bluefrostsecurity

6 exploits Active since Sep 2019
CVE-2020-0041 NOMISEC HIGH WORKING POC
Android - Local Privilege Escalation via Binder Transaction Bounds Check
In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145988638References: Upstream kernel
253 stars
CVSS 7.8
CVE-2019-1215 NOMISEC HIGH WORKING POC
Microsoft Windows 10 1507 - Improper Privilege Management
An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303.
152 stars
CVSS 7.8
CVE-2020-0041 NOMISEC HIGH WORKING POC
Android - Local Privilege Escalation via Binder Transaction Bounds Check
In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145988638References: Upstream kernel
58 stars
CVSS 7.8
CVE-2023-2008 NOMISEC HIGH WORKING POC
Linux Kernel < 5.19 - Privilege Escalation via udmabuf Fault Handler Array Index Validation
A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.
40 stars
CVSS 7.8
CVE-2021-28476 NOMISEC CRITICAL WRITEUP
Windows Hyper-V - Remote Code Execution
Windows Hyper-V Remote Code Execution Vulnerability
10 stars
CVSS 9.9
CVE-2020-0041 NOMISEC HIGH WORKING POC
Android - Local Privilege Escalation via Binder Transaction Bounds Check
In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145988638References: Upstream kernel
10 stars
CVSS 7.8