Syfi2k - Security Researcher - Exploit Intelligence Platform

CVE-2017-0199 NOMISEC HIGH SUSPICIOUS

Microsoft Office Word Malicious Hta Execution

Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API."

12 stars

CVSS 7.8

View Code

CVE-2018-4878 NOMISEC HIGH WORKING POC

Adobe Flash Player < 28.0.0.161 - Use-After-Free in Primetime SDK Media Player Listener Handling

A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.

8 stars

CVSS 7.8

View Code

CVE-2018-15982 NOMISEC HIGH WORKING POC

Adobe Flash Player < 31.0.0.153 - Use-After-Free

Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

5 stars

CVSS 7.8

View Code

CVE-2018-8172 NOMISEC HIGH WRITEUP

Expression Blend 4 - Remote Code Execution via Unbuilt Project File

A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio, Expression Blend 4.

3 stars

CVSS 7.8

View Code

CVE-2018-8172 GITLAB HIGH SUSPICIOUS

Expression Blend 4 - Remote Code Execution via Unbuilt Project File

A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio, Expression Blend 4.

CVSS 7.8

View Code

CVE-2018-4878 GITLAB HIGH WORKING POC

Adobe Flash Player < 28.0.0.161 - Use-After-Free in Primetime SDK Media Player Listener Handling

A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.

CVSS 7.8

View Code

CVE-2018-15982 GITLAB HIGH SUSPICIOUS

Adobe Flash Player < 31.0.0.153 - Use-After-Free

Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

CVSS 7.8

View Code

CVE-2018-4878 EXPLOITDB HIGH python WORKING POC

Adobe Flash Player < 28.0.0.161 - Use-After-Free in Primetime SDK Media Player Listener Handling

A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.

CVSS 7.8

View Code