Skip to content

joydo/CVE-Writeups

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
PoCs
PoCs
 
 
README.md
README.md
 
 
chrome-sbx-db.md
chrome-sbx-db.md
 
 

Repository files navigation

Exploits-Writeups

CVE-Writeups

2022 cve-reports-writeups

CVE-ID writeups
CVE-2022-0185(Linux Kernel) 1. https://www.willsroot.io/2022/01/cve-2022-0185.html 2. https://www.openwall.com/lists/oss-security/2022/01/25/14

2021 cve-reports-writeups

CVE-ID writeups
CVE-2014-3153 https://elongl.github.io/exploitation/2021/01/08/cve-2014-3153.html
CVE-2021-1647 https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-1647.html
CVE-2021-3156 https://github.com/r4j0x00/exploits/blob/master/CVE-2021-3156/exploit.c
CVE-2021-20226 https://www.zerodayinitiative.com/blog/2021/4/22/cve-2021-20226-a-reference-counting-bug-in-the-linux-kernel-iouring-subsystem
CVE-2021-1732 https://www.yuque.com/posec/public/qvzr6g
CVE-2021-1782(IOS) https://www.synacktiv.com/en/publications/analysis-and-exploitation-of-the-ios-kernel-vulnerability-cve-2021-1782.html
CVE-2021–30657 https://cedowens.medium.com/macos-gatekeeper-bypass-2021-edition-5256a2955508
CVE-2021-30747(MacOS) https://m1racles.com/
CVE-2021-28476(Windows) https://labs.bluefrostsecurity.de/advisories/bfs-sa-2021-001/
CVE-2021-3492(Ubuntu) https://www.synacktiv.com/publications/exploitation-of-a-double-free-vulnerability-in-ubuntu-shiftfs-driver-cve-2021-3492.html
CVE-2021-22555(Linux Kernel) https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html
CVE-2021-33909(Linux eBPF) https://www.qualys.com/2021/07/20/cve-2021-33909/sequoia-local-privilege-escalation-linux.txt
CVE-2021-30807(MacOSX&iOS Panic) https://saaramar.github.io/IOMobileFrameBuffer_LPE_POC/
CVE-2021-3490(Ubuntu eBPF) https://www.graplsecurity.com/post/kernel-pwning-with-ebpf-a-love-story
CVE-2021-26084(Atlassian Confluence Server) https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md
CVE-2021-44733(Linux TEE subsystem UAF) https://github.com/pjlantz/optee-qemu
CVE-2021-30916(macOS,iOS) https://www.cyberkl.com/cvelist/cvedetail/33
CVE-2021-30909(macOS,iOS) https://www.cyberkl.com/cvelist/cvedetail/38
CVE-2021-30907(IOS) https://www.cyberkl.com/cvelist/cvedetail/42
CVE-2021-30970(MacOS) https://www.microsoft.com/security/blog/2022/01/10/new-macos-vulnerability-powerdir-could-lead-to-unauthorized-user-data-access/

2020 cve-reports-writeups

CVE-ID writeups
CVE-2020-25577 https://blog.quarkslab.com/bad-neighbor-on-freebsd-ipv6-router-advertisement-vulnerabilities-in-rtsold-cve-2020-25577.html
CVE-2020-24490,CVE-2020-12352,CVE-2020-12351 https://google.github.io/security-research/pocs/linux/bleedingtooth/writeup.html
CVE-2020-16040 https://github.com/r4j0x00/exploits/blob/master/CVE-2020-16040/exploit.js
CVE-2020-6507 https://github.com/r4j0x00/exploits/blob/master/chrome-exploit/exploit.js
CVE-2020-10367 https://naehrdine.blogspot.com/2021/04/bluetooth-wi-fi-code-execution-wi-fi.html
CVE-2020-27950(IOS) https://www.synacktiv.com/en/publications/ios-1-day-hunting-uncovering-and-exploiting-cve-2020-27950-kernel-memory-leak.html

CVE-PoCs

CVE-ID poc links Topic
CVE-2021-27905 https://github.com/Henry4E36/Solr-SSRF Apache Solr SSRF
CVE-2021-26814 https://github.com/WickdDavid/CVE-2021-26814 A simple python PoC to exploit CVE-2021-26814 and gain RCE on Wazuh Manager (v.4.0.0-4.0.3) through the API service
CVE-2021-21985 https://github.com/xnianq/cve-2021-21985_exp vSphere Client (HTML5) RCE

Non-CVE-Writeups

Exploit-Time Title Reference
2020 Zero click vulnerability in Apple’s macOS Mail https://mikko-kenttala.medium.com/zero-click-vulnerability-in-apples-macos-mail-59e0c14b106c
2021 A new JavaScript-based attack-SMASH https://www.vusec.net/projects/smash/
2021(CVE-2021-30657 Deeper Analysis) All Your Macs Are Belong To Us bypassing macOS's file quarantine, gatekeeper, and notarization requirements https://objective-see.com/blog/blog_0x64.html
2021 Patch Gapping a Safari Type Confusion(IOS) https://blog.theori.io/research/webkit-type-confusion/
2021 WebKit RCE on ios 14.1(IOS) https://gist.github.com/ujin5/6b9a32eedc5a39d714a3a72f06efffe5
2021 IOS Jitterbug(IOS Function) https://github.com/osy/Jitterbug
2021 Zoom RCE from Pwn2Own 2021 https://sector7.computest.nl/post/2021-08-zoom/
2021 Apache Dubbo: All roads lead to RCE https://securitylab.github.com/research/apache-dubbo/

About

My Personal Reading lists for CVE Writeups

Resources

Readme
Activity

Stars

32 stars

Watchers

1 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages