bb33bb

15 exploits Active since Dec 2018
CVE-2022-2639 NOMISEC HIGH WORKING POC
Openvswitch kernel module - Memory Corruption
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.
111 stars
CVSS 7.8
CVE-2020-3952 NOMISEC CRITICAL WORKING POC
VMware vCenter Server vmdir Information Disclosure
Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls.
7 stars
CVSS 9.8
CVE-2019-13720 NOMISEC HIGH SUSPICIOUS
Google Chrome <78.0.3904.87 - Use After Free
Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
6 stars
CVSS 8.8
CVE-2022-22954 NOMISEC CRITICAL SCANNER
VMware Workspace ONE Access CVE-2022-22954
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.
2 stars
CVSS 9.8
CVE-2024-40662 NOMISEC HIGH STUB
Android - Local Privilege Escalation via Malformed Uri Object
In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS 7.8
CVE-2022-28282 NOMISEC MEDIUM WORKING POC
Firefox < 99.0 and Firefox ESR < 91.8 - Use-After-Free via Localization Link
By using a link with <code>rel="localization"</code> a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.
CVSS 6.5
CVE-2022-0492 NOMISEC HIGH SCANNER
Docker cgroups Container Escape
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
CVSS 7.8
CVE-2022-22620 NOMISEC HIGH STUB
Safari < 15.3 - Use-After-Free via Malicious Web Content
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
CVSS 8.8
CVE-2022-22966 NOMISEC HIGH WORKING POC
VMware Cloud Director 10.1.0-10.1.4.1 - Authenticated Remote Code Execution
An authenticated, high privileged malicious actor with network access to the VMware Cloud Director tenant or provider may be able to exploit a remote code execution vulnerability to gain access to the server.
CVSS 7.2
CVE-2021-32849 NOMISEC HIGH SUSPICIOUS
gerapy < 0.9.9 - Authenticated OS Command Injection
Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds.
CVSS 8.8
CVE-2021-20837 NOMISEC CRITICAL WORKING POC
Movable Type < 1.46, 4.0-6.3.11, 6.5.0-6.8.2 - Remote Code Execution via XMLRPC API
Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Type 6.8.2 and earlier (Movable Type 6 Series), Movable Type Advanced 7 r.5002 and earlier (Movable Type Advanced 7 Series), Movable Type Advanced 6.8.2 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.46 and earlier, and Movable Type Premium Advanced 1.46 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors. Note that all versions of Movable Type 4.0 or later including unsupported (End-of-Life, EOL) versions are also affected by this vulnerability.
CVSS 9.8
CVE-2019-0808 NOMISEC HIGH WORKING POC
Windows 7 and Windows Server 2008 - Local Privilege Escalation in Win32k Component
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.
CVSS 7.8
CVE-2018-8617 NOMISEC HIGH WORKING POC
ChakraCore - Remote Code Execution via Memory Corruption
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8618, CVE-2018-8624, CVE-2018-8629.
CVSS 7.5
CVE-2022-2639 INTHEWILD HIGH WORKING POC
Openvswitch kernel module - Memory Corruption
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVSS 7.8
CVE-2022-2639 INTHEWILD HIGH WORKING POC
Openvswitch kernel module - Memory Corruption
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVSS 7.8