b1tg

5 exploits Active since Nov 2018
CVE-2023-38831 NOMISEC HIGH WORKING POC
WinRAR CVE-2023-38831 Exploit
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
788 stars
CVSS 7.8
CVE-2023-38831 NOMISEC HIGH WORKING POC
WinRAR CVE-2023-38831 Exploit
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
11 stars
CVSS 7.8
CVE-2018-6065 NOMISEC HIGH WORKING POC
Google Chrome <65.0.3325.146 - Heap Corruption
Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
2 stars
CVSS 8.8
CVE-2023-38831 NOMISEC HIGH WORKING POC
WinRAR CVE-2023-38831 Exploit
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
CVSS 7.8
CVE-2021-34486 NOMISEC HIGH WORKING POC
Windows 10 1809-21H1 and Windows Server 2019-20H2 - Use-After-Free in Event Tracing
Windows Event Tracing Elevation of Privilege Vulnerability
CVSS 7.8