what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2018-01-17

Gentoo Linux Security Advisory 201801-18
Posted Jan 17, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-18 - Insufficient input validation in Newsbeuter may allow remote attackers to execute arbitrary shell commands. Versions less than 2.9-r3 are affected.

tags | advisory, remote, arbitrary, shell
systems | linux, gentoo
advisories | CVE-2017-12904
SHA-256 | 4866b556dae1699096f48ecd4f1ce53d0bd37e1adf012517d700256724a096d2
Gentoo Linux Security Advisory 201801-17
Posted Jan 17, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-17 - Multiple vulnerabilities have been found in Poppler, the worst of which could allow the execution of arbitrary code. Versions less than 0.57.0-r1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-2820, CVE-2017-7511, CVE-2017-9083, CVE-2017-9406, CVE-2017-9408, CVE-2017-9865
SHA-256 | 32c97f70373b10ad1732c8ddab720d22e3ec22762a1a20dd7ec1f0ea8014016a
Ubuntu Security Notice USN-3535-1
Posted Jan 17, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3535-1 - Jayachandran Palanisamy discovered that the Bind resolver incorrectly handled fetch cleanup sequencing. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-3145
SHA-256 | 51cbdd5000d09ef343d1f6641f1fe10c0de19873986000a48eb860679a3bbd68
Ubuntu Security Notice USN-3534-1
Posted Jan 17, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3534-1 - It was discovered that the GNU C library did not properly handle all of the possible return values from the kernel getcwd syscall. A local attacker could potentially exploit this to execute arbitrary code in setuid programs and gain administrative privileges. A memory leak was discovered in the _dl_init_paths function in the GNU C library dynamic loader. A local attacker could potentially exploit this with a specially crafted value in the LD_HWCAP_MASK environment variable, in combination with CVE-2017-1000409 and another vulnerability on a system with hardlink protections disabled, in order to gain administrative privileges. Various other issues were also addressed.

tags | advisory, arbitrary, kernel, local, memory leak
systems | linux, ubuntu
advisories | CVE-2017-1000408, CVE-2017-1000409, CVE-2017-15670, CVE-2017-15804, CVE-2017-16997, CVE-2017-17426, CVE-2018-1000001
SHA-256 | b93b27e39dcc8e45fb3868d7d816bfc00ea67297dafc2734a0cec988cd371f26
SugarCRM 3.5.1 Cross Site Scripting
Posted Jan 17, 2018
Authored by Guilherme Assmann

SugarCRM version 3.5.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-5715
SHA-256 | 80cc6f2ccc162a9ba9dd0c6d33a6aa1a814c652ef9d0b6dac17a648dbc70e6f7
Microsoft Edge Chakra Incorrect Scope Handling
Posted Jan 17, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from an incorrect scope handling vulnerability.

tags | exploit
advisories | CVE-2018-0774
SHA-256 | 4ca74358ba02f965f602b3248f2892c43dff8cda26201ab58168fbbe9c7741b4
Microsoft Edge Chakra JavascriptGeneratorFunction::GetPropertyBuiltIns Exposure
Posted Jan 17, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from a JavascriptGeneratorFunction::GetPropertyBuiltIns exposure of scriptFunction.

tags | exploit
advisories | CVE-2017-11914
SHA-256 | a04483e5669a880865f4508ed68f91f3b72e39a678077e3a1ca62368d0ed242e
Microsoft Edge Chakra JIT Incorrect Bounds Calculation
Posted Jan 17, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from an out-of-bounds write vulnerability.

tags | exploit
advisories | CVE-2018-0769
SHA-256 | 4691b0182336e7253e8361f9f37fbd027c01401a73155856b34cc4569bde91d4
Gentoo Linux Security Advisory 201801-16
Posted Jan 17, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-16 - Multiple vulnerabilities have been found in rsync, the worst of which could allow remote attackers to bypass access restrictions. Versions less than 3.1.2-r2 are affected.

tags | advisory, remote, vulnerability
systems | linux, gentoo
advisories | CVE-2017-16548, CVE-2017-17433, CVE-2017-17434
SHA-256 | 831d1d38637b56df23136f76f6a2bfc1533753d716c4268ea9413e0b6e062222
Belkin N600DB Command Injection / Backdoor
Posted Jan 17, 2018
Authored by Wadeek

Belkin N600DB suffers from password disclosure, a backdoor shell, server-side request forgery, and command injection vulnerabilities.

tags | exploit, shell, vulnerability
SHA-256 | ad4deef8559fe9859dfa5db5bd48616568ccaac8491f724ab6019aa6c952893c
Reservo Image Hosting Script 1.5 Cross Site Scripting
Posted Jan 17, 2018
Authored by Dennis Veninga

Reservo Image Hosting Script version 1.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-5705
SHA-256 | 6c1678cb8ccd1983da0bd98d5303f02682971f3d234b8e13a623c781136eb443
Red Hat Security Advisory 2018-0093-01
Posted Jan 17, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0093-01 - The microcode_ctl packages provide microcode updates for Intel and AMD processors. This update supersedes microcode provided by Red Hat with the CVE-2017-5715 CPU branch injection vulnerability mitigation. Further testing has uncovered problems with the microcode provided along with the aSpectrea mitigation that could lead to system instabilities. As a result, Red Hat is providing an microcode update that reverts to the last known good microcode version dated before 03 January 2018. Red Hat strongly recommends that customers contact their hardware provider for the latest microcode updates.

tags | advisory
systems | linux, redhat
SHA-256 | 602978e6e5ed633c2274337e8e1c5ef32fafd8b33f9172246c683add89d5e461
Red Hat Security Advisory 2018-0094-01
Posted Jan 17, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0094-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. This update supersedes microcode provided by Red Hat with the CVE-2017-5715 CPU branch injection vulnerability mitigation. Further testing has uncovered problems with the microcode provided along with the aSpectrea mitigation that could lead to system instabilities. As a result, Red Hat is providing an microcode update that reverts to the last known good microcode version dated before 03 January 2018. Red Hat strongly recommends that customers contact their hardware provider for the latest microcode updates.

tags | advisory
systems | linux, redhat
SHA-256 | 062675b8b3906ac7390af72b4ced85c9fc05d6fee3b742e71ebf1b1c8b4fd6ce
Master IP CAM 01 Hardcoded Password / Unauthenticated Access
Posted Jan 17, 2018
Authored by Daniele Linguaglossa, Raffaele Sabato

Master IP CAM version 01 has a hardcoded root password and suffers from multiple unauthenticated access vulnerabilities.

tags | exploit, root, vulnerability, bypass
advisories | CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726
SHA-256 | 1b7b16dc033365ff3162c79dfd711a78130a165f689c53737f95802789f1b521
Fundly 1.0.0 Cross Site Scripting
Posted Jan 17, 2018
Authored by indoushka

Fundly version 1.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0a01bb2c9a2d1fadf76ab85600d1d06ec2398b15378af4b137d16d293ad51c6a
Zomato Clone Script Arbitrary File Upload
Posted Jan 17, 2018
Authored by Tauco

Zomato Clone Script suffers from a remote file upload vulnerability.

tags | exploit, remote, file upload
SHA-256 | f6204b1369e8f6a5880aeecfbf75a0badf377f4e425b88c8845232aa9a0cbe9c
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    8 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close