Vincent Bernat

4 exploits Active since Jul 2014
CVE-2015-3456 NOMISEC WORKING POC
QEMU - DoS
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.
12 stars
CVE-2014-4168 WRITEUP WRITEUP
iodine <0.7.0 - Auth Bypass
(1) iodined.c and (2) user.c in iodine before 0.7.0 allows remote attackers to bypass authentication by continuing execution after an error has been triggering.
CVE-2021-43612 WRITEUP HIGH WRITEUP
lldpd <1.0.13 - Memory Corruption
In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.
CVSS 7.5
CVE-2023-41910 WRITEUP CRITICAL WRITEUP
Lldpd < 1.0.17 - Out-of-Bounds Read
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdp_decode in daemon/protocols/cdp.c.
CVSS 9.8