ByteHackr

9 exploits Active since Feb 2022
CVE-2022-0853 NOMISEC HIGH WRITEUP
Redhat Descision Manager - Memory Leak
A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability.
9 stars
CVSS 7.5
CVE-2022-0725 NOMISEC HIGH WRITEUP
KeePass - Info Disclosure
A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs.
4 stars
CVSS 7.5
CVE-2022-0529 NOMISEC MEDIUM WORKING POC
Unzip - Memory Corruption
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
3 stars
CVSS 5.5
CVE-2022-0853 GITLAB HIGH WRITEUP
Redhat Descision Manager - Memory Leak
A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability.
CVSS 7.5
CVE-2022-0725 GITLAB HIGH WORKING POC
KeePass - Info Disclosure
A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs.
CVSS 7.5
CVE-2022-0529 GITLAB MEDIUM WORKING POC
Unzip - Memory Corruption
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
CVSS 5.5
CVE-2022-0530 GITLAB MEDIUM WORKING POC
Unzip - Memory Corruption
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
CVSS 5.5
CVE-2023-44487 NOMISEC HIGH SCANNER
Ietf HTTP < 1.57.0 - Denial of Service
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVSS 7.5
CVE-2022-0996 WRITEUP MEDIUM WORKING POC
Redhat 389 Directory Server - Authentication Bypass
A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication.
CVSS 6.5