killvxk

6 exploits Active since Oct 2018
CVE-2024-38193 NOMISEC HIGH NO CODE
Windows Ancillary Function Driver - Privilege Escalation
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
59 stars
CVSS 7.8
CVE-2022-1040 NOMISEC CRITICAL WORKING POC
Sophos Firewall < 18.5.3 - Unauthenticated Remote Code Execution
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
17 stars
CVSS 9.8
CVE-2021-3972 NOMISEC MEDIUM WORKING POC
Lenovo Notebook BIOS - Privilege Escalation
A potential vulnerability by a driver used during manufacturing process on some consumer Lenovo Notebook devices' BIOS that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.
4 stars
CVSS 6.7
CVE-2018-14772 NOMISEC HIGH WORKING POC
Pydio <8.2.1 - Authenticated Command Injection
Pydio 4.2.1 through 8.2.1 has an authenticated remote code execution vulnerability in which an attacker with administrator access to the web application can execute arbitrary code on the underlying system via Command Injection.
1 stars
CVSS 7.2
CVE-2023-22515 NOMISEC CRITICAL WORKING POC
Atlassian Confluence Unauthenticated Remote Code Execution
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
CVSS 9.8
CVE-2019-19383 NOMISEC HIGH WORKING POC
freeFTPd 1.0.8 - Post-Authentication Buffer Overflow via SIZE Command
freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a crafted SIZE command (this is exploitable even if logging is disabled).
CVSS 8.8