Halcy0nic

14 exploits Active since Jul 2022
CVE-2023-40294 NOMISEC MEDIUM WRITEUP
0branch boron 2.0.8 - Heap-Based Buffer Overflow in ur_parseBlockI
libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_parseBlockI at i_parse_blk.c.
2 stars
CVSS 6.5
CVE-2022-44311 NOMISEC HIGH WRITEUP
html2xhtml v1.3 - Memory Corruption
html2xhtml v1.3 was discovered to contain an Out-Of-Bounds read in the function static void elm_close(tree_node_t *nodo) at procesador.c. This vulnerability allows attackers to access sensitive files or cause a Denial of Service (DoS) via a crafted html file.
2 stars
CVSS 8.1
CVE-2022-36234 NOMISEC HIGH WORKING POC
SimpleNetwork TCP Server - Memory Corruption
SimpleNetwork TCP Server commit 29bc615f0d9910eb2f59aa8dff1f54f0e3af4496 was discovered to contain a double free vulnerability which is exploited via crafted TCP packets.
2 stars
CVSS 7.5
CVE-2023-40296 NOMISEC HIGH WRITEUP
async-sockets-cpp <= 0.3.1 - Stack-based Buffer Overflow in UDP Packet Processing
async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in ReceiveFrom and Receive in udpsocket.hpp when processing malformed UDP packets.
1 stars
CVSS 7.5
CVE-2023-38434 NOMISEC HIGH WORKING POC
xhttp 72f812d - Double Free in close_connection via Malformed HTTP Request Method
xHTTP 72f812d has a double free in close_connection in xhttp.c via a malformed HTTP request method.
1 stars
CVSS 7.5
CVE-2023-38632 NOMISEC CRITICAL WRITEUP
async-sockets-cpp <0.3.1 - Buffer Overflow
async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in tcpsocket.hpp when processing malformed TCP packets.
1 stars
CVSS 9.8
CVE-2022-44311 NOMISEC HIGH WORKING POC
html2xhtml v1.3 - Memory Corruption
html2xhtml v1.3 was discovered to contain an Out-Of-Bounds read in the function static void elm_close(tree_node_t *nodo) at procesador.c. This vulnerability allows attackers to access sensitive files or cause a Denial of Service (DoS) via a crafted html file.
1 stars
CVSS 8.1
CVE-2022-36752 NOMISEC MEDIUM WRITEUP
png2webp 1.0.4 - Out-of-bounds Write via w2p Function
png2webp v1.0.4 was discovered to contain an out-of-bounds write via the function w2p. This vulnerability is exploitable via a crafted png file.
1 stars
CVSS 5.5
CVE-2022-44312 NOMISEC MEDIUM WORKING POC
picoc 3.2.2 - Heap Buffer Overflow in ExpressionCoerceInteger
PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceInteger function in expression.c when called from ExpressionInfixOperator.
1 stars
CVSS 5.5
CVE-2022-44318 NOMISEC MEDIUM WORKING POC
picoc 3.2.2 - Heap Buffer Overflow in StringStrcat Function
PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StringStrcat function in cstdlib/string.c when called from ExpressionParseFunctionCall.
1 stars
CVSS 5.5
CVE-2022-34913 NOMISEC CRITICAL WORKING POC
md2roff 1.7 - Stack-based Buffer Overflow via Large Consecutive Character Input
md2roff 1.7 has a stack-based buffer overflow via a Markdown file containing a large number of consecutive characters to be processed. NOTE: the vendor's position is that the product is not intended for untrusted input
1 stars
CVSS 9.8
CVE-2022-34556 NOMISEC MEDIUM WORKING POC
picoc v3.2.2 - NULL Pointer Dereference in variable.c
PicoC v3.2.2 was discovered to contain a NULL pointer dereference at variable.c.
1 stars
CVSS 5.5
CVE-2022-41220 NOMISEC CRITICAL WORKING POC
md2roff 1.9 - Stack-based Buffer Overflow via Markdown File
md2roff 1.9 has a stack-based buffer overflow via a Markdown file, a different vulnerability than CVE-2022-34913. NOTE: the vendor's position is that the product is not intended for untrusted input
1 stars
CVSS 9.8
CVE-2022-43343 NOMISEC HIGH WORKING POC
N-Prolog 1.91 - Buffer Overflow in gettoken() Function
N-Prolog v1.91 was discovered to contain a global buffer overflow vulnerability in the function gettoken() at Main.c.
1 stars
CVSS 7.5