snappyJack

6 exploits Active since Sep 2018
CVE-2020-8835 NOMISEC HIGH WORKING POC
Linux kernel <5.6.1, <5.5.14, <5.4.29 - Memory Corruption
In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780)
4 stars
CVSS 7.8
CVE-2019-14267 NOMISEC HIGH STUB
PDFResurrect 0.15 - Buffer Overflow
PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled.
2 stars
CVSS 7.8
CVE-2019-8936 NOMISEC HIGH WORKING POC
Netapp Clustered Data Ontap < 9.2 - NULL Pointer Dereference
NTP through 4.2.8p12 has a NULL Pointer Dereference.
CVSS 7.5
CVE-2018-16370 NOMISEC CRITICAL WRITEUP
Pescms Team - Unrestricted File Upload
In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive.
CVSS 9.8
CVE-2018-16373 NOMISEC MEDIUM WRITEUP
Frog Cms - Unrestricted File Upload
Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save.
CVSS 4.9
CVE-2020-22916 WRITEUP MEDIUM WORKING POC
XZ 5.2.5 - DoS
An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of a crafted file. NOTE: the vendor disputes the claims of "endless output" and "denial of service" because decompression of the 17,486 bytes always results in 114,881,179 bytes, which is often a reasonable size increase.
CVSS 5.5