Matei "Mal" Badanoiu's repositories
CVE-2023-49964
CVE-2023-49964: FreeMarker Server-Side Template Injection in Alfresco
CVE-2023-34468
CVE-2023-34468: Remote Code Execution via DB Components in Apache NiFi
CVE-2022-21392
CVE-2022-21392: Local Privilege Escalation via NMR SUID in Oracle Enterprise Manager
CVE-2023-34212
CVE-2023-34212: Java Deserialization via JNDI Components in Apache NiFi
CVE-2022-40635
CVE-2022-40635: Groovy Sandbox Bypass in CrafterCMS
CVE-2022-41853
Research into CVE-2022-41853: Using static functions to obtian RCE via Java Deserialization & Remote Codebase Attack
CVE-2021-20253
CVE-2021-20253: Privilege Escalation via Job Isolation Escape in Ansible Tower
CVE-2022-29063
CVE-2022-29063: Java Deserialization via RMI Connection in Apache OfBiz
CVE-2023-40037
CVE-2023-40037: Incomplete Validation of JDBC and JNDI Connection URLs in Apache NiFi
CVE-2019-1332
CVE-2019-1332: Reflected Cross-Site Scripting in Microsoft SQL Server Reporting Services
CVE-2019-14678
CVE-2019-14678: XML External Entity in SAS XML Mapper
CVE-2020-8248
CVE-2020-8248: Privilege Escalation via Zip Wildcard Exploit in Pulse Secure VPN Linux Client
CVE-2020-8249
CVE-2020-8249: Buffer Overflow in Pulse Secure VPN Linux Client
CVE-2020-8250
CVE-2020-8250: Privilege Escalation via Command Injection in Pulse Secure VPN Linux Client
CVE-2020-8254
CVE-2020-8254: Zip Slip in Pulse Secure VPN Windows Client
CVE-2021-46361
CVE-2021-46361: FreeMarker Restriction Bypass in Magnolia CMS
CVE-2021-46362
CVE-2021-46362: FreeMarker Server-Side Template Injection in Magnolia CMS
CVE-2021-46363
CVE-2021-46363: Formula Injection in Magnolia CMS
CVE-2021-46364
CVE-2021-46364: YAML Deserialization in Magnolia CMS
CVE-2021-46365
CVE-2021-46365: Unsafe XML Parsing in Magnolia CMS
CVE-2021-46366
CVE-2021-46366: Credential Bruteforce Attack via CSRF + Open Redirect in Magnolia CMS
CVE-2022-20818
CVE-2022-20818: Local Privilege Escalation via Partial File Read in Cisco SD-WAN
CVE-2022-24442
CVE-2022-24442: FreeMarker Server-Side Template Injection in JetBrains YouTrack
CVE-2022-25813
CVE-2022-25813: FreeMarker Server-Side Template Injection in Apache OfBiz
CVE-2022-40634
CVE-2022-40634: FreeMarker Server-Side Template Injection in CrafterCMS
WSO2-2020-0731
WSO2-2020-0731: XXE and XSS vulnerabilities in WSO2 Carbon