CyprianAtsyor

5 exploits Active since Oct 2022
CVE-2025-53770 NOMISEC CRITICAL WRITEUP
Microsoft SharePoint Server - Code Injection
Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild. Microsoft is preparing and fully testing a comprehensive update to address this vulnerability. In the meantime, please make sure that the mitigation provided in this CVE documentation is in place so that you are protected from exploitation.
CVSS 9.8
CVE-2024-49138 NOMISEC HIGH WRITEUP
Windows Common Log File System Driver - Elevation of Privilege via Heap-based Buffer Overflow
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2024-3400 NOMISEC CRITICAL WRITEUP
Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.
CVSS 10.0
CVE-2024-24919 NOMISEC HIGH WRITEUP
Check Point Quantum Gateway - Information Disclosure
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
CVSS 8.6
CVE-2022-41082 NOMISEC HIGH WRITEUP
Microsoft Exchange Server - Remote Code Execution via Untrusted Data Deserialization
Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS 8.0