Lucene search
K

274574 matches found

Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.157 views

📄 HEUR.Backdoor.Win32.Poison.gen MVID-2025-0701 DLL Hijacking

HEUR.Backdoor.Win32.Poison.gen malware looks for and executes a x32-bit "WININET.dll" PE file in its current directory. Therefore, we can hijack the DLL and execute our own c ode to intercept and terminate the malware. It is suggested that RansomLordNG be leveraged for this purpose. Discovery /...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.159 views

📄 Adobe DNG SDK Missing Validation Out-Of-Bounds Read

An out of bounds read vulnerability exists in Adobe DNG SDK versions prior to 1.7.1.2410 due to improper handling of raw images containing exactly two color planes fSrcPlanes = 2. The flaw occurs during image rendering when the SDK assumes a four-plane layout and reads memory beyond the allocated...

7.1CVSS6.5AI score0.00147EPSS
Exploits5
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.167 views

📄 Adobe DNG SDK RefBaselineABCDtoRGB Out-Of-Bounds Read

This report details the creation of a specification-compliant, engineering-grade proof of concept file that reliably triggers the out-of-bounds read vulnerability documented as CVE-2025-64893 in Adobe DNG SDK versions 1.7.1 and below...

7.1CVSS6.5AI score0.00147EPSS
Exploits5
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.185 views

📄 Adobe DNG SDK Image Processing Logic

Proof of concept exploit that demonstrates a heap out-of-bounds read / write leading to memory corruption and potential code execution in the Image Processing Logic of Adobe DNG SDK versions prior to 1.7.1.2410...

7.1CVSS7.4AI score0.00165EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.159 views

📄 Adobe DNG SDK Missing Validation Heap Buffer Overflow

A heap buffer overflow vulnerability exists in Adobe's DNG SDK versions 1.7.1 and below due to improper handling of raw images with two color planes fSrcPlanes = 2...

7.1CVSS7.1AI score0.00147EPSS
Exploits5
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.193 views

📄 Headlamp 0.38.0 Unauthenticated Cached Credentials Access

Proof of concept exploit for a flaw in Headlamp Kubernetes dashboard versions 0.38.0 and below that allows unauthenticated users to access sensitive Helm release data, including secrets, tokens, and passwords, due to improper server-side caching...

6.9AI score
Exploits2
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.156 views

📄 Adobe DNG SDK 1.5 DNG File Integer Overflow

A critical integer overflow vulnerability exists in Adobe DNG SDK version 1.5 during the parsing of crafted DNG files. The flaw occurs in the handling of OpcodeList processing, specifically within the ScalePerColumn opcode, where insufficient validation of signed and unsigned integer values leads...

7.8CVSS6.9AI score0.00172EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.169 views

📄 Adobe DNG SDK RefBaselineABCDtoRGB Out-Of-Bounds Read / Information Disclosure

This work presents a technical, research‑grade proof of concept demonstrating CVE‑2025‑64893, an out of bounds read vulnerability in Adobe DNG SDK versions prior to 1.7.1.2410. The vulnerability is caused by a logic flaw in the rendering pipeline where a crafted but specification‑compliant DNG fi...

7.1CVSS6.4AI score0.00147EPSS
Exploits5
GithubExploit
GithubExploit
added 2025/12/21 6:31 p.m.135 views

Exploit for CVE-2025-65790

CVE-2025-65790 - FuguHub 8.1 Reflected SVG XSS Reflecte...

6.1CVSS5.7AI score0.00218EPSS
Exploits3
GithubExploit
GithubExploit
added 2025/12/21 9:24 a.m.124 views

cve

My C...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2025/12/20 9:22 p.m.136 views

Exploit for CVE-2025-67435

CVE-2025-67436 Authenticated Remote Code Execution RCE in...

6.5CVSS8AI score0.00505EPSS
Exploits3
Metasploit
Metasploit
added 2025/12/20 6:55 p.m.444 views

Assistive Technologies Persistence

This module achieves persistence by registering a custom Assistive Technology AT in the Windows registry. Then it configures the system to launch the AT executable during user logon or desktop switch such as with an admin prived program. Requires Windows 8 or higher and administrative privileges...

5.8AI score
Exploits0
Metasploit
Metasploit
added 2025/12/20 6:55 p.m.445 views

HPE OneView unauthenticated RCE

This module exploits an unauthenticated RCE vulnerability, CVE-2025-37164, against Hewlett Packard Enterprise HPE OneView. All versions below 11.00 are vulnerable so long as the vendor supplied hotfix has not been applied, however some VM product versions do not enable the vulnerable "ID Pools"...

10CVSS6AI score0.89733EPSS
Exploits8
GithubExploit
GithubExploit
added 2025/12/20 5:41 p.m.136 views

Exploit for CVE-2025-14558

CVE-2025-14558 FreeBSD rtsold DNSSL Command Injection RCE...

8.4AI score0.06272EPSS
Exploits7
GithubExploit
GithubExploit
added 2025/12/20 8:33 a.m.227 views

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell PoC CVE-2025-55182 A Proof-of-Concept PoC scr...

10CVSS8.9AI score0.99562EPSS
Exploits372
GithubExploit
GithubExploit
added 2025/12/20 7:20 a.m.172 views

dvwa-sqli-lab

DVWA-Style SQL Injection Lab Custom vulnerable web applica...

8.1AI score
Exploits0
GithubExploit
GithubExploit
added 2025/12/20 12:14 a.m.174 views

Exploit for Deserialization of Untrusted Data in Facebook React

Node.js RCE Mitigation: DevOps as the Last Line of Defense Th...

10CVSS8.5AI score0.99562EPSS
Exploits372
GithubExploit
GithubExploit
added 2025/12/19 10:0 p.m.233 views

Exploit for CVE-2025-37164

CVE-2025-37164 - HPE OneView Unauthenticated RCE PoC Proof-of...

10CVSS8.7AI score0.89733EPSS
Exploits8
Metasploit
Metasploit
added 2025/12/19 6:55 p.m.494 views

WordPress ACF Extended Unauthenticated RCE via prepare_form()

This module exploits an unauthenticated Remote Code Execution vulnerability in the Advanced Custom Fields: Extended ACF Extended WordPress plugin versions 0.9.0.5 through 0.9.1.1. The vulnerability exists in the prepareform function of the acfemoduleformfrontrender class, which accepts...

9.8CVSS9AI score0.73557EPSS
Exploits10
GithubExploit
GithubExploit
added 2025/12/19 6:21 p.m.172 views

Exploit for Uncontrolled Search Path Element in Needrestart_Project Needrestart

needrestart Privilege Escalation CVE-2024-48990 This reposi...

7.8CVSS7.9AI score0.19924EPSS
Exploits15
Rows per page
Query Builder