zenzue

5 exploits Active since Jul 2024
CVE-2025-9074 NOMISEC CRITICAL WORKING POC
Docker Desktop - Privilege Escalation
A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation (ECI) enabled, and with or without the "Expose daemon on tcp://localhost:2375 without TLS" option enabled. This can lead to execution of a wide range of privileged commands to the engine API, including controlling other containers, creating new ones, managing images etc. In some circumstances (e.g. Docker Desktop for Windows with WSL backend) it also allows mounting the host drive with the same privileges as the user running Docker Desktop.
11 stars
CVE-2024-38063 NOMISEC CRITICAL WORKING POC
Windows TCP/IP < - RCE
Windows TCP/IP Remote Code Execution Vulnerability
7 stars
CVSS 9.8
CVE-2025-50154 NOMISEC MEDIUM WRITEUP
Windows File Explorer - Info Disclosure
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
3 stars
CVSS 6.5
CVE-2026-31431 NOMISEC HIGH FAILED
crypto: algif_aead - Revert to operating out-of-place
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.
1 stars
CVSS 7.8
CVE-2024-6387 NOMISEC HIGH SCANNER
OpenSSH - DoS
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
CVSS 8.1