Malwareman007

15 exploits Active since Jan 2022
CVE-2023-21768 NOMISEC HIGH WORKING POC
Windows Ancillary Function Driver - Privilege Escalation
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
59 stars
CVSS 7.8
CVE-2022-30190 NOMISEC HIGH WORKING POC
Microsoft Office Word MSDTJS
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights. Please see the MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability.
38 stars
CVSS 7.8
CVE-2023-27326 NOMISEC HIGH WORKING POC
Parallels Desktop < 18.1.1 (53328) - Local Privilege Escalation via Toolgate Directory Traversal
Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. . Was ZDI-CAN-18933.
37 stars
CVSS 8.2
CVE-2022-36537 NOMISEC HIGH WORKING POC
ZK Framework <9.6.1 - Info Disclosure
ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader.
36 stars
CVSS 7.5
CVE-2022-21907 NOMISEC CRITICAL WORKING POC
Windows 10, 11, and Server - Remote Code Execution
HTTP Protocol Stack Remote Code Execution Vulnerability
17 stars
CVSS 9.8
CVE-2022-2274 NOMISEC CRITICAL WORKING POC
OpenSSL 3.0.4 - Remote Code Execution via RSA AVX512IFMA Memory Corruption
The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.
16 stars
CVSS 9.8
CVE-2022-30206 NOMISEC HIGH WORKING POC
Windows Print Spooler - Privilege Escalation
Windows Print Spooler Elevation of Privilege Vulnerability
15 stars
CVSS 7.8
CVE-2022-21970 NOMISEC MEDIUM WRITEUP
Microsoft Edge < - Privilege Escalation
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
14 stars
CVSS 6.1
CVE-2022-26937 NOMISEC CRITICAL WORKING POC
Windows Network File System < - RCE
Windows Network File System Remote Code Execution Vulnerability
14 stars
CVSS 9.8
CVE-2023-21608 NOMISEC HIGH WORKING POC
Adobe Acrobat Reader <22.003.20282 - Use After Free
Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
12 stars
CVSS 7.8
CVE-2022-21971 NOMISEC HIGH WORKING POC
Windows Runtime - Remote Code Execution via Uninitialized Pointer Access
Windows Runtime Remote Code Execution Vulnerability
11 stars
CVSS 7.8
CVE-2023-34362 NOMISEC CRITICAL WORKING POC
MOVEit SQL Injection vulnerability
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions.
10 stars
CVSS 9.8
CVE-2023-38831 NOMISEC HIGH WORKING POC
WinRAR CVE-2023-38831 Exploit
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
9 stars
CVSS 7.8
CVE-2023-20887 NOMISEC CRITICAL WORKING POC
VMWare Aria Operations for Networks (vRealize Network Insight) pre-authenticated RCE
Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution.
8 stars
CVSS 9.8
CVE-2022-2992 NOMISEC CRITICAL WORKING POC
GitLab GitHub Repo Import Deserialization RCE
A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint.
8 stars
CVSS 9.9