FeatherStark

3 exploits Active since Feb 2023
CVE-2023-21716 NOMISEC CRITICAL WRITEUP
Microsoft Word - Remote Code Execution via Integer Overflow
Microsoft Word Remote Code Execution Vulnerability
4 stars
CVSS 9.8
CVE-2024-21793 NOMISEC HIGH WORKING POC
F5 BIG-IP Next Central Manager 20.0.1-20.1.x - SQL Injection via OData API
An OData injection vulnerability exists in the BIG-IP Next Central Manager API (URI).  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS 7.5
CVE-2023-51385 NOMISEC MEDIUM NO CODE
OpenSSH < 9.6 - OS Command Injection via Shell Metacharacters in Username or Hostname
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
CVSS 6.5