mistymntncop

15 exploits Active since Dec 2022
CVE-2023-4863 NOMISEC HIGH WORKING POC
Google Chrome <116.0.5845.187 - Buffer Overflow
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
321 stars
CVSS 8.8
CVE-2022-1802 NOMISEC HIGH WORKING POC
Mozilla Firefox < 100.0.2 - Prototype Pollution
If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.
152 stars
CVSS 8.8
CVE-2023-3079 NOMISEC HIGH WORKING POC
Google Chrome <114.0.5735.110 - Heap Corruption
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
130 stars
CVSS 8.8
CVE-2025-5419 NOMISEC HIGH WORKING POC
Google Chrome < 137.0.7151.68 - Out-of-Bounds Write
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
92 stars
CVSS 8.8
CVE-2024-5274 NOMISEC CRITICAL WORKING POC
Google Chrome < 125.0.6422.112 - Type Confusion
Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
81 stars
CVSS 9.6
CVE-2023-2033 NOMISEC HIGH WORKING POC
Google Chrome < 112.0.5615.121 - Type Confusion
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
66 stars
CVSS 8.8
CVE-2022-4262 NOMISEC HIGH WORKING POC
Google Chrome < 108.0.5359.94 - Type Confusion
Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
58 stars
CVSS 8.8
CVE-2025-6554 GITHUB HIGH javascript WORKING POC
Google Chrome <138.0.7204.96 - RCE
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
41 stars
CVSS 8.1
CVE-2024-7971 NOMISEC CRITICAL WORKING POC
Google Chrome < 128.0.6613.84 - Type Confusion
Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
34 stars
CVSS 9.6
CVE-2025-6554 NOMISEC HIGH WORKING POC
Google Chrome <138.0.7204.96 - RCE
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
30 stars
CVSS 8.1
CVE-2022-26485 NOMISEC HIGH STUB
Firefox < 97.0.2 - Use After Free
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.
19 stars
CVSS 8.8
CVE-2023-4863 NOMISEC HIGH WORKING POC
Google Chrome <116.0.5845.187 - Buffer Overflow
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
6 stars
CVSS 8.8
CVE-2025-6554 GITHUB HIGH javascript WORKING POC
Google Chrome <138.0.7204.96 - RCE
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
4 stars
CVSS 8.1
CVE-2025-6554 NOMISEC HIGH WORKING POC
Google Chrome <138.0.7204.96 - RCE
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
1 stars
CVSS 8.1
CVE-2023-4683 NOMISEC MEDIUM WORKING POC
Gpac < 2.3-dev - NULL Pointer Dereference
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-DEV.
1 stars
CVSS 5.5