duy-31

8 exploits Active since Dec 2023
CVE-2024-21413 NOMISEC CRITICAL WORKING POC
Microsoft 365 Apps and Office 2016-2019 - Remote Code Execution via Moniker Link
Microsoft Outlook Remote Code Execution Vulnerability
156 stars
CVSS 9.8
CVE-2023-35636 NOMISEC MEDIUM WORKING POC
Microsoft 365 Apps and Office - Unauthorized Information Exposure via Outlook
Microsoft Outlook Information Disclosure Vulnerability
43 stars
CVSS 6.5
CVE-2024-21887 NOMISEC CRITICAL WORKING POC
Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
23 stars
CVSS 9.1
CVE-2023-46805 NOMISEC HIGH WORKING POC
Ivanti Connect Secure Unauthenticated Remote Code Execution
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
23 stars
CVSS 8.2
CVE-2023-51764 NOMISEC MEDIUM WORKING POC
Postfix < 3.5.23 - SMTP Smuggling via Bare Newline Injection
Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports <LF>.<CR><LF> but some other popular e-mail servers do not. To prevent attack variants (by always disallowing <LF> without <CR>), a different solution is required, such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9.
22 stars
CVSS 5.3
CVE-2023-7028 NOMISEC CRITICAL WORKING POC
GitLab Password Reset Account Takeover
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.
3 stars
CVSS 10.0
CVE-2026-24061 NOMISEC CRITICAL SCANNER
GNU Inetutils Telnet Authentication Bypass Exploit CVE-2026-24061
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.
2 stars
CVSS 9.8
CVE-2023-51764 NOMISEC MEDIUM WORKING POC
Postfix < 3.5.23 - SMTP Smuggling via Bare Newline Injection
Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports <LF>.<CR><LF> but some other popular e-mail servers do not. To prevent attack variants (by always disallowing <LF> without <CR>), a different solution is required, such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9.
CVSS 5.3