Exploit for CVE-2026-42945

CVE-2026-42945 Nginx Rift Vulnerability Toolkit !CVSS Score:...

Exploit for Out-of-bounds Write in Gnu Glibc

CTT-Vsyslog-Vortex-CVE-2023-6246 CVE-2023-6246 glibc vsyslog...

CVE-2025-15608 Buffer Overflow in Network Probe Handling Function of TP-Link Archer AX53

This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote code execution throug...

CVE-2025-15608

This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote code execution throug...

📄 Samsung Quram DNG TrimBounds Out-Of-Bounds Read

A vulnerability exists in the image decoding logic of Quram DNG parser within libimagecodec.quram.so. The flawed bounds validation in handling TrimBounds opcode triggers out-of-bounds reads on heap-allocated image buffers. This issue allows remote attackers to craft a malicious DNG payload, embed...

Exploit for Off-by-one Error in Sudo_Project Sudo

ExploitForge - AI-Powered Automatic Exploit Generation !Pyt...

Exploit for Double Free in Microsoft

CVE-2025-62215 Exploit PoC Original code credit: https://gith...

EUVD-2015-6523

Malware in sbrugna...

📄 Ivanti Connect Secure 22.7R2.5 Remote Code Execution

This Metasploit module exploits a stack-based buffer overflow vulnerability in Ivanti Connect Secure to achieve remote code execution CVE-2025-22457. Versions 22.7R2.5 and earlier are vulnerable. Note that Ivanti Pulse Connect Secure, Ivanti Policy Secure and ZTA gateways are also vulnerable but...

Ivanti Connect Secure Unauthenticated Remote Code Execution via Stack-based Buffer Overflow

This module exploits a Stack-based Buffer Overflow vulnerability in Ivanti Connect Secure to achieve remote code execution CVE-2025-22457. Versions 22.7R2.5 and earlier are vulnerable. Note that Ivanti Pulse Connect Secure, Ivanti Policy Secure and ZTA gateways are also vulnerable but this module...

Exploit for Out-of-bounds Write in Fortinet Fortiproxy

CVE-2023-27997 FortiGate VM64 7.2.0 is exploitable by this co...

SUSE CVE-2017-5400

JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...

kernel_exploit_series

This is a collection of files related to a vulnerable driver, specifically targeting the Linux kernel. The files are part of a repository called "povcfe/kernelexploitseries". The files include: 1. 1-heapsprayUAF/easyuaf.c: This file appears to be a simple example of a heap spray vulnerability,...

Exploit for Use After Free in Google Chrome

PoC exploit for CVE-2019-5786, a FileReader Use-After-Free UAF vulnerability in Chrome 72.0.3626.119 stable for Windows 7 x86. The exploit uses site-isolation to brute-force the vulnerability. The target is the FileReader object, which is used to read files from the local file system. The exploit...

Exploit for CVE-2016-0728

This repository is an offensive tool for Linux kernel exploitation, specifically targeting the CVE-2016-0728 vulnerability. The vulnerability is a REFCOUNT overflow/Use-After-Free in keyrings, which allows for local root exploitation. The repository contains two exploit modules, expboost.c and...

kernel_exploit_series

This repository is an exploit series for learning how to exploit kernel vulnerabilities, specifically targeting the Linux kernel. The repository contains various exploit modules and tools, including: 1. 1-heapsprayUAF: This directory contains exploit code for a use-after-free UAF vulnerability in...

Exploit for CVE-2016-0728

This repository is an offensive tool for Linux kernel exploitation. It contains exploits for various real-world kernel vulnerabilities, including CVE-2016-0728. The primary vulnerability being targeted is a REFCOUNT overflow/Use-After-Free in keyrings. The repository includes two exploit modules:...

Remote iPhone Exploitation Part 3: From Memory Corruption to JavaScript and Back -- Gaining Code Execution

Posted by Samuel Groß, Project Zero This is the third and last post in a series about a remote, interactionless iPhone exploit over iMessage. The first blog post introduced the exploited vulnerability, and the second blog post described a way to perform a heapspray, leaking the shared cache base...

Exploit for Use After Free in Microsoft

Run msfconsole meterpreter/multi/handler to listen on 192.1...

Exploit for CVE-2019-2525

VirtualBox 6.0.0 Exploit 1-day 사용할 VBox bug - CVE-2019-2525...