jeffssh

3 exploits Active since Aug 2021
CVE-2021-30860 NOMISEC HIGH WORKING POC
Apple iOS/iPadOS/macOS - Integer Overflow in PDF Processing
An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
100 stars
CVSS 7.8
CVE-2022-38171 WRITEUP HIGH WORKING POC
Xpdf < 4.04 - Integer Overflow in JBIG2 Decoder
Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2021-30860 (Apple CoreGraphics).
CVSS 7.8
CVE-2022-38784 WRITEUP HIGH WORKING POC
Poppler <= 22.08.0 - Integer Overflow in JBIG2 Decoder
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.
CVSS 7.8