Matteo Malvica

16 exploits Active since Feb 2018
CVE-2020-17382 NOMISEC HIGH WORKING POC
MSI AmbientLink MsIo64 driver 1.0.0.8 - Buffer Overflow
The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x80102040, 0x80102044, 0x80102050,and 0x80102054).
115 stars
CVSS 7.8
CVE-2020-5752 NOMISEC HIGH WORKING POC
Druva inSync inSyncCPHwnet64.exe RPC Type 5 Privilege Escalation
Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges.
4 stars
CVSS 7.8
CVE-2019-25679 EXPLOITDB HIGH python WORKING POC
RealTerm Serial Terminal 2.0.0.70 Buffer Overflow SEH
RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling (SEH) buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain and shellcode that triggers code execution when pasted into the Port field and the Change button is clicked.
CVSS 7.8
CVE-2020-5752 METASPLOIT HIGH ruby WORKING POC
Druva inSync inSyncCPHwnet64.exe RPC Type 5 Privilege Escalation
Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges.
CVSS 7.8
EIP-2026-119521 EXPLOITDB python WORKING POC
CuteFTP 5.0 - Buffer Overflow
EIP-2026-119438 EXPLOITDB python WORKING POC
Splunk Enterprise 7.2.4 - Custom App Remote Command Execution (Persistent Backdoor / Custom Binary)
EIP-2026-119632 EXPLOITDB python WORKING POC
Free MP3 CD Ripper 2.8 - '.wma' Buffer Overflow (SEH) (DEP Bypass)
EIP-2026-119633 EXPLOITDB python WORKING POC
Free MP3 CD Ripper 2.8 - '.wma' Buffer Overflow (SEH) (DEP Bypass)
CVE-2018-6892 EXPLOITDB CRITICAL python WORKING POC
Cloudme Sync < 1.10.9 - Memory Corruption
An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution.
CVSS 9.8
EIP-2026-117858 EXPLOITDB python WORKING POC
River Past Audio Converter 7.7.16 - Buffer Overflow (SEH)
EIP-2026-117859 EXPLOITDB python WORKING POC
River Past Audio Converter 7.7.16 - Buffer Overflow (SEH)
CVE-2020-17382 EXPLOITDB HIGH c WORKING POC
MSI AmbientLink MsIo64 driver 1.0.0.8 - Buffer Overflow
The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x80102040, 0x80102044, 0x80102050,and 0x80102054).
CVSS 7.8
EIP-2026-116788 EXPLOITDB python WORKING POC
AnyBurn 4.3 - Local Buffer Overflow (SEH)
CVE-2020-5752 EXPLOITDB HIGH powershell WORKING POC
Druva inSync inSyncCPHwnet64.exe RPC Type 5 Privilege Escalation
Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges.
CVSS 7.8
EIP-2026-116787 EXPLOITDB python WORKING POC
AnyBurn 4.3 - Local Buffer Overflow (SEH)
CVE-2020-5752 EXPLOITDB HIGH text WORKING POC
Druva inSync inSyncCPHwnet64.exe RPC Type 5 Privilege Escalation
Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges.
CVSS 7.8