exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2018-11-16

Intel Rapid Storage Technology User Interface And Driver 15.9.0.1015 DLL Hijacking
Posted Nov 16, 2018
Authored by Stefan Kanthak

Intel Rapid Storage Technology User Interface and Driver version 15.9.0.1015 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 6e7d0ae7e36d2519f2a95dd01eee53eeefd5b81452a1fdfc32e7ec88cc304a15
Budabot 4.0 Denial Of Service
Posted Nov 16, 2018
Authored by Ryan Delaney

Budabot versions 0.6 through 4.0 suffer from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2018-19290
SHA-256 | a8620cfd1ed239f5a681eebba7f54e300e332b8a58ce2704698bd1ea6a629401
Easy Outlook Express Recovery 2.0 Denial Of Service
Posted Nov 16, 2018
Authored by Ihsan Sencan

Easy Outlook Express Recovery version 2.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 82cb3c42702d61ce3a30a798b37e6224448fb4750089b14e6c59554868298e79
Ubuntu Security Notice USN-3824-1
Posted Nov 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3824-1 - It was discovered that the Security component of OpenJDK did not properly ensure that manifest elements were signed before use. An attacker could possibly use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. Artem Smotrakov discovered that the HTTP client redirection handler implementation in OpenJDK did not clear potentially sensitive information in HTTP headers when following redirections to different hosts. An attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, java, web
systems | linux, ubuntu
advisories | CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3169, CVE-2018-3180
SHA-256 | 6c5ea49388e7e87aca6197cfe70cc7c9a28214d75613f18a1201e869b8704850
Mumsoft Easy Software 2.0 Denial Of Service
Posted Nov 16, 2018
Authored by Ihsan Sencan

Mumsoft Easy Software version 2.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 2e6d3fa3ab3980ef650c389842587c04d50e541be8b89b6d86e5946e4b8c0473
DomainMOD 4.11.01 Cross Site Scripting
Posted Nov 16, 2018
Authored by Dawood Ansar

DomainMOD versions 4.09.03 through 4.11.01 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-19136
SHA-256 | 4ac91c382335e4c719ecad12b7fb1d13f9831451a63236bd492da8666dd9934e
Helpdezk 1.1.1 Shell Upload
Posted Nov 16, 2018
Authored by Ihsan Sencan

Helpdezk version 1.1.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 4d7c2b7a7f9e0b66c40c6a479ca4b064ccdc419315c37b7f8039d533b556f8f8
Warranty Tracking System 11.06.3 SQL Injection
Posted Nov 16, 2018
Authored by Ihsan Sencan

Warranty Tracking System version 11.06.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6b9d0c36e2b44c903b7a8825cda38efc3260a46b672d47f89e379535595683f1
Kernel Live Patch Security Notice LSN-0045-1
Posted Nov 16, 2018
Authored by Benjamin M. Romer

It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could use this to expose sensitive information or possibly elevate privileges. Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2017-13168, CVE-2018-10880, CVE-2018-16658, CVE-2018-9363
SHA-256 | fbe29704c99306a1bca47b078a9a33c2572ec3b421ae2b3cfb6ccde48d2a5412
Everus.org 1.0.9 Second Factor Redirection
Posted Nov 16, 2018
Authored by Muhammad Shahbaz

The Everus.org Android application version 1.0.9 has a fundamental design flaw where the client can send a random phone number during the second factor flow with an arbitrary existing user id and the server send the attacker the one time password for the other user.

tags | exploit, arbitrary
SHA-256 | e46c0f54b8cf03d1272fe5737ef712ce4a51f293453a2cc14d9e32c21776b79e
Linux Broken UID/GID Mapping
Posted Nov 16, 2018
Authored by Jann Horn, Google Security Research

Linux has a broken uid/gid mapping for nested user namespaces with greater than 5 ranges.

tags | exploit
systems | linux
advisories | CVE-2018-18955
SHA-256 | 53da54afe1913539df473ff36059802468d06980a436040ba7120c6c26f62627
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close