exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 194 RSS Feed

Files

WebKit JSC BindingNode::bindValue Failed Reference Count Increase
Posted May 25, 2017
Authored by Google Security Research, lokihardt

WebKit JSC fails to increase the reference count in BindingNode::bindValue.

tags | exploit
advisories | CVE-2017-2505
SHA-256 | 6f55d86c5f6b50d0002bcd10d39bf19ba832cfb70f168f4c10bd7447be36f502
Download | Favorite | View
WebKit ContainerNode::parserRemoveChild (2) Universal Cross Site Scripting
Posted May 25, 2017
Authored by Google Security Research, lokihardt

WebKit suffers from a universal cross site scripting vulnerability via ContainerNode::parserRemoveChild (2).

tags | exploit, xss
SHA-256 | 964166bf7e2aad87ca87f9fbd636f508b2feacc79ea9718481f8a478a086c262
Download | Favorite | View
WebKit Patch #1110 Universal Cross Site Scripting
Posted May 25, 2017
Authored by Google Security Research, lokihardt

The WebKit #1110 patch created a universal cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f9fa2419890bbf932fea7ee2144168cc1b45cb651c941ddb77002892c3f97bb8
Download | Favorite | View
Samba 3.5.0 Remote Code Execution
Posted May 25, 2017
Authored by steelo

Samba version 3.5.0 remote code execution exploit. Written in python.

tags | exploit, remote, code execution, python
advisories | CVE-2017-7494
SHA-256 | 82b78ac677f3c508a31ba7663a45618d965a4a0c22eb9bc613387514f11039b3
Download | Favorite | View
Apple MacOS HIServices Privilege Escalation
Posted May 24, 2017
Authored by Google Security Research, Ian Beer

Apple MacOS suffers from a local elevation of privilege vulnerability due to a lack of bounds checking in HIServices custom CFObject serialization.

tags | exploit, local
systems | apple
advisories | CVE-2017-6978
SHA-256 | 1aa8e11c6dd2564941d452637180beeaffbdf5025cab2320d31049cd5d306643
Download | Favorite | View
Apple iOS / OS X NSKeyedArchiver Memory Corruption
Posted May 24, 2017
Authored by Google Security Research, Ian Beer

Apple iOS / OS X suffer from a NSKeyedArchiver memory corruption vulnerability due to a lack of bounds checking in CAMediaTimingFunctionBuiltin.

tags | exploit
systems | unix, apple, ios
advisories | CVE-2017-2527
SHA-256 | ca7a887d2ea998dc6250cc110e33b535fe3368bec11281aa3e5ffebf43fe2c45
Download | Favorite | View
Apple iOS / MacOS NSKeyedArchiver Heap Corruption
Posted May 24, 2017
Authored by Google Security Research, Ian Beer

Apple iOS / MacOS suffers from a NSKeyedArchiver heap corruption vulnerability due to a rounding error in TIKeyboardLayout initWithCoder:.

tags | exploit
systems | unix, apple, ios
advisories | CVE-2017-2524
SHA-256 | b11e4fa749407eb6cbea1e698f70085373bb11356622dba14596a60b5ee4368b
Download | Favorite | View
Apple MacOS NSUnarchiver Heap Corruption
Posted May 24, 2017
Authored by Google Security Research, Ian Beer

Apple MacOS NSUnarchiver suffers from a heap corruption vulnerability due to lack of bounds checking in [NSBuiltinCharacterSet initWithCoder:].

tags | exploit
systems | apple
advisories | CVE-2017-2523
SHA-256 | e2849820975ba9e34e34473279ce9b4842b59d2332429f539fffbd8657173888
Download | Favorite | View
Apple iOS / MacOS NSCharacterSet Memory Corruption
Posted May 24, 2017
Authored by Google Security Research, Ian Beer

Apple iOS / MacOS suffers from a memory corruption vulnerability due to bad bounds checking in NSCharacterSet coding for NSKeyedUnarchiver.

tags | exploit
systems | unix, apple, ios
advisories | CVE-2017-2522
SHA-256 | 3451fa7feeddaaaa2c8d46965e2248bbefe5070ec646c6930150120ccd46f1f0
Download | Favorite | View
Apple iOS / MacOS Netagent Kernel Memory Disclosure
Posted May 24, 2017
Authored by Google Security Research, Ian Beer

Apple iOS / MacOS suffers from a kernel memory disclosure vulnerability due to lack of bounds checking in netagent socket option handling.

tags | exploit, kernel
systems | unix, apple, ios
advisories | CVE-2017-2507
SHA-256 | a80eee4e7eb6cc5d85cfca41d2804e1883748684e1c813413ad14e66a918e582
Download | Favorite | View
Apple iOS / MacOS Domain Socket Kernel Use-After-Free
Posted May 24, 2017
Authored by Google Security Research, Ian Beer

Apple iOS / MacOS suffer from a kernel use-after-free vulnerability due to bad locking in unix domain socket file descriptor externalization.

tags | exploit, kernel
systems | unix, apple, ios
advisories | CVE-2017-2501
SHA-256 | d49bb5779a4c17dfcf174a09087ff899cab557acadeac924745cade61a639d0a
Download | Favorite | View
Trend Micro ServerProtect Disclosure / CSRF / XSS
Posted May 24, 2017
Authored by Alberto Solino, Core Security Technologies, Maximiliano Vidal, Leandro Barragan | Site coresecurity.com

Trend Micro ServerProtect suffers from information disclosure, manipulation, cross site request forgery, cross site scripting, and various other vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf
advisories | CVE-2017-9032, CVE-2017-9033, CVE-2017-9034, CVE-2017-9035, CVE-2017-9036, CVE-2017-9037
SHA-256 | 8e879696170b8b1f6b2ecc8c0d882967bb47bb12e348f1e061c984909eef85df
Download | Favorite | View
Joomla VideoFlow 1.2.0 SQL Injection
Posted May 24, 2017
Authored by Mojtaba MobhaM

Joomla VideoFlow extension version 1.2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f6346ee9872949c8a92678833ae65270a5db9307b032228401ecafc0ca1e706c
Download | Favorite | View
Alex Guestbook 5.0.4 Cross Site Scripting
Posted May 24, 2017
Authored by Mojtaba MobhaM

Alex Guestbook version 5.0.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 055933b640169d8875bc574472dfe2eb708ab18325639a596a789ea149c0039a
Download | Favorite | View
InvoicePlane 1.4.10 File Upload / Cross Site Scripting
Posted May 23, 2017
Authored by Jasveer Singh | Site sec-consult.com

InvoicePlane version 1.4.10 suffers from cross site scripting and remote file upload vulnerabilities.

tags | exploit, remote, vulnerability, xss, file upload
SHA-256 | f9f183d34c1ada4b03e2201ee13c0c22983f6fc241dde0d1f28ffdf8da86a993
Download | Favorite | View
Simple ASC CMS 1.2 Cross Site Scripting
Posted May 23, 2017
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Simple ASC CMS version 1.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ca4ddb7798dee2ffb269324504f52117e33584bdf4bd32a0c994b17007d0b4ae
Download | Favorite | View
KDE 4/5 KAuth Privilege Escalation
Posted May 23, 2017
Authored by stealth

KDE versions 4 and 5 suffer from a KAuth privilege escalation vulnerability.

tags | exploit
advisories | CVE-2017-8422, CVE-2017-8849
SHA-256 | c554a74a267c52aca3ad742178547b8d2a015c7f0cd8cbcdba5e0a178a1d4c91
Download | Favorite | View
HTTrack 3.x Stack Buffer Overflow
Posted May 23, 2017
Authored by Vulnerability Laboratory, Hosein Askari | Site vulnerability-lab.com

HTTrack version 3.x suffers from a stack buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 2bcbb8ef516f46d2cef284aeb94ca91a4f7f07005d73d65830c62b8a987b454a
Download | Favorite | View
WordPress Newsletter Supsystic 1.1.7 Cross Site Scripting
Posted May 23, 2017
Authored by Vulnerability Laboratory, King Coder | Site vulnerability-lab.com

WordPress Newsletter Supsystic plugin version 1.1.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6ecae5adcbf95d5c69fe28fba37fe9ca3a5692158857b6244cf28b09cc5acde3
Download | Favorite | View
VX Search Enterprise GET Buffer Overflow
Posted May 23, 2017
Authored by Daniel Teixeira | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of VX Search Enterprise v9.5.12, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.

tags | exploit, web, overflow, x86
systems | windows
SHA-256 | 5199a2e5cc5662ac54e66b7146c5c6b94ee41102ab904bac8eb917c52c3801dc
Download | Favorite | View
Sure Thing Disc Labeler 6.2.138.0 Buffer Overflow
Posted May 23, 2017
Authored by Chance Johnson

Sure Thing Disc Labeler version 6.2.138.0 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 8a2edb1c1c0c32c18f1e6f48be84549d2c5b62d50ede9d6deb02b44bd03e7f8d
Download | Favorite | View
MacOS Raw Frame Pointers In Stackshot
Posted May 23, 2017
Authored by Jann Horn, Google Security Research

This is an issue on MacOS that allows un-entitled root to read kernel frame pointers, which might be useful in combination with a kernel memory corruption bug.

tags | exploit, kernel, root
advisories | CVE-2017-2516
SHA-256 | 63b9107547c0985f1def098507f1151fbb6c1ccacb4c0d361b420aa17ff32d51
Download | Favorite | View
LG OGMParser::VerifyVorbisHeader Uninitialized Pointer
Posted May 23, 2017
Authored by Google Security Research, Mark Brand

LG has an issue where a malformed OGM file can cause the use of an uninitialized pointer during Vorbis header verification - vorbis_info_clear is called on a vorbis_info structure that has not previously been initialised by a call to vorbis_info_init.

tags | exploit
SHA-256 | afdfbc4dd8683cc760fb99fd28315f8ac51c68ca61a0fb1a2f850952b9060614
Download | Favorite | View
MacOS 32-Bit Syscall Exit Kernel Register Leak
Posted May 23, 2017
Authored by Jann Horn, Google Security Research

MacOS suffers from a kernel register leak via 32-bit syscall exit.

tags | exploit, kernel
advisories | CVE-2017-2509
SHA-256 | 51f21ee396efaec54ab768abeb7493566d5a0076bced42dd49e3ff6f228e0a09
Download | Favorite | View
Mantis Bug Tracker 1.3.10 / 2.3.0 Cross Site Request Forgery
Posted May 22, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Mantis Bug Tracker versions 1.3.10 and 2.3.0 suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2017-7620
SHA-256 | 657f51bab66ce5d5cf6800d27e2f3bc584ea834cf9cbd98479d947434a3b0ead
Download | Favorite | View
Page 3 of 8
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Juniper Networks Publishes Dozens Of New Security Advisories
Posted Apr 15, 2024

tags | headline, flaw, juniper
Favorite | View
LockBit Copycat DarkVault Spurs Rebranding Rumor
Posted Apr 12, 2024

tags | headline, hacker, malware, cybercrime, fraud, cryptography
Favorite | View
French Issue Alerte Rouge After Local Govs Knocked Offline By Cyberattack
Posted Apr 12, 2024

tags | headline, government, denial of service, france
Favorite | View
More Legal Acrimony For Truth Social, As Executive Says He Was Hacked
Posted Apr 12, 2024

tags | headline, hacker, password, social
Favorite | View
Palo Alto Networks Warns Of Exploited Firewall Vulnerability
Posted Apr 12, 2024

tags | headline, hacker, flaw
Favorite | View
Roku Says More Than 500,000 Accounts Impacted In Cyberattack
Posted Apr 12, 2024

tags | headline, hacker, privacy, data loss, flaw
Favorite | View
US Government On High Alert As Russian Hackers Steal Critical Correspondence From Microsoft
Posted Apr 12, 2024

tags | headline, hacker, government, microsoft, email, usa, russia, data loss, cyberwar
Favorite | View
Apple Drops Term State-Sponsored Attacks From Its Threat Notification Policy
Posted Apr 11, 2024

tags | headline, government, privacy, phone, india, cyberwar, spyware, apple
Favorite | View
Google Cloud Unveils New AI-Powered Security Capabilities
Posted Apr 11, 2024

tags | headline, botnet, google
Favorite | View
Fortinet Patches FortiClientLinux Critical RCE Vulnerability
Posted Apr 11, 2024

tags | headline, flaw, patch
Favorite | View
View More News →
packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close