FunPhishing

3 exploits Active since Dec 2020
CVE-2021-3129 NOMISEC CRITICAL WORKING POC
Ignition < 2.5.2 - Unauthenticated Remote Code Execution via file_get_contents() and file_put_contents()
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
2 stars
CVSS 9.8
CVE-2021-24096 NOMISEC HIGH STUB
Windows 10 and Windows Server 2016/2019 - Elevation of Privilege
Windows Kernel Elevation of Privilege Vulnerability
2 stars
CVSS 7.8
CVE-2020-27930 NOMISEC HIGH NO CODE
iPadOS < 14.2 - Remote Code Execution via Maliciously Crafted Font
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. Processing a maliciously crafted font may lead to arbitrary code execution.
CVSS 7.8