Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2024-38077 - MadLicense !Pythonhttps://img.shields.i...

Exploit for Deserialization of Untrusted Data in Facebook React

ReactOOPS - HTB Web Challenge Writeup...

CVE-2025-13662

Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required...

PT-2025-50088

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2024 SU4 SR1 Description A flaw exists in the patch management component of Ivanti Endpoint Manager that involves improper verification of cryptographic signatures. This allows a remote, unauthenticate...

CVE-2025-66576

Remote Keyboard Desktop 1.0.1 enables remote attackers to execute system commands via the rundll32.exe exported function export, allowing unauthenticated code execution...

CVE-2020-36881

Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Input Directory' component that allows unauthenticated attackers to execute arbitrary code on the system. Attackers can exploit this by pasting a specially crafted directory path into the 'Add Input Directory' field...

CVE-2020-36881

Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Input Directory' component that allows unauthenticated attackers to execute arbitrary code on the system. Attackers can exploit this by pasting a specially crafted directory path into the 'Add Input Directory' field...

CVE-2020-36881 Flexsense DiskBoss 'Add Input Directory' Buffer Overflow

Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Input Directory' component that allows unauthenticated attackers to execute arbitrary code on the system. Attackers can exploit this by pasting a specially crafted directory path into the 'Add Input Directory' field...

EUVD-2020-30823

Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Input Directory' component that allows unauthenticated attackers to execute arbitrary code on the system. Attackers can exploit this by pasting a specially crafted directory path into the 'Add Input Directory' field...

Exploit for CVE-2025-55182

CVE-2025-55182 This repository contains a PoC reproduction of...

Flexsense DiskBoss 缓冲区错误漏洞

Flexsense DiskBoss is a disk management tool from Flexsense USA. A buffer error vulnerability exists in Flexsense DiskBoss version 7.7.14, which stems from a local buffer overflow in the Input Directory component, which could allow an unauthenticated attacker to execute arbitrary code...

CVE-2025-66572

Loaded Commerce 6.6 contains a client-side template injection vulnerability via the search parameter that allows unauthenticated attackers to execute arbitrary code in the victim's browser context when they visit a crafted URL...

CVE-2025-66576 Remote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE)

Remote Keyboard Desktop 1.0.1 enables remote attackers to execute system commands via the rundll32.exe exported function export, allowing unauthenticated code execution...

CVE-2025-66572

Loaded Commerce 6.6 contains a client-side template injection vulnerability via the search parameter that allows unauthenticated attackers to execute arbitrary code in the victim's browser context when they visit a crafted URL...

CVE-2025-66572 Loaded Commerce 6.6 Client-Side Template Injection (CSTI)

Loaded Commerce 6.6 contains a client-side template injection vulnerability via the search parameter that allows unauthenticated attackers to execute arbitrary code in the victim's browser context when they visit a crafted URL...

Remotecontrolio Remote Keyboard Desktop 操作系统命令注入漏洞

Remotecontrolio Remote Keyboard Desktop is a remote control application from Remotecontrolio. An operating system command injection vulnerability exists in Remotecontrolio Remote Keyboard Desktop version 1.0.1, which stems from a flaw in the rundll32.exe export function that could lead to...

PT-2025-49152

Name of the Vulnerable Software and Affected Versions Remote Keyboard Desktop version 1.0.1 Description The software allows remote attackers to execute system commands. This is possible through the rundll32.exe exported function export, leading to unauthenticated code execution. Recommendations A...

PT-2025-49140

Name of the Vulnerable Software and Affected Versions Loaded Commerce version 6.6 Description Loaded Commerce version 6.6 has a client-side template injection issue. This allows unauthenticated attackers to execute code on the server through the search parameter. The issue allows for code...

CVE-2024-32641 Masa CMS Vulnerable to Pre-Auth RCE via JSON API

Masa CMS is an open source Enterprise Content Management platform. Masa CMS versions prior to 7.2.8, 7.3.13, and 7.4.6 are vulnerable to remote code execution. The vulnerability exists in the addParam function, which accepts user input via the criteria parameter. This input is subsequently...

Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

F5 BIG-IP CVE-2023-46747 - Unauthenticated RCE + Auto Reverse...