Exploit for CVE-2025-12197

Security Research This repository contains my security resea...

From One Vulnerability to Another: Outlook Patch Analysis Reveals Important Flaw in Windows API

...

Exploit for Improper Ownership Management in Debian Debian_Linux

README gcc -Wall exp.c pkg-config fuse --cflags --libs...

Exploit for CVE-2022-30136

CVE-2022-30136 Windows Network File System Remote exploit PoC...

CVE-2022-21907

HTTP Protocol Stack Remote Code Execution Vulnerability...

Exploit for SQL Injection in Zohocorp Manageengine_Network_Configuration_Manager

CVE-2021-41081 N-DAY VULNERABILITY RESEARCH F...

K03009991: iControl REST unauthenticated remote command execution vulnerability CVE-2021-22986

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3 amd BIG-IQ 7.1.0.x before 7.1.0.3 and 7.0.0.x before 7.0.0.2, the iControl REST interface has an unauthenticated remote command execution vulnerability. Note...

CVE-2020-3956: VMware Cloud Director Code Injection Vulnerability

VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and 9.1.0.x before 9.1.0.4 do not properly handle input leading to a code injection vulnerability. An authenticated actor may be able to send malicious traffic to VMware Cloud Director which may lead to...

Microsoft Office - OLE Remote Code Execution Exploit

Exploit for windows platform in category remote exploits Source: https://github.com/embedi/CVE-2017-11882 CVE-2017-11882: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ MITRE CVE-2017-11882: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11882 Research:...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2017-11882 CVE-2017-11882: https://portal.msrc.microsoft...

Microsoft Office - OLE Remote Code Execution

Source: https://github.com/embedi/CVE-2017-11882 CVE-2017-11882: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ MITRE CVE-2017-11882: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11882 Research:...

CVE-2017-0283: Windows Uniscribe remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

The last“patch Tuesday”to fix the one named“USP10! MergeLigRecords in Windows Uniscrible font processing heap broken ring”RCE vulnerability. Many days after the Google Project Zero team of Mateusz Jurczyk released a PoC of the report. In the Windows of the library at the same time the presence of...

Windows Remote Desktop vulnerability Esteemaudit（CVE-2017-9073 patch brief analysis-vulnerability warning-the black bar safety net

In the last month, we have for the equation of the tissue is the leakage of ESTEEMAUDIT vulnerability, wrote a brief analysis, and until we found this exploit only applies to join the Windows domain the computer front, we are trying to reproduce this issue, but relatively speaking, writing the...

CVE-2017-0199: in-depth analysis of the Microsoft Office RTF vulnerability-vulnerability warning-the black bar safety net

0x00 Preface Recently, researchers also found a number of CVE-2017-0199 vulnerability of the sample. Although the Microsoft in this year 4 month has been released for the vulnerability the patch, but since its use is relatively simple, worldwide usage is still very high, here to share some of the...

CVE-2017-0199: in-depth analysis of the Microsoft Office RTF vulnerability-vulnerability warning-the black bar safety net

Recently, researchers also found a number of CVE-2017-0199 vulnerability of the sample. Although the Microsoft in this year 4 month has been released for the vulnerability the patch, but since its use is relatively simple, worldwide usage is still very high, here to share some of the phishing...

From the patch compare to the PoC to reproduce it MS16-0 3 0-vulnerability warning-the black bar safety net

MS16-0 3 0 vulnerability MS16-0 3 0 vulnerabilities Windows OLE remote code execution vulnerability, since OLE does not have the correct validation of user input, causing by the special structure of the file or the program can trigger the vulnerability, causing the user to click on after the remo...

BinDiff Now Free, To Delight of Security Researchers

BinDiff is a constant presence inside a security researcher’s toolbox, ideal for patch and malware analysis or reverse engineering of code. The Google-owned software allows researchers to conduct side-by-side comparisons of binary files in disassembled code looking for differences in the samples...

WordPress 4.2. 2 fix 4. 2. 1 in the truncated Xss patch analysis-vulnerability warning-the black bar safety net

Vulnerability analysis In the patch description, wherein a bar is fixed at 4. 2. 1 version of the patch bypass afterxssissues, take the opportunity the following analysis in response toxssgenerated during the use of different truncation methods multiple times to repair after currently specific...

[CVE-2 0 1 4-8 9 5 9] phpmyadmin arbitrary file include vulnerability analysis with presentation-vulnerability warning-the black bar safety net

0x01 vulnerability description phpmyadmin is a widely used mysql database management software, based on PHP development. Latest CVE-2 0 1 4-8 9 5 9 announcement, mentioned the program several versions exist of any of the files containing the vulnerability, affected versions are as follows:...

Struts2 latest remote code execution vulnerability S2-0 1 6 official patch analysis-vulnerability warning-the black bar safety net

Contrast a bit stucts svn, in fact, only modified one file ! For the action of the prefix, an increase cleanactionname function, filtering the ognl implementation, For the redirect and redirectaction prefix, the direct removal. !...