Cody Winkler

5 exploits Active since Dec 2019
CVE-2019-19383 NOMISEC HIGH WORKING POC
freeFTPd 1.0.8 - Post-Authentication Buffer Overflow via SIZE Command
freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a crafted SIZE command (this is exploitable even if logging is disabled).
CVSS 8.8
CVE-2020-37011 EXPLOITDB HIGH python WORKING POC
Gnome Fonts Viewer 3.34.0 - Memory Corruption
Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file. Attackers can generate a specially crafted TTF file with an oversized pattern to exhaust memory through repeated malloc() calls and potentially crash the gnome-font-viewer process.
CVSS 7.5
CVE-2019-19943 EXPLOITDB HIGH python WORKING POC
Pablo Quick 'n Easy Web Server < 3.3.8 - Unauthenticated Heap Memory Corruption via Host/Domain Parameter
The HTTP service in quickweb.exe in Pablo Quick 'n Easy Web Server 3.3.8 allows Remote Unauthenticated Heap Memory Corruption via a large host or domain parameter. It may be possible to achieve remote code execution because of a double free.
CVSS 7.5
CVE-2020-7209 METASPLOIT CRITICAL ruby WORKING POC
HP LinuxKI < 6.0-2 - Remote Code Execution
LinuxKI v6.0-1 and earlier is vulnerable to an remote code execution which is resolved in release 6.0-2.
CVSS 9.8
CVE-2020-7209 EXPLOITDB CRITICAL text WORKING POC
HP LinuxKI < 6.0-2 - Remote Code Execution
LinuxKI v6.0-1 and earlier is vulnerable to an remote code execution which is resolved in release 6.0-2.
CVSS 9.8