CTurt

5 exploits Active since May 2016
CVE-2020-13109 WRITEUP CRITICAL WORKING POC
Morita Shogi <2020-05-02 - RCE
Morita Shogi 64 through 2020-05-02 for Nintendo 64 devices allows remote attackers to execute arbitrary code via crafted packet data to the built-in modem because 0x800b3e94 (aka the IF subcommand to top-level command 7) has a stack-based buffer overflow.
CVSS 9.8
EIP-2026-101133 EXPLOITDB WORKING POC
Sony Playstation 4 (PS4) 3.15 < 3.55 - WebKit Code Execution (PoC)
EIP-2026-101135 EXPLOITDB WORKING POC
Sony Playstation 4 (PS4) 4.05 - 'Jailbreak' WebKit / 'NamedObj ' Kernel Loader
CVE-2016-1886 EXPLOITDB HIGH c WORKING POC
FreeBSD <9.3 p42, 10.1 p34, 10.2 p17, 10.3 p3 - Memory Corruption via SETFKEY ioctl
Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory overwrite and kernel crash), or gain privileges via a negative value in the flen structure member in the arg argument in a SETFKEY ioctl call, which triggers a "two way heap and stack overflow."
CVSS 7.8
CVE-2016-1887 EXPLOITDB HIGH c WORKING POC
FreeBSD <10.1p34, <10.2p17, <10.3p3 - DoS
Integer signedness error in the sockargs function in sys/kern/uipc_syscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service (memory overwrite and kernel panic) or gain privileges via a negative buflen argument, which triggers a heap-based buffer overflow.
CVSS 7.8