zunak

3 exploits Active since Jan 2024
CVE-2024-22641 NOMISEC HIGH WORKING POC
TCPDF <6.6.5 - DoS
TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted SVG file.
1 stars
CVSS 7.5
CVE-2024-22640 NOMISEC HIGH WORKING POC
TCPDF <=6.6.5 - DoS
TCPDF version <=6.6.5 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color.
CVSS 7.5
CVE-2023-49471 NOMISEC HIGH WORKING POC
Barassistant Bar Assistant < 3.2.0 - SSRF
Blind Server-Side Request Forgery (SSRF) vulnerability in karlomikus Bar Assistant before version 3.2.0 does not validate a parameter before making a request through Image::make(), which could allow authenticated remote attackers to execute arbitrary code.
CVSS 8.8