{"pocs":[{"id":"1269454939","cve_id":"CVE-2024-3094","name":"xz-backdoor-research","owner":"nnatsopoulos","full_name":"nnatsopoulos\/xz-backdoor-research","html_url":"https:\/\/github.com\/nnatsopoulos\/xz-backdoor-research","description":"CVE-2024-3094 XZ Utils backdoor research - attack surface visualiser, system vulnerability checker, and general Linux CVE assessment tool","stargazers_count":"0","vuln_description":"Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. The tarballs included extra .m4 files, which contained instructions for building with automake that did not exist in the repository. These instructions, through a series of complex obfuscations, extract a prebuilt object file from one of the test archives, which is then used to modify specific functions in the code while building the liblzma package. This issue results in liblzma being used by additional software, like sshd, to provide functionality that will be interpreted by the modified functions.","created_at":"2026-06-15 03:27:38","updated_at":"2026-06-15 03:33:15","pushed_at":"2026-06-15 03:33:11","inserted_at":"2026-06-15 04:36:43"},{"id":"1269389657","cve_id":"CVE-2026-42945","name":"CVE-2026-42945-Reverse-Shell-POC","owner":"sec-sys","full_name":"sec-sys\/CVE-2026-42945-Reverse-Shell-POC","html_url":"https:\/\/github.com\/sec-sys\/CVE-2026-42945-Reverse-Shell-POC","description":"Python RCE PoC with reverse-shell listener for CVE-2026-42945 (NGINX Rift)","stargazers_count":"0","vuln_description":"NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module\u00a0module. This vulnerability exists when the rewrite\u00a0directive is followed by a rewrite, if, or set\u00a0directive and an unnamed Perl-Compatible Regular Expression (PCRE) capture (for example, $1, $2) with a replacement string that includes a question mark (?). An unauthenticated attacker along with conditions beyond its control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, for systems with Address Space Layout Randomization (ASLR ) disabled, code execution is possible.\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.","created_at":"2026-06-15 01:49:12","updated_at":"2026-06-15 01:53:47","pushed_at":"2026-06-15 01:53:43","inserted_at":"2026-06-15 04:36:44"},{"id":"1269356827","cve_id":"CVE-2021-41773","name":"CVE-2021-41773-POC","owner":"fxdyx-a","full_name":"fxdyx-a\/CVE-2021-41773-POC","html_url":"https:\/\/github.com\/fxdyx-a\/CVE-2021-41773-POC","description":"Apache HTTP Server 2.4.49 Path Traversal Vulnerability Reproduction","stargazers_count":"0","vuln_description":"A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration \"require all denied\", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.","created_at":"2026-06-15 01:01:51","updated_at":"2026-06-15 01:26:56","pushed_at":"2026-06-15 01:26:53","inserted_at":"2026-06-15 04:36:42"}]}