ByteHackr

9 exploits Active since Feb 2022
CVE-2022-0853 NOMISEC HIGH WRITEUP
Red Hat Decision Manager - Memory Leak via UserTransaction
A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability.
9 stars
CVSS 7.5
CVE-2022-0725 NOMISEC HIGH WRITEUP
KeePass - Information Exposure via Plain Text Password Logging
A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs.
4 stars
CVSS 7.5
CVE-2022-0529 NOMISEC MEDIUM WORKING POC
Unzip - Heap-Based Buffer Overflow via Crafted Zip File
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
3 stars
CVSS 5.5
CVE-2022-0853 GITLAB HIGH WRITEUP
Red Hat Decision Manager - Memory Leak via UserTransaction
A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability.
CVSS 7.5
CVE-2022-0725 GITLAB HIGH WORKING POC
KeePass - Information Exposure via Plain Text Password Logging
A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs.
CVSS 7.5
CVE-2022-0529 GITLAB MEDIUM WORKING POC
Unzip - Heap-Based Buffer Overflow via Crafted Zip File
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
CVSS 5.5
CVE-2022-0530 GITLAB MEDIUM WORKING POC
Unzip - Heap-Based Buffer Overflow via Wide String Conversion
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
CVSS 5.5
CVE-2023-44487 NOMISEC HIGH SCANNER
HTTP/2 - Denial of Service via Rapid Stream Reset
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVSS 7.5
CVE-2022-0996 WRITEUP MEDIUM WORKING POC
389 Directory Server - Improper Authentication via Expired Password Bypass
A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication.
CVSS 6.5