mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
Recently updated Proof-of-Concepts
2025
Latest 20 of 29 Repositories
| Stars | Updated | Name | Description |
|---|---|---|---|
| 487⭐ | 18 days ago | CVE-2018-20250 | exp for https://research.checkpoint.com/extracting-code-execution-from-winrar |
| 157⭐ | 21 minutes ago | CVE-2025-24071_PoC | CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File |
| 82⭐ | 7 hours ago | POC-CVE-2025-24813 | his repository contains an automated Proof of Concept (PoC) script for exploiting CVE-2025-24813, a Remote Code Execution (RCE) vulnerability in Apache Tomcat. The vulnerability allows an attacker to upload a malicious serialized payload to the server, leading to arbitrary code execution via deserialization when specific conditions are met. |
| 116⭐ | 4 days ago | CVE-2025-26125 | (0day) Local Privilege Escalation in IObit Malware Fighter |
| 71⭐ | 1 day ago | CVE-2025-24813-PoC | Apache Tomcat 远程代码执行漏洞批量检测脚本(CVE-2025-24813) |
| 25⭐ | 1392 days ago | CVE-2018-20250 | 010 Editor template for ACE archive format & CVE-2018-2025[0-3] |
| 35⭐ | 8 days ago | CVE-2025-0282 | PoC for CVE-2025-0282: A remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA gateways |
| 27⭐ | 5 days ago | CVE-2025-0108-PoC | Palo Alto Networks PAN-OS 身份验证绕过漏洞批量检测脚本(CVE-2025-0108) |
| 44⭐ | 5 days ago | CVE-2025-0282-Ivanti-exploit | CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overflow exploit. |
| 22⭐ | 25 days ago | CVE-2025-0282 | Ivanti Connect Secure IFT TLS Stack Overflow pre-auth RCE (CVE-2025-0282) |
| 33⭐ | 11 days ago | CVE-2025-24016 | CVE-2025-24016: Wazuh Unsafe Deserialization Remote Code Execution (RCE) |
| 41⭐ | 23 days ago | CVE-2025-24118 | An XNU kernel race condition bug |
| 28⭐ | 3 days ago | CVE-2025-27636-Apache-Camel-PoC | |
| 23⭐ | 5 days ago | CVE-2025-1094-Exploit | WebSocket and SQL Injection Exploit Script |
| 34⭐ | 10 days ago | CVE-2025-23369 | GitHub Entreprise Server SAML authentication bypass (CVE-2025-23369) exploit |
| 9⭐ | 6 days ago | CVE-2025-27840 | Expanded version of the code shown at RootedCON redone in python - CVE-2025-27840 |
| 7⭐ | 5 days ago | CVE-2025-0087- | CVE-2025-0087 EoP full PoC |
| 12⭐ | 23 hours ago | CVE-2025-1302 | JSONPath-plus Remote Code Execution |
| 7⭐ | 3 days ago | CVE-2025-26794 | CVE-2025-26794: Blind SQL injection in Exim 4.98 (SQLite DBM)- exploit writeup |
| 8⭐ | 3 days ago | cve-2025-24813_poc | cve-2025-24813验证脚本 |
2024
Latest 20 of 557 Repositories
| Stars | Updated | Name | Description |
|---|---|---|---|
| 2351⭐ | 1 day ago | CVE-2024-1086 | Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images. |
| 654⭐ | 10 days ago | CVE-2024-38063 | poc for CVE-2024-38063 (RCE in tcpip.sys) |
| 475⭐ | 3 days ago | cve-2024-6387-poc | a signal handler race condition in OpenSSH's server (sshd) |
| 486⭐ | 1 day ago | CVE-2024-49113 | LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113 |
| 478⭐ | 2 days ago | CVE-2024-6387_Check | CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH |
| 379⭐ | 3 days ago | cve-2024-6387-poc | 32-bit PoC for CVE-2024-6387 — mirror of the original 7etsuo/cve-2024-6387-poc |
| 213⭐ | 4 days ago | CVE-2024-38077 | RDL的堆溢出导致的RCE |
| 338⭐ | 22 days ago | CVE-2024-26229 | CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code |
| 289⭐ | 1 day ago | CVE-2024-0044 | CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13 |
| 273⭐ | 2 days ago | CVE-2024-4577 | PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC |
| 290⭐ | 1 day ago | CVE-2024-21338 | Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled. |
| 277⭐ | 18 hours ago | CVE-2024-35250 | PoC for the Untrusted Pointer Dereference in the ks.sys driver |
| 726⭐ | 4 days ago | CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability | Microsoft-Outlook-Remote-Code-Execution-Vulnerability |
| 236⭐ | 39 days ago | CVE_2024_30078_POC_WIFI | basic concept for the latest windows wifi driver CVE |
| 8⭐ | 62 days ago | CVE-2024-38077-POC | |
| 197⭐ | 4 days ago | CVE-2024-23897 | CVE-2024-23897 |
| 162⭐ | 1 day ago | CVE-2024-25600 | Unauthenticated Remote Code Execution – Bricks <= 1.9.6 |
| 159⭐ | 47 days ago | CVE-2024-21413 | Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC |
| 137⭐ | 3 days ago | cve-2024-20017 | exploits for CVE-2024-20017 |
| 120⭐ | 3 days ago | cve-2024-6387-poc | MIRROR of the original 32-bit PoC for CVE-2024-6387 "regreSSHion" by 7etsuo/cve-2024-6387-poc |