LuHui

8 exploits Active since Feb 2023
CVE-2022-46440 WRITEUP MEDIUM WORKING POC
swftools 0.9.2 - Out-of-bounds Read via readU16 Function
ttftool v0.9.2 was discovered to contain a segmentation violation via the readU16 function at ttf.c.
CVSS 5.5
CVE-2023-27249 WRITEUP MEDIUM WORKING POC
swftools 0.9.2 - Heap Buffer Overflow in swf_GetPlaceObject
swfdump v0.9.2 was discovered to contain a heap buffer overflow in the function swf_GetPlaceObject at swfobject.c.
CVSS 5.5
CVE-2024-33763 WRITEUP HIGH WORKING POC
lunasvg 2.3.9 - Stack Buffer Underflow in LayoutContext
lunasvg v2.3.9 was discovered to contain a stack-buffer-underflow at lunasvg/source/layoutcontext.cpp.
CVSS 7.5
CVE-2024-33764 WRITEUP MEDIUM WORKING POC
lunasvg 2.3.9 - Stack Overflow in Element Handler
lunasvg v2.3.9 was discovered to contain a stack-overflow at lunasvg/source/element.h.
CVSS 5.5
CVE-2024-33766 WRITEUP MEDIUM WORKING POC
lunasvg 2.3.9 - Denial of Service via Floating Point Exception in blend_transformed_tiled_argb
lunasvg v2.3.9 was discovered to contain an FPE (Floating Point Exception) at blend_transformed_tiled_argb.isra.0.
CVSS 5.3
CVE-2024-33767 WRITEUP MEDIUM WORKING POC
lunasvg 2.3.9 - Out-of-bounds Read in composition_solid_source
lunasvg v2.3.9 was discovered to contain a segmentation violation via the component composition_solid_source.
CVSS 5.0
CVE-2024-33768 WRITEUP CRITICAL WORKING POC
lunasvg 2.3.9 - Segmentation Violation in composition_solid_source_over
lunasvg v2.3.9 was discovered to contain a segmentation violation via the component composition_solid_source_over.
CVSS 9.8
CVE-2025-4471 WRITEUP MEDIUM STUB
Jewellery Store Management System 1.0 - Stack-Based Buffer Overflow in Search Item View
A vulnerability, which was classified as critical, has been found in code-projects Jewelery Store Management system 1.0. Affected by this issue is some unknown functionality of the component Search Item View. The manipulation of the argument str2 leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
CVSS 5.3