Juampa Rodríguez (@UnD3sc0n0c1d0)

2 exploits Active since Sep 2020

CVE-2023-32784 NOMISEC HIGH WORKING POC

Keepass < 2.54 - Cleartext Transmission

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation.

6 stars

CVSS 7.5

View Code

CVE-2020-2038 NOMISEC HIGH WORKING POC

Palo Alto Networks Authenticated Remote Code Execution

An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 9.0 versions earlier than 9.0.10; PAN-OS 9.1 versions earlier than 9.1.4; PAN-OS 10.0 versions earlier than 10.0.1.

5 stars

CVSS 7.2

View Code