what you don't know can hurt you

Recent Files

Files RSS Feed
Microsoft Windows Task Scheduler Local Privilege Escalation
Posted Jul 19, 2019
Authored by Social Engineering Neo

Microsoft Windows Task Scheduler suffers from a local privilege escalation vulnerability. The Windows MMC auto-elevates members of the 'administrators' group via the GUI and MMC snap-ins (via mmc.exe) automatically elevate without prompting UAC potentially leading to unintentional elevation of privilege.

tags | exploit, local
systems | windows
MAPLE Computer WBT SNMP Administrator 2.0.195.15 Buffer Overflow
Posted Jul 19, 2019
Authored by sasaga92

MAPLE Computer WBT SNMP Administrator version 2.0.195.15 remote buffer overflow exploit with egghunter.

tags | exploit, remote, overflow
fuelCMS 1.4.1 Remote Code Execution
Posted Jul 19, 2019
Authored by 0xd0ff9

fuelCMS versions 1.4.1 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
Web Ofisi E-Ticaret 3 SQL Injection
Posted Jul 19, 2019
Authored by Ahmet Umit Bayram

Web Ofisi E-Ticaret version 3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
Web Ofisi Emlak 3 SQL Injection
Posted Jul 19, 2019
Authored by Ahmet Umit Bayram

Web Ofisi Emlak version 3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
Web Ofisi Emlak 2 SQL Injection
Posted Jul 19, 2019
Authored by Ahmet Umit Bayram

Web Ofisi Emlak version 2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
Web Ofisi Platinum E-Ticaret 5 SQL Injection
Posted Jul 19, 2019
Authored by Ahmet Umit Bayram

Web Ofisi Platinum E-Ticaret version 5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
REDCap Cross Site Scripting
Posted Jul 19, 2019
Authored by Dylan Garnaud, Alexandre Zanni

REDCap versions prior to 9.1.2 suffer from a cross site scripting vulnerability.

tags | exploit, xss
Web Ofisi Firma 13 SQL Injection
Posted Jul 19, 2019
Authored by Ahmet Umit Bayram

Web Ofisi Firma version 13 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
Web Ofisi Rent A Car 3 SQL Injection
Posted Jul 19, 2019
Authored by Ahmet Umit Bayram

Web Ofisi Rent a Car version 3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
Web Ofisi Firma Rehberi 1 SQL Injection
Posted Jul 19, 2019
Authored by Ahmet Umit Bayram

Web Ofisi Firma Rehberi version 1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
Ubuntu Security Notice USN-4066-1
Posted Jul 19, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4066-1 - It was discovered that libmspack incorrectly handled certain CHM files. A remote attacker could possibly use this issue to access sensitive information.

tags | advisory, remote
systems | linux, ubuntu
Ubuntu Security Notice USN-4065-1
Posted Jul 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4065-1 - It was discovered that Squid incorrectly handled Digest authentication. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. It was discovered that Squid incorrectly handled Basic authentication. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.04. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
Wireshark Analyzer 3.0.3
Posted Jul 18, 2019
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: A vulnerability has been addressed. Various other updates.
tags | tool, sniffer, protocol
systems | windows, unix
Microsoft Windows RPCSS Activation Kernel Security Callback Privilege Escalation
Posted Jul 18, 2019
Authored by James Forshaw, Google Security Research

On Microsoft Windows, the RPCSS Activation Kernel RPC server's security callback can be bypassed resulting in elevation of privilege.

tags | exploit, kernel
systems | windows
WordPress OneSignal 1.17.5 Cross Site Scripting
Posted Jul 18, 2019
Authored by LiquidWorm | Site zeroscience.mk

WordPress OneSignal plugin version 1.17.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
Ubuntu Security Notice USN-4064-1
Posted Jul 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4064-1 - A sandbox escape was discovered in Thunderbird. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same origin restrictions, conduct cross-site scripting attacks, spoof origin attributes, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, xss
systems | linux, ubuntu
Ubuntu Security Notice USN-4063-1
Posted Jul 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4063-1 - Nils Emmerich discovered that LibreOffice incorrectly handled LibreLogo scripts. If a user were tricked into opening a specially crafted document, a remote attacker could cause LibreOffice to execute arbitrary code. Matei "Mal" Badanoiu discovered that LibreOffice incorrectly handled stealth mode. Contrary to expectations, bullet graphics could be retrieved from remote locations when running in stealth mode. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
Oracle Siebel CRM 19.0 Cross Site Scripting
Posted Jul 17, 2019
Authored by Sarath Nair

Oracle Siebel CRM version 19.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
Ubuntu Security Notice USN-4059-2
Posted Jul 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4059-2 - USN-4059-1 and USN-3557-1 fixed several vulnerabilities in Squid. This update provides the corresponding update for Ubuntu 12.04 ESM. Louis Dion-Marcil discovered that Squid incorrectly handled certain Edge Side Includes responses. A malicious remote server could possibly cause Squid to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
MAPLE Computer WBT SNMP Administrator 2.0.195.15 Buffer Overflow
Posted Jul 17, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

MAPLE Computer WBT SNMP Administrator version 2.0.195.15 suffers from a buffer overflow vulnerability that allows for code execution.

tags | exploit, overflow, code execution
Debian Security Advisory 4483-1
Posted Jul 17, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4483-1 - Two security issues have been discovered in LibreOffice.

tags | advisory
systems | linux, debian
Huawei HG530 Reboot / Restore Authentication Bypass
Posted Jul 17, 2019
Authored by Raki Ben Hamouda

Huawei HG530 suffers from unauthenticated remote reboot and restore vulnerabilities.

tags | exploit, remote, vulnerability
WinMPG iPod Convert 3.0 Denial Of Service
Posted Jul 17, 2019
Authored by stresser

WinMPG iPod Convert version 3.0 Register flow denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
Falco 0.16.0
Posted Jul 16, 2019
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Improved rule loading performance by optimizing lua parsing paths to avoid expensive pattern matches. Remove an unused cmake file. Cleaned up error reporting to provide more meaningful error messages along with context when loading rules files. Various other bug fixes and improvements.
tags | tool, intrusion detection
systems | unix
View Older Files →

Recent News

News RSS Feed
Skylight Cyber Bypasses Cylance AI
Posted Jul 18, 2019

tags | headline, hacker, flaw
No, You Don't Need A Burner Phone At A Hacking Conference
Posted Jul 18, 2019

tags | headline, hacker, privacy, phone, conference
US Senator Asks FBI To Investigate FaceApp
Posted Jul 18, 2019

tags | headline, government, privacy, usa, russia, cyberwar
Microsoft Warns 10,000 Customers They're Targeted By Nation States
Posted Jul 18, 2019

tags | headline, hacker, government, microsoft, cyberwar
Slack Resets Passwords For 1% Of Its Users Because Of 2015 Hack
Posted Jul 18, 2019

tags | headline, hacker, data loss, password
Unofficial Telegram App Secretly Loads Malicious Sites
Posted Jul 17, 2019

tags | headline, malware, phone
Bluetooth Exploit Can Track And Identify Mobile Device Users
Posted Jul 17, 2019

tags | headline, privacy, wireless, spyware
Elon Musk Reveals Brain Hacking Plans
Posted Jul 17, 2019

tags | headline, hacker, science
JetBlue Bomb Scare Set Off With Apple AirDrop
Posted Jul 17, 2019

tags | headline, apple, terror
MyDashWallet Compromised For Two Months, Wallet Keys Taken
Posted Jul 16, 2019

tags | headline, cybercrime, data loss, fraud, cryptography
View More News →

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close