what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 29 RSS Feed

Files Date: 2018-05-04

IceWarp Mail Server Directory Traversal
Posted May 4, 2018
Authored by Piotr Karolak | Site trustwave.com

IceWarp Mail Server versions prior to 11.1.1 suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2015-1503
SHA-256 | 5911d51dee37f8df32f9b659025bd3a0f60768e3a9c4462df3001541903d19d9
WordPress WF Cookie Consent 1.1.3 Cross Site Scripting
Posted May 4, 2018
Authored by B0UG

WordPress WF Cookie Consent plugin version 1.1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-10371
SHA-256 | ef66d0fe07a12e0ac012509c9187ea4a01937a7f4a73fdbd6f3f0d3017c74b47
Red Hat Security Advisory 2018-1323-01
Posted May 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1323-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.2 serves as a replacement for Red Hat Single Sign-On 7.2.1, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Issues addressed include a code execution vulnerability.

tags | advisory, web, code execution
systems | linux, redhat
advisories | CVE-2018-8088
SHA-256 | 3abecc8e646ad3ee39089a87f83615fc351ad8ede93009e382a7e7358bdf6749
RSA Authentication Manager XXE Injection / Header Injection
Posted May 4, 2018
Authored by Mantas Juskauskas | Site emc.com

RSA Authentication Manager versions prior to 8.3 P1 suffer from XML external entity injection and host header injection vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2018-1247, CVE-2018-1248
SHA-256 | 54af7045cb6ecd5f3d0f3331ec31935e82e31bafa913bb41069a18c69ae3fe80
CSP MySQL User Manager 2.3.1 SQL Injection
Posted May 4, 2018
Authored by Youssef mami

CSP MySQL User Manager version 2.3.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
advisories | CVE-2018-10757
SHA-256 | 12bdbcee2a4866bdd5b4383fd5062380dc30f6f5e1993028604ee8d80cdefe53
Slackware Security Advisory - seamonkey Updates
Posted May 4, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New seamonkey packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 9ac8f2e05154bfbe5a8936b4367457ac0a2e4ef121aea18ac9d4510103477d6b
D-Link DIR-601 Failed Password Change Control
Posted May 4, 2018
Authored by Joe Gray

D-Link DIR-601 A1 1.02NA devices do not require the old password for a password change, which occurs in cleartext.

tags | advisory
advisories | CVE-2018-10641
SHA-256 | c2f677dc653a79692726bbccff8050f283ad34e84c33c202f140624c41984b88
Windows WMI Recieve Notification
Posted May 4, 2018
Authored by smmrootkit, de7ec7ed | Site metasploit.com

This Metasploit module exploits an uninitialized stack variable in the WMI subsystem of ntoskrnl. This Metasploit module has been tested on vulnerable builds of Windows 7 SP0 x64 and Windows 7 SP1 x64.

tags | exploit
systems | windows
advisories | CVE-2016-0040
SHA-256 | 21e9d7b3e380f6d3538fe9a780b502fd48f46f47c33e65a13d1012158b0d5136
TP-Link EAP Controller CSRF / Hard-Coded Key / XSS
Posted May 4, 2018
Authored by Core Security Technologies | Site coresecurity.com

TP-Link EAP suffers from hard-coded credential, cross site request forgery, cross site scripting, and other vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2018-10164, CVE-2018-10165, CVE-2018-10166, CVE-2018-10167, CVE-2018-10168
SHA-256 | c5187235d9542ea658539bfb88cc9cb5ce9f82fc8cafd49e9eb8cb63664932db
Dell EMC Unity Family OS Command Injection
Posted May 4, 2018
Site emc.com

Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities. A remote application admin user could potentially exploit the vulnerabilities to execute arbitrary OS commands as system root on the system where Dell EMC Unity is installed.

tags | advisory, remote, arbitrary, root, vulnerability
advisories | CVE-2018-1239
SHA-256 | 7fab6a2de70667057b3c38a3370a081105809c6c850820b3173c5e54c53be6da
Red Hat Security Advisory 2018-1322-01
Posted May 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1322-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2016-8750, CVE-2017-1000487, CVE-2017-12165, CVE-2017-12626, CVE-2017-7559
SHA-256 | 37fa1db478b76c81add822f8159bbcd782bf5a67fd414e5147f7dd37e4d16dfd
Oracle Access Manager 11.1.2.3.0 / 12.2.1.3.0 Authentication Bypass
Posted May 4, 2018
Authored by Wolfgang Ettlinger | Site sec-consult.com

Oracle Access Manager versions 11.1.2.3.0 and 12.2.1.3.0 suffer from an authentication bypass vulnerability.

tags | advisory, bypass
advisories | CVE-2018-2879
SHA-256 | 3ff8e4e5227e1b994da2325be7ed9d86085196020a85edbd2fa518450b3a1236
Windows Kernel Exploitation Tutorial Part 8: Use After Free
Posted May 4, 2018
Authored by rootkit

Whitepaper called Windows Kernel Exploitation Tutorial Part 8: Use After Free.

tags | paper, kernel
systems | windows
SHA-256 | f2598e4b4d62f5cf90e32aca7b671330db49e562ff55234992d445256a3d1490
Red Hat Security Advisory 2018-1321-01
Posted May 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1321-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 66.0.3359.139. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2018-6118
SHA-256 | 783305928a9849373bbb2d70211335a275b5db6d1c0e2a0b658eecf89e8943aa
Red Hat Security Advisory 2018-1320-01
Posted May 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1320-01 - Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Spring Boot 1.5.12 serves as a replacement for RHOAR Spring Boot 1.5.10, and includes bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Issues addressed include a traversal vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-1271, CVE-2018-1272, CVE-2018-1275, CVE-2018-1304, CVE-2018-1305
SHA-256 | dda23c55eb322f14c521610d328717d78eddc9f5c5d9cbcd1faa007d32bb490f
Adobe Reader PDF Client-Side Request Injection
Posted May 4, 2018
Authored by Alex Infuhr

Adobe Reader PDF suffers from a client-side request injection vulnerability.

tags | exploit
SHA-256 | 44b8a5051b8634c8d11d453cb169b97d6279be2c16d54e704bc8f109dc767a76
Debian Security Advisory 4191-1
Posted May 4, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4191-1 - Multiple vulnerabilities were discovered in Redmine, a project management web application. They could lead to remote code execution, information disclosure or cross-site scripting attacks.

tags | advisory, remote, web, vulnerability, code execution, xss, info disclosure
systems | linux, debian
advisories | CVE-2017-15568, CVE-2017-15569, CVE-2017-15570, CVE-2017-15571, CVE-2017-15572, CVE-2017-15573, CVE-2017-15574, CVE-2017-15575, CVE-2017-15576, CVE-2017-15577, CVE-2017-16804, CVE-2017-18026
SHA-256 | 84a1275dbc13e5b89f98dc4bbfc5e21828f0e443a4574e1d9a44448af407e448
Debian Security Advisory 4190-1
Posted May 4, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4190-1 - It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, improperly validated user input prior to deserializing because of an incomplete fix for CVE-2017-7525.

tags | advisory, java
systems | linux, debian
advisories | CVE-2018-7489
SHA-256 | 1090563f3dea361b89c7b318f5116822254650fbc24a52bdbe7a40672715bf18
Red Hat Security Advisory 2018-1296-01
Posted May 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1296-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php70-php. Issues addressed include buffer overflow, cross site scripting, denial of service, heap overflow, remote file inclusion, and use-after-free vulnerabilities.

tags | advisory, remote, web, denial of service, overflow, php, vulnerability, xss, file inclusion
systems | linux, redhat
advisories | CVE-2016-10158, CVE-2016-10159, CVE-2016-10160, CVE-2016-10161, CVE-2016-10162, CVE-2016-10167, CVE-2016-10168, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418, CVE-2016-7479, CVE-2016-9933, CVE-2016-9934, CVE-2016-9935, CVE-2016-9936, CVE-2017-11143, CVE-2017-11144, CVE-2017-11145, CVE-2017-11147, CVE-2017-11362, CVE-2017-11628, CVE-2017-12932, CVE-2017-12933, CVE-2017-12934
SHA-256 | 7d3b1f62dd47f6ccce2cd1aa1495159b5a0ec53d7009c7657d7a8518e489c754
Call Of Duty Modern Warfare 2 Buffer Overflow
Posted May 4, 2018
Authored by momo5502

Call Of Duty Modern Warfare 2 buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
advisories | CVE-2018-10718
SHA-256 | bfef1377d9de792500db782d09fc4c9cd6f5a22b26697966467e741c1944dbdf
Red Hat Security Advisory 2018-1304-01
Posted May 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1304-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The following packages have been upgraded to a later upstream version: go-toolset-7-golang. Go Toolset is provided as a Technology Preview. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2018-6574
SHA-256 | 2f8817cd02824ff2316547bf62600055b975cf40fbb83882901aaf31bb3fabed
Debian Security Advisory 4189-1
Posted May 4, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4189-1 - Two vulnerabilities were found in the Quassel IRC client, which could result in the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-1000178, CVE-2018-1000179
SHA-256 | 05f4d30c6e557b9a10e26e9b2e120f736ff6442d8ee27bf46bbe9af1641f6be5
TBK DVR4104 / DVR4216 Credential Disclosure
Posted May 4, 2018
Authored by Fernandez Ezequiel

TBK DVR4104 and DVR4216 suffer from a credential disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2018-9995
SHA-256 | 332240b12a3af3cba5b8e90a990438e0ddb78ba79a43d0fe883dddca9109c2b3
Norton Core Secure WiFi Router BLE Command Injection
Posted May 4, 2018
Authored by embedi

Norton Core Secure WiFi Router BLE command injection proof of concept exploit.

tags | exploit, proof of concept
advisories | CVE-2018-5234
SHA-256 | 44a51a397edef339a1e78f1a786367cd6fd6807c6c08f40a9ae86cbe09383622
Chrome V8 Object Allocation Size Integer Overflow
Posted May 4, 2018
Authored by Google Security Research, Mark Brand

Chrome V8 suffers from an integer overflow vulnerability in object allocation size.

tags | exploit, overflow
advisories | CVE-2018-6065
SHA-256 | ff8f6ea3f286a12d25b238442f6fc1ab337a443b0622cd2b2f518a85f646b577
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close