Imre Rad

8 exploits Active since Feb 2015
CVE-2020-1313 NOMISEC HIGH WORKING POC
Windows Update Orchestrator Service - Privilege Escalation
An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations, aka 'Windows Update Orchestrator Service Elevation of Privilege Vulnerability'.
125 stars
CVSS 7.8
CVE-2020-0728 NOMISEC MEDIUM WORKING POC
Microsoft Windows 10 - Information Disclosure
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'.
47 stars
CVSS 5.5
CVE-2020-1967 NOMISEC HIGH WORKING POC
Openssl < 1.1.1f - NULL Pointer Dereference
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).
20 stars
CVSS 7.5
CVE-2014-8757 NOMISEC WORKING POC
LG OSP <4.3.010 - Auth Bypass
LG On-Screen Phone (OSP) before 4.3.010 allows remote attackers to bypass authorization via a crafted request.
15 stars
CVE-2022-20128 NOMISEC WORKING POC
Rejected
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
7 stars
CVE-2014-7952 WRITEUP HIGH WORKING POC
Google Android - Injection
The backup mechanism in the adb tool in Android might allow attackers to inject additional applications (APKs) and execute arbitrary code by leveraging failure to filter application data streams.
CVSS 7.8
CVE-2020-1313 METASPLOIT HIGH ruby WORKING POC
Windows Update Orchestrator Service - Privilege Escalation
An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations, aka 'Windows Update Orchestrator Service Elevation of Privilege Vulnerability'.
CVSS 7.8
CVE-2014-7951 EXPLOITDB MEDIUM text WRITEUP
Google Android - Path Traversal
Directory traversal vulnerability in the Android debug bridge (aka adb) in Android 4.0.4 allows physically proximate attackers with a direct connection to the target Android device to write to arbitrary files owned by system via a .. (dot dot) in the tar archive headers.
CVSS 4.6