nanabingies

5 exploits Active since Dec 2018
CVE-2021-21551 NOMISEC HIGH WORKING POC
Dell DBUtil < 2.3 - Authenticated Insufficient Access Control in IOCTL Handler
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.
26 stars
CVSS 8.8
CVE-2018-19321 NOMISEC HIGH WORKING POC
GIGABYTE APP Center <1.05.21 - Privilege Escalation
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.
8 stars
CVSS 7.8
CVE-2019-16724 NOMISEC CRITICAL WORKING POC
File Sharing Wizard 1.5.0 - Buffer Overflow
File Sharing Wizard 1.5.0 allows a remote attacker to obtain arbitrary code execution by exploiting a Structured Exception Handler (SEH) based buffer overflow in an HTTP POST parameter, a similar issue to CVE-2010-2330 and CVE-2010-2331.
2 stars
CVSS 9.8
CVE-2018-19321 NOMISEC HIGH WORKING POC
GIGABYTE APP Center <1.05.21 - Privilege Escalation
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.
2 stars
CVSS 7.8
CVE-2024-0582 NOMISEC HIGH WORKING POC
Linux Kernel 6.4-6.6.4 - Use-After-Free in io_uring Buffer Ring Registration
A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVSS 7.8