mistymntncop

15 exploits Active since Dec 2022
CVE-2023-4863 NOMISEC HIGH WORKING POC
Google Chrome <116.0.5845.187 - Buffer Overflow
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
321 stars
CVSS 8.8
CVE-2022-1802 NOMISEC HIGH WORKING POC
Firefox < 100.0.2, Firefox ESR < 91.9.1, Thunderbird < 91.9.1 - Privileged JavaScript Execution via Prototype Pollution
If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.
152 stars
CVSS 8.8
CVE-2023-3079 NOMISEC HIGH WORKING POC
Google Chrome <114.0.5735.110 - Heap Corruption
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
130 stars
CVSS 8.8
CVE-2025-5419 NOMISEC HIGH WORKING POC
Google Chrome < 137.0.7151.68 - Out-of-bounds Read and Write in V8
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
92 stars
CVSS 8.8
CVE-2024-5274 NOMISEC CRITICAL WORKING POC
Google Chrome < 125.0.6422.112 - Remote Code Execution via V8 Type Confusion
Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
81 stars
CVSS 9.6
CVE-2023-2033 NOMISEC HIGH WORKING POC
Google Chrome < 112.0.5615.121 - Remote Code Execution via V8 Type Confusion
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
66 stars
CVSS 8.8
CVE-2022-4262 NOMISEC HIGH WORKING POC
Google Chrome < 108.0.5359.94 - Type Confusion in V8 via Crafted HTML Page
Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
58 stars
CVSS 8.8
CVE-2025-6554 GITHUB HIGH javascript WORKING POC
Google Chrome < 138.0.7204.96 - Type Confusion in V8
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
41 stars
CVSS 8.1
CVE-2024-7971 NOMISEC CRITICAL WORKING POC
Google Chrome < 128.0.6613.84 - Type Confusion in V8 via Crafted HTML Page
Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
34 stars
CVSS 9.6
CVE-2025-6554 NOMISEC HIGH WORKING POC
Google Chrome < 138.0.7204.96 - Type Confusion in V8
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
30 stars
CVSS 8.1
CVE-2022-26485 NOMISEC HIGH STUB
Firefox < 97.0.2 - Use After Free
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.
19 stars
CVSS 8.8
CVE-2023-4863 NOMISEC HIGH WORKING POC
Google Chrome <116.0.5845.187 - Buffer Overflow
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
6 stars
CVSS 8.8
CVE-2025-6554 GITHUB HIGH javascript WORKING POC
Google Chrome < 138.0.7204.96 - Type Confusion in V8
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
4 stars
CVSS 8.1
CVE-2025-6554 NOMISEC HIGH WORKING POC
Google Chrome < 138.0.7204.96 - Type Confusion in V8
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
1 stars
CVSS 8.1
CVE-2023-4683 NOMISEC MEDIUM WORKING POC
gpac < 2.3-dev - NULL Pointer Dereference
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-DEV.
1 stars
CVSS 5.5