NattiSamson

2 exploits Active since Feb 2021

CVE-2021-35211 NOMISEC CRITICAL WORKING POC

SolarWinds Serv-U <15.2.3 HF2 - RCE

Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability.

12 stars

CVSS 9.0

View Code

CVE-2021-21042 NOMISEC MEDIUM STUB

Adobe Acrobat < 17.011.30188 - Out-of-Bounds Read

Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to arbitrary disclosure of information in the memory stack. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

3 stars

CVSS 6.5

View Code