Vulnerabilities

List of vulnerabilities with PoC.

• jQuery XSS (CVE-2015-9251)
• RCE in Log4j (CVE-2021-44228)
• Sudo 1.8.25p – Buffer Overflow (CVE-2019-18634)
• OpenSSH 2.3 < 7.7 – Username Enumeration (CVE-2018-15473)
• Cisco ASA firewall: Cisco CLI “jail break” (CVE-2014-3390)
• Oracle E-Business Suite SSRF, CRLF (CVE-2025-61882)
• Progress MoveIT Transfer SFTP Authentication Bypass (CVE-2024-5806)
• React2Shell (CVE-2025-55182)
• AnyDesk – port 7070 (TCP) / 50001 (UDP) – (RCE CVE-2020-13160, unquoted service path)
• Exploit 47930: Citrixmash (CVE-2019-19781), see Citrix
• CVE-2021-41773 (Apache HTTP Server 2.4.49 only), see Apache Web Server
• Shellshock (CVE-2014-6271), see Perl Cheat Sheet
• AS-REP Roasting
• Escape restricted shells

Active Directory

• Zerologon (CVE-2020-1472)
• PetitPotam NTLM Relay

Samba

• Samba RCE (CVE-2008-4250 / MS08-067)
• EternalBlue (CVE-2017-0144 / MS17-010)
• EternalRed / SambaCry (CVE-2017-7494)

UNIX Privilege Escalation

• DirtyCow (CVE-2016-5195)
• Polkit’s pkexec utility exploit (CVE-2021-4034)
• Reusing Sudo Tokens

Windows Privilege Escalation

• PrintSpoofer
• RottenPotatoNG
• Juicy Potato
• Windows Unquoted Service Path
• UAC Bypass – EventVwr