This archive contains all of the 180 exploits added to Packet Storm in November, 2019.
748d5fe134eca74ab21a6089ed971c4aa53159defadc9f9e96cc82609687a397
Carlo Gavazzi SmartHouse version 6.5.33 suffers from cross site request forgery along with both reflective and persistent cross site scripting vulnerabilities.
4853055373917d744c7670ff8d4660feef8574919a15a2e1d5777cca98ae1825
Microsoft Excel 2016 version 1901 suffers from an XML external entity injection vulnerability.
e44c33d8e03b25f973e061cc13989210104717a2cc6f7198f78cc1802ddf7ede
Max Secure Anti Virus Plus version 19.0.4.020 suffers from an insecure permission vulnerability.
76f4e179622075025b7eb99563a43f43d4f74eb445470abbb8a207a9f416a093
NAPC Xinet (interface) Elegant 6 Asset Library version 6.1.655 allows pre-authentication error-based SQL injection via the /elegant6/login LoginForm[username] field when double quotes are used.
861555c2816d3e8545ed29c5458dbc9afd6526714f4d2b3d853f8b78e2022d5d
Allied Telesis AT-GS950/8 up until firmware AT-S107 version 1.1.3 [1.00.047] suffers from a directory traversal vulnerability.
422b9c7ed7d41d2043906b03440133f19f70b9d3ce5345d8615b0e80edadfe03
WordPress Plainview Activity Monitor plugin is vulnerable to OS command injection which allows an attacker to remotely execute commands on the underlying system. Application passes unsafe user supplied data to ip parameter into activities_overview.php. Privileges are required in order to exploit this vulnerability. Vulnerable plugin version: 20161228 and possibly prior. Fixed plugin version: 20180826.
7ec3e2886cfeb10934e1758d21c4a3b07426bc1755426426441b88d92cfd7024
OwnCloud version 8.1.8 suffers from a username disclosure vulnerability.
0307de97c325435adcb9198b8abdd9f7094e634c0324db4c86daa7772020153a
An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support "saved UID" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.
506feee71f53fac76413f6d8f5b4cad88bddee539003ffcdf0c54f19b9a741ec
Online Inventory Manager version 3.2 suffers from a persistent cross site scripting vulnerability.
2a17665cc12bcb9f3faa72d4270155382c77fe2c2ddc086fe1084d45f5d4bb75
SpotAuditor version 5.3.2 Name and Key proof of concept denial of service exploits.
def21425b191e4950249069aa03b8a79033e22714038a46149d3ba19c72fa84b
Mersive Solstice version 2.8.0 suffers from a remote code execution vulnerability.
41ae2404927a39e963d537c545ef3a3209ea223a6fe1314299241b67ec6d3047
GHIA CamIP version 1.2 for iOS suffers from a denial of service vulnerability.
c3d5b41413dbf51de10e6b4f74f2284ed66cdd73572462d61d68618f2210df64
TexasSoft CyberPlanet version 6.4.131 suffers from a CCSrvProxy unquoted service path vulnerability.
94c1d807c9a0501d3748f8c41652394f08c36679caea0fdb76a866533ce69ded
WordPress version 5.3 suffers from a username enumeration vulnerability.
617224266959f06915a164de940bc67b50871dfdb40fbe6b480e2dc7741ec028
Grub2 has grub2-set-bootflag setuid in the new Fedora release and has the ability to corrupt the environment.
8b02b403cb65d197b55d479f14ebd82a934af9eca331f69bc357e66acc8a31b2
The vulnerability allows rescaling and corrupting the Xiaomi Mi Box (model: MIBOX3, build.id : MHC19) display without any privilege requirement, thus creating an opportunity for a non-privilege malicious app to disable the basic functionalities that the TV box is offering or can even be used for ransomware purpose - e.g., each time a target streaming app is launched, the malicious app can corrupt the display.
e3d8df083eeb13cc51a2757aa687d0e3a726620f82fe26776aef9ee56634e546
SpotAuditor version 5.3.2 suffers from a denial of service vulnerability.
978407ee340b95fa4b09bb3152f890d72c691b862c9c74423625ff1e758deb66
Microsoft DirectX SDK 2010 suffers from a denial of service vulnerability.
85027970bc8614d80e0b59ffa521da2a5836108f419a2d1d1b4fcdf99ed64c0a
pari/gp versions 2.9.1 on Debian Stretch and 2.11 on Debian Buster allow arbitrary file write and hence arbitrary code execution.
ffffda78c0913f524e10b48ae7dd7f2a88fb017e7d948c4b48b4348c11a63e02
Fortinet products, including FortiGate and Forticlient, regularly send information to Fortinet servers using XOR "encryption" with a static key. FortiClientWindows versions 6.0.6 and below, and FortiClientMac versions 6.2.1 and below. After this advisory was released, Fortinet has confirmed that only FortiOS version 6.2.0 includes the patch.
8dc47eb79b4cc21fe29d2fa486d30fd36bd9bb27983db8a7c9f4ea84620972f0
iNetTools for iOS version 8.20 suffers from a denial of service vulnerability.
2d6f29f1dd6aa8f4c79f15e1cfe1e0fec8e9d8376f819cf783b6c200b49d4312
InduSoft Web Studio version 8.1 SP1 suffers from a denial of service vulnerability.
6366535aefb1f96747e1775600301c88409b37c3364ba70eb9ddde8e3efd6dcb
Waves MaxxAudio Drivers version 1.1.6.0 suffers from an unquoted service path vulnerability.
d9a785f0cc29b82091e884c52a3c1a2f45dabc8c9489b5345e2c38acfaf64a20
InTouch Machine Edition version 8.1 SP1 denial of service proof of concept exploit.
ec77e960829caa7b23c3294df2aa687ebe99b5283cb9df0050fd00aa8ec7aaa4