convisolabs

5 exploits Active since Apr 2021
CVE-2024-43044 NOMISEC HIGH WORKING POC
Jenkins < 2.452.4 and < 2.471 - Arbitrary File Read via ClassLoaderProxy#fetchJar
Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the `ClassLoaderProxy#fetchJar` method in the Remoting library.
184 stars
CVSS 8.8
CVE-2021-22204 NOMISEC MEDIUM WORKING POC
GitLab Unauthenticated Remote ExifTool Command Injection
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
94 stars
CVSS 6.8
CVE-2022-24834 NOMISEC HIGH WORKING POC
Redis 2.6.0-6.0.19 - Authenticated Heap-based Buffer Overflow via Lua Script Execution
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support, starting from 2.6, and affects only authenticated and authorized users. The problem is fixed in versions 7.0.12, 6.2.13, and 6.0.20.
23 stars
CVSS 7.0
CVE-2024-0200 GITHUB HIGH python WORKING POC
GitHub Enterprise Server 3.8.0-3.8.12 - Authenticated Remote Code Execution via Unsafe Reflection
An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into an account on the GHES instance with the organization owner role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.13, 3.9.8, 3.10.5, and 3.11.3. This vulnerability was reported via the GitHub Bug Bounty program.
CVSS 7.2
CVE-2024-0507 NOMISEC MEDIUM WORKING POC
GitHub Enterprise Server - Privilege Escalation
An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.11.3, 3.10.5, 3.9.8, and 3.8.13 This vulnerability was reported via the GitHub Bug Bounty program.
CVSS 6.5