Proof of concept toolkit to demonstrate the issue noted in CVE-2023-52709 related to the TI bluetooth stack. When running Defensics test case #SMP legacy 1001 with loop mode on DUT configured as resolvable private address, after a while, the device will end up generating unresolvable random private address causing denial of service for already bonded peer devices.
02f2601eddbe9fb045062d2c686c897f6039df04b9482db6478440625d4786ae
Proof of concept python3 code that creates a malicious payload to exploit an arbitrary file write via directory traversal in Invesalius version 3.1. In particular the exploitation steps of this vulnerability involve the use of a specifically crafted .inv3 (a custom extension for InVesalius) that is indeed a tar file file which, once imported inside the victim's client application allows an attacker to write files and folders on the disk.
3e2115a5ac5563793a0f2c821d2286084e05076d87ec7793c02b372c65ca4475
Proof of concept exploit that demonstrates an unauthenticated path traversal vulnerability in Nexus Repository Manager version 3.
bfbc582aeb7d694c2fb50f516d1b6e7be747c9691933654f4b1d426c8e5327dd
Proof of concept exploit that demonstrates an information disclosure vulnerability in Check Point Security Gateways.
3d1d9908347cad7b090b35327c160e791c08878516956e5f60997b2cd3d13687
Proof of concept exploit that allows an attacker to retrieve administrative credentials through SQL injection and ultimately execute arbitrary code on the target server.
e281d48432c2585fa05b2517fffc0171d56091981f896fb78703333f642a73a5
Proof of concept remote code execution exploit for Rejetto HTTP File Server (HFS) version 2.3m.
94abc34636ee9d2ee77ab7b6f4f07a3e5915b2c3ea027b41ba855261a1cd204a
Proof of concept unauthenticated remote code execution exploit for Calibre versions 7.14.0 and below.
8c3200bd22a9201376c309b810720c70e5e01d5f4a8e6a5ec53a060dd8be9202
Proof of concept remote code execution exploit for Ivanti EPM versions prior to 2022 SU6 or the 2024 September update.
aae283a6cefb5b56bdc7a70bc3a56e323ee785291fa82aaf40d1ff35d8e2d1e0
Proof of concept remote code execution exploit for GeoServer versions prior 2.23.6, 2.24.4, and 2.25.2.
89efe87af55cddb0baaa46de1bab5d58c270e280ff489d9b19f578e9bf29121e
Proof of concept automation code to exploit a template injection vulnerability in GitHub repository sqlpad/sqlpad version prior to 6.10.1 that can result in remote code execution.
79a6a3c0f0cc3437faa5b70a9c94c21f376448987379d2b3ee42300f9a2f5271
Proof of concept exploit for Spring Cloud Data Flow versions prior to 2.11.4 that achieves remote code execution through a malicious upload.
0ee38b6a8cf494539040a02c4712511aeac366dfde03820937e77f9441253ed3
Proof of concept code for the Microsoft Windows DWM Core library elevation of privilege vulnerability. The researcher shows how they reversed the patch, how the heap overflow is produced, and overall gives a complete walk through of their process.
ae21b7b798fa9141cefb1411db92e94dfef6796823599323e49ec4cfcc3f7c0d
Proof of concept exploit demonstrating a remote command injection vulnerability in ASUS RT-AC3200 version 3.0.0.4.382.50010.
b27808b91b15909e2f42e7da7a3eccc359039ba12c7fdda7e04df55b3861f29b
Proof of concept exploit that uses a use-after-free vulnerability due to a race condition in MIDI devices in Linux Kernel version 5.6.13.
5772575942e33bf0bb3f88209aeb358c538c5851a59e7ed25e4a63653b6b7cda
This is a proof of concept denial of service module for Sendmail versions 8.12.8 and earlier. The vulnerability is within the prescan() method when parsing SMTP headers. Due to the prescan function, only 0x5c and 0x00 bytes can be used, limiting the likelihood for arbitrary code execution.
3daa5e578d5efd9b701f44fe3d3053617431c40f560b0e62e15b7cf2208f57d9
Google Chrome versions prior to 125.0.6422.112 V8 type confusion proof of concept exploit.
788ea39c0477eb3c46d9338780f690985742a96415f3fd4f64358b8315057dfa
Microsoft Windows IPv6 vulnerability checking proof of concept python script that causes a denial of service. Windows 10 and 11 versions under 10.0.26100.1457 and Server 2016-2019-2022 versions under 10.0.17763.6189 are affected.
04c38d06a082513de8abf2875e18f1ebec41c245eac05cf7f60cc0cff919185a
WordPress LiteSpeed Cache versions 1.9 through 6.3.0.1 proof of concept privilege escalation exploit.
359e51db5dfae9aca9692c13ac7db65b1cf126e5f317d77187028e3bf1a7412a
This python script is a proof of concept exploit that demonstrates a IPv6 related memory corruption in Microsoft Windows.
e6be8f94e65ac49e1c64112d19884e8a3c0da0f9997c4e2f50859639ac393ab4
CVE-2024-6768 is a vulnerability in the Common Log File System (CLFS.sys) driver of Windows, caused by improper validation of specified quantities in input data. This flaw leads to an unrecoverable inconsistency, triggering the KeBugCheckEx function and resulting in a Blue Screen of Death (BSoD). The issue affects all versions of Windows 10 and Windows 11, Windows Server 2016, Server 2019 and Server 2022 despite having all updates applied. This Proof of Concept (PoC) shows that by crafting specific values within a .BLF file, an unprivileged user can induce a system crash.
0ec1d82e1e6a31fe57b2e6f518e950e98281a0c7e322246a6ffaddcc34e5296a
A guest inside a VirtualBox VM using the virtio-net network adapter can trigger an intra-object out-of-bounds write in src/VBox/Devices/Network/DevVirtioNet.cpp to cause a denial-of-service or escape the hypervisor and compromise the host. This is Google's proof of concept exploit.
39886fd5b29cda0221f294d1907d9e63995ec85c9ee702b13d91f845a49e1f06
AMD Errata 1386 1 is a flaw that affects the AMD Zen 2 family of processors. The observed result of this bug is that changes to xmm or ymm extended registers during normal program execution may be unexpectedly discarded. The implications of this flaw will vary depending on the workload. This is Google's proof of concept exploit.
8a75f5fb07a6ca67733cb5a1185477da6a8313afd2a241201dd4016d48542554
This is a proof of concept code from Google called RET2ASLR - Leaking ASLR from return instructions.
85855938129f6904b076bc6c171882d2c77607f62f7812008d8e9444f550c17d
Google observed some undocumented (to the best of their knowledge) behavior of the indirect branch predictors, specifically relative to _ret_ instructions. The research they conducted appears to show that this behavior does not seem to create exploitable security vulnerabilities in the software they have tested. They would like to better understand the impact and implications for different software stacks, thus they welcome feedback or further research. Included is proof of concept code.
ebca14f100ab1f543d3c2aebe9a56b5068ca62d114ff25a3d83d52c2308a7399
This is a path traversal vulnerability that impacts the CreateIndexHandler and DeleteIndexHandler found within Bleve search library. These vulnerabilities enable the attacker to delete any directory owned by the user recursively, and create a new directory in any location which the server has write permissions to. This is Google's proof of concept exploit.
fa85d4f73ca7779ddd8389e832e0e1c1e86090421d04d1696926164a39351fbf