https://github.com/lockedbyte/CVE-ExploitsC
PoCs for public CVE's I have been working on.
CVE Exploit PoCs
Some PoCs for public CVEs I have been working on.
Current exploits
- CVE-2019-18634: Stack-based buffer overflow in sudo tgetpass.c when pwfeedback module is enabled
- CVE-2021-3156: Heap-based buffer overflow in sudo sudoers.c when an argv ends with backslash character.
- jad OOB write: JAD out-of-bounds write leading to code execution (No CVE given yet)