what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2015-04-20

HP Security Bulletin HPSBMU03321 1
Posted Apr 20, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03321 1 - Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
advisories | CVE-2015-2116
SHA-256 | e3bff405a71af31ef6d3e6d551520412a1779cdfbb37dbc4bd403f21f37a019b
WordPress Community Events 1.3.5 SQL Injection
Posted Apr 20, 2015
Authored by Hannes Trunde

WordPress Community Events plugin version 1.3.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2015-3313
SHA-256 | 70c4d2ad7fac8ef6eafa221405685f5b06178fda04b4836ca54fa6d07950996d
Ubuntu Security Notice USN-2572-1
Posted Apr 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2572-1 - It was discovered that PHP incorrectly handled cleanup when used with Apache 2.4. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that PHP incorrectly handled opening tar, zip or phar archives through the PHAR extension. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2015-2305, CVE-2015-2348, CVE-2015-2783, CVE-2015-2787, CVE-2015-3329, CVE-2015-3330
SHA-256 | 244c6d018bed72ec3bf51a251a141d8c6742d2dddff7af1f4fe2c11621debdd0
WordPress SlideShow Gallery Authenticated File Upload
Posted Apr 20, 2015
Authored by Jesus Ramirez Pichardo | Site metasploit.com

The WordPress SlideShow Gallery plugin contains an authenticated file upload vulnerability. You can upload arbitrary files to the upload folder, because the plugin also uses it's own file upload mechanism instead of the WordPress API it's possible to upload any file type.

tags | exploit, arbitrary, file upload
advisories | CVE-2014-5460
SHA-256 | 9a7da5312dab92d7b283154818127736540719c6ad6ac81ce02c41aa922cfeb6
Red Hat Security Advisory 2015-0858-01
Posted Apr 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0858-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0458, CVE-2015-0459, CVE-2015-0460, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491
SHA-256 | 13f8409446168f20911b57e29034f0647d8480c24148b198b89e63ffd80a697a
Red Hat Security Advisory 2015-0857-01
Posted Apr 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0857-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0458, CVE-2015-0459, CVE-2015-0460, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0484, CVE-2015-0488, CVE-2015-0491, CVE-2015-0492
SHA-256 | c54689f6ad7f395023088b0e36606b64d46cbcc83638c2801b0f61ddd5f0c4f5
Laravel Framework PHP Object Injection
Posted Apr 20, 2015
Authored by Scott Arciszewski

Laravel Framework versions since 4.1 suffer from a PHP objection injection vulnerability when encryption is turned off.

tags | advisory, php
SHA-256 | 77f22e2a8757288c75c6f2b204358f81cc4f63d582e81dad74eced0ce382209a
Red Hat Security Advisory 2015-0856-01
Posted Apr 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0856-01 - PostgreSQL is an advanced object-relational database management system. An information leak flaw was found in the way the PostgreSQL database server handled certain error messages. An authenticated database user could possibly obtain the results of a query they did not have privileges to execute by observing the constraint violation error messages produced when the query was executed. A buffer overflow flaw was found in the way PostgreSQL handled certain numeric formatting. An authenticated database user could use a specially crafted timestamp formatting template to cause PostgreSQL to crash or, under certain conditions, execute arbitrary code with the permissions of the user running PostgreSQL.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2014-8161, CVE-2015-0241, CVE-2015-0243, CVE-2015-0244
SHA-256 | 3d9bd9b652b5dd4ebbb712cc6ff829b52fc7c6607babb3a559a3c929cbd8f5dd
Debian Security Advisory 3230-1
Posted Apr 20, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3230-1 - James P. Turk discovered that the ReST renderer in django-markupfield, a custom Django field for easy use of markup in text fields, didn't disable the ..raw directive, allowing remote attackers to include arbitrary files.

tags | advisory, remote, arbitrary
systems | linux, debian
advisories | CVE-2015-0846
SHA-256 | 3270e5081886088b7ed8f4115a4706ecb72ef1ab0109663405f9e4dee0cff5b9
Debian Security Advisory 3229-1
Posted Apr 20, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3229-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.43. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-0433, CVE-2015-0441, CVE-2015-0499, CVE-2015-0501, CVE-2015-0505, CVE-2015-2568, CVE-2015-2571, CVE-2015-2573
SHA-256 | 61a31d80e9d7fc0245a18112cf1972442899d6b29454ef63f49e26c112dea75a
MediaSuite.ca File Disclosure
Posted Apr 20, 2015
Authored by KnocKout

Sites designed by MediaSuite.ca appear to suffer from a file disclosure vulnerability. Note that this finding houses site-specific data.

tags | exploit, info disclosure
SHA-256 | d1c2b8dfa6337ed1c63d44afd525ee484513b4d9af978679cddb553a633fcd34
Free Text-To-Speech 2.0 Cross Site Scripting
Posted Apr 20, 2015
Authored by TUNISIAN CYBER

Free Text-To-Speech version 2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 46b05a206f7a1a4cbb0efcc61e5ac4f5fab77e9774ef23670eef275f70851f35
T35T-SSH Password Cracker / Scanner
Posted Apr 20, 2015
Authored by Cleiton Pinheiro

This is a php script that uses a pre-defined set of possible passwords and tries them against a given ssh server.

tags | tool, cracker, php
SHA-256 | 2316d8b598d7c0a482970338c9957ea4a0a7f7e9923cf97c9506f57ab34e463d
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close