Imre Rad

8 exploits Active since Feb 2015
CVE-2020-1313 NOMISEC HIGH WORKING POC
Windows Update Orchestrator Service - Privilege Escalation
An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations, aka 'Windows Update Orchestrator Service Elevation of Privilege Vulnerability'.
125 stars
CVSS 7.8
CVE-2020-0728 NOMISEC MEDIUM WORKING POC
Windows 10 and Windows Server 2016/2019 - Information Disclosure via Modules Installer Service
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'.
47 stars
CVSS 5.5
CVE-2020-1967 NOMISEC HIGH WORKING POC
OpenSSL 1.1.1d-1.1.1f - Denial of Service via Invalid Signature Algorithm in TLS 1.3 Handshake
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).
20 stars
CVSS 7.5
CVE-2014-8757 NOMISEC WORKING POC
LG On-Screen Phone < 4.3.009 - Authentication Bypass
LG On-Screen Phone (OSP) before 4.3.010 allows remote attackers to bypass authorization via a crafted request.
15 stars
CVE-2022-20128 NOMISEC WORKING POC
Rejected
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
7 stars
CVE-2014-7952 WRITEUP HIGH WORKING POC
Android - Arbitrary Code Execution via ADB Backup APK Injection
The backup mechanism in the adb tool in Android might allow attackers to inject additional applications (APKs) and execute arbitrary code by leveraging failure to filter application data streams.
CVSS 7.8
CVE-2020-1313 METASPLOIT HIGH ruby WORKING POC
Windows Update Orchestrator Service - Privilege Escalation
An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations, aka 'Windows Update Orchestrator Service Elevation of Privilege Vulnerability'.
CVSS 7.8
CVE-2014-7951 EXPLOITDB MEDIUM text WRITEUP
Android 4.0.4 - Path Traversal and Arbitrary File Write via ADB Backup Tar Headers
Directory traversal vulnerability in the Android debug bridge (aka adb) in Android 4.0.4 allows physically proximate attackers with a direct connection to the target Android device to write to arbitrary files owned by system via a .. (dot dot) in the tar archive headers.
CVSS 4.6