274423 matches found
Exploit for CVE-2025-9074
No d...
Exploit for CVE-2026-25916
CVE-2026-25916: Roundcube Webmail DOM XSS Exploit 📋 Exploi...
Exploit-Kernel-Win-11-C2---WIN-11
Exploit-Kernel-Win-11-C2---WIN-11 Compilación e...
Exploit for CVE-2026-25747
LevelDB Deserialization Vulnerability Reproducer This project...
Exploit for CVE-2026-2256
CVE-2026–2256 PoC Executive Summary A critical command in...
Exploit for Incorrect Authorization in Suse Pam-Config
CVE-2025-6018 + CVE-2025-6019 Exploit Linux Local Privilege...
Ai-Hacker-getshell
🔥 SKILLHack Online Automated GetShell automated penetration t...
Exploit for Incorrect Authorization in Suse Pam-Config
CVE-2025-6018-and-CVE-2025-6019-Privilege-Escalation This is j...
fnos-poc
No d...
📄 Samsung Quram DNG Advanced Remote Code Execution
This proof of concept uses an advanced exploitation technique that allows a remote attacker to execute arbitrary code on a target device by carefully controlling and manipulating memory in the target application or library. This technique is particularly used against memory-sensitive libraries li...
📄 Online Admission Software 2.6 SQL Injection
Online Admission Software version 2.6 suffers from a remote SQL injection vulnerability. ============================================================================================================================================= | Title : Online Admission Software 2.6 SQL injection Vulnerabilit...
📄 Microsoft Windows 11 Pro 23H2 Kernel IOCTL Access Control
This Metasploit module exploits an insufficient access control vulnerability in the Windows Kernel through exposed IOCTL handlers. The vulnerability allows non-privileged users to access kernel-level functionality leading to privilege escalation...
📄 Samsung QuramDng Warp Out-Of-Bounds Read
This python proof of concept demonstrates an out-of-bounds read vulnerability in Samsung's QuramDng image processing library, triggered via a specially crafted DNG Digital Negative file. The script programmatically builds a minimal but valid DNG file containing a malformed WarpRectilinear opcode,...
📄 Samsung QuramDng Embedded DNG Out-Of-Bounds Read / Write
This proof of concept demonstrates an out-of-bounds read / write vulnerability in Samsung's QuramDng image parser, affecting Galaxy S22–S25 devices running One UI 6+. By crafting a malformed DNG that abuses the OpcodeList1 specifically the FixBadPixelsList opcode and embedding it inside a JPEG...
📄 Samsung QuramDNG Type Confusion Detector Vulnerability Scanner
This C++ scanner analyzes DNG Digital Negative files for the CVE-2025-58478 type confusion vulnerability in the libimagecodec.quram.so library used on Samsung devices...
📄 Roundcube Webmail SVG Tracking
Roundcube's HTML sanitizer doesn't treat SVG feImage href as an image source. Attackers can bypass remote image blocking to track email opens. Roundcube Webmail , , and , but not on . Its href went through the wrong code path and got allowed through. Attackers could track email opens even when...
📄 Next.js 15 Remote Code Execution
A PHP-based proof of concept implementation demonstrating the critical remote code execution vulnerability in React Server Components RSC Flight protocol, affecting React and Next.js applications...
📄 Samsung Quram DNG Remote Code Execution
A vulnerability exists in Samsung's image decoding library libimagecodec.quram.so responsible for parsing Digital Negatives DNG. A malformed DNG containing oversized IFD entries can cause heap corruption. With precise heap grooming, this condition may lead to remote code execution when the...
📄 Samsung Quram DNG Heap Corruption
Samsung devices utilize Quram's DNG decoder. A malformed ScalePerColumn opcode with oversized areaSpec and extreme pitches leads to arithmetic overflow in the per-column scaling loop. After allocation miscalculation, subsequent writes corrupt heap structures. Carefully crafted payloads enable...
📄 Next.js 15.2.3 Middleware Authorization Bypass
This Python script checks whether a website built with Next.js is vulnerable to CVE‑2025‑29927, a middleware authorization bypass flaw triggered by the request header:x-middleware-subrequest...