Exploit the possiblities

Recent Files

Files RSS Feed
Libraw 0.18.5 Denial Of Service
Posted Dec 12, 2017
Authored by Laurent Delosieres | Site secunia.com

Libraw version 0.8.15 suffers from a denial of service vulnerability.

tags | advisory, denial of service
Debian Security Advisory 4058-1
Posted Dec 12, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4058-1 - Two vulnerabilities were discovered in optipng, an advanced PNG optimizer, which may result in denial of service or the execution of arbitrary code if a malformed file is processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
Ubuntu Security Notice USN-3512-1
Posted Dec 12, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3512-1 - David Benjamin discovered that OpenSSL did not correctly prevent buggy applications that ignore handshake errors from subsequently calling certain functions. It was discovered that OpenSSL incorrectly performed the x86_64 Montgomery multiplication procedure. While unlikely, a remote attacker could possibly use this issue to recover private keys.

tags | advisory, remote
systems | linux, ubuntu
Debian Security Advisory 4062-1
Posted Dec 12, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4062-1 - It discovered that the Private Browsing mode in the Mozilla Firefox web browser allowed to fingerprint a user across multiple sessions via IndexedDB.

tags | advisory, web
systems | linux, debian
Debian Security Advisory 4061-1
Posted Dec 12, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4061-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, debian
Debian Security Advisory 4060-1
Posted Dec 12, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4060-1 - It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for CIP Safety, IWARP_MPA, NetBIOS, Profinet I/O and AMQP, which result in denial of dervice or the execution of arbitrary code.

tags | advisory, arbitrary, vulnerability, protocol
systems | linux, debian
Slackware Security Advisory - openssl Updates
Posted Dec 12, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssl packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
FreeBSD Security Advisory - FreeBSD-SA-17:12.openssl
Posted Dec 12, 2017
Site security.freebsd.org

FreeBSD Security Advisory - Invoking SSL_read()/SSL_write() while in an error state causes data to be passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error. Various other issues were addressed.

tags | advisory
systems | freebsd, bsd
Debian Security Advisory 4059-1
Posted Dec 12, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4059-1 - It was discovered that libXcursor, a X cursor management library, is prone to several heap overflows when parsing malicious files. An attacker can take advantage of these flaws for arbitrary code execution, if a user is tricked into processing a specially crafted cursor file.

tags | advisory, overflow, arbitrary, code execution
systems | linux, debian
macOS / iOS Kernel IOSurfaceRootUserClient Double-Free
Posted Dec 12, 2017
Authored by Google Security Research, ianbeer

macOS and iOS suffer from a kernel double free vulnerability due to IOSurfaceRootUserClient not respecting MIG ownership rules.

tags | exploit, kernel
systems | cisco, ios
macOS getrusage Stack Leak
Posted Dec 12, 2017
Authored by Google Security Research, jannh

macOS suffers from a getrusage stack leak through struct padding.

tags | exploit
macOS necp_get_socket_attributes so_pcb Type Confusion
Posted Dec 12, 2017
Authored by Google Security Research, jannh

macOS suffers from an so_pcb type confusion vulnerability in necp_get_socket_attributes.

tags | exploit
XNU Kernel Memory Corruption
Posted Dec 12, 2017
Authored by Google Security Research, ianbeer

The XNU kernel suffers from a memory corruption vulnerability due to an integer overflow in the __offsetof usage in posix_spawn on 32-bit platforms.

tags | exploit, overflow, kernel
macOS / iOS IOTimeSyncClockManagerUserClient Use-After-Free
Posted Dec 12, 2017
Authored by Google Security Research, ianbeer

macOS / iOS suffer from multiple kernel use-after-free vulnerabilities due to incorrect IOKit object lifetime management in IOTimeSyncClockManagerUserClient.

tags | exploit, kernel, vulnerability
systems | cisco, ios
macOS AppleIntelCapriController::GetLinkConfig Kernel Code Execution
Posted Dec 12, 2017
Authored by Google Security Research, ianbeer

The macOS kernel suffers from a code execution vulnerability due to a lack of bounds checking in AppleIntelCapriController::GetLinkConfig.

tags | exploit, kernel, code execution
macOS / iOS Kernel Double Free
Posted Dec 12, 2017
Authored by Google Security Research, ianbeer

macOS and iOS suffer from a kernel double free due to incorrect API usage in flow divert socket option handling.

tags | exploit, kernel
systems | cisco, ios
XNU Kernel API Memory Disclosure
Posted Dec 12, 2017
Authored by Google Security Research, ianbeer

There is a XNU kernel memory disclosure flaw caused by a bug in the kernel API for detecting kernel memory disclosures. No, this isn't a failure at writing a description.

tags | exploit, kernel
LibTIFF pal2rgb 4.0.9 Heap Overflow
Posted Dec 12, 2017
Authored by Jungun Baek

LibTIFF pal2rgb version 4.0.9 suffers from a heap buffer overflow.

tags | exploit, denial of service, overflow
Vanguard 1.4 SQL Injection
Posted Dec 12, 2017
Authored by Ihsan Sencan

Vanguard version 1.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Vanguard 1.4 Arbitrary File Upload
Posted Dec 12, 2017
Authored by Ihsan Sencan

Vanguard version 1.4 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
Basic Job Site Script 2.0.5 SQL Injection
Posted Dec 12, 2017
Authored by Ihsan Sencan

Basic Job Site Script version 2.0.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Resume Clone Script 2.0.5 SQL Injection
Posted Dec 12, 2017
Authored by Ihsan Sencan

Resume Clone Script version 2.0.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Advanced World Database 2.0.5 SQL Injection
Posted Dec 12, 2017
Authored by Ihsan Sencan

Advanced World Database version 2.0.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Muslim Matrimonial Script 3.02 SQL Injection
Posted Dec 12, 2017
Authored by Ihsan Sencan

Muslim Matrimonial Script version 3.02 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Groupon Clone Script 3.01 SQL Injection
Posted Dec 12, 2017
Authored by Ihsan Sencan

Groupon Clone Script version 3.01 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
View Older Files →

Recent News

News RSS Feed
Language Bugs Infest Downstream Software
Posted Dec 11, 2017

tags | headline, flaw
German Spy Agency Warns Of Chinese LinkedIn Espionage
Posted Dec 11, 2017

tags | headline, government, china, cyberwar, germany, spyware, social
Dynamics 365 Sandbox Leaked TLS Certificates
Posted Dec 11, 2017

tags | headline, privacy, microsoft, data loss, flaw, cryptography
Keylogger Uncovered On Hundreds Of HP PCs
Posted Dec 11, 2017

tags | headline, flaw, spyware, backdoor
PlexCoin Scam Founder Sentenced To Jail And Fined $10k
Posted Dec 10, 2017

tags | headline, cybercrime, fraud, scam, cryptography
Google Lifts Lid On FBI Data Requests: Now You Can Read Actual Letters Online
Posted Dec 9, 2017

tags | headline, government, privacy, usa, google, fbi
Android Flaw Lets Attack Code Slip Into Signed Apps
Posted Dec 9, 2017

tags | headline, malware, phone, flaw, google
Millions Stolen In NiceHash Bitcoin Heist
Posted Dec 9, 2017

tags | headline, hacker, cybercrime, fraud, cryptography
Apple HomeKit Flaw Left Smart Gadgets Vulnerable
Posted Dec 9, 2017

tags | headline, flaw, apple
Intel Management Engine Pwned By Buffer Overflow
Posted Dec 7, 2017

tags | headline, hacker, flaw, conference, intel
View More News →

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    42 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close