Halcy0nic

14 exploits Active since Jul 2022
CVE-2023-40294 NOMISEC MEDIUM WRITEUP
0branch Boron - Out-of-Bounds Write
libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_parseBlockI at i_parse_blk.c.
2 stars
CVSS 6.5
CVE-2022-44311 NOMISEC HIGH WRITEUP
html2xhtml v1.3 - Memory Corruption
html2xhtml v1.3 was discovered to contain an Out-Of-Bounds read in the function static void elm_close(tree_node_t *nodo) at procesador.c. This vulnerability allows attackers to access sensitive files or cause a Denial of Service (DoS) via a crafted html file.
2 stars
CVSS 8.1
CVE-2022-36234 NOMISEC HIGH WORKING POC
SimpleNetwork TCP Server - Memory Corruption
SimpleNetwork TCP Server commit 29bc615f0d9910eb2f59aa8dff1f54f0e3af4496 was discovered to contain a double free vulnerability which is exploited via crafted TCP packets.
2 stars
CVSS 7.5
CVE-2023-40296 NOMISEC HIGH WRITEUP
Eminfedar Async-sockets-cpp < 0.3.1 - Out-of-Bounds Write
async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in ReceiveFrom and Receive in udpsocket.hpp when processing malformed UDP packets.
1 stars
CVSS 7.5
CVE-2023-38434 NOMISEC HIGH WORKING POC
xHTTP <72f812d - Use After Free
xHTTP 72f812d has a double free in close_connection in xhttp.c via a malformed HTTP request method.
1 stars
CVSS 7.5
CVE-2023-38632 NOMISEC CRITICAL WRITEUP
async-sockets-cpp <0.3.1 - Buffer Overflow
async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in tcpsocket.hpp when processing malformed TCP packets.
1 stars
CVSS 9.8
CVE-2022-44311 NOMISEC HIGH WORKING POC
html2xhtml v1.3 - Memory Corruption
html2xhtml v1.3 was discovered to contain an Out-Of-Bounds read in the function static void elm_close(tree_node_t *nodo) at procesador.c. This vulnerability allows attackers to access sensitive files or cause a Denial of Service (DoS) via a crafted html file.
1 stars
CVSS 8.1
CVE-2022-36752 NOMISEC MEDIUM WRITEUP
Png2webp - Out-of-Bounds Write
png2webp v1.0.4 was discovered to contain an out-of-bounds write via the function w2p. This vulnerability is exploitable via a crafted png file.
1 stars
CVSS 5.5
CVE-2022-44312 NOMISEC MEDIUM WORKING POC
PicoC 3.2.2 - Buffer Overflow
PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceInteger function in expression.c when called from ExpressionInfixOperator.
1 stars
CVSS 5.5
CVE-2022-44318 NOMISEC MEDIUM WORKING POC
PicoC 3.2.2 - Buffer Overflow
PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StringStrcat function in cstdlib/string.c when called from ExpressionParseFunctionCall.
1 stars
CVSS 5.5
CVE-2022-34913 NOMISEC CRITICAL WORKING POC
Md2roff - Out-of-Bounds Write
md2roff 1.7 has a stack-based buffer overflow via a Markdown file containing a large number of consecutive characters to be processed. NOTE: the vendor's position is that the product is not intended for untrusted input
1 stars
CVSS 9.8
CVE-2022-34556 NOMISEC MEDIUM WORKING POC
Picoc - NULL Pointer Dereference
PicoC v3.2.2 was discovered to contain a NULL pointer dereference at variable.c.
1 stars
CVSS 5.5
CVE-2022-41220 NOMISEC CRITICAL WORKING POC
md2roff 1.9 - Buffer Overflow
md2roff 1.9 has a stack-based buffer overflow via a Markdown file, a different vulnerability than CVE-2022-34913. NOTE: the vendor's position is that the product is not intended for untrusted input
1 stars
CVSS 9.8
CVE-2022-43343 NOMISEC HIGH WORKING POC
N-Prolog v1.91 - Buffer Overflow
N-Prolog v1.91 was discovered to contain a global buffer overflow vulnerability in the function gettoken() at Main.c.
1 stars
CVSS 7.5