echo-devim

2 exploits Active since Oct 2017

CVE-2017-14954 NOMISEC MEDIUM WORKING POC

Linux Kernel < 4.13.4 - Unauthorized Sensitive Information Exposure via waitid System Call

The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users to obtain sensitive information, and bypass the KASLR protection mechanism, via a crafted system call.

1 stars

CVSS 5.5

View Code

CVE-2022-48429 NOMISEC MEDIUM WORKING POC

JetBrains Hub < 2022.1.15583 - Reflected Cross-Site Scripting in Dashboards

In JetBrains Hub before 2022.3.15573, 2022.2.15572, 2022.1.15583 reflected XSS in dashboards was possible

CVSS 4.6

View Code