hyunjungg

2 exploits Active since Feb 2023

CVE-2025-62821 NOMISEC CRITICAL WORKING POC

Microsoft HEIF Image Extensions 1.2.22.0 - Out-of-Bounds Read via CHEIFItemInfoEntry_GetDataSize

Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntry_GetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copy_size = stride * abs(roi_height) but does not check the source buffer length before a memmove call.

CVSS 9.1

View Code

CVE-2023-21688 NOMISEC HIGH WORKING POC

NT OS Kernel - Privilege Escalation

NT OS Kernel Elevation of Privilege Vulnerability

CVSS 7.8

View Code