exploit the possibilities
Showing 1 - 21 of 21 RSS Feed

Files Date: 2015-03-23

EMC Documentum xMS Sensitive Information Disclosure
Posted Mar 23, 2015
Site emc.com

EMC Documentum xMS contains a security fix to address a sensitive information disclosure vulnerability where Windows Service user credentials may potentially be exposed in plaintext within batch files during provisioning of EMC Documentum Platform or xCelerated Composition Platform (xCP).

tags | advisory, info disclosure
systems | windows
advisories | CVE-2015-0527
MD5 | 6bd2ac1b2245b8b31339136589ad34db
DokuWiki 2014-09-29c Cross Site Scripting
Posted Mar 23, 2015
Authored by Filippo Cavallarin

DokuWiki version 2014-09-29c suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | d3db16619a5fcb55c0958d6ed9403730
Ubuntu Security Notice USN-2540-1
Posted Mar 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2540-1 - It was discovered that GnuTLS did not perform date and time checks on CA certificates, contrary to expectations. This issue only affected Ubuntu 10.04 LTS. Nikos Mavrogiannopoulos discovered that GnuTLS incorrectly verified that signature algorithms matched. A remote attacker could possibly use this issue to downgrade to a disallowed algorithm. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2014-8155, CVE-2015-0282, CVE-2015-0294
MD5 | 2f5fe514fd38dc75d89b706425a73bc3
Ubuntu Security Notice USN-2539-1
Posted Mar 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2539-1 - Andrey Babak discovered that Django incorrectly handled strip_tags. A remote attacker could possibly use this issue to cause Django to enter an infinite loop, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. Daniel Chatfield discovered that Django incorrectly handled user-supplied redirect URLs. A remote attacker could possibly use this issue to perform a cross-site scripting attack. Various other issues were also addressed.

tags | advisory, remote, denial of service, xss
systems | linux, ubuntu
advisories | CVE-2015-2316, CVE-2015-2317
MD5 | 8bc6fb46b282919d66ec2dd234a0fd8d
Debian Security Advisory 3203-1
Posted Mar 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3203-1 - Several denial-of-service issues have been discovered in Tor, a connection-based low-latency anonymous communication system.

tags | advisory
systems | linux, debian
MD5 | 0fdb998bf42bf2f2dfd1649a25aad898
Debian Security Advisory 3202-1
Posted Mar 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3202-1 - Researchers at INRIA and Xamarin discovered several vulnerabilities in mono, a platform for running and developing applications based on the ECMA/ISO Standards. Mono's TLS stack contained several problems that impersonation (via SKIP-TLS), SSLv2 fallback, and encryption weakening (via FREAK).

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-2318, CVE-2015-2319, CVE-2015-2320
MD5 | 662dc13c2c03edbb462ee71c55f6ef77
Debian Security Advisory 3201-1
Posted Mar 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3201-1 - Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser.

tags | advisory, web
systems | linux, debian
advisories | CVE-2015-0817, CVE-2015-0818
MD5 | b3dbd5a1678d910c1e0705d8e0a66482
Debian Security Advisory 3200-1
Posted Mar 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3200-1 - Multiple vulnerabilities have been found the Drupal content management framework.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-2559
MD5 | 8b262f4481837e29b335bb0ecd4a7077
Gentoo Linux Security Advisory 201503-12
Posted Mar 23, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201503-12 - Multiple vulnerabilities have been found in Chromium, the worst of which can allow remote attackers to cause Denial of Service or bypass security restrictions. Versions less than 41.0.2272.76 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-1213, CVE-2015-1214, CVE-2015-1215, CVE-2015-1216, CVE-2015-1217, CVE-2015-1218, CVE-2015-1219, CVE-2015-1220, CVE-2015-1221, CVE-2015-1222, CVE-2015-1223, CVE-2015-1224, CVE-2015-1225, CVE-2015-1226, CVE-2015-1227, CVE-2015-1228, CVE-2015-1229, CVE-2015-1230, CVE-2015-1231, CVE-2015-1232
MD5 | d52dbb01547c90439ec063b3214cf548
Ubuntu Security Notice USN-2538-1
Posted Mar 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2538-1 - A flaw was discovered in the implementation of typed array bounds checking in the Javascript just-in-time compilation. If a user were tricked in to opening a specially crafted website, an attacked could exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Mariusz Mlynski discovered a flaw in the processing of SVG format content navigation. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to run arbitrary script in a privileged context. Various other issues were also addressed.

tags | advisory, arbitrary, javascript
systems | linux, ubuntu
advisories | CVE-2015-0817, CVE-2015-0818
MD5 | bd432c00a10f6362e1287d8ebfc209a6
Debian Security Advisory 3199-1
Posted Mar 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3199-1 - Anton Rager and Jonathan Brossard from the Salesforce.com Product Security Team and Ben Laurie of Google discovered a denial of service vulnerability in xerces-c, a validating XML parser library for C++. The parser mishandles certain kinds of malformed input documents, resulting in a segmentation fault during a parse operation. An unauthenticated attacker could use this flaw to cause an application using the xerces-c library to crash.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2015-0252
MD5 | ef4d73261a1ae6214d76ad05adaddbc4
Debian Security Advisory 3198-1
Posted Mar 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3198-1 - Multiple vulnerabilities have been discovered in the PHP language.

tags | advisory, php, vulnerability
systems | linux, debian
advisories | CVE-2015-2301, CVE-2015-2331
MD5 | 0dc5e2e58857c03d94822730c37b0e2f
ManageEngine Network Configuration Management CSRF
Posted Mar 23, 2015
Authored by Kaustubh G. Padwad

ManageEngine Network Configuration Management suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 758c46f5ea5bd4b20d2dbbaa4a25d4a5
WordPress InBoundio Marketing Shell Upload
Posted Mar 23, 2015
Authored by KedAns-Dz

WordPress InBoundio Marketing plugin suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 6ac107ba053ee75a46470a86b8b5b049
WordPress MP3-Jplayer 2.1 Local File Disclosure
Posted Mar 23, 2015
Authored by KedAns-Dz

WordPress MP3-Jplayer plugin version 2.3 suffers from a local file disclosure vulnerability.

tags | exploit, local, info disclosure
MD5 | 0577fced5405ca7ac7c4bfd00e06a86d
Manage Engine Device Expert 5.9.9.0 Cross Site Scripting
Posted Mar 23, 2015
Authored by Kaustubh G. Padwad

Manage Engine Device Expert version 5.9.9.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 0c28afbd1b355f909ade578987e45261
WordPress AB Google Map Travel CSRF / XSS
Posted Mar 23, 2015
Authored by Kaustubh G. Padwad

WordPress AB Google Map Travel (AB-MAP) plugin suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 80dcf6019c4692249d074a56866f506f
Manage Engine Device Expert 5.9.9.0 CSRF
Posted Mar 23, 2015
Authored by Kaustubh G. Padwad

Manage Engine Device Expert version 5.9.9.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 7f054347f8b11273f1fce5627ee76275
Joomla Spider FAQ SQL Injection
Posted Mar 23, 2015
Authored by Manish Tanwar

The Joomla Spider FAQ component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a40d03f58f0d2bbdc9c2565bc91a8471
Apache Batik XXE Injection
Posted Mar 23, 2015
Authored by Kevin Schaller

Apache Batik suffers from an XML external entity (XXE) injection vulnerability.

tags | advisory, xxe
advisories | CVE-2015-0250
MD5 | 10a9e6bd400de6f31de5850b0c0141e3
Free MP3 CD Ripper Buffer Overflow
Posted Mar 23, 2015
Authored by TUNISIAN CYBER

Free MP3 CD Ripper local buffer overflow exploit that mints a malicious .wav file that will spawn calc.exe.

tags | exploit, overflow, local
MD5 | 6a4d28012304d6adfd174438a54d150b
Page 1 of 1
Back1Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    0 Files
  • 3
    Apr 3rd
    0 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    0 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close