Clement Lecigne

4 exploits Active since Sep 2005
CVE-2023-0266 WRITEUP HIGH WRITEUP
Linux Kernel >=4.14 <4.14.303 - Use-After-Free in ALSA PCM via Missing Locks
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e
CVSS 7.9
CVE-2019-5786 METASPLOIT MEDIUM ruby WORKING POC
Google Chrome < 72.0.3626.121 - Use-After-Free in Blink via Crafted HTML Page
Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
CVSS 6.5
CVE-2019-5786 EXPLOITDB MEDIUM ruby WORKING POC
Google Chrome < 72.0.3626.121 - Use-After-Free in Blink via Crafted HTML Page
Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
CVSS 6.5
CVE-2005-2878 EXPLOITDB c WORKING POC
GNU Mailutils 0.6 - Authenticated Remote Code Execution via IMAP SEARCH Command Format String
Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command.