Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Zyxel Remote Command Execution

Authored by jbaines-r7 | Site github.com Victorian Machinery is a proof of concept exploit for CVE-2022-30525. The vulnerability is an unauthenticated and remote command injection vulnerability affecting Zyxel firewall's that...

Ransom.Conti MVID-2022-0606 Code Execution

Authored by malvuln | Site malvuln.com Conti ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code and...

IpMatcher 1.0.4.1 Server-Side Request Forgery

Authored by Sick Codes, Kelly Kaoudis IpMatcher versions 1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2 incorrectly validates octal and hexadecimal input data which can lead to...

Chrome 100 extensions::ExtensionApiFrameIdMap::GetFrameId Heap Use-After-Free

Authored by Google Security Research, Glazvunov A use-after-free issue exists in Chrome 100 and earlier versions. A malicious extension can achieve arbitrary code execution in the browser process. advisories | CVE-2022-0972

TLR-2005KSH Arbitrary File Delete

Authored by Ahmed Alroky TLR-2005KSH suffers from an arbitrary file deletion vulnerability. advisories | CVE-2021-46424 Change Mirror Download # Exploit Title: TLR-2005KSH - Arbitrary File Delete# Date: 2022-05-11# Exploit Author: Ahmed Alroky# Author...

College Management System 1.0 SQL Injection

Authored by Eren Gozaydin College Management System version 1.0 suffers from a remote SQL injection vulnerability. advisories | CVE-2022-28079 Change Mirror Download # Exploit Title: College Management System - 'course_code' SQL Injection (Authenticated)#...

AppleVideoDecoder CreateHeaderBuffer Out-Of-Bounds Free

Authored by Google Security Research, natashenka AppleVideoDecoder suffers from an out-of-bounds free vulnerability. The attached video file contains a malformed HEVC Decoder Configuration Record that leads to an out-of-bounds free...

F5 BIG-IP iControl Remote Code Execution

Authored by Alt3kx, Ron Bowes, Heyder Andrade, James Horseman | Site metasploit.com This Metasploit module exploits an authentication bypass vulnerability in the F5 BIG-IP iControl REST service to gain access...

Ransom.REvil MVID-2022-0595 Code Execution

Authored by malvuln | Site malvuln.com REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and...

Ransom.REvil MVID-2022-0597 Code Execution

Authored by malvuln | Site malvuln.com REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and...