Axel '0vercl0k' Souchet

16 exploits Active since Apr 2019
CVE-2021-31166 NOMISEC CRITICAL WORKING POC
Windows IIS HTTP Protocol Stack DOS
HTTP Protocol Stack Remote Code Execution Vulnerability
829 stars
CVSS 9.8
CVE-2019-11708 NOMISEC CRITICAL WORKING POC
Firefox ESR < 60.7.2, Firefox < 67.0.4, Thunderbird < 60.7.2 - RCE
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer. This vulnerability affects Firefox ESR < 60.7.2, Firefox < 67.0.4, and Thunderbird < 60.7.2.
623 stars
CVSS 10.0
CVE-2021-24086 NOMISEC HIGH WORKING POC
Microsoft Windows 10 - Denial of Service
Windows TCP/IP Denial of Service Vulnerability
235 stars
CVSS 7.5
CVE-2021-28476 NOMISEC CRITICAL WORKING POC
Microsoft Windows 10 - Remote Code Execution
Windows Hyper-V Remote Code Execution Vulnerability
226 stars
CVSS 9.9
CVE-2021-31166 GITHUB CRITICAL python WORKING POC
Windows IIS HTTP Protocol Stack DOS
HTTP Protocol Stack Remote Code Execution Vulnerability
6 stars
CVSS 9.8
CVE-2021-24086 NOMISEC HIGH WORKING POC
Microsoft Windows 10 - Denial of Service
Windows TCP/IP Denial of Service Vulnerability
1 stars
CVSS 7.5
CVE-2021-31166 GITLAB CRITICAL WORKING POC
Windows IIS HTTP Protocol Stack DOS
HTTP Protocol Stack Remote Code Execution Vulnerability
CVSS 9.8
CVE-2021-31166 GITLAB CRITICAL WORKING POC
Windows IIS HTTP Protocol Stack DOS
HTTP Protocol Stack Remote Code Execution Vulnerability
CVSS 9.8
CVE-2021-28476 GITLAB CRITICAL WORKING POC
Microsoft Windows 10 - Remote Code Execution
Windows Hyper-V Remote Code Execution Vulnerability
CVSS 9.9
CVE-2019-9810 VULNCHECK_XDB HIGH WORKING POC
Firefox < 66.0.1 - Buffer Overflow
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
CVSS 8.8
CVE-2021-31166 PATCHAPALOOZA CRITICAL WORKING POC
Windows IIS HTTP Protocol Stack DOS
HTTP Protocol Stack Remote Code Execution Vulnerability
CVSS 9.8
CVE-2021-31166 PATCHAPALOOZA CRITICAL WORKING POC
Windows IIS HTTP Protocol Stack DOS
HTTP Protocol Stack Remote Code Execution Vulnerability
CVSS 9.8
CVE-2021-31166 PATCHAPALOOZA CRITICAL WORKING POC
Windows IIS HTTP Protocol Stack DOS
HTTP Protocol Stack Remote Code Execution Vulnerability
CVSS 9.8
CVE-2019-11708 EXPLOITDB CRITICAL javascript WORKING POC
Firefox ESR < 60.7.2, Firefox < 67.0.4, Thunderbird < 60.7.2 - RCE
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer. This vulnerability affects Firefox ESR < 60.7.2, Firefox < 67.0.4, and Thunderbird < 60.7.2.
CVSS 10.0
CVE-2019-9810 EXPLOITDB HIGH javascript WORKING POC
Firefox < 66.0.1 - Buffer Overflow
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
CVSS 8.8
CVE-2019-1184 EXPLOITDB MEDIUM WORKING POC
Windows Core Shell COM Server Registrar - Privilege Escalation
An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting unprotected COM calls.
CVSS 6.7