payatu

4 exploits Active since Nov 2015
CVE-2015-6086 NOMISEC WORKING POC
Microsoft Internet Explorer <11 - Info Disclosure
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
67 stars
CVE-2018-14442 NOMISEC CRITICAL WORKING POC
Foxit Reader <9.2 - PhantomPDF <9.2 - Use After Free
Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free that leads to Remote Code Execution, aka V-88f4smlocs.
58 stars
CVSS 9.8
CVE-2017-5005 NOMISEC CRITICAL WRITEUP
Quick Heal Internet Security <10.1.0.316 - Buffer Overflow
Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to execute arbitrary code via a crafted LC_UNIXTHREAD.cmdsize field in a Mach-O file that is mishandled during a Security Scan (aka Custom Scan) operation.
15 stars
CVSS 9.8
CVE-2017-5638 NOMISEC CRITICAL WORKING POC
Apache Struts 2.3.x < 2.3.32 and 2.5.x < 2.5.10.1 - Remote Code Execution via Jakarta Multipart Parser
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
7 stars
CVSS 9.8