Clément Notin
Pentester / Security researcher
I share with you my discoveries around pentesting and security research.
home
About
Archive
Talks
Tools
Vulnerabilities
Vulnerabilities (CVEs)
Here is the list of the vulnerabilities I discovered in products and that were published.
2020
CVE-2020-7315 McAfee Agent DLL injection
CVE-2020-4311 IBM Tivoli Monitoring weak folder permissions
2019
CVE-2019-1172 Disclosure of Azure AD personal account auth token to malicious websites when using the recommended browser extension 2/2
CVE-2019-1172 Disclosure of Azure AD personal account auth token to malicious websites when using the recommended browser extension 1/2
CVE-2019-1172 Windows Azure Active Directory user token disclosure
2018
CVE-2018-3621 Intel Driver & Support Assistant: Drivers information disclosure bug through incorrect validation of the Origin header in local API requests (< 3.6.0.4)
CVE-2018-15481 UCOPIA Wireless Appliance restricted shell escape (< 5.1.13)
2017
CVE-2017-17743 UCOPIA Wireless Appliance restricted shell escape (< 5.1.11 / 5.0.19 / 4.4.20)
CVE-2017-7344 Fortinet FortiClient Windows privilege escalation at logon
2016
CVE-2016-5007 Spring Security / MVC Path Matching Inconsistency
