unSafe.sh - 不安全

negativklatton22/CVE-2025-3500-Exploit
Create: 2025-12-01 20:04:58 +0000 UTC Push: 2025-12-01 20:05:30 +0000 UTC |

negativklatton22/CVE-2025-3500
Create: 2025-12-01 20:03:01 +0000 UTC Push: 2025-12-01 20:03:31 +0000 UTC |

letsr00t/CVE-2013-2094
Create: 2025-12-01 18:41:09 +0000 UTC Push: 2025-12-01 18:41:09 +0000 UTC |

fevar54/CVE-2025-4679-SecureOAuth-Demo---Enfoque-educativo SecureOAuth-Demo: Laboratorio educativo que recrea de forma segura la vulnerabilidad CVE-2025-4679 (exposición de credenciales OAuth). Aprende seguridad ofensiva y defensiva mediante ejercicios prácticos, análisis de tráfico y desafíos CTF en un entorno 100% aislado. 🔐 Educativo • 🛡️ Seguro • 🎯 Práctico • 📚 Defensivo
Create: 2025-12-01 13:38:24 +0000 UTC Push: 2025-12-01 13:52:50 +0000 UTC |

netmatthew3771/CVE-2025-54253 Public exploit for CVE-2025-54253
Create: 2025-12-01 12:36:33 +0000 UTC Push: 2025-12-01 12:39:54 +0000 UTC |

tlekrean/CVE-2025-65345 An authenticated Directory Traversal vulnerability in laravel-file-manager v3.3.1 and below allows attackers with access to the file manager interface to use zip/archiving function to create archives containing files and directories outside the intended scope due to improper path validation.
Create: 2025-12-01 09:58:26 +0000 UTC Push: 2025-12-01 10:00:15 +0000 UTC |

blossombutt4063/CVE-2025-13615
Create: 2025-12-01 07:22:37 +0000 UTC Push: 2025-12-01 07:23:57 +0000 UTC |

pratikjojode/vcenter-cve-2021-21980-lab Realistic vulnerable lab for CVE-2021-21980 (VMware vSphere Path Traversal) - Actual file exploitation, not a mock server
Create: 2025-12-01 06:50:50 +0000 UTC Push: 2025-12-01 07:44:38 +0000 UTC |

stanly363/CVE-2025-64459-Poc Vulnerability: SQL Injection via QuerySet and Q() keyword argument unpacking. CVE ID: CVE-2025-64459 Severity: Critical (CVSS 9.1) Affected Versions: Django 5.1 < 5.1.14, 4.2 < 4.2.26, and 5.2 < 5.2.8. Researcher: Cyberstan (University of Warwick)
Create: 2025-12-01 03:34:47 +0000 UTC Push: 2025-12-01 03:40:20 +0000 UTC |

Cheryanika/CVE-2019-9193---Postgresql---RCE
Create: 2025-12-01 02:49:00 +0000 UTC Push: 2025-12-01 02:55:39 +0000 UTC |

smuft1707/CVE-2025-6440
Create: 2025-12-01 02:15:24 +0000 UTC Push: 2025-12-01 02:39:23 +0000 UTC |

ClemaX/Gitea-Forgejo-CVE-2025 Directory traversal in Gitea and Forgejo's repository‑template processing allows remote authenticated attackers to process arbitrary files on the filesystem, leading to remote code execution.
Create: 2025-12-01 02:04:06 +0000 UTC Push: 2025-12-01 03:55:06 +0000 UTC |

Kairo-one/CVE-2020-26217-XStream CVE-2020-26217 XStream反序列化的poc
Create: 2025-12-01 00:54:16 +0000 UTC Push: 2025-12-01 01:05:12 +0000 UTC |

0xcucumbersalad/CVE-2025-13796-PoC deco-cx apps Parameter analyticsScript.ts AnalyticsScript server-side request forgery
Create: 2025-12-01 00:13:18 +0000 UTC Push: 2025-12-01 00:14:36 +0000 UTC |

DotAdrien/CVE-2025-60655
Create: 2025-11-30 14:53:30 +0000 UTC Push: 2026-01-17 14:44:43 +0000 UTC |

DotAdrien/CVE-2025-60656
Create: 2025-11-30 14:52:32 +0000 UTC Push: 2026-01-17 14:46:41 +0000 UTC |

DotAdrien/CVE-2025-60654
Create: 2025-11-30 14:50:34 +0000 UTC Push: 2026-01-17 14:47:33 +0000 UTC |

ninajafli/DotCMS-CVE-2022-45782
Create: 2025-11-30 08:04:56 +0000 UTC Push: 2025-11-30 23:13:21 +0000 UTC |

Noxurge/CVE-2025-65900 DifuseHQ Kalmia CMS version 0.2.0 contains an Incorrect Access Control vulnerability in the /kal-api/auth/users API endpoint. Due to insufficient permission validation and excessive data exposure in the backend, an authenticated user with basic read permissions can retrieve sensitive information for all platform user.
Create: 2025-11-30 02:07:06 +0000 UTC Push: 2025-12-04 00:06:01 +0000 UTC |

Noxurge/CVE-2025-65899 DifuseHQ Kalmia CMS version 0.2.0 is vulnerable to user enumeration through distinguishable error responses in the /kal-api/auth/jwt/create authentication endpoint.
Create: 2025-11-29 21:40:17 +0000 UTC Push: 2025-12-04 00:05:57 +0000 UTC |