pentestfunctions

5 exploits Active since Dec 2023
CVE-2023-45866 NOMISEC MEDIUM WORKING POC
BlueZ Bluetooth HID Hosts - Unauthenticated Keyboard Input Injection
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
1,776 stars
CVSS 6.3
CVE-2025-8088 NOMISEC HIGH WORKING POC
WinRAR < 7.13 - Path Traversal and Arbitrary Code Execution via Malicious Archive
A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET.
34 stars
CVSS 8.8
CVE-2024-48990 NOMISEC HIGH WORKING POC
Ubuntu needrestart Privilege Escalation
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
25 stars
CVSS 7.8
CVE-2025-8088 NOMISEC HIGH WORKING POC
WinRAR < 7.13 - Path Traversal and Arbitrary Code Execution via Malicious Archive
A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET.
7 stars
CVSS 8.8
CVE-2024-3094 NOMISEC CRITICAL SCANNER
xz <5.6.0 - Code Injection
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library.
3 stars
CVSS 10.0