unSafe.sh - 不安全

letsr00t/CVE-2013-2094
Create: 2025-12-01 18:41:09 +0000 UTC Push: 2025-12-01 18:41:09 +0000 UTC |

fevar54/CVE-2025-4679-SecureOAuth-Demo---Enfoque-educativo SecureOAuth-Demo: Laboratorio educativo que recrea de forma segura la vulnerabilidad CVE-2025-4679 (exposición de credenciales OAuth). Aprende seguridad ofensiva y defensiva mediante ejercicios prácticos, análisis de tráfico y desafíos CTF en un entorno 100% aislado. 🔐 Educativo • 🛡️ Seguro • 🎯 Práctico • 📚 Defensivo
Create: 2025-12-01 13:38:24 +0000 UTC Push: 2025-12-01 13:52:50 +0000 UTC |

netmatthew3771/CVE-2025-54253 Public exploit for CVE-2025-54253
Create: 2025-12-01 12:36:33 +0000 UTC Push: 2025-12-01 12:39:54 +0000 UTC |

tlekrean/CVE-2025-65345 An authenticated Directory Traversal vulnerability in laravel-file-manager v3.3.1 and below allows attackers with access to the file manager interface to use zip/archiving function to create archives containing files and directories outside the intended scope due to improper path validation.
Create: 2025-12-01 09:58:26 +0000 UTC Push: 2025-12-01 10:00:15 +0000 UTC |

blossombutt4063/CVE-2025-13615
Create: 2025-12-01 07:22:37 +0000 UTC Push: 2025-12-01 07:23:57 +0000 UTC |

pratikjojode/vcenter-cve-2021-21980-lab Realistic vulnerable lab for CVE-2021-21980 (VMware vSphere Path Traversal) - Actual file exploitation, not a mock server
Create: 2025-12-01 06:50:50 +0000 UTC Push: 2025-12-01 07:44:38 +0000 UTC |

stanly363/CVE-2025-64459-Poc Vulnerability: SQL Injection via QuerySet and Q() keyword argument unpacking. CVE ID: CVE-2025-64459 Severity: Critical (CVSS 9.1) Affected Versions: Django 5.1 < 5.1.14, 4.2 < 4.2.26, and 5.2 < 5.2.8. Researcher: Cyberstan (University of Warwick)
Create: 2025-12-01 03:34:47 +0000 UTC Push: 2025-12-01 03:40:20 +0000 UTC |

Cheryanika/CVE-2019-9193---Postgresql---RCE
Create: 2025-12-01 02:49:00 +0000 UTC Push: 2025-12-01 02:55:39 +0000 UTC |

smuft1707/CVE-2025-6440
Create: 2025-12-01 02:15:24 +0000 UTC Push: 2025-12-01 02:39:23 +0000 UTC |

ClemaX/Gitea-Forgejo-CVE-2025 Directory traversal in Gitea and Forgejo's repository‑template processing allows remote authenticated attackers to process arbitrary files on the filesystem, leading to remote code execution.
Create: 2025-12-01 02:04:06 +0000 UTC Push: 2025-12-01 03:55:06 +0000 UTC |

Kairo-one/CVE-2020-26217-XStream CVE-2020-26217 XStream反序列化的poc
Create: 2025-12-01 00:54:16 +0000 UTC Push: 2025-12-01 01:05:12 +0000 UTC |

0xcucumbersalad/CVE-2025-13796-PoC deco-cx apps Parameter analyticsScript.ts AnalyticsScript server-side request forgery
Create: 2025-12-01 00:13:18 +0000 UTC Push: 2025-12-01 00:14:36 +0000 UTC |

ninajafli/DotCMS-CVE-2022-45782
Create: 2025-11-30 08:04:56 +0000 UTC Push: 2025-11-30 23:13:21 +0000 UTC |

KylVGoi/cve-2019-1663
Create: 2025-11-29 17:54:45 +0000 UTC Push: 2025-12-01 14:19:00 +0000 UTC |

Ashwesker/Blackash-CVE-2025-2011 CVE-2025-2011
Create: 2025-11-28 21:16:17 +0000 UTC Push: 2025-11-28 21:16:17 +0000 UTC |

RyanRodrigues880/CVE-2023-26360 Exploit - CVE-2023-26360
Create: 2025-11-28 19:59:21 +0000 UTC Push: 2025-11-28 19:59:22 +0000 UTC |

Ashwesker/Blackash-CVE-2025-13315 CVE-2025-13315
Create: 2025-11-28 15:26:53 +0000 UTC Push: 2025-11-28 15:26:54 +0000 UTC |

Daeda1usUK/CVE-2025-59390- CVE-2025-59390 and ThreadLocalRandom Inverse
Create: 2025-11-28 14:33:08 +0000 UTC Push: 2025-11-28 14:33:36 +0000 UTC |

wasfyelbaz/CVE-2025-66022 FACTION versions before 1.7.1 allowed unauthenticated RCE. A missing auth check on /portal/AppStoreDashboard let attackers upload malicious extensions, which executed system commands through lifecycle hooks.
Create: 2025-11-28 12:07:38 +0000 UTC Push: 2025-11-28 12:07:38 +0000 UTC |

MMAKINGDOM/CVE-2025-65881 Sourcecodester Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /classes/Login.php Due to invalid Content-Type
Create: 2025-11-28 10:50:46 +0000 UTC Push: 2025-11-28 10:50:46 +0000 UTC |