bcdannyboy

5 exploits Active since Dec 2017
CVE-2023-44487 NOMISEC HIGH SCANNER
HTTP/2 - Denial of Service via Rapid Stream Reset
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
241 stars
CVSS 7.5
CVE-2023-50164 NOMISEC CRITICAL WORKING POC
Apache Struts 2.0.0-2.5.32 - Path Traversal and Remote Code Execution via File Upload
An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue.
4 stars
CVSS 9.8
CVE-2023-38545 NOMISEC CRITICAL WORKING POC
libcurl 7.69.0-8.4.0 - Heap-Based Buffer Overflow in SOCKS5 Proxy Handshake
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only. Due to this bug, the local variable that means "let the host resolve the name" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long host name to the target buffer instead of copying just the resolved address there. The target buffer being a heap based buffer, and the host name coming from the URL that curl has been told to operate with.
3 stars
CVSS 9.8
CVE-2021-26084 NOMISEC CRITICAL WORKING POC
Atlassian Confluence Server and Data Center - OGNL Injection
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.
1 stars
CVSS 9.8
CVE-2017-1635 NOMISEC HIGH WORKING POC
IBM Tivoli Monitoring V6 <6.2.2.x - Use After Free
IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 133243.
1 stars
CVSS 8.0