talbeerysec

2 exploits Active since Jan 2020

CVE-2023-4863 NOMISEC HIGH STUB

Google Chrome <116.0.5845.187 - Buffer Overflow

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

3 stars

CVSS 8.8

View Code

CVE-2020-0601 NOMISEC HIGH WRITEUP

Windows 10 and Windows Server - Certificate Spoofing via ECC Certificate Validation

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.

1 stars

CVSS 8.1

View Code