Exploit the possiblities
Showing 1 - 25 of 26 RSS Feed

Files Date: 2015-12-10

Debian Security Advisory 3414-1
Posted Dec 10, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3414-1 - Multiple security issues have been found in the Xen virtualisation solution, which may result in denial of service or information disclosure.

tags | advisory, denial of service, info disclosure
systems | linux, debian
advisories | CVE-2015-3259, CVE-2015-3340, CVE-2015-5307, CVE-2015-6654, CVE-2015-7311, CVE-2015-7812, CVE-2015-7813, CVE-2015-7814, CVE-2015-7969, CVE-2015-7970, CVE-2015-7971, CVE-2015-7972, CVE-2015-8104
MD5 | 3e25b029b2f152b2b16157fabb204693
HP Security Bulletin HPSBHF03432 1
Posted Dec 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03432 1 - Potential security vulnerabilities have been identified with HPE Networking Comware 5, Comware 5, Low Encryption SW, Comware 7, and VCX, Using NTP. The vulnerabilities could be remotely exploited resulting in resulting in remote access restriction bypass and code execution. Revision 1 of this advisory.

tags | advisory, remote, vulnerability, code execution
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295
MD5 | 3125d9de58219658ab5a98f8b984b7e0
HP Security Bulletin HPSBHF03433 SSRT102964 1
Posted Dec 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03433 SSRT102964 1 - A potential security vulnerability has been identified with HP-UX Running Mozilla Firefox and Thunderbird. This may allow remote disclosure of information. Note: This is the TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory, remote
systems | hpux
advisories | CVE-2015-4000
MD5 | 806d5f1ac434a12d15edd0b833863c45
HP Security Bulletin HPSBMU03520 1
Posted Dec 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03520 1 - A potential security vulnerability has been identified with HP Insight Control server provisioning that could be exploited remotely resulting in information disclosure. Revision 1 of this advisory.

tags | advisory, info disclosure
advisories | CVE-2015-6858
MD5 | 8bc3e5ac88a69c8997925be60a3ace28
Debian Security Advisory 3415-1
Posted Dec 10, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3415-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2015-1302, CVE-2015-6764, CVE-2015-6765, CVE-2015-6766, CVE-2015-6767, CVE-2015-6768, CVE-2015-6769, CVE-2015-6770, CVE-2015-6771, CVE-2015-6772, CVE-2015-6773, CVE-2015-6774, CVE-2015-6775, CVE-2015-6776, CVE-2015-6777, CVE-2015-6778, CVE-2015-6779, CVE-2015-6780, CVE-2015-6781, CVE-2015-6782, CVE-2015-6784, CVE-2015-6785, CVE-2015-6786
MD5 | 78045fec837af84db133ffe1c45d8299
Cisco Security Advisory 20151209-java-deserialization
Posted Dec 10, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the Java deserialization used by the Apache Commons Collections (ACC) library could allow an unauthenticated, remote attacker to execute arbitrary code. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by submitting crafted input to an application on a targeted system that uses the ACC library. After the vulnerable library on the affected system deserializes the content, the attacker could execute arbitrary code on the system, which could be used to conduct further attacks. Cisco will release software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

tags | advisory, java, remote, arbitrary
systems | cisco
MD5 | aa97c8dc548d8f81046c8b0b8ea16930
Cisco Security Advisory 20151209-pca
Posted Dec 10, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in Cisco Prime Collaboration Assurance (PCA) Software could allow an unauthenticated, remote attacker to log in to the system shell with the default cmuser user account and access the shell with a limited set of permissions. The vulnerability is due to an undocumented account that has a default and static password. This account is created during installation and cannot be changed or deleted without impacting the functionality of the system. The first time this account is used the system will request that the user change the default password. An attacker could exploit this vulnerability by remotely connecting to the affected system via SSH by using the undocumented account. Successful exploitation could allow the attacker to access the system with the privileges of the cmuser user. This vulnerability allows the attacker to: access some sensitive data, such as the password file, system logs, and Cisco PCA database information; modify some data; run some internal executables; and potentially make the system unstable or inaccessible. Cisco has released software updates that address this vulnerability. Workarounds are available.

tags | advisory, remote, shell
systems | cisco
MD5 | 60215a609487bdcf0a9675a1eded17ee
Apple Security Advisory 2015-12-08-4
Posted Dec 10, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-12-08-4 - watchOS 2.1 is now available and addresses 30 security issues.

tags | advisory
systems | apple
advisories | CVE-2011-2895, CVE-2015-6978, CVE-2015-6979, CVE-2015-6997, CVE-2015-7001, CVE-2015-7038, CVE-2015-7039, CVE-2015-7040, CVE-2015-7041, CVE-2015-7042, CVE-2015-7043, CVE-2015-7046, CVE-2015-7047, CVE-2015-7053, CVE-2015-7054, CVE-2015-7059, CVE-2015-7060, CVE-2015-7061, CVE-2015-7064, CVE-2015-7066, CVE-2015-7068, CVE-2015-7072, CVE-2015-7073, CVE-2015-7075, CVE-2015-7083, CVE-2015-7084, CVE-2015-7105, CVE-2015-7111
MD5 | 5a1f097d48a4e27260c82597b2380f98
Apple Security Advisory 2015-12-08-2
Posted Dec 10, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-12-08-2 - tvOS 9.1 is now available and addresses 48 security issues.

tags | advisory
systems | apple
advisories | CVE-2011-2895, CVE-2015-3807, CVE-2015-7001, CVE-2015-7038, CVE-2015-7039, CVE-2015-7040, CVE-2015-7041, CVE-2015-7042, CVE-2015-7043, CVE-2015-7045, CVE-2015-7046, CVE-2015-7047, CVE-2015-7048, CVE-2015-7051, CVE-2015-7053, CVE-2015-7054, CVE-2015-7055, CVE-2015-7058, CVE-2015-7059, CVE-2015-7060, CVE-2015-7061, CVE-2015-7062, CVE-2015-7064, CVE-2015-7065, CVE-2015-7066, CVE-2015-7068, CVE-2015-7072, CVE-2015-7073
MD5 | 8a2ae29250899c9633bdf7da2fde1fc8
Apple Security Advisory 2015-12-08-3
Posted Dec 10, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-12-08-3 - OS X El Capitan 10.11.2 and Security Update 2015-008 is now available and addresses 54 vulnerabilities.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2011-2895, CVE-2012-0876, CVE-2012-1147, CVE-2012-1148, CVE-2015-3807, CVE-2015-5333, CVE-2015-5334, CVE-2015-6908, CVE-2015-7001, CVE-2015-7038, CVE-2015-7039, CVE-2015-7040, CVE-2015-7041, CVE-2015-7042, CVE-2015-7043, CVE-2015-7044, CVE-2015-7045, CVE-2015-7046, CVE-2015-7047, CVE-2015-7052, CVE-2015-7053, CVE-2015-7054, CVE-2015-7058, CVE-2015-7059, CVE-2015-7060, CVE-2015-7061, CVE-2015-7062, CVE-2015-7063
MD5 | a3dfdb84b85b00741b1c089a33944dfe
Apple Security Advisory 2015-12-08-6
Posted Dec 10, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-12-08-6 - Xcode 7.2 is now available and addresses four vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2015-7049, CVE-2015-7056, CVE-2015-7057, CVE-2015-7082
MD5 | 775f6561e4fd812d5292873957fb852b
Apple Security Advisory 2015-12-08-5
Posted Dec 10, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-12-08-5 - Safari 9.0.2 is now available and addresses a dozen vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2015-7048, CVE-2015-7050, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, CVE-2015-7103, CVE-2015-7104
MD5 | c6c968c3479c6dcdd5c89058fe5b5b0b
Apple Security Advisory 2015-12-08-1
Posted Dec 10, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-12-08-1 - iOS 9.2 is now available and addresses at least 50 security vulnerabilities.

tags | advisory, vulnerability
systems | cisco, apple, ios
advisories | CVE-2011-2895, CVE-2015-3807, CVE-2015-7001, CVE-2015-7037, CVE-2015-7038, CVE-2015-7039, CVE-2015-7040, CVE-2015-7041, CVE-2015-7042, CVE-2015-7043, CVE-2015-7046, CVE-2015-7047, CVE-2015-7048, CVE-2015-7050, CVE-2015-7051, CVE-2015-7053, CVE-2015-7054, CVE-2015-7055, CVE-2015-7058, CVE-2015-7064, CVE-2015-7065, CVE-2015-7066, CVE-2015-7068, CVE-2015-7069, CVE-2015-7070, CVE-2015-7072, CVE-2015-7073, CVE-2015-7074
MD5 | 535e5b02b56c7bff16123b76b7d9b580
Microsoft Windows usp10.dll "GetFontDesc()" Integer Underflow
Posted Dec 10, 2015
Authored by Secunia, Hossein Lotfi | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer underflow error within the "GetFontDesc()" function in usp10.dll when processing font files cmap table and can be exploited to cause a heap-based buffer overflow via a font file containing cmap table data with specially crafted offset within encoding records. Successful exploitation allows execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | windows
advisories | CVE-2015-6130
MD5 | 40dcd0bc3dc928328e979414fc2368ba
Arro Insecure Transit
Posted Dec 10, 2015
Authored by Shaftek Security Research

The Arro taxi hailing application failed to use SSL for transit of secrets.

tags | advisory
MD5 | 2f91a450a108414eeada263a4927fc51
appRain 4.0.3 Code Execution
Posted Dec 10, 2015
Authored by Tim Coen | Site curesec.com

appRain version 4.0.3 suffers from code execution and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, code execution
MD5 | e70ad906914c1f2dcada727be51b9c7a
appRain 4.0.3 Cross Site Request Forgery
Posted Dec 10, 2015
Authored by Tim Coen | Site curesec.com

appRain version 4.0.3 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 5c0181e76657189767556628d25432be
appRain 4.0.3 Path Traversal
Posted Dec 10, 2015
Authored by Tim Coen | Site curesec.com

appRain version 4.0.3 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
MD5 | 5bf1d476e3112936f8e295255cb19b1e
appRain 4.0.3 Cross Site Scripting
Posted Dec 10, 2015
Authored by Tim Coen | Site curesec.com

appRain version 4.0.3 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | ceab6ecae613fddb6c5a75afc03c6f9c
redaxscript 2.5.0 Code Execution
Posted Dec 10, 2015
Authored by Tim Coen | Site curesec.com

redaxscript version 2.5.0 suffers from a code execution vulnerability.

tags | exploit, code execution
MD5 | c7aea53f0104d535977f1f0ca49a9d0a
redaxscript 2.5.0 Cross Site Scripting
Posted Dec 10, 2015
Authored by Tim Coen | Site curesec.com

redaxscript version 2.5.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 21b8c4a4871d289d940173f1ba9bbea3
7-Zip DLL Hijack
Posted Dec 10, 2015
Authored by Stefan Kanthak

7-Zip executable installers suffer from a DLL hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 7e6235971a640f786b8465b4f378a0a2
Red Hat Security Advisory 2015-2594-01
Posted Dec 10, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2594-01 - The libpng packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7981, CVE-2015-8126, CVE-2015-8472
MD5 | 5eae6c77d390745cf6a6326945449864
Red Hat Security Advisory 2015-2593-01
Posted Dec 10, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2593-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin APSB15-32 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2015-8045, CVE-2015-8047, CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8060, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406
MD5 | 456990060cb978d98ca8821e31e52aa1
Red Hat Security Advisory 2015-2596-01
Posted Dec 10, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2596-01 - The libpng packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-8126, CVE-2015-8472
MD5 | 1719a94709cb8cce70faf6399ffe8fda
Page 1 of 2
Back12Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close