Vincent Bernat

5 exploits Active since Jul 2014
CVE-2015-3456 NOMISEC WORKING POC
QEMU < 2.3.0 - Memory Corruption via Floppy Disk Controller Commands
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.
12 stars
CVE-2015-8012 WRITEUP HIGH WRITEUP
lldpd < 0.8.0 - Denial of Service via Malformed Packet
lldpd before 0.8.0 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via a malformed packet.
CVSS 7.5
CVE-2014-4168 WRITEUP WRITEUP
iodine < 0.7.0 - Authentication Bypass via Error Handling
(1) iodined.c and (2) user.c in iodine before 0.7.0 allows remote attackers to bypass authentication by continuing execution after an error has been triggering.
CVE-2021-43612 WRITEUP HIGH WRITEUP
lldpd < 1.0.13 - Out-of-bounds Write via SONMP Packet Decoding
In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.
CVSS 7.5
CVE-2023-41910 WRITEUP CRITICAL WRITEUP
lldpd < 1.0.17 - Out-of-bounds Read in CDP PDU Packet Handling
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdp_decode in daemon/protocols/cdp.c.
CVSS 9.8