18 matches found
NICE: A Framework for Declarative and Machine-Checkable Vulnerability Reproduction
Reproducing software vulnerabilities is fundamental to security researchers, open-source maintainers, and educators. Yet, vulnerabilities remain hard to reproduce today, and even when they can be reproduced, recreating a software environment where the vulnerability can be exploited becomes harder...
pocxgen-agent
PoCXGen Agent An LLM-orchestrated multi-agent pipeline for au...
PoC-Adapt: Semantic-Aware Automated Vulnerability Reproduction with LLM Multi-Agents and Reinforcement Learning-Driven Adaptive Policy
While recent approaches leverage large language models LLMs and multi-agent pipelines to automatically generate proof-of-concept PoC exploits from vulnerability reports, existing systems often suffer from two fundamental limitations: unreliable validation based on surface-level execution signals...
Exploit for OS Command Injection in Cacti
CVE-2022-46169 Reproduction Template Project Structure -...
CVE-Factory: Scaling Expert-Level Agentic Tasks for Code Security Vulnerability
CVE-Factory is a Multi-Agent system for fully automated, end-to-end CVE reproduction. Given CVE records, the system automatically researches details, generates test cases, builds Docker environments, and validates that each vulnerability can be both exploited and patched. The pipeline transforms...
LLM Agents for Automated Web Vulnerability Reproduction: Are We There Yet?
Large language model LLM agents have demonstrated remarkable capabilities in software engineering and cybersecurity tasks, including code generation, vulnerability discovery, and automated testing. One critical but underexplored application is automated web vulnerability reproduction, which...
Exploit for Out-of-bounds Write in Cypress Cyw20735_Firmware
This repository is an offensive tool for firmware emulation and fuzzing. It provides a virtual environment to fuzz wireless firmwares, allowing for the extraction of their current state and re-execution in a virtual environment for fuzzing. The tool is currently optimized for the CYW20735 Bluetoo...
Exploit for CVE-2023-7231
CVE-2023-7231 – Critical SSRF → Memcached/Docker RCE Chain via...
Exploit for CVE-2025-31486
CVE-2025-31486-PoC.py url !imagehttps://github.co...
Exploit for Infinite Loop in Nlnetlabs Unbound
This is a PoC exploit for CVE-2024-1931. The target product/serv...
Internet Bug Bounty: jdbc apache airflow provider code execution vulnerability
A code execution vulnerability was discovered in the Apache Airflow JDBC Provider before version 4.0.0. The vulnerability allowed for privilege escalation by exploiting controllable parameters in the JDBC connection, enabling the execution of arbitrary Java code...
poc-hub
0x01-免责声明 该项目仅供授权下使用,禁止使用该项目进行违法操作,否则自行承担后果,请各位遵守《中华人民共和国网络安全法》!!! 0x02-项目介绍 专注于漏洞复现,不含漏洞分析 2021/12/13 有感于漏洞之多,复现不过来,故选择投身xray和goby两大阵营,与其自己一个一个复现漏洞,不如提交几个漏洞获取xray高级版和goby红队版,直接享用里面的poc库...
Allok Quicktime to AVI MPEG DVD Converter 4.6.1217 - Stack-Based Buffer Overflow
SWAMI KARUPASAMI THUNAI Exploit Title: Allok Video Converter - Buffer Overflow Vulnerability Windows XP SP3 Date: 06-03-2018 Exploit Author: Mohan Ravichandran & Velayutham Selvaraj Organization : TwinTech Solutions Vulnerable Software: Allok Video Converter Vendor Homepage:...
DEDECMS member center code submit defects can getshell
Preface : dedecms this year to update a lot of patches,the present article selected 20170315 patch for learning and research. Body: From the official website to download DEDECMS 20170315 patch using DIFF comparison tools for comparison: See the Red part, the servermsg1 variables appearing in dede...
CVE-2017-7269-IIS6 remote code execution vulnerability-reproduce-bug warning-the black bar safety net
Vulnerability description: Windows Server 2003R2 version IIS6. 0 the WebDAV service in the ScStoragePathFromUrl a function of the presence buffer overflow vulnerability, the remote attacker through to the“If: http://”at the beginning of a long header PROPFIND request, execute arbitrary code. The...
VxWorks R5_0_31 Data Disclosure
Known Affected Versions: R5031 Created March 1st, 2007 Date Discovered: November 13, 2012 Obviously not anything new to get sensitive data out via the VxWorks remote debugger, but this seemed to warrant specific attention since it did allow for the disclosure of call logs and full access to all...
MIMEsweeper For SMTP 5.5 Cross Site Scripting
Application: MIMEsweeper for SMTP 5.5 5.2, 5.3, 5.4 and probably earlier versions Personal Message Manager PMM Vendor: Clearswift Ltd Vendor URL: http://www.clearswift.com/ Category: Reflective XSS Google dork: inurl:/MSWPMM/ Discovered by: Anastasios Monachos secuid0 - anastasiosmatgmaildotcom...
Re: QuickTime/Darwin Streaming Server security issues
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings. I'm having trouble reproducing this vulnerability as well. See below: jdog@wonderland jdog$ cat /etc/redhat-release jdog's Super Tricked-out Red Hat Linux release 8.0 Psyche jdog@wonderland jdog$ echo -ne "OPTIONS RTSP/1.0nCseq: 1nn" | nc...