Exploit for CVE-2025-68613

CVE-2025-68613 Local n8n Lab This repository provides a simpl...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Lab A hands-on lab to exploit CVE-2025-55182...

React-Zero-Day-Exploit-Laboratory

🚨 React Zero-Day Exploit Laboratory Interactive Secur...

Exploit for CVE-2025-13615

Lab: CVE-2025-13615 - Authorization Bypass Through User-Contro...

Blind-SQLi-StatusCode

Script en python...

EUVD-2023-29509

Malicious code in bioql PyPI...

EUVD-2024-3295

Malicious code in bioql PyPI...

EUVD-2023-46378

Malicious code in bioql PyPI...

EUVD-2022-0161

Malicious code in bioql PyPI...

EUVD-2023-29514

Malicious code in bioql PyPI...

EUVD-2023-29513

Malicious code in bioql PyPI...

EUVD-2023-29510

Malicious code in bioql PyPI...

EUVD-2024-35247

Malicious code in bioql PyPI...

CodeQL zero to hero part 5: Debugging queries

When you're first getting started with CodeQL, you may find yourself in a situation where a query doesn't return the results you expect. Debugging these queries can be tricky, because CodeQL is a Prolog-like language with an evaluation model that's quite different from mainstream languages like...

CVE-2024-43706

creationtimestamp| type| source ---|---|--- 2025-06-10 18:33:22+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17965 2025-06-16 23:22:37+00:00| seen| https://bsky.app/profile/securitylab-jp.bsky.social/post/3lrr4ptjf2k2w...

CVE-2023-43662

ShokoServer is a media server which specializes in organizing anime. In affected versions the /api/Image/WithPath endpoint is accessible without authentication and is supposed to return default server images. The endpoint accepts the parameter serverImagePath, which is not sanitized in any way...

CVE-2023-41899

Home assistant is an open source home automation. In affected versions the hassio.addonstdin is vulnerable to a partial Server-Side Request Forgery where an attacker capable of calling this service e.g.: through GHSA-h2jp-7grc-9xpp may be able to invoke any Supervisor REST API endpoints with a PO...

WordPress Security Research Series: Setting Up Your Research Lab

Welcome to Part 3 of the WordPress Security Research Beginner Series! If you haven’t yet, take a minute to check out the series introduction to get a sense of what this series is all about. You’ll also want to catch up on Part 1, where we dig into WordPress request architecture and hooks, and Par...

GHSA-H9W6-F932-GQ62 ses's global contour bindings leak into Compartment lexical scope

Impact Web pages and web extensions using ses and the Compartment API to evaluate third-party code in an isolated execution environment that have also elsewhere used const, let, and class bindings in the top-level scope of a tag will have inadvertently revealed these bindings in the lexical scope...

Exploit for CVE-2024-49379

Proof of Concept PoC for CVE-2024-49379 This repository con...