-pipe-exploit create time: 2022-03-08T10:40:07Z
调试代码包含断点信息,直接导入即可进行调试 : ba1ma0/Spring-Cloud-GateWay-CVE-2022-22947-demon-code create time: 2022-03-08T10:07:54Z
CVE-2022-22947_EXP,CVE-2022-22947_RCE,CVE-2022-22947反弹shell,CVE-2022-22947 getshell : aodsec/CVE-2022-22947 create time: 2022-03-08T09:32:36Z
no description : zhangweijie11/CVE-2020-17519 create time: 2022-03-08T09:19:27Z
Linux Kernel Local Privilege Escalation Vulnerability CVE-2022-0847. : antx-code/CVE-2022-0847 create time: 2022-03-08T09:10:51Z
A python implementation of the Dirty Pipe exploit that adds an unprivliged user to the sudoers group. : eremus-dev/CVE-2016-5195-sudo-poc create time: 2022-03-08T07:17:39Z
CVE-2022-0487 : si1ent-le/CVE-2022-0847 create time: 2022-03-08T04:51:02Z
Script en python de la vulnerabilidad CVE-2021-4034 : GatoGamer1155/CVE-2021-4034 create time: 2022-03-08T03:55:05Z
no description : rahul1406/cve-2022-0847dirtypipe-exploit create time: 2022-03-08T03:56:03Z
Script en python de la vulnerabilidad CVE-2021-4034 : GatoGamer1155/CVE-2021-4034 create time: 2022-03-08T02:05:43Z
CVE-2022-24990:TerraMaster TOS 通过 PHP 对象实例化执行未经身份验证的远程命令 : Jaky5155/CVE-2022-24990-TerraMaster-TOS--PHP- create time: 2022-03-08T01:28:32Z
no description : lucksec/CVE-2022-0847 create time: 2022-03-08T01:17:09Z
CVE-2022-0847 exploit one liner : carlosevieira/Dirty-Pipe create time: 2022-03-07T20:57:34Z
66666 : 2xYuan/CVE-2022-0847 create time: 2022-03-07T19:56:37Z
CVE-2022-21907: exploitation with Powershell, Python, Ruby, NMAP and Metasploit. : mauricelambert/CVE-2021-31166 create time: 2022-03-07T18:56:52Z
A root exploit for CVE-2022-0847 : Arinerron/CVE-2022-0847-DirtyPipe-Exploit create time: 2022-03-07T18:55:20Z
CVE-2022-0847简单复现 : imfiver/CVE-2022-0847 create time: 2022-03-07T18:36:50Z
Script CVE-2021-4034 en python : GatoGamer1155/CVE-2021-4034 create time: 2022-03-07T15:10:32Z
Vulnerability in the Linux kernel since 5.8 : xndpxs/CVE-2022-0847 create time: 2022-03-07T17:51:02Z
Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947) : mrknow001/CVE-2022-22947 create time: 2022-03-07T16:24:42Z
CVE-2022-0847 : bbaranoff/CVE-2022-0847 create time: 2022-03-07T15:50:18Z
PoC for CVE-2022-23940 : manuelz120/CVE-2022-23940 create time: 2022-03-06T17:05:02Z
no description : darkb1rd/cve-2022-22947 create time: 2022-03-07T15:12:45Z
This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes. : Udyz/CVE-2022-0847 create time: 2022-03-07T14:31:38Z
CVE-2022-25636 : Bonfee/CVE-2022-25636 create time: 2022-03-07T13:38:41Z
SpringCloudGatewayRCE / Code By:Jun_sheng : Jun-5heng/CVE-2022-22947 create time: 2022-03-07T11:53:51Z
no description : RobertDra/CVE-2022-25257 create time: 2022-03-07T10:19:20Z
no description : RobertDra/CVE-2022-25256 create time: 2022-03-07T10:18:41Z
no description : puckiestyle/CVE-2022-0492 create time: 2022-03-07T10:03:17Z
Spring Cloud Gateway Actuator API SpEL表达式注入命令执行(CVE-2022-22947)批量检测工具 : YutuSec/SpEL create time: 2022-03-07T09:14:50Z
Spring Cloud Gateway远程代码执行漏洞POC,基于命令执行的基础上,增加了反弹shell操作 : j-jasson/CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE create time: 2022-03-07T07:24:13Z
It is a simple script coded in bash scripting to exploit the PwnKit vulnerability (cve-2021-4034), the idea of this is to try to automate the exploitation of this vulnerability as much as possible. : T369-Real/pwnkit-pwn create time: 2022-03-05T19:49:52Z
PoC for CVE-2020-0601 - CryptoAPI exploit : ioncodes/Curveball create time: 2020-01-28T21:24:54Z
A script to check if a container environment is vulnerable to container escapes via CVE-2022-0492 : SofianeHamlaoui/CVE-2022-0492-Checker create time: 2022-03-06T10:57:09Z
no description : Onurhan1337/CVE-2018-10933 create time: 2022-03-06T07:43:02Z
Webmin CVE-2022-0824 Reverse Shell : faisalfs10x/Webmin-CVE-2022-0824-revshell create time: 2022-03-06T00:03:31Z
CVE-2022-23779: Internal Hostname Disclosure Vulnerability : fbusr/CVE-2022-23779 create time: 2022-03-05T21:01:13Z
CVE-2021-32099 : akr3ch/CVE-2021-32099 create time: 2022-03-05T08:53:45Z
no description : 22ke/CVE-2022-22947 create time: 2022-03-05T06:19:46Z
[Django]CVE-2017-1279475 : thebatmanfuture/-Django-CVE-2017-1279475 create time: 2022-03-05T02:00:43Z
Spring Cloud Gateway Actuator API SpEL Code Injection. : march0s1as/CVE-2022-22947 create time: 2022-03-04T18:37:57Z
no description : gerr-re/cve-2022-24644 create time: 2022-03-04T18:26:35Z
CVE-2019-11043 LAB : jas9reet/CVE-2019-11043 create time: 2022-03-04T16:25:16Z
I am not the real author of this exploits.. There are two exploits available, use any of one if it doesn't work use another one... Manual for this two exploit has given in README file. Please read that file before using it.. :) : PentesterSoham/CVE-2021-4034-exploit create time: 2022-03-04T15:41:12Z
Proof of concept for pwnkit vulnerability : PwnFunction/CVE-2021-4034 create time: 2022-01-27T14:43:57Z
批量url检测Spring-Cloud-Gateway-CVE-2022-22947 : Xd-tl/CVE-2022-22947-Rce_POC create time: 2022-03-04T14:58:02Z
no description : puckiestyle/CVE-2021-3156 create time: 2022-03-04T13:06:51Z
CVE-2022-22947批量检测脚本,回显命令没进行正则,大佬们先用着,后续再更 : chaosec2021/CVE-2022-22947-POC create time: 2022-03-04T11:31:00Z
Spring-Cloud-Gateway-CVE-2022-22947 : nu0l/cve-2022-22947 create time: 2022-03-04T10:10:12Z
Spring Cloud Gateway Actuator API 远程命令执行 CVE-2022-22947 : dbgee/CVE-2022-22947 create time: 2022-03-04T09:47:55Z
# Ukraine-Cyber-Operations Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine. (Blog | Twitter | LinkedIn) 
### Analyst Comments: - 2022-02-25 - Creation of the initial repository to help organisations in Ukraine - Added Threat Reports section - Added Vendor Support section - 2022-02-26 - Additional resources, chronologically ordered (h/t Orange-CD) - Added Vetted OSINT Sources section - Added Miscellaneous Resources section - 2022-02-27 - Additional threat reports have been added - Added Data Brokers section - Added Access Brokers section - 2022-02-28 - Added Russian Cyber Operations Against Ukraine Timeline by ETAC - Added Vetted and Contextualized Indicators of Compromise (IOCs) by ETAC - 2022-03-01 - Additional threat reports and resources have been added - 2022-03-02 - Additional Indicators of Compromise (IOCs) have been added - Added vetted YARA rule collection from the Threat Reports by ETAC - Added loosely-vetted IOC Threat Hunt Feeds by KPMG-Egyde CTI (h/t 0xDISREL) - IOCs shared by these feeds are LOW-TO-MEDIUM CONFIDENCE we strongly recommend NOT adding them to a blocklist - These could potentially be used for THREAT HUNTING and could be added to a WATCHLIST - IOCs are generated in MISP COMPATIBLE CSV format - 2022-03-03 - Additional threat reports and vendor support resources have been added - Updated Log4Shell IOC Threat Hunt Feeds by KPMG-Egyde CTI; not directly related to Ukraine, but still a widespread vulnerability. - Added diagram of Russia-Ukraine Cyberwar Participants 2022 by ETAC - Additional Indicators of Compromise (IOCs) have been added #### Threat Reports | Date | Source | Threat(s) | URL | | --- | --- | --- | --- | | 14 JAN | SSU Ukraine | Website Defacements | ssu.gov.ua| | 15 JAN | Microsoft | WhisperGate wiper (DEV-0586) | microsoft.com | | 19 JAN | Elastic | WhisperGate wiper (Operation BleedingBear) | elastic.github.io | | 31 JAN | Symantec | Gamaredon/Shuckworm/PrimitiveBear (FSB) | symantec-enterprise-blogs.security.com | | 2 FEB | RaidForums | Access broker "GodLevel" offering Ukrainain algricultural exchange | RaidForums [not linked] | | 2 FEB | CERT-UA | UAC-0056 using SaintBot and OutSteel malware | cert.gov.ua | | 3 FEB | PAN Unit42 | Gamaredon/Shuckworm/PrimitiveBear (FSB) | unit42.paloaltonetworks.com | | 4 FEB | Microsoft | Gamaredon/Shuckworm/PrimitiveBear (FSB) | microsoft.com | | 8 FEB | NSFOCUS | Lorec53 (aka UAC-0056, EmberBear, BleedingBear) | nsfocusglobal.com | | 15 FEB | CERT-UA | DDoS attacks against the name server of government websites as well as Oschadbank (State Savings Bank) & Privatbank (largest commercial bank). False SMS and e-mails to create panic | cert.gov.ua | | 23 FEB | The Daily Beast | Ukrainian troops receive threatening SMS messages | thedailybeast.com | | 23 FEB | UK NCSC | Sandworm/VoodooBear (GRU) | ncsc.gov.uk | | 23 FEB | SentinelLabs | HermeticWiper | sentinelone.com | | 24 FEB | ESET | HermeticWiper | welivesecurity.com | | 24 FEB | Symantec | HermeticWiper, PartyTicket ransomware, CVE-2021-1636, unknown webshell | symantec-enterprise-blogs.security.com | | 24 FEB | Cisco Talos | HermeticWiper | blog.talosintelligence.com | | 24 FEB | Zscaler | HermeticWiper | zscaler.com | | 24 FEB | Cluster25 | HermeticWiper | cluster25.io | | 24 FEB | CronUp | Data broker "FreeCivilian" offering multiple .gov.ua | twitter.com/1ZRR4H| | 24 FEB | RaidForums | Data broker "Featherine" offering diia.gov.ua | RaidForums [not linked] | | 24 FEB | DomainTools | Unknown scammers | twitter.com/SecuritySnacks | | 25 FEB | @500mk500 | Gamaredon/Shuckworm/PrimitiveBear (FSB) | twitter.com/500mk500 | | 25 FEB | @500mk500 | Gamaredon/Shuckworm/PrimitiveBear (FSB) | twitter.com/500mk500| | 25 FEB | Microsoft | HermeticWiper | gist.github.com | | 25 FEB | 360 NetLab | DDoS (Mirai, Gafgyt, IRCbot, Ripprbot, Moobot) | blog.netlab.360.com | | 25 FEB | Conti [themselves] | Conti ransomware, BazarLoader | Conti News .onion [not linked] | | 25 FEB | CoomingProject [themselves] | Data Hostage Group | CoomingProject Telegram [not linked] | | 25 FEB | CERT-UA | UNC1151/Ghostwriter (Belarus MoD) | CERT-UA Facebook| | 25 FEB | Sekoia | UNC1151/Ghostwriter (Belarus MoD) | twitter.com/sekoia_io | | 25 FEB | @jaimeblascob | UNC1151/Ghostwriter (Belarus MoD) | twitter.com/jaimeblasco| | 25 FEB | RISKIQ | UNC1151/Ghostwriter (Belarus MoD) | community.riskiq.com | | 25 FEB | MalwareHunterTeam | Unknown phishing | twitter.com/malwrhunterteam | | 25 FEB | ESET | Unknown scammers | twitter.com/ESETresearch | | 25 FEB | BitDefender | Unknown scammers | blog.bitdefender.com | | 25 FEB | SSSCIP Ukraine | Unkown phishing | twitter.com/dsszzi | | 25 FEB | RaidForums | Data broker "NetSec" offering FSB (likely SMTP accounts) | RaidForums [not linked] | | 25 FEB | Zscaler | PartyTicket decoy ransomware | zscaler.com | | 25 FEB | INCERT GIE | Cyclops Blink, HermeticWiper | linkedin.com [Login Required] | | 25 FEB | Proofpoint | UNC1151/Ghostwriter (Belarus MoD) | twitter.com/threatinsight | | 25 FEB | @fr0gger_ | HermeticWiper capabilities Overview | twitter.com/fr0gger_ | 26 FEB | BBC Journalist | A fake Telegram account claiming to be President Zelensky is posting dubious messages | twitter.com/shayan86 | | 26 FEB | CERT-UA | UNC1151/Ghostwriter (Belarus MoD) | CERT_UA Facebook | | 26 FEB | MHT and TRMLabs | Unknown scammers, linked to ransomware | twitter.com/joes_mcgill | | 26 FEB | US CISA | WhisperGate wiper, HermeticWiper | cisa.gov | | 26 FEB | Bloomberg | Destructive malware (possibly HermeticWiper) deployed at Ukrainian Ministry of Internal Affairs & data stolen from Ukrainian telecommunications networks | bloomberg.com | | 26 FEB | Vice Prime Minister of Ukraine | IT ARMY of Ukraine created to crowdsource offensive operations against Russian infrastructure | twitter.com/FedorovMykhailo | | 26 FEB | Yoroi | HermeticWiper | yoroi.company | | 27 FEB | LockBit [themselves] | LockBit ransomware | LockBit .onion [not linked] | | 27 FEB | ALPHV [themselves] | ALPHV ransomware | vHUMINT [closed source] | | 27 FEB | Mēris Botnet [themselves] | DDoS attacks | vHUMINT [closed source] | | 28 FEB | Horizon News [themselves] | Leak of China's Censorship Order about Ukraine | TechARP| | 28 FEB | Microsoft | FoxBlade (aka HermeticWiper) | Microsoft | | 28 FEB | @heymingwei | Potential BGP hijacks attempts against Ukrainian Internet Names Center | https://twitter.com/heymingwei | | 28 FEB | @cyberknow20 | Stormous ransomware targets Ukraine Ministry of Foreign Affairs | twitter.com/cyberknow20 | | 1 MAR | ESET | IsaacWiper and HermeticWizard | welivesecurity.com | | 1 MAR | Proofpoint | Ukrainian armed service member's email compromised and sent malspam containing the SunSeed malware (likely TA445/UNC1151/Ghostwriter) | proofpoint.com | | 1 MAR | Elastic | HermeticWiper | elastic.github.io | | 1 MAR | CrowdStrike | PartyTicket (aka HermeticRansom), DriveSlayer (aka HermeticWiper) | CrowdStrike | | 2 MAR | Zscaler | DanaBot operators launch DDoS attacks against the Ukrainian Ministry of Defense | zscaler.com | | 3 MAR | @ShadowChasing1 | Gamaredon/Shuckworm/PrimitiveBear (FSB) | twitter.com/ShadowChasing1 | | 3 MAR | @vxunderground | News website in Poland was reportedly compromised and the threat actor uploaded anti-Ukrainian propaganda | twitter.com/vxunderground | | 3 MAR | @kylaintheburgh | Russian botnet on Twitter is pushing "#istandwithputin" and "#istandwithrussia" propaganda (in English) | twitter.com/kylaintheburgh | | 3 MAR | @tracerspiff | UNC1151/Ghostwriter (Belarus MoD) | twitter.com | #### Access Brokers | Date | Threat(s) | Source | | --- | --- | --- | | 23 JAN | Access broker "Mont4na" offering UkrFerry | RaidForums [not linked] | | 23 JAN | Access broker "Mont4na" offering PrivatBank | RaidForums [not linked] | | 24 JAN | Access broker "Mont4na" offering DTEK | RaidForums [not linked] | | 27 FEB | KelvinSecurity Sharing list of IP cameras in Ukraine | vHUMINT [closed source] | | 28 FEB | "w1nte4mute" looking to buy access to UA and NATO countries (likely ransomware affiliate) | vHUMINT [closed source] | #### Data Brokers | Threat Actor | Type | Observation | Validated | Relevance | Source | | --------------- | --------------- | --------------------------------------------------------------------------------------------------------- | --------- | ----------------------------- | ---------------------------------------------------------- | | aguyinachair | UA data sharing | PII DB of ukraine.com (shared as part of a generic compilation) | No | TA discussion in past 90 days | ELeaks Forum [not linked] | | an3key | UA data sharing | DB of Ministry of Communities and Territories Development of Ukraine (minregion[.]gov[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | an3key | UA data sharing | DB of Ukrainian Ministry of Internal Affairs (wanted[.]mvs[.]gov[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB (40M) of PrivatBank customers (privatbank[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | DB of "border crossing" DBs of DPR and LPR | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB (7.5M) of Ukrainian passports | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB of Ukrainian car registration, license plates, Ukrainian traffic police records | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB (2.1M) of Ukrainian citizens | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB (28M) of Ukrainian citizens (passports, drivers licenses, photos) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB (1M) of Ukrainian postal/courier service customers (novaposhta[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB (10M) of Ukrainian telecom customers (vodafone[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB (3M) of Ukrainian telecom customers (lifecell[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB (13M) of Ukrainian telecom customers (kyivstar[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | danieltx51 | UA data sharing | DB of Ministry of Foreign Affairs of Ukraine (mfa[.]gov[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | DueDiligenceCIS | UA data sharing | PII DB (63M) of Ukrainian citizens (name, DOB, birth country, phone, TIN, passport, family, etc) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | Featherine | UA data sharing | DB of Ukrainian 'Diia' e-Governance Portal for Ministry of Digital Transformation of Ukraine | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | FreeCivilian | UA data sharing | DB of Ministry for Internal Affairs of Ukraine public data search engine (wanted[.]mvs[.]gov[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | FreeCivilian | UA data sharing | DB of Ministry for Communities and Territories Development of Ukraine (minregion[.]gov[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | FreeCivilian | UA data sharing | DB of Motor Insurance Bureau of Ukraine (mtsbu[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | FreeCivilian | UA data sharing | PII DB of Ukrainian digital-medicine provider (medstar[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | FreeCivilian | UA data sharing | DB of ticket.kyivcity.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of id.kyivcity.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of my.kyivcity.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of portal.kyivcity.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of anti-violence-map.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of dopomoga.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of e-services.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of edu.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of education.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of ek-cbi.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mail.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of portal-gromady.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of web-minsoc.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of wcs-wim.dsbt.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of bdr.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of motorsich.com | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of dsns.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mon.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of minagro.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of zt.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of kmu.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of dsbt.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of forest.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of nkrzi.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of dabi.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of comin.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of dp.dpss.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of esbu.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mms.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mova.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mspu.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of nads.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of reintegration.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of sies.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of sport.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mepr.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mfa.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of va.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mtu.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of cg.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of ch-tmo.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of cp.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of cpd.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of hutirvilnij-mrc.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of dndekc.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of visnyk.dndekc.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of dpvs.hsc.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of odk.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of e-driver[.]hsc[.]gov[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of wanted[.]mvs[.]gov[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of minregeion[.]gov[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of health[.]mia[.]solutions | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mtsbu[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of motorsich[.]com | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of kyivcity[.]com | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of bdr[.]mvs[.]gov[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of gkh[.]in[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of kmu[.]gov[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mon[.]gov[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of minagro[.]gov[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mfa[.]gov[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | Intel_Data | UA data sharing | PII DB (56M) of Ukrainian Citizens | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | Kristina | UA data sharing | DB of Ukrainian National Police (mvs[.]gov[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | NetSec | UA data sharing | PII DB (53M) of Ukrainian citizens | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | Psycho_Killer | UA data sharing | PII DB (56M) of Ukrainian Citizens | No | TA discussion in past 90 days | Exploit Forum .onion [not linked] | | Sp333 | UA data sharing | PII DB of Ukrainian and Russian interpreters, translators, and tour guides | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | Vaticano | UA data sharing | DB of Ukrainian 'Diia' e-Governance Portal for Ministry of Digital Transformation of Ukraine [copy] | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | Vaticano | UA data sharing | DB of Ministry for Communities and Territories Development of Ukraine (minregion[.]gov[.]ua) [copy] | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | #### Vendor Support | Vendor | Offering | URL | | --- | --- | --- | | Dragos | Access to Dragos service if from US/UK/ANZ and in need of ICS cybersecurity support | twitter.com/RobertMLee | | GreyNoise | Any and all Ukrainian emails registered to GreyNoise have been upgraded to VIP which includes full, uncapped enterprise access to all GreyNoise products | twitter.com/Andrew___Morris | | Recorded Future | Providing free intelligence-driven insights, perspectives, and mitigation strategies as the situation in Ukraine evolves| recordedfuture.com | | Flashpoint | Free Access to Flashpoint’s Latest Threat Intel on Ukraine | go.flashpoint-intel.com | | ThreatABLE | A Ukraine tag for free threat intelligence feed that's more highly curated to cyber| twitter.com/threatable | | Orange | IOCs related to Russia-Ukraine 2022 conflict extracted from our Datalake Threat Intelligence platform. | github.com/Orange-Cyberdefense| | FSecure | F-Secure FREEDOME VPN is now available for free in all of Ukraine | twitter.com/FSecure | | Multiple vendors | List of vendors offering their services to Ukraine for free, put together by @chrisculling | docs.google.com/spreadsheets | | Mandiant | Free threat intelligence, webinar and guidance for defensive measures relevant to the situation in Ukraine. | mandiant.com | | Starlink | Satellite internet constellation operated by SpaceX providing satellite Internet access coverage to Ukraine | twitter.com/elonmusk | | Romania DNSC | Romania’s DNSC – in partnership with Bitdefender – will provide technical consulting, threat intelligence and, free of charge, cybersecurity technology to any business, government institution or private citizen of Ukraine for as long as it is necessary. | Romania's DNSC Press Release| | BitDefender | Access to Bitdefender technical consulting, threat intelligence and both consumer and enterprise cybersecurity technology | bitdefender.com/ukraine/ | | NameCheap | Free anonymous hosting and domain name registration to any anti-Putin anti-regime and protest websites for anyone located within Russia and Belarus | twitter.com/Namecheap | | Avast | Free decryptor for PartyTicket ransomware | decoded.avast.io | #### Vetted OSINT Sources | Handle | Affiliation | | --- | --- | | @KyivIndependent | English-language journalism in Ukraine | | @IAPonomarenko | Defense reporter with The Kyiv Independent | | @KyivPost | English-language journalism in Ukraine | | @Shayan86 | BBC World News Disinformation journalist | | @Liveuamap | Live Universal Awareness Map (“Liveuamap”) independent global news and information site | | @DAlperovitch | The Alperovitch Institute for Cybersecurity Studies, Founder & Former CTO of CrowdStrike | | @COUPSURE | OSINT investigator for Centre for Information Resilience | | @netblocks | London-based Internet's Observatory | #### Miscellaneous Resources | Source | URL | Content | | --- | --- | --- | | PowerOutages.com | https://poweroutage.com/ua | Tracking PowerOutages across Ukraine | | Monash IP Observatory | https://twitter.com/IP_Observatory | Tracking IP address outages across Ukraine | | Project Owl Discord | https://discord.com/invite/projectowl | Tracking foreign policy, geopolitical events, military and governments, using a Discord-based crowdsourced approach, with a current emphasis on Ukraine and Russia | | russianwarchatter.info | https://www.russianwarchatter.info/ | Known Russian Military Radio Frequencies | : Nate0634034090/bug-free-memory create time: 2022-03-04T09:00:59Z
cve-2022-22947 spring cloud gateway 批量扫描脚本 : dingxiao77/-cve-2022-22947- create time: 2022-03-04T07:24:58Z
CVE-2021-42013批量 : tangxiaofeng7/CVE-2022-22947-Spring-Cloud-Gateway create time: 2022-03-04T06:38:26Z
日常更新一些顺手写的gobypoc,包含高危害EXP : york-cmd/CVE-2022-22947-goby create time: 2022-03-04T05:45:05Z
Exp : BerMalBerIst/CVE-2022-22947 create time: 2022-03-04T05:26:33Z
poc for cve-2022-22947 : scopion/cve-2022-22947 create time: 2022-03-03T09:30:37Z
port of CVE-2021-4034 exploit to Rust/cargo for my own edification : defhacks/cve-2021-4034 create time: 2022-03-04T03:47:53Z
Spring Cloud Gateway远程代码执行漏洞 : Summer177/Spring-Cloud-Gateway-CVE-2022-22947- create time: 2022-03-04T02:36:02Z
Spring Cloud Gateway Actuator API SpEL表达式注入命令执行(CVE-2022-22947) : helloexp/CVE-2022-22947 create time: 2022-03-04T02:29:02Z
no description : Greetdawn/CVE-2022-22947 create time: 2022-03-04T02:27:50Z
no description : skentagon/CVE-2021-41773 create time: 2022-02-27T22:39:58Z
SpringCloudGatewayRCE - CVE-2022-22947 / Code By:Tas9er : Tas9er/SpringCloudGatewayRCE create time: 2022-03-03T19:45:18Z
CVE-2021-4034 : Jesrat/make_me_root create time: 2022-03-03T18:29:11Z
Spring Cloud Gateway < 3.0.7 & < 3.1.1 Code Injection (RCE) : carlosevieira/CVE-2022-22947 create time: 2022-03-03T18:26:18Z
no description : micha3lcve/CVE-2021-44228-Mass-RCE create time: 2022-03-03T17:18:43Z
RFI to RCE Nagios/NagiosXI exploitation : ArianeBlow/NagiosXI-RCE-all-version-CVE-2021-40345 create time: 2021-06-02T21:39:53Z
Spring_CVE_2022_22947:Spring Cloud Gateway现高风险漏洞cve,poc漏洞利用,一键利用,开箱即用 : wjl110/Spring_CVE_2022_22947 create time: 2022-03-03T16:56:37Z
Spring Cloud Gateway 远程代码执行漏洞Exp Spring_Cloud_Gateway_RCE_Exp-CVE-2022-22947 : Axx8/CVE-2022-22947_Rce_Exp create time: 2022-03-03T13:13:02Z
Spring cloud gateway code injection : CVE-2022-22947 : Vulnmachines/spring-cve-2022-22947 create time: 2022-03-03T11:14:37Z
CVE-2022-22947 RCE : shakeman8/CVE-2022-22947-RCE create time: 2022-03-03T10:44:36Z
This repository contains files for reproducing the vulnerability. : yasin-cs-ko-ak/grafana-cve-2021-43798 create time: 2022-03-03T09:37:46Z
poc for cve-2022-22947 : cgddgc/cve-2022-22947 create time: 2022-03-03T09:24:36Z
Kali linux _ CVE 2019 - 2022 : AhnSungHoon/Kali_CVE create time: 2022-03-03T07:16:21Z
Test tool for CVE-2020-1472 : Anonymous-Family/CVE-2020-1472 create time: 2022-03-03T02:00:21Z
Zero-day-scanning is a Domain Controller vulnerability scanner, that currently includes checks for Zero-day-scanning (CVE-2020-1472), MS-PAR/MS-RPRN and SMBv2 Signing. : Anonymous-Family/Zero-day-scanning create time: 2022-03-03T01:55:28Z
Exploiting Linux Kernel Vulnerability: Dirty Cow (CVE-2016-5195) : ellietoulabi/Dirty-Cow create time: 2022-03-02T19:06:36Z
CVE-2018-11235-Git-Submodule-CE + Docker Ngrok Configuration : twseptian/CVE-2018-11235-Git-Submodule-CE-and-Docker-Ngrok-Configuration create time: 2022-03-02T16:26:52Z
A "Creation of Temporary Files in Directory with Insecure Permissions" vulnerability in PrintixService.exe, in Printix's "Printix Secure Cloud Print Management", Version 1.3.1106.0 and below allows any logged in user to elevate any executable or file to the SYSTEM context. This is achieved by exploiting race conditions in the Installer. : ComparedArray/printix-CVE-2022-25090 create time: 2022-03-02T13:14:11Z
no description : takumak/cve-2019-5736-reproducer create time: 2022-03-02T14:57:08Z
polkit-pkexec local privilege escalation vulnerability : Xuanyaz/CVE-2021-4034 create time: 2022-03-02T13:07:00Z
no description : lucksec/Spring-Cloud-Gateway-CVE-2022-22947 create time: 2022-03-02T11:58:55Z
Tools for get offsets and adding patch for support i386 : usernameid0/tools-for-CVE-2018-1000001 create time: 2022-03-01T21:27:37Z
no description : PaloAltoNetworks/can-ctr-escape-cve-2022-0492 create time: 2022-02-28T01:25:26Z
CVE-2022-23361 : ViNi0608/CVE-2022-23361 create time: 2022-03-01T17:08:19Z
no description : usernameid0/CVE-2018-1000857-i386 create time: 2022-03-01T17:13:01Z
no description : Mr-xn/CVE-2022-25064 create time: 2022-03-01T15:10:20Z
cve-2018-6574 : twseptian/cve-2018-6574 create time: 2022-03-01T13:42:50Z
iOS 15.1 kernel exploit POC for CVE-2021-30955 : b1n4r1b01/desc_race create time: 2022-03-01T12:41:03Z
https://gist.github.com/jakeajames/37f72c58c775bfbdda3aa9575149a8aa compiled into a ipa : verygenericname/CVE-2021-30955-POC-IPA create time: 2022-02-28T23:28:39Z
Proof of concept (wrapped into an iOS app) for CVE-2021-30955 : nickorlow/CVE-2021-30955-POC create time: 2022-02-28T22:23:51Z
This script is intended to validate Apache Struts 2 vulnerability (CVE-2017-5638), AKA Struts-Shock. : readloud/CVE-2017-5638 create time: 2022-02-28T14:49:52Z
no description : timb-machine-mirrors/CVE-2021-30955 create time: 2022-02-28T14:54:10Z
A python exploit to automatically dump all the data stored by the auto-completion plugin of Ametys CMS to a local sqlite database file. : p0dalirius/CVE-2022-26159-Ametys-Autocompletion-XML create time: 2022-02-21T19:59:11Z
Zabbix - SAML SSO Authentication Bypass : kh4sh3i/CVE-2022-23131 create time: 2022-02-28T10:37:02Z
POC for KeePass [CVE-2022-0725] : ByteHackr/keepass_poc create time: 2022-02-28T06:53:37Z
CVE-2022-0529 & CVE-2022-0530 : ByteHackr/unzip_poc create time: 2022-02-28T05:44:52Z
CVE-2022-0529 & CVE-2022-0530 : nanaao/unzip_poc create time: 2022-02-28T05:20:03Z
no description : movvamrocks/PwnKit-CVE-2021-4034 create time: 2022-02-28T04:41:40Z
Android Ransomware Development - AES256 encryption + CVE-2019-2215 + Data Exfiltration : nicchongwb/Rootsmart-v2.0 create time: 2022-02-28T02:34:31Z
no description : l00neyhacker/CVE-2022-26158 create time: 2022-02-28T03:51:56Z
no description : l00neyhacker/CVE-2022-26157 create time: 2022-02-28T03:51:05Z
no description : l00neyhacker/CVE-2022-26156 create time: 2022-02-28T03:50:12Z
no description : l00neyhacker/CVE-2022-26155 create time: 2022-02-28T03:47:15Z
CVE-2022-1111 : KiritoLoveAsuna/CVE-2022-1111 create time: 2022-02-28T01:08:03Z
kctf exploit : shahparkhan/cve-2022-0185 create time: 2022-02-27T13:42:02Z
no description : Fa1c0n35/zabbix-cve-2022-23131 create time: 2022-02-27T11:30:53Z
PoC for CVE-2022-21971 "Windows Runtime Remote Code Execution Vulnerability" : 0vercl0k/CVE-2022-21971 create time: 2022-02-26T20:37:42Z
PoC for CVE-2022-21974 "Roaming Security Rights Management Services Remote Code Execution Vulnerability" : 0vercl0k/CVE-2022-21974 create time: 2022-02-26T18:53:56Z
Exploit PoC for CVE-2020-18326 : hamm0nz/CVE-2020-18326 create time: 2022-02-26T17:30:41Z
no description : hamm0nz/CVE-2020-18325 create time: 2022-02-26T17:06:09Z
Tor Browser 9.0.7 on Windows 10 build 10586 is vulnerable to information disclosure. This could allow local attackers to bypass the intended anonymity feature and obtain information regarding the onion services visited by a local user. This can be accomplished by analyzing RAM memory even several hours after the local user used the product. This occurs because the product doesn't properly free memory. : malakkf/CVE-2021-46702 create time: 2022-02-26T13:52:44Z
CVE-2022-24086 RCE : shakeman8/CVE-2022-24086-RCE create time: 2022-02-26T10:12:45Z
no description : innxrmxst/CVE-2021-3560 create time: 2022-02-25T20:30:31Z
Apache APISIX batch-requests RCE(CVE-2022-24112) : Axx8/CVE-2022-24112 create time: 2022-02-25T15:17:28Z
Script to demonstrate the Grafana directory traversal exploit (CVE-2021-43798). : Jroo1053/GrafanaDirInclusion create time: 2022-02-25T09:26:40Z
no description : MoritzHuppert/CVE-2022-25022 create time: 2022-02-25T08:26:12Z
no description : MoritzHuppert/CVE-2022-25020 create time: 2022-02-25T08:24:44Z
no description : MoritzHuppert/CVE-2022-25018 create time: 2022-02-25T08:23:49Z
POC for CVE-2022-24124 : ColdFusionX/CVE-2022-24124 create time: 2022-02-25T07:55:55Z
no description : hahaleyile/CVE-2021-4034 create time: 2022-02-25T01:30:09Z
Python Scanner for TestRail servers vulnerable to CVE-2021-40875 : Lul/TestRail-files.md5-IAC-scanner create time: 2022-02-24T19:52:01Z
no description : bkojusner/CVE-2021-25461 create time: 2022-02-24T17:28:58Z
Exploit PoC of CVE-2020-18324 : hamm0nz/CVE-2020-18324 create time: 2022-02-24T15:38:11Z
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 : Ananya-0306/Log-4j-scanner create time: 2022-02-24T13:49:14Z
Exploit for CVE-2022-22845 - Unauthenticated Admin Takeover On QXIP SIPCAPTURE Homer-App up to 1.4.27 : OmriBaso/CVE-2022-22845-Exploit create time: 2022-02-24T13:40:12Z
no description : pykiller/CVE-2022-23131 create time: 2022-02-24T11:34:27Z
Automated PoC of CVE-2021-44521 : QHpix/CVE-2021-44521 create time: 2022-02-24T11:07:34Z
no description : trganda/CVE-2022-23131 create time: 2022-02-24T08:10:46Z
Zabbix SSO Bypass : random-robbie/cve-2022-23131-exp create time: 2022-02-23T16:34:03Z
no description : polling-repo-continua/CVE-2022-25257 create time: 2022-02-20T06:42:24Z
CVE-2022-0529 & CVE-2022-0530 : ByteHackr/unzip_poc create time: 2022-02-23T14:15:53Z
no description : pazhanivel07/frameworks_av-10-r33_CVE-2020-0242 create time: 2022-02-23T11:48:10Z
no description : pazhanivel07/frameworks_base_CVE-2020-0209 create time: 2022-02-23T10:44:33Z
no description : Blackyguy/-CVE-2012-2661-ActiveRecord-SQL-injection- create time: 2022-02-23T10:15:59Z
no description : pazhanivel07/Settings_10-r33_CVE-CVE-2020-0219 create time: 2022-02-23T10:10:23Z
Writeup(malay) ''Coming soon" : Blackyguy/CVE-2012-2661-ActiveRecord-SQL-injection create time: 2022-02-23T09:15:42Z
An exploit for CVE-2020-6418 implementing a SHELF Loader. Published as part of Tmp.0ut volume 2 : ulexec/ChromeSHELFLoader create time: 2022-02-19T20:00:04Z
Apache APISIX apisix/batch-requests RCE : Udyz/CVE-2022-24112 create time: 2022-02-22T19:04:52Z
CVE-2022 : TheRealSlurpie/CVE-2022 create time: 2022-02-22T16:04:27Z
CVE-2022-24112:Apache APISIX apisix/batch-requests RCE : Mr-xn/CVE-2022-24112 create time: 2022-02-22T14:09:49Z
no description : UzJu/CVE-2022-21660 create time: 2022-02-22T09:50:09Z
no description : mxypoo/CVE-2016-3116-DropbearSSH create time: 2022-02-22T06:59:55Z
no description : mtthwstffrd/dirkjanm-CVE-2020-1472 create time: 2022-02-22T03:33:38Z
no description : mtthwstffrd/SecuraBV-CVE-2020-1472 create time: 2022-02-22T03:33:24Z
no description : mtthwstffrd/calebstewart-CVE-2021-1675 create time: 2022-02-22T03:32:34Z
no description : mtthwstffrd/cube0x0-CVE-2021-1675 create time: 2022-02-22T03:32:14Z
cve-2022-23131 : L0ading-x/cve-2022-23131 create time: 2022-02-22T01:39:52Z
CVE-2021-3560 Polkit v0.105-26 Linux Privilege Escalation PoC by Vivald0x6f : Nosferatuvjr/Vivald0x6f create time: 2022-02-21T21:39:29Z
Changelog CVE-2021-33044,CVE-2021-33045 Identity authentication bypass vulnerability found in some Dahua products CVE-2021-27248,CVE-2021-27249,CVE-2021-27250,CVE-2021-34860,CVE-2021-34861,CVE-2021-34862,CVE-2021-34863 Multiple vulnerabilities in DAP-2020 H/W rev. Ax with F/W v1.01 and below HTTP Path Traversal CVE-2019-7406 RCE vulnerability in TP-Link Wi-Fi Extenders via a malformed user agent field in HTTP headers CVE-2020-2501,CVE-2021-28797 Stack Buffer Overflow in QNAP Surveillance Station CVE-2021-34730 Critical UPnP Service Flaw on Cisco Small Business RV Series Routers CVE-2020-35785 Multiple HTTP authentication vulnerabilities on DGN2200v1 : Alonzozzz/alonzzzo create time: 2022-02-21T21:22:43Z
A repository housing the exploit code for CVE-2021-27965, a stack-buffer overflow vulnerability in MsIo.sys. : Leo-Security/CVE-2021-27965-Win10-20H2-x64 create time: 2022-02-21T20:31:17Z
no description : Tanmay-N/CVE-2021-4034 create time: 2022-02-21T16:54:38Z
CVE-2022-21907 Mass Exploitation tool written in Python 3 compatible with lists of URL/IPs. For a large number of targets you can increase the number of threads, we don't recommend more than 1024. This tool is NOT free to prevent abuse and do not expect to find a fix-it-all proof of concept for exploitation for free. Only for those knowledgeable. : coconut20/CVE-2022-21907 create time: 2022-02-21T16:28:39Z
An easy to use Python package to exploit ICSA-17-124-01 / CVE-2017-7921 in HikVision camera's. : NFIRBV/krijg-de-hik create time: 2022-02-21T13:38:55Z
This is the repository used for CVE-2017-7651 for exploiting mosquitto 1.4.14 : St3v3nsS/CVE-2017-7651 create time: 2022-02-21T12:54:41Z
CVE-2022-24112 check : shakeman8/CVE-2022-24112 create time: 2022-02-21T11:52:28Z
exiftool exploit : tuhin81/CVE-2021-22204-exiftool create time: 2022-02-21T11:07:19Z
no description : AS4mir/CVE-2021-45008 create time: 2022-02-21T09:00:38Z
poc : zwjjustdoit/cve-2022-23131 create time: 2022-02-21T02:42:23Z
no description : 0tt7/CVE-2022-23131 create time: 2022-02-21T00:51:14Z
CVE-2022-25375 - Demo exploit of RNDIS USB Gadget : szymonh/rndis-co create time: 2022-02-17T14:02:58Z
Proof Of Concept for the 2021's pkexec vulnerability CVE-2021-4034 : JoaoFukuda/CVE-2021-4034_POC create time: 2022-02-20T17:49:21Z
no description : BL0odz/CVE-2021-40449-NtGdiResetDC-UAF create time: 2022-02-20T16:23:26Z
CVE-2022-24086 about Magento RCE : Mr-xn/CVE-2022-24086 create time: 2022-02-20T13:52:31Z
no description : foxtrot/CVE-2021-1965 create time: 2022-02-20T00:52:01Z
Fancy Zerologon Beta : Exploitspacks/CVE-2020-1472 create time: 2022-02-19T23:51:30Z
PrintNightmare+Manual : Exploitspacks/CVE-2021-34527-CVE-2021-1675 create time: 2022-02-19T23:20:58Z
Fully modified exploit for Ms17-010 : Exploitspacks/MS17-010-2017-2997-CVE-2017-2998-CVE-2017-2999-CVE-2017-3000-CVE-2017-3001-CVE-2017-3002-CVE-2017-3 create time: 2022-02-19T22:45:52Z
Modified exploit : Exploitspacks/CVE-2019-0708 create time: 2022-02-19T22:39:05Z
A full-fledged exploit for CVE-2018-13379-CVE-2020-12812-CVE-2019-5591 and not only with a powershell parser. Any evidence : Exploitspacks/CVE-2018-13379-CVE-2020-12812-CVE-2019-5591 create time: 2022-02-19T22:30:47Z
Vulnerability: CVE-2020-0787 (Published: March 10, 2020) Supported versions: Vista/2008/W7/2008R2/W8/2012/W8.1/2012R2/W10/2016/2019 Supported architecture: x86/x64 Development stage: v1.0.20130 (stable) Code size: 36Kb : Exploitspacks/CVE-2020-0787 create time: 2022-02-19T22:18:00Z
SonicWall Exploit CVE-2021-20028 : Exploitspacks/CVE-2021-20028 create time: 2022-02-19T21:43:51Z
no description : dhammon/HotelDruid-CVE-2021-42949 create time: 2022-02-19T21:02:42Z
no description : dhammon/HotelDruid-CVE-2021-42948 create time: 2022-02-19T21:01:12Z
Cross-Site Request Forgery : AS4mir/CVE-2021-45007 create time: 2022-02-19T15:28:59Z
CVE-2021-1965 WiFi Zero Click RCE Trigger PoC : parsdefense/CVE-2021-1965 create time: 2022-02-18T14:19:58Z
no description : 1mxml/CVE-2022-23131 create time: 2022-02-18T14:48:53Z
no description : parsdefense/CVE-2021-1965 create time: 2022-02-18T11:54:48Z
cve-2022-23131 zabbix-saml-bypass-exp : Mr-xn/cve-2022-23131 create time: 2022-02-18T11:51:47Z
CVE-2021-4034 POC and Docker and simple Analysis write up : chenaotian/CVE-2022-0185 create time: 2022-02-18T09:27:34Z
cve-2022-23131 exp : jweny/zabbix-saml-bypass-exp create time: 2022-02-18T08:38:53Z
pkexec EoP exploit : LJP-TW/CVE-2021-4034 create time: 2022-02-17T13:17:07Z
no description : LeQuocKhanh2K/Tool_Exploit_Password_Camera_CVE-2018-9995 create time: 2022-02-18T03:17:31Z
no description : qq1549176285/CVE-2022-23131 create time: 2022-02-18T03:03:26Z
no description : LeQuocKhanh2K/Tool_Camera_Exploit_Netwave_CVE-2018-6479 create time: 2022-02-18T02:33:04Z
Skeleton (but pronounced like Peloton): A Zero-Click RCE exploit for CVE-2021-0326 : aemmitt-ns/skeleton create time: 2022-01-17T21:35:19Z
Hotel Druid 3.0.3 Code Injection to Remote Code Execution : 0z09e/CVE-2022-22909 create time: 2022-02-17T17:18:02Z
no description : RobertDra/CVE-2022-25257 create time: 2022-02-17T13:29:26Z
no description : RobertDra/CVE-2022-25256 create time: 2022-02-17T13:11:08Z
An exploit script of CVE-2016-5195 : th3-5had0w/DirtyCOW-PoC create time: 2022-02-17T11:57:08Z
no description : tranmanhdat/couchdb_cve-2017-12635 create time: 2022-02-17T09:25:26Z
no description : RobertDra/CVE-2022-25256 create time: 2022-02-17T10:14:05Z
CVE-2022-25258 - Demo exploit targeting usb gadget's os descriptor handler : szymonh/d-os-descriptor create time: 2022-02-15T09:04:25Z
POC en Python para el CVE-2012-2982 mejorado del original por el usuario @OstojaOfficial : blu3ming/CVE-2012-2982 create time: 2022-02-16T20:00:36Z
cve-2022-24086 patch for Magento 1.9 : wambo-co/magento-1.9-cve-2022-24086 create time: 2022-02-16T08:50:33Z
CVE-2018-15473 : Goldenmonkeyy/SSHusernameEnum create time: 2022-02-16T05:27:00Z
Rust implementation of the Log 4 Shell (log 4 j - CVE-2021-44228) : s-retlaw/l4srs create time: 2022-02-16T01:13:08Z
Local and Remote scan for shellshock vulnerability for Bash versions lower than 4.3. [CVE-2014-6271].* : 0bfxgh0st-secondary/ShellShock create time: 2022-02-15T16:48:14Z
no description : r1l4-i3pur1l4/CVE-2021-1732 create time: 2022-02-15T16:55:31Z
CVE-2021-22005 vcenter任意文件上传批量验证poc : chaosec2021/CVE-2021-22005poc create time: 2022-02-15T13:11:04Z
NoPacScan is a CVE-2021-42287/CVE-2021-42278 Scanner,it scan for more domain controllers than other script : knightswd/NoPacScan create time: 2022-01-07T11:59:55Z
测试测试 : MrShiF/CVE-2022-23888 create time: 2022-02-15T09:31:13Z
SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536. : antx-code/CVE-2022-22536 create time: 2022-02-15T09:22:19Z
ceshiceshi : MrShiF/CVE-2022-1 create time: 2022-02-15T07:01:52Z
测试测试 : MrShiF/CVE-2022-1-15 create time: 2022-02-15T06:32:33Z
CVE-2021-4034 centos8可用版本 : ck00004/CVE-2021-4034 create time: 2022-02-15T02:34:48Z
Build the struts-2.3.31 (CVE-2017-5638) environment : testpilot031/vulnerability_struts-2.3.31 create time: 2022-02-15T00:38:47Z
SQL Injection Vulnerability on PhpIPAM v1.4.4 : dnr6419/CVE-2022-23046 create time: 2022-02-15T00:00:22Z
All stages of exploring the polkit CVE-2021-4034 using codeql : hohn/codeql-sample-polkit create time: 2022-02-14T22:09:44Z
no description : r1l4-i3pur1l4/CVE-2022-21882 create time: 2022-02-14T21:28:15Z
Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. adminer.php) are affected. This is fixed in version 4.7.9. : llhala/CVE-2021-21311 create time: 2022-02-14T18:54:53Z
Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893) : jbaines-r7/blankspace create time: 2022-02-04T17:11:00Z
Stored XSS Vulnerability on RosarioSIS 8.2.1 : dnr6419/CVE-2021-45416 create time: 2022-02-14T07:31:01Z
no description : [rohank