Twenty Year Anniversary

Recent Files

Files RSS Feed
Debian Security Advisory 4341-1
Posted Nov 20, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4341-1 - Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.1.37.

tags | advisory, vulnerability
systems | linux, debian
Red Hat Security Advisory 2018-2908-01
Posted Nov 20, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2908-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.9.51. Issues addressed include a crash vulnerability.

tags | advisory
systems | linux, redhat
ACM CCS 2019 Call For Papers
Posted Nov 20, 2018
Site ccs2019.sigsac.org

The 26th ACM Conference on Computer and Communications Security will take place in London, UK, November 11th through the 15th, 2019. The Conference on Computer and Communications Security (CCS) seeks submissions presenting novel contributions related to all real-world aspects of computer security and privacy. Theoretical papers must make a convincing case for the relevance of their results to practice. Authors are encouraged to write the abstract and introduction of their paper in a way that makes the results accessible and compelling to a general computer-security researcher. In particular, authors should bear in mind that anyone on the program committee may be asked to give an opinion about any paper.

tags | paper, conference
Zoho ManageEngine OpManager 12.3 Cross Site Scripting
Posted Nov 20, 2018
Authored by Murat Aydemir

Zoho ManageEngine OpManager versions 12.3 before build 123223 have a cross site scripting vulnerability via the updateWidget API.

tags | advisory, xss
Debian Security Advisory 4340-1
Posted Nov 20, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4340-1 - An out-of-bounds bounds memory access issue was discovered in chromium's v8 javascript library by cloudfuzzer.

tags | advisory, javascript
systems | linux, debian
ELBA5 Electronic Banking Remote Code Execution
Posted Nov 20, 2018
Authored by Florian Bogner

ELBA5 Network Installation versions prior to 5.8.1 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
Microsoft Windows Unnamed Kernel Object Privilege Escalation
Posted Nov 20, 2018
Authored by James Forshaw, Google Security Research

Microsoft Windows 10 1803 and 1809 have an issue with unnamed kernel object creation. It's possible to default the security descriptor owner or mandatory label to the value from an Identification level impersonation token leading to elevation of privilege.

tags | exploit, kernel
systems | windows
Microsoft Windows DfMarshal Unsafe Unmarshaling Privilege Escalation
Posted Nov 20, 2018
Authored by James Forshaw, Google Security Research

Microsoft Windows 10 1803 suffers from a DfMarshal unsafe unmarshaling elevation of privilege vulnerability.

tags | exploit
systems | windows
macOS 10.13 workq_kernreturn Denial Of Service
Posted Nov 20, 2018
Authored by Fabiano Anemone

macOS version 10.13 workq_kernreturn denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
ImageMagick Memory Leak
Posted Nov 20, 2018
Authored by barracud4

ImageMagick versions prior to 7.0.8-9 suffers from a memory leak vulnerability.

tags | exploit, memory leak, info disclosure
Ticketly 1.0 Cross Site Request Forgery
Posted Nov 20, 2018
Authored by Javier Olmedo

Ticketly version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
Ubuntu Security Notice USN-3816-2
Posted Nov 20, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3816-2 - USN-3816-1 fixed several vulnerabilities in systemd. However, the fix for CVE-2018-6954 was not sufficient. This update provides the remaining fixes. Jann Horn discovered that unit_deserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. Jann Horn discovered a race condition in chown_one. A local attacker could potentially exploit this by setting arbitrary permissions on certain files to obtain root privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. It was discovered that systemd-tmpfiles mishandled symlinks in non-terminal path components. A local attacker could potentially exploit this by gaining ownership of certain files to obtain root privileges. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, arbitrary, local, root, vulnerability
systems | linux, ubuntu
Ricoh myPrint Hardcoded Credentials / Information Disclosure
Posted Nov 20, 2018
Authored by Hodorsec

Ricoh myPrint suffers from hardcoded application credential and information disclosure vulnerabilities. The myPrint windows client version 2.9.2.4 and myPrint android client version 2.2.7 are both affected.

tags | exploit, vulnerability, info disclosure
systems | windows
Synaccess netBooter NP-0801DU 7.4 Cross Site Request Forgery
Posted Nov 19, 2018
Authored by LiquidWorm | Site zeroscience.mk

Synaccess netBooter NP-0801DU version 7.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
Synaccess netBooter NP-02x / NP-08x 6.8 Authentication Bypass
Posted Nov 19, 2018
Authored by LiquidWorm | Site zeroscience.mk

Synaccess netBooter NP-02x and NP-08x version 6.8 suffer from an authentication bypass vulnerability due to a missing control check when calling the webNewAcct.cgi script while creating users. This allows an unauthenticated attacker to create an admin user account and bypass authentication giving her the power to turn off a power supply to a resource.

tags | exploit, cgi, bypass
Microsoft Edge Chakra OP_Memset Type Confusion
Posted Nov 19, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge suffers from a Chakra OP_Memset type confusion vulnerability.

tags | exploit
XMPlay 3.8.3 Denial Of Service
Posted Nov 18, 2018
Authored by s7acktrac3

XMPlay version 3.8.3 suffers from a denial of service vulnerability.

tags | exploit, denial of service
HTML Video Player 1.2.5 Buffer Overflow
Posted Nov 17, 2018
Authored by Kagan Capar

HTML Video Player version 1.2.5 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
Intel Rapid Storage Technology User Interface And Driver 15.9.0.1015 DLL Hijacking
Posted Nov 16, 2018
Authored by Stefan Kanthak

Intel Rapid Storage Technology User Interface and Driver version 15.9.0.1015 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
Budabot 4.0 Denial Of Service
Posted Nov 16, 2018
Authored by Ryan Delaney

Budabot versions 0.6 through 4.0 suffer from a denial of service vulnerability.

tags | exploit, denial of service
Easy Outlook Express Recovery 2.0 Denial Of Service
Posted Nov 16, 2018
Authored by Ihsan Sencan

Easy Outlook Express Recovery version 2.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
Ubuntu Security Notice USN-3824-1
Posted Nov 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3824-1 - It was discovered that the Security component of OpenJDK did not properly ensure that manifest elements were signed before use. An attacker could possibly use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. Artem Smotrakov discovered that the HTTP client redirection handler implementation in OpenJDK did not clear potentially sensitive information in HTTP headers when following redirections to different hosts. An attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, java, web
systems | linux, ubuntu
Mumsoft Easy Software 2.0 Denial Of Service
Posted Nov 16, 2018
Authored by Ihsan Sencan

Mumsoft Easy Software version 2.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
DomainMOD 4.11.01 Cross Site Scripting
Posted Nov 16, 2018
Authored by Dawood Ansar

DomainMOD versions 4.09.03 through 4.11.01 suffer from a cross site scripting vulnerability.

tags | exploit, xss
Helpdezk 1.1.1 Shell Upload
Posted Nov 16, 2018
Authored by Ihsan Sencan

Helpdezk version 1.1.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
View Older Files →

Recent News

News RSS Feed
Bitcoin Falls Below $5,000
Posted Nov 19, 2018

tags | headline, cryptography
Two Friends Jailed For TalkTalk Hack Attack
Posted Nov 19, 2018

tags | headline, hacker, privacy, phone, britain, data loss
Vision Direct Admits To Breach With CVVs Compromised
Posted Nov 19, 2018

tags | headline, privacy, bank, cybercrime, data loss, fraud
Instagram Flaw Exposes User Passwords
Posted Nov 19, 2018

tags | headline, privacy, data loss, password, facebook
Report: Charges Against Assange Relate To Russian Hacking
Posted Nov 17, 2018

tags | headline, government, usa, britain, russia, data loss, cyberwar
Amarillo City Workers PII Compromised
Posted Nov 17, 2018

tags | headline, government, usa, data loss
Blackberry In $1.4 Billion Deal To Buy Cylance
Posted Nov 17, 2018

tags | headline, blackberry
Emoji Attack Can Kill Skype For Business Chat
Posted Nov 17, 2018

tags | headline, microsoft, denial of service, skype
Justice Department Has Prepared Indictment Against Assange, Court Docs Reveal
Posted Nov 16, 2018

tags | headline, government, usa, britain, russia, data loss, cyberwar, spyware, military
John McAfee Found Liable For 2012 Death Of Belize Neighbor
Posted Nov 16, 2018

tags | headline, mcafee
View More News →

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    11 Files
  • 17
    Nov 17th
    1 Files
  • 18
    Nov 18th
    1 Files
  • 19
    Nov 19th
    3 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close