Exploit for Classic Buffer Overflow in Tp-Link Tl-Wr940N_Firmware

CVE-2024-54887 TypeScript PoC This repository contains a Type...

pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion

An unbounded recursion flaw has been discovered in the pypi pyasn1 library. This uncontrolled recursion occurs when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE 0x30 or SET 0x31 tags with Indefinite Length 0x80 markers. Thi...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

Play Go Copy Fail CVE-2026-31431 Purpose - Learn linux sy...

EUVD-2018-21692

PDF Explorer 1.5.66.2 contains a structured exception handler SEH overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH records with malicious data. Attackers can craft a payload with buffer overflow, NSEH jump, and ROP gadget chains that execute when the...

CVE-2025-68934 Discourse Has Denial of Service (DoS) Vulnerability in Drafts Creation Endpoint

Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, authenticated users can submit crafted payloads to /drafts.json that cause On^2 processing in Base62.decode, tying up workers for 35-60 seconds per request. This affects all users as t...

CVE-2025-61261

A reflected cross-site scripting XSS vulnerability in CKeditor v46.1.0 & Angular v18.0.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload...

K000152876: libuv vulnerability CVE-2024-24806

Security Advisory Description libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be...

CVE-2022-28747

Key reuse in GoSecure Titan Inbox Detection & Response IDR through 2022-04-05 leads to remote code execution. To exploit this vulnerability, an attacker must craft and sign a serialized payload...

📄 WBCE CMS 1.6.3 Remote Code Execution

WBCE CMS version 1.6.3 suffers from an authenticated remote code execution vulnerability. Exploit Title: WBCE CMS " exit 1 fi if -z "$which nc" ; then echo "! Netcat is not installed." exit 1 fi ip=$1 port=$2 rm -rf shellModule.zip rm -rf shellModule mkdir shellModule echo Crafting Payload cat...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Exploiting-CVE-2021-44228-Log4Shell-in-a-Banking-Environment O...

CVE-2024-24806

A server-side request forgery SSRF flaw was found in the libuv package due to how the hostnameascii variable is handled in uvgetaddrinfo and uvidnatoascii. When the hostname exceeds 256 characters, it gets truncated without a terminating null byte. As a result, attackers may be able to access...

1Panel 命令注入漏洞

1Panel is an open source Linux server operation and management panel for the Chinese 1Panel community. A command injection vulnerability exists in versions prior to 1.3.6 of 1Panel, which originates from allowing an attacker to build a malicious payload to achieve command injection when entering ...

CVE-2020-20781

A stored cross-site scripting XSS vulnerability in /ucms/index.php?do=listedit of UCMS 1.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title, key words, description or content text fields...

Exploit for Cross-site Scripting in Progress Moveit_Transfer

Progress MOVEit Transfer tag with the source of the file set...

CVE-2020-10190

An issue was discovered in MunkiReport before 5.3.0. An authenticated user could achieve SQL Injection in app/models/tablequery.php by crafting a special payload on the /datatables/data endpoint...

CVE-2019-5434

An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize call on the "what" parameter in the "openads.spc" RPC method. Such vulnerability could be used to perform various types of attacks, e.g. exploit serialize-related PHP vulnerabilities...

SEIG Modbus 3.4 - Remote Code Execution

SEIG Modbus 3.4 - Remote Code Execution Title: SEIG Modbus 3.4 - Remote Code Execution Author: Alejandro Parodi Date: 2018-08-17 Vendor Homepage: https://www.schneider-electric.com Software Link:...

TheFatRat v1.8 - Easy Tool For Generate Backdoor with Msfvenom

What is TheFatRat ?? An easy tool to generate backdoor with msfvenom a part from metasploit framework and easy tool to post exploitation attack like browser attack,dll . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The...

IPSwitch IMail Server 2006 9.10 SUBSCRIBE Remote Overflow Exploit

No description provided by source. !/use/bin/perl Test on Imail 20069.10, imap4d32.exe6.8.8.1, windows 2003 Chinese SP1 Code by yunshu, our team: www.ph4nt0m.org Mail list: http://list.ph4nt0m.org F:perl imailSUBSCRIBE.pl 192.168.1.2 testuser testpass OK IMAP4 Server IMail 9.10 0 OK LOGIN complet...

Kerberos 1.5.1 - Kadmind Buffer Overflow

Kerberos Version 1.5.1 Kadmind Remote Root Buffer Overflow Vulnerability The Issue: Remotely exploitable buffer overflow vulnerability in Kerberos kadmind service The Versions: krb5-1.5.1 Latest version from http://eb.mit.edu/Kerberos/ krb5-server-1.4.3-5.1 Latest version from Fedora yum update T...