Exploits & CVE's

Authored by Martin Heiland Open-Xchange OX App Suite, OX Guard, and OX Documents suffer from server-side request forgery and cross site scripting vulnerabilities. Some of these issues only affect version...

Authored by Andy Nguyen A heap out-of-bounds write affecting the Linux kernel since version 2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a denial...

Authored by Vikas Srivastava WordPress Current Book plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: WordPress Plugin Current Book 1.0.1 - 'Book Title...

Authored by 0vercl0k | Site github.com This is a proof of concept for CVE-2021-28476 ("Hyper-V Remote Code Execution Vulnerability"), an arbitrary memory read in vmswitch.sys (network virtualization service provider) patched...

Authored by 0vercl0k | Site github.com Proof of concept exploit for an out-of-bounds access vulnerability in the Realtek RTKVHD64.sys, leading to pool corruption. advisories | CVE-2021-32537

Authored by 0vercl0k | Site github.com This is a proof of concept for a Windows TCP/IP denial of service vulnerability due to a NULL dereference in tcpip.sys. This was patched...

Authored by Google Security Research, ianbeer XNU suffers from a network stack kernel heap overflow due to an out-of-bounds memmove in 6lowpan. Proof of concept code included. advisories | CVE-2020-9967, CVE-2021-30736

Authored by James Forshaw, Google Security Research Microsoft Windows has an issue where you can use the CreateProcessWithLogon API to escape a write restricted service and achieve full write access...

Authored by Stefan Viehbock | Site sec-consult.com Multiple Schneider Electric EVlink Charging Stations suffers from authentication bypass and remote code execution vulnerabilities. advisories | CVE-2021-22707, CVE-2021-22708 Change Mirror Download SEC Consult Vulnerability Lab...

Authored by Bryan Leong osCommerce version 2.3.4.1 remote code execution exploit. This is a variant of the original discovery of code execution in this version by Simon Scannell in March...