PoC exploits for multiple software vulnerabilities.
- CVE-2021-41073
- Target: Linux Kernel
- Version: 5.10 through 5.14.6
- Exploit Written By: Lam Jun Rong
- CVE-2021-22204
- Target: ExifTool
- Version: 7.44
- Exploit Written By: Lucas Tay
- CVE-2020-25221
- Target: Linux Kernel
- Version: 5.7.x and 5.8.x
- Exploit Written By: Muhammad Alifa Ramdhan
- CVE-2019-18634 (LPE): Stack-based buffer overflow in sudo tgetpass.c when pwfeedback module is enabled
- CVE-2021-3156 (LPE): Heap-based buffer overflow in sudo sudoers.c when an argv ends with backslash character.
- CVE-2020-28018 (RCE): Exim Use-After-Free (UAF) in tls-openssl.c leading to Remote Code Execution
- CVE-2020-9273 (RCE): ProFTPd Use-After-Free (UAF) leading to Post-Auth Remote Code Execution
- jad OOB write (CE): JAD out-of-bounds write leading to code execution (No CVE given yet)
- CVE-2021-21975 VMware vRealize Operations Manager SSRF漏洞
- vCenter任意文件读取 VMware vCenter任意文件读取漏洞
- vCenter任意文件上传VMware vCenter任意文件上传漏洞到RCE(cve-2021-22005)
-
chrome 1day poc 影响范围 Chrome 89.0.4389.114 及以下版本与使用Chrome内核的其他浏览器
-
- Target: Google Chrome
- Version: 86.0.4240.80 and previous
- Exploit Written By: Chai Yi Chen
-
- Target: Google Chrome
- Version: Google Chrome 60 - 80
- Exploit Written By: Đào Tuấn Linh
- CVE-2021-26295 Apache OFBiz反序列漏洞(CVE-2021-26295)
GogsOwnz is a simple script to gain administrator rights and RCE on a Gogs/Gitea server.
Exploit vulnerabilities in Gogs/Gitea, including CVE-2018-18925, CVE-2018-20303.
-
- Target: GitLab
- Version: GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1
- Exploit Written By: Nguyễn Tiến Giang
-
CVE-2022-1162
- A simple tool to enumerate users in gitlab and login using CVE-2022-1162
- CVE-2019-16452
- Target: Adobe Acrobat and Reader
- Version: 2019.012.20035 and previous
- Exploit Written By: Phan Thanh Duy