Ridter

17 exploits Active since Nov 2017
CVE-2021-42278 NOMISEC HIGH WORKING POC
Active Directory Domain Services - Privilege Escalation
Active Directory Domain Services Elevation of Privilege Vulnerability
975 stars
CVSS 7.5
CVE-2017-11882 NOMISEC HIGH WORKING POC
Microsoft Office CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
538 stars
CVSS 7.8
CVE-2018-20250 NOMISEC HIGH WORKING POC
WinRAR <= 5.61 - Path Traversal and Remote Code Execution via ACE Filename Field
In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.
495 stars
CVSS 7.8
CVE-2018-8581 NOMISEC HIGH WORKING POC
Microsoft Exchange Server - Privilege Escalation
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
375 stars
CVSS 7.4
CVE-2020-0688 NOMISEC HIGH WORKING POC
Microsoft Exchange Server - Remote Code Execution via Memory Corruption
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.
330 stars
CVSS 8.8
CVE-2019-1040 NOMISEC MEDIUM WORKING POC
Microsoft Windows - Privilege Escalation
A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. To exploit this vulnerability, the attacker would need to tamper with the NTLM exchange. The attacker could then modify flags of the NTLM packet without invalidating the signature. The update addresses the vulnerability by hardening NTLM MIC protection on the server-side.
253 stars
CVSS 5.3
CVE-2018-15982 NOMISEC HIGH WORKING POC
Adobe Flash Player < 31.0.0.153 - Use-After-Free
Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
181 stars
CVSS 7.8
CVE-2018-0802 NOMISEC HIGH WORKING POC
Microsoft Office Equation Editor - Remote Code Execution via Memory Corruption
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.
167 stars
CVSS 7.8
CVE-2017-11882 NOMISEC HIGH WORKING POC
Microsoft Office CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
167 stars
CVSS 7.8
CVE-2019-1040 NOMISEC MEDIUM WORKING POC
Microsoft Windows - Privilege Escalation
A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. To exploit this vulnerability, the attacker would need to tamper with the NTLM exchange. The attacker could then modify flags of the NTLM packet without invalidating the signature. The update addresses the vulnerability by hardening NTLM MIC protection on the server-side.
33 stars
CVSS 5.3
CVE-2018-15982 NOMISEC HIGH WORKING POC
Adobe Flash Player < 31.0.0.153 - Use-After-Free
Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
29 stars
CVSS 7.8
CVE-2018-20250 NOMISEC HIGH WORKING POC
WinRAR <= 5.61 - Path Traversal and Remote Code Execution via ACE Filename Field
In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.
1 stars
CVSS 7.8
CVE-2018-20250 NOMISEC HIGH WORKING POC
WinRAR <= 5.61 - Path Traversal and Remote Code Execution via ACE Filename Field
In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.
CVSS 7.8
CVE-2018-20250 NOMISEC HIGH WORKING POC
WinRAR <= 5.61 - Path Traversal and Remote Code Execution via ACE Filename Field
In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.
CVSS 7.8
CVE-2018-20250 NOMISEC HIGH WORKING POC
WinRAR <= 5.61 - Path Traversal and Remote Code Execution via ACE Filename Field
In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.
CVSS 7.8
CVE-2019-1040 PATCHAPALOOZA MEDIUM WORKING POC
Microsoft Windows - Privilege Escalation
A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. To exploit this vulnerability, the attacker would need to tamper with the NTLM exchange. The attacker could then modify flags of the NTLM packet without invalidating the signature. The update addresses the vulnerability by hardening NTLM MIC protection on the server-side.
CVSS 5.3
CVE-2021-42287 PATCHAPALOOZA HIGH WORKING POC
Active Directory Domain Services - Privilege Escalation
Active Directory Domain Services Elevation of Privilege Vulnerability
CVSS 7.5