CVE Exploit PoCs
Some PoCs for public CVEs I have been working on.
- CVE-2019-18634: Stack-based buffer overflow in sudo tgetpass.c when pwfeedback module is enabled
- CVE-2021-3156: Heap-based buffer overflow in sudo sudoers.c when an argv ends with backslash character.
- jad OOB write: JAD out-of-bounds write leading to code execution (No CVE given yet)
- CVE-2019-15846: Exim prior to 4.92.2 Remote Code Execution