Gather and update all available and newest CVEs with their PoC.

CVE-2023-38831 is a Zero-day WinRAR vulnerability that lets attackers disguise malicious files in archives, tricking users into executing harmful content.

ProDark is an adware campaign released to the public as a simple dark theme extension, but what does it really do?

This vulnerability displays an XSS flaw in a WordPress popup plugin, allowing attackers to inject malicious JavaScript through a stored XSS

Proof Of Concept for CVE-2023-21716 Microsoft Word Heap Corruption

CVE-2024-11972 in Hunk Companion <1.9.0 allows unauthenticated attackers to exploit insecure REST API endpoints and install vulnerable plugins, risking RCE, SQLi, XSS, and backdoors.

CVE-2024-43451 is a Windows NTLM vulnerability that allows an attacker to force authentication and capture NTLM hashes by using malicious shortcuts.

recently found exploit allows malicious websites to bypass browser security and interact with services running locally on the host