Almorabea

3 exploits Active since Mar 2020
CVE-2021-3560 NOMISEC HIGH WORKING POC
polkit < 0.119 - Unauthenticated Privilege Escalation via D-Bus Request
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
125 stars
CVSS 7.8
CVE-2020-0796 NOMISEC CRITICAL WORKING POC
Windows 10 1903/1909 and Windows Server 1903/1909 - Remote Code Execution via SMBv3 Compression Buffer Overflow
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.
20 stars
CVSS 10.0
CVE-2020-0796 NOMISEC CRITICAL SCANNER
Windows 10 1903/1909 and Windows Server 1903/1909 - Remote Code Execution via SMBv3 Compression Buffer Overflow
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.
CVSS 10.0