Mark Mallia

13 exploits Active since Mar 2024
CVE-2025-26686 NOMISEC HIGH WRITEUP
Windows TCP/IP < - Memory Corruption
Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network.
32 stars
CVSS 7.5
CVE-2025-59287 GITHUB CRITICAL WORKING POC
Microsoft Windows Server 2012 - Insecure Deserialization
Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
4 stars
CVSS 9.8
CVE-2025-54918 NOMISEC HIGH WRITEUP
Microsoft Windows 10 1507 < 10.0.10240.21128 - Authentication Bypass
Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.
4 stars
CVSS 8.8
CVE-2025-62215 NOMISEC HIGH WORKING POC
Microsoft Windows 10 1809 < 10.0.17763.8027 - Race Condition
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.
3 stars
CVSS 7.0
CVE-2025-42957 NOMISEC CRITICAL WORKING POC
SAP S/4HANA - Code Injection
SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating the risk of full system compromise, undermining the confidentiality, integrity and availability of the system.
3 stars
CVSS 9.9
CVE-2025-23266 NOMISEC CRITICAL WRITEUP
Nvidia-container-toolkit < 1.17.8 - Untrusted Search Path
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.
2 stars
CVSS 9.0
CVE-2024-3094 NOMISEC CRITICAL WRITEUP
xz <5.6.0 - Code Injection
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library.
2 stars
CVSS 10.0
CVE-2025-54914 NOMISEC CRITICAL WORKING POC
Microsoft Azure Networking - Improper Access Control
Azure Networking Elevation of Privilege Vulnerability
1 stars
CVSS 10.0
CVE-2025-55234 NOMISEC HIGH WRITEUP
SMB Server - Privilege Escalation
SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against relay attacks: SMB Server signing SMB Server Extended Protection for Authentication (EPA) Microsoft is releasing this CVE to provide customers with audit capabilities to help them to assess their environment and to identify any potential device or software incompatibility issues before deploying SMB Server hardening measures that protect against relay attacks. If you have not already enabled SMB Server hardening measures, we advise customers to take the following actions to be protected from these relay attacks: Assess your environment by utilizing the audit capabilities that we are exposing in the September 2025 security updates. See Support for Audit Events to deploy SMB Server Hardening—SMB Server Signing &amp; SMB Server EPA. Adopt appropriate SMB Server hardening measures.
1 stars
CVSS 8.8
CVE-2025-55234 NOMISEC HIGH WRITEUP
SMB Server - Privilege Escalation
SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against relay attacks: SMB Server signing SMB Server Extended Protection for Authentication (EPA) Microsoft is releasing this CVE to provide customers with audit capabilities to help them to assess their environment and to identify any potential device or software incompatibility issues before deploying SMB Server hardening measures that protect against relay attacks. If you have not already enabled SMB Server hardening measures, we advise customers to take the following actions to be protected from these relay attacks: Assess your environment by utilizing the audit capabilities that we are exposing in the September 2025 security updates. See Support for Audit Events to deploy SMB Server Hardening—SMB Server Signing &amp; SMB Server EPA. Adopt appropriate SMB Server hardening measures.
1 stars
CVSS 8.8
CVE-2025-59359 NOMISEC CRITICAL WRITEUP
Chaos-mesh Chaos Mesh < 2.7.3 - OS Command Injection
The cleanTcs mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster.
1 stars
CVSS 9.8
CVE-2025-27480 NOMISEC HIGH WORKING POC
Remote Desktop Gateway Service - Use After Free
Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
1 stars
CVSS 8.1
CVE-2024-10220 NOMISEC HIGH WRITEUP
Kubernetes <1.28.11, 1.29.0-1.29.6, 1.30.0-1.30.2 - Command Injection
The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2.
1 stars
CVSS 8.1