Skip to content

n1sh1th/CVE-POC

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 

Repository files navigation

CVE-POC

2022

CVE-2022-24086

CVE-2022-24086 - Magento RCE

2021

CVE-2021-1675

CVE-2021-1675- PrintNightmare PoC

CVE-2021-4034

CVE-2021-4034- PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec

CVE-2021-21315

CVE-2021-21315 - Node.JS OS sanitize service Parameters Command Injection

CVE-2021-21972

CVE-2021-21972 - vCenter Server RCE

CVE-2021-21975

CVE-2021-21975 - [VMware] vRealize Operations Manager API SSRF

CVE-2021-21978

CVE-2021-21978 - VMware View Planner logupload RCE

CVE-2021-21985

CVE-2021-21985 - #VMware #vSphere Client (HTML5) VSHC plug-in RCE

CVE-2021-22986

CVE-2021-22986 - F5 BIG-IP iControl RCE

CVE-2021-27905

CVE-2021-27905 - Apache Solr Index Replication SSRF

CVE-2021-28482

CVE-2021-28482 - Microsoft Exchange Deserialization to Post-Auth RCE

CVE-2021-31166

CVE-2021-31166 - MS HTTP Protocol Stack RCE

CVE-2021–31474

CVE-2021–31474 - Apache Solr Index Replication SSRF

CVE-2021-35464

CVE-2021-35464 - Pre-auth RCE in ForgeRock OpenAM

CVE-2021-42342

CVE-2021-42342 - RCE in GoAhead 4.x and 5.x before 5.1.5

CVE-2021-43798

CVE-2021-43798 - Path traversal vulnerability in Grafana by

2020

CVE-2020-11978 CVE-2020-13927

The CVE-2020-13927 vulnerability to Apache Airflow Authentication Bypass.

CVE-2020-3580

CVE-2020-3580 is an XSS found in Cisco ASA,FTD SAML TUNNEL-GROUP NAME

CNVD-2020-10487

CNVD-2020-10487-Tomcat-Ajp-lfi

2019

CVE-2019-15043

CVE-2019-15043 is a Denial-of-service vulnerability found in the Grafana snapshots API. This vulnerability was fixed in versions 5.4.5 and 6.3.4.

CVE-2019-8451

CVE-2019-8451 is a pre-authentication server side request forgery (SSRF) vulnerability found in the /plugins/servlet/gadgets/makeRequest resource. This vulnerability was introduced in Jira server version 7.6.0, and fixed in versions 7.13.9 and 8.4.0.

CVE-2019-5418

CVE-2019-5418 - File Content Disclosure on Rails, It is a possible file content disclosure vulnerability in Action View. Specially crafted accept headers in combination with calls to render file: can cause arbitrary files on the target server to be rendered, disclosing the file contents. Fixed in Action View 6.0.0.beta3, 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1.

Note: This CVE can leads to a Remote Code Execution, more info: mpgn/Rails-doubletap-RCE

About

This is collection of latest CVE POCs.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published