ImuSpirit

5 exploits Active since Nov 2021
CVE-2023-46604 NOMISEC CRITICAL WORKING POC
Java OpenWire - Deserialization RCE
The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.
63 stars
CVSS 10.0
CVE-2023-51467 NOMISEC CRITICAL WORKING POC
Apache OFBiz XML-RPC Java Deserialization
The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code
39 stars
CVSS 9.8
CVE-2023-51467 NOMISEC CRITICAL WORKING POC
Apache OFBiz XML-RPC Java Deserialization
The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code
4 stars
CVSS 9.8
CVE-2021-38666 NOMISEC HIGH
Remote Desktop Client - RCE
Remote Desktop Client Remote Code Execution Vulnerability
CVSS 8.8
CVE-2021-41351 NOMISEC MEDIUM STUB
Microsoft Edge < - SSRF
Microsoft Edge (Chrome based) Spoofing on IE Mode
CVSS 4.3