Initial Access Intelligence
The "Initial Access Intelligence" module is a vital tool for cybersecurity, designed to scan GitHub repositories for the latest exploit and proof-of-concept codes for new vulnerabilities. It provides users with crucial updates on potential security threats, enabling proactive defense measures. This module helps close the gap between vulnerability discovery and patching, significantly enhancing system security.
-
July 21, 2025, 7:49 a.m.
CVE-2024-11388 poc exploit
Updated: 8 months, 2 weeks ago2 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 4:48 p.m. This repo has been linked 1 different CVEs too. -
July 21, 2025, 7:49 a.m.
CVE-2024-11432 poc exploit
Updated: 8 months, 2 weeks ago2 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 4:46 p.m. This repo has been linked 1 different CVEs too. -
Nov. 18, 2025, 4:19 p.m.
A PoC which exploit race condition of jersey client
Java
Updated: 4 months, 2 weeks ago0 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 4:37 p.m. This repo has been linked 1 different CVEs too. -
Jan. 13, 2025, 6:17 p.m.
两年多以前,Chris Frohoff 和 Gabriel Lawrence 发表了关于 Java 对象反序列化漏洞的研究,这一研究最终导致 Java 历史上最大的一波远程代码执行漏洞的爆发。 后续研究表明,这些漏洞不仅限于 Java 序列化或 XStream 这样的机制,还可以应用于其他机制。
cve exp poc rce
Java
Updated: 1 year, 2 months ago2 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 4:33 p.m. This repo has been linked 1 different CVEs too. -
Nov. 22, 2024, 3:44 p.m.
YARPP <= 5.30.10 - Missing Authorization
Updated: 1 year, 4 months ago0 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 3:42 p.m. This repo has been linked 1 different CVEs too. -
Dec. 16, 2024, 4:13 p.m.
MoBots 13598
Java
Updated: 1 year, 3 months ago0 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 3:41 p.m. This repo has been linked 1 different CVEs too. -
Jan. 10, 2025, 10:55 p.m.
None
Updated: 1 year, 2 months ago0 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 2:33 p.m. This repo has been linked 5 different CVEs too. -
Jan. 22, 2025, 6:18 a.m.
CVE-2024-36401是GeoServer中的一个高危远程代码执行漏洞。GeoServer是一款开源的地理数据服务器软件,主要用于发布、共享和处理各种地理空间数据。 ALIYUN 漏洞原理: 该漏洞源于GeoServer在处理属性名称时,将其不安全地解析为XPath表达式。具体而言,GeoServer调用的GeoTools库API在评估要素类型的属性名称时,以不安全的方式将其传递给commons-jxpath库。由于commons-jxpath库在解析XPath表达式时允许执行任意代码,攻击者可以通过构造特定的输入,利用多个OGC请求参数(如WFS GetFeature、WFS GetPropertyValue、WMS GetMap等),在未经身份验证的情况下远程执行任意代码。
Python
Updated: 1 year, 2 months ago5 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 2:21 p.m. This repo has been linked 1 different CVEs too. -
Jan. 13, 2025, 6:17 p.m.
CVE-2024-27130是影响QNAP网络附加存储(NAS)设备的一个严重漏洞。该漏洞源于QTS操作系统中share.cgi脚本的No_Support_ACL函数中不安全地使用strcpy函数,导致堆栈缓冲区溢出。攻击者可以利用此漏洞,通过精心构造的请求在目标系统上执行任意代码,进而完全控制受影响的设备。
Python
Updated: 1 year, 2 months ago4 stars 1 fork 1 watcherBorn at : Nov. 22, 2024, 2:18 p.m. This repo has been linked 1 different CVEs too. -
Jan. 13, 2025, 6:17 p.m.
CVE-2024-0012是Palo Alto Networks PAN-OS软件中的一个身份验证绕过漏洞。该漏洞允许未经身份验证的攻击者通过网络访问管理Web界面,获取PAN-OS管理员权限,从而执行管理操作、篡改配置,或利用其他需要身份验证的特权提升漏洞(如CVE-2024-9474)
Python
Updated: 1 year, 2 months ago3 stars 1 fork 1 watcherBorn at : Nov. 22, 2024, 2:11 p.m. This repo has been linked 2 different CVEs too.
