Lucene search
K

274591 matches found

GithubExploit
GithubExploit
•added 2025/12/18 5:26 a.m.•149 views

Stack-Buffer-Overflow-x86

Stack-Based Buffer Overflow: From Bug to Code Execution I...

8.2AI score
Exploits0
GithubExploit
GithubExploit
•added 2025/12/18 2:57 a.m.•169 views

Exploit for CVE-2025-61260

OpenAI Codex CLI Vuln...

7AI score0.07061EPSS
Exploits1
GithubExploit
GithubExploit
•added 2025/12/18 2:49 a.m.•146 views

Exploit for Deserialization of Untrusted Data in Facebook React

react2shell-scanner-bypasswaf A command-line tool for detecti...

10CVSS7.4AI score0.99562EPSS
Exploits386
Packet Storm
Packet Storm
•added 2025/12/18 12:0 a.m.•153 views

šŸ“„ JSONPath Plus Remote Code Execution

This Metasploit module exploits a remote code execution vulnerability in JSONPath Plus library versions prior to 10.3.0 The vulnerability allows arbitrary JavaScript code execution through malicious JSONPath expressions...

9.8CVSS9AI score0.10701EPSS
Exploits5
Packet Storm
Packet Storm
•added 2025/12/18 12:0 a.m.•163 views

šŸ“„ js2py 0.74 Automated Sandbox Escape / Code Execution

js2py version 0.74 automated sandbox escape and remote code execution exploit with a reverse shell. ============================================================================================================================================= | Title : js2py v0.74 Automated Sandbox Escape & Revers...

5.3CVSS8.3AI score0.04548EPSS
Exploits22
Packet Storm
Packet Storm
•added 2025/12/18 12:0 a.m.•383 views

šŸ“„ Xiongmai XM530 IP Camera Hardcoded RTSP Credential Exposure

The GetStreamUri ONVIF endpoint in Xiongmai XM530-series IP cameras exposes RTSP URIs containing hardcoded credentials, enabling direct unauthorized access to live video streams. CVE-2025-65857 Xiongmai XM530 IP Camera Hardcoded RTSP Credentials Exposure --- Summary The GetStreamUri ONVIF endpoin...

10CVSS8.5AI score0.40386EPSS
Exploits15
Packet Storm
Packet Storm
•added 2025/12/18 12:0 a.m.•472 views

šŸ“„ C‑Bitrix 25.100.500 Translate Module Arbitrary File Upload

C‑Bitrix version 25.100.500 proof of concept exploit that demonstrates an arbitrary file upload vulnerability in the translate module. ============================================================================================================================================= | Title : C‑Bitrix...

7.2AI score0.01549EPSS
Exploits4
Packet Storm
Packet Storm
•added 2025/12/18 12:0 a.m.•157 views

šŸ“„ AVAST Antivirus 25.11 Unquoted Service Path

AVAST Antivirus version 25.11 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated SYSTEM privileges. Attackers can exploit the unquoted service path configuration to inject malicious executables that will be run with...

7.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2025/12/18 12:0 a.m.•156 views

šŸ“„ Mantis Bug Tracker 2.3.0 Remote Code Execution

Mantis Bug Tracker version 2.3.0 unauthenticated remote code execution exploit that chains together two vulnerabilities. The exploit resets the administrator password and then takes advantage of a command injection vulnerability. Exploit Title: Mantis Bug Tracker 2.3.0 - Remote Code Execution...

8.8CVSS8.8AI score0.90856EPSS
Exploits12
Packet Storm
Packet Storm
•added 2025/12/18 12:0 a.m.•162 views

šŸ“„ Keras 2.15 Insecure Deserialization

Keras version 2.15 insecure deserialization proof of concept exploit. A security issue in certain versions of Keras allows attackers to craft a malicious model file typically a .keras or HDF5-based model containing unsafe serialization primitives. When such a model is loaded, the deserialization...

4.8CVSS4.7AI score0.00901EPSS
Exploits5
Packet Storm
Packet Storm
•added 2025/12/18 12:0 a.m.•145 views

šŸ“„ Juniper ScreenOS 6.2.0r15 Backdoor Scanner

Juniper ScreenOS version 6.2.0r15 SSH backdoor scanner written in PHP. ============================================================================================================================================= | Title : Juniper ScreenOS 6.2.0r15 PHP Backdoor Scanner | | Author : indoushka | |...

10CVSS8.2AI score0.614EPSS
Exploits7
Packet Storm
Packet Storm
•added 2025/12/18 12:0 a.m.•141 views

šŸ“„ Kalmia CMS 0.2.0 User Enumeration

Proof of concept exploit that demonstrates a user enumeration vulnerability via the JWT authentication API on Kalmia CMS version 0.2.0. ============================================================================================================================================= | Title : Kalmia CM...

6.5CVSS6.9AI score0.00308EPSS
Exploits5
Packet Storm
Packet Storm
•added 2025/12/18 12:0 a.m.•169 views

šŸ“„ Jenkins 2.441 Arbitrary File Read

Jenkins version 2.441 proof of concept arbitrary file read exploit. ============================================================================================================================================= | Title : Jenkins 2.441 read files Vulnerability | | Author : indoushka | | Tested on :...

9.8CVSS7.1AI score0.99999EPSS
Exploits46
Packet Storm
Packet Storm
•added 2025/12/18 12:0 a.m.•165 views

šŸ“„ Kubio AI Page Builder 2.5.1 PHP LFI Extractor Scanner

A local file inclusion vulnerability exists in the function kubiohybridthemeloadtemplate of the Kubio AI Page Builder plugin for WordPress versions less than or equal to 2.5.1. An unauthenticated attacker may include arbitrary files via path traversal. This may lead to sensitive file disclosure a...

9.8CVSS7.1AI score0.76761EPSS
Exploits39
Packet Storm
Packet Storm
•added 2025/12/18 12:0 a.m.•174 views

šŸ“„ Headlamp 0.38.0 Credential Reuse

A security issue was discovered in the in-cluster version of Headlamp where unauthenticated users may be able to reuse cached credentials to access Helm functionality through the Headlamp UI. Kubernetes clusters are only affected if Headlamp is installed, is configured with config.enableHelm: tru...

6.9AI score
Exploits2
Packet Storm
Packet Storm
•added 2025/12/18 12:0 a.m.•697 views

šŸ“„ Xiongmai XM530 IP Camera ONVIF Complete Authentication Bypass

There is a complete authentication bypass in the ONVIF implementation of Xiongmai XM530-series IP cameras that allows unauthenticated remote access to sensitive device information, configuration, and video streams. CVE-2025-65856 Xiongmai XM530 IP Camera ONVIF Complete Authentication Bypass ---...

10CVSS9.5AI score0.40386EPSS
Exploits13
Packet Storm
Packet Storm
•added 2025/12/18 12:0 a.m.•153 views

šŸ“„ Langflow 1.3.0 Remote Code Execution

A critical remote code execution vulnerability exists in Langflow that allows unauthenticated attackers to execute arbitrary system commands via the code validation API endpoint. The vulnerability enables complete compromise of Langflow instances through improper input sanitization in the Python...

9.8CVSS10AI score0.99968EPSS
Exploits33
Packet Storm
Packet Storm
•added 2025/12/18 12:0 a.m.•164 views

šŸ“„ Laravel Pulse 1.3.1 Arbitrary Code Injection

Proof of concept exploit written in PHP for Laravel Pulse version 1.3.1. This version of Laravel Pulse suffers from an arbitrary code injection vulnerability...

8.8CVSS7.7AI score0.28571EPSS
Exploits3
GithubExploit
GithubExploit
•added 2025/12/17 11:11 p.m.•152 views

Windows10-Exploitation-Validation

Windows 10 Exploitation & Security Validation šŸŽÆ Project Ob...

7.5AI score
Exploits0
GithubExploit
GithubExploit
•added 2025/12/17 10:50 p.m.•417 views

Exploit for Server-Side Request Forgery in Svelte Sveltekit

BlueDragon Web Security An advanced web vulnerability scann...

9.8CVSS6.5AI score0.99621EPSS
Exploits62
Rows per page
Query Builder