![]()
最新CVE漏洞及其概念验证漏洞利用代码
该文章展示了GitHub上与安全漏洞相关的最新仓库列表,包括CVE编号的漏洞利用代码、PoC脚本和检测工具等。
2025-5-23 01:52:28
Author: github.com(查看原文)
阅读量:50
收藏
2025
Latest 20 of 101 Repositories
| Stars |
Updated |
Name |
Description |
| 490⭐ |
15 days ago |
CVE-2018-20250 |
exp for https://research.checkpoint.com/extracting-code-execution-from-winrar |
| 281⭐ |
2 days ago |
CVE-2025-24071_PoC |
CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File |
| 181⭐ |
12 hours ago |
CVE-2025-30208-EXP |
CVE-2025-30208-EXP |
| 117⭐ |
1 day ago |
POC-CVE-2025-24813 |
his repository contains an automated Proof of Concept (PoC) script for exploiting CVE-2025-24813, a Remote Code Execution (RCE) vulnerability in Apache Tomcat. The vulnerability allows an attacker to upload a malicious serialized payload to the server, leading to arbitrary code execution via deserialization when specific conditions are met. |
| 104⭐ |
2 days ago |
CVE-2025-32433 |
CVE-2025-32433 https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2 |
| 139⭐ |
7 days ago |
CVE-2025-26125 |
(0day) Local Privilege Escalation in IObit Malware Fighter |
| 115⭐ |
16 hours ago |
CVE-2025-21756 |
Exploit for CVE-2025-21756 for Linux kernel 6.6.75. My first linux kernel exploit! |
| 85⭐ |
4 days ago |
CVE-2025-24813-PoC |
Apache Tomcat 远程代码执行漏洞批量检测脚本(CVE-2025-24813) |
| 61⭐ |
5 days ago |
CVE-2025-22457 |
PoC for CVE-2025-22457 |
| 25⭐ |
1454 days ago |
CVE-2018-20250 |
010 Editor template for ACE archive format & CVE-2018-2025[0-3] |
| 40⭐ |
17 days ago |
CVE-2025-0282 |
PoC for CVE-2025-0282: A remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA gateways |
| 49⭐ |
3 days ago |
CVE-2025-1974 |
|
| 27⭐ |
16 days ago |
CVE-2025-0108-PoC |
Palo Alto Networks PAN-OS 身份验证绕过漏洞批量检测脚本(CVE-2025-0108) |
| 74⭐ |
16 days ago |
ingressNightmare-CVE-2025-1974-exps |
IngressNightmare POC. world first remote exploitation and with multi-advanced exploitation methods. allow on disk exploitation. CVE-2025-24514 - auth-url injection, CVE-2025-1097 - auth-tls-match-cn injection, CVE-2025-1098 – mirror UID injection -- all available. |
| 47⭐ |
22 days ago |
CVE-2025-0282-Ivanti-exploit |
CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overflow exploit. |
| 26⭐ |
7 days ago |
CVE-2025-0282 |
Ivanti Connect Secure IFT TLS Stack Overflow pre-auth RCE (CVE-2025-0282) |
| 33⭐ |
18 days ago |
CVE-2025-0401 |
Privilege Escalation using Passwd - April Fools prank |
| 18⭐ |
4 days ago |
Exploit-CVE-2025-24799 |
CVE-2025-24799 Exploit: GLPI - Unauthenticated SQL Injection |
| 37⭐ |
18 days ago |
CVE-2025-24016 |
CVE-2025-24016: Wazuh Unsafe Deserialization Remote Code Execution (RCE) |
| 24⭐ |
28 days ago |
CVE-2025-24799 |
|
2024
Latest 20 of 578 Repositories
| Stars |
Updated |
Name |
Description |
| 2365⭐ |
1 day ago |
CVE-2024-1086 |
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images. |
| 664⭐ |
4 days ago |
CVE-2024-38063 |
poc for CVE-2024-38063 (RCE in tcpip.sys) |
| 477⭐ |
22 days ago |
cve-2024-6387-poc |
a signal handler race condition in OpenSSH's server (sshd) |
| 493⭐ |
4 days ago |
CVE-2024-49113 |
LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113 |
| 491⭐ |
6 days ago |
CVE-2024-6387_Check |
CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH |
| 378⭐ |
22 days ago |
cve-2024-6387-poc |
32-bit PoC for CVE-2024-6387 — mirror of the original 7etsuo/cve-2024-6387-poc |
| 215⭐ |
3 days ago |
CVE-2024-38077 |
RDL的堆溢出导致的RCE |
| 342⭐ |
15 days ago |
CVE-2024-26229 |
CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code |
| 299⭐ |
1 day ago |
CVE-2024-0044 |
CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13 |
| 280⭐ |
9 days ago |
CVE-2024-4577 |
PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC |
| 280⭐ |
12 days ago |
CVE-2024-35250 |
PoC for the Untrusted Pointer Dereference in the ks.sys driver |
| 292⭐ |
33 days ago |
CVE-2024-21338 |
Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled. |
| 726⭐ |
7 days ago |
CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability |
Microsoft-Outlook-Remote-Code-Execution-Vulnerability |
| 9⭐ |
53 days ago |
CVE-2024-38077-POC |
|
| 235⭐ |
41 days ago |
CVE_2024_30078_POC_WIFI |
basic concept for the latest windows wifi driver CVE |
| 198⭐ |
45 days ago |
CVE-2024-23897 |
CVE-2024-23897 |
| 168⭐ |
5 days ago |
CVE-2024-25600 |
Unauthenticated Remote Code Execution – Bricks <= 1.9.6 |
| 115⭐ |
5 hours ago |
CVE-2024-6387 |
Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387) |
| 153⭐ |
19 days ago |
CVE-2024-21413 |
Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC |
| 122⭐ |
22 days ago |
cve-2024-6387-poc |
MIRROR of the original 32-bit PoC for CVE-2024-6387 "regreSSHion" by 7etsuo/cve-2024-6387-poc |
2023
Latest 20 of 484 Repositories
2022
Latest 20 of 549 Repositories
2021
Latest 20 of 506 Repositories
| Stars |
Updated |
Name |
Description |
| 1996⭐ |
12 hours ago |
CVE-2021-4034 |
CVE-2021-4034 1day |
| 1082⭐ |
2 days ago |
CVE-2021-4034 |
PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034) |
| 1054⭐ |
8 days ago |
CVE-2021-1675 |
Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare) |
| 978⭐ |
3 days ago |
CVE-2021-3156 |
|
| 748⭐ |
19 hours ago |
CVE-2021-3156 |
Sudo Baron Samedit Exploit |
| 824⭐ |
17 days ago |
CVE-2021-31166 |
Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely. |
| 857⭐ |
1 day ago |
CVE-2021-44228-Scanner |
Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228 |
| 492⭐ |
24 days ago |
CVE-2021-21972 |
CVE-2021-21972 Exploit |
| 420⭐ |
4 days ago |
CVE-2021-3493 |
Ubuntu OverlayFS Local Privesc |
| 435⭐ |
52 days ago |
CVE-2021-3156 |
PoC for CVE-2021-3156 (sudo heap overflow) |
| 274⭐ |
22 days ago |
CVE-2021-22205 |
CVE-2021-22205& GitLab CE/EE RCE |
| 260⭐ |
64 days ago |
CVE-2021-21972 |
Proof of Concept Exploit for vCenter CVE-2021-21972 |
| 358⭐ |
36 days ago |
Grafana-CVE-2021-43798 |
Grafana Unauthorized arbitrary file reading vulnerability |
| 269⭐ |
6 days ago |
CVE-2021-36260 |
command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands. |
| 346⭐ |
36 days ago |
CVE-2021-44228_scanner |
Scanners for Jar files that may be vulnerable to CVE-2021-44228 |
| 280⭐ |
8 days ago |
CVE-2021-34527 |
|
| 309⭐ |
36 days ago |
CVE-2021-26084_Confluence |
Confluence Server Webwork OGNL injection |
| 333⭐ |
65 days ago |
CVE-2021-1675-LPE |
Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527 |
| 234⭐ |
9 days ago |
CVE-2021-38647 |
Proof on Concept Exploit for CVE-2021-38647 (OMIGOD) |
| 344⭐ |
13 days ago |
CVE-2021-4034 |
Proof of concept for pwnkit vulnerability |
文章来源: https://github.com/0xMarcio/cve
如有侵权请联系:admin#unsafe.sh