Clément Lecigne

5 exploits Active since Feb 2009
CVE-2020-6418 METASPLOIT HIGH ruby WORKING POC
Google Chrome <80.0.3987.122 - Heap Corruption
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS 8.8
CVE-2019-0808 METASPLOIT HIGH ruby WORKING POC
Windows - Privilege Escalation
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.
CVSS 7.8
CVE-2020-6418 EXPLOITDB HIGH ruby WORKING POC
Google Chrome <80.0.3987.122 - Heap Corruption
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS 8.8
CVE-2009-3002 EXPLOITDB c WORKING POC
Linux Kernel < 2.6.31 - Information Disclosure
The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on (1) an AF_APPLETALK socket, related to the atalk_getname function in net/appletalk/ddp.c; (2) an AF_IRDA socket, related to the irda_getname function in net/irda/af_irda.c; (3) an AF_ECONET socket, related to the econet_getname function in net/econet/af_econet.c; (4) an AF_NETROM socket, related to the nr_getname function in net/netrom/af_netrom.c; (5) an AF_ROSE socket, related to the rose_getname function in net/rose/af_rose.c; or (6) a raw CAN socket, related to the raw_getname function in net/can/raw.c.
CVE-2009-0676 EXPLOITDB c WORKING POC
Linux <2.6.28.6 - Info Disclosure
The sock_getsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request.