ManhNDd

4 exploits Active since Jun 2019
CVE-2019-19012 NOMISEC CRITICAL WORKING POC
Oniguruma <6.9.4_rc2 - Memory Corruption
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression.
4 stars
CVSS 9.8
CVE-2019-6329 NOMISEC HIGH WORKING POC
HP Support Assistant <8.7.50 - Privilege Escalation
HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6328.
4 stars
CVSS 7.8
CVE-2019-19203 NOMISEC HIGH WORKING POC
Oniguruma 6.x <6.9.4_rc2 - Memory Corruption
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read.
3 stars
CVSS 7.5
CVE-2019-19204 NOMISEC HIGH WORKING POC
Oniguruma <6.9.4_rc2 - Buffer Overflow
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read.
3 stars
CVSS 7.5