Exploit the possiblities
Showing 1 - 25 of 416 RSS Feed

Files Date: 2016-01-01 to 2016-01-31

WordPress Comment Rating 1.5.0 Cross Site Scripting
Posted Jan 30, 2016
Authored by Rahul Pratap Singh

WordPress Comment Rating plugin version 1.5.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 692b1844c000759c1f833dcf23c55eb9
Winhex Editor 18.7 DLL Hijacking
Posted Jan 30, 2016
Authored by Shantanu Khandelwal

Winhex Editor versions 18.7 and below suffer from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 688153c04268e41afa368c0a6b651df1
Gentoo Linux Security Advisory 201601-05
Posted Jan 29, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201601-5 - Multiple vulnerabilities have been found in OpenSSL, allowing remote attackers to disclose sensitive information and complete weak handshakes. Versions less than 1.0.2f are affected.

tags | advisory, remote, vulnerability
systems | linux, gentoo
advisories | CVE-2015-3197, CVE-2016-0701
MD5 | 23b6803a19602b3166e8d8d8886e8168
OpenSSL Toolkit 1.0.2f
Posted Jan 29, 2016
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Multiple bug fixes.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2016-0701
MD5 | b3bf73f507172be9292ea2a8c28b659d
HP Security Bulletin HPSBHF03539 1
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03539 1 - Vulnerabilities in OpenSSH and ISC BIND were addressed by HPE VCX. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2015-5477, CVE-2015-5600, CVE-2015-5722
MD5 | 6b1d5c4e2723750b4c85c318fa20f427
HP Security Bulletin HPSBGN03533 1
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03533 1 - A potential security vulnerability in the TLS protocol was addressed by the HPE Cloud Service Automation and Codar products. This vulnerability known as "Logjam" could be exploited remotely to allow unauthorized modification. Revision 1 of this advisory.

tags | advisory, protocol
advisories | CVE-2015-4000
MD5 | 5753ad20f07994a0e93a1b6ce4a571f4
HP Security Bulletin HPSBOV03540 1
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV03540 1 - Potential security vulnerabilities have been identified with the OpenVMS TCPIP Bind Services and OpenVMS TCPIP IPC Services for OpenVMS. These vulnerabilities could be exploited remotely resulting in execution of code with the privileges of Bind, disclosure of information, or cause a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2007-0493, CVE-2007-0494, CVE-2008-0122, CVE-2009-4022, CVE-2010-0097, CVE-2012-1667, CVE-2012-4244, CVE-2012-5166
MD5 | 595a4df292feaba6a50f97e0a2a55b79
HP Security Bulletin HPSBHF03510 1
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03510 1 - A potential security vulnerability has been identified in HP Integrated Lights Out 2/3/4. The TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" could be exploited remotely to allow unauthorized modification. Unlike the TLS server-side version of Logjam, this vulnerability affects the client-side TLS connection on iLO, or when the iLO acts as a client in a client-server connection. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2015-4000
MD5 | b97907dae89a06f33ea7b50ebce10a80
iScripts EasyCreate 3.0 Remote Code Execution
Posted Jan 29, 2016
Authored by Bikramaditya Guha | Site zeroscience.mk

iScripts EasyCreate version 3.0 remote code execution exploit.

tags | exploit, remote, code execution
MD5 | 3b0f1a8d207b00c445070735ca5f852f
iScripts EasyCreate 3.0 XSS / CSRF / SQL Injection
Posted Jan 29, 2016
Authored by Bikramaditya Guha | Site zeroscience.mk

iScripts EasyCreate version 3.0 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
MD5 | 33189287d2184e0ea7d730c6c2ee5eb8
ManageEngine Eventlog Analyzer 10 Privilege Escalation
Posted Jan 29, 2016
Authored by Nicholas Lehman

ManageEngine Eventlog Analyzer versions 4.0 through 10 suffer from a privilege escalation vulnerability.

tags | exploit
MD5 | 69d68169f02b6f3bb22a874c6ef42f5b
HP Security Bulletin HPSBHF03419 3
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03419 3 - A potential security vulnerability has been identified in HPE Networking Products. This is a Virtual routing and forwarding (VRF) hopping vulnerability that could be exploited remotely resulting in Denial of Service (DoS) or unauthorized access. Note: This vulnerability could be exploited remotely as a result of the following network interface conditions: VRF (Virtual Routing and Forwarding) is enabled. MPLS (Multiprotocol Label Switching) is disabled. MPLS-labeled packets are received that match FIB (Forwarding Information Base) entries. When all the above conditions exist, the interface could incorrectly forward the MPLS-labeled packets. Revision 3 of this advisory.

tags | advisory, denial of service
advisories | CVE-2015-5434
MD5 | 079a18aef987acdfefb0ab7809823273
ManageEngine Network Configuration Management Build 11000 CSRF
Posted Jan 29, 2016
Authored by Kaustubh G. Padwad

ManageEngine Network Configuration Management build 11000 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | f9c1968f467ae9126fb372c962dd3e1b
Avira Cross Site Scripting
Posted Jan 29, 2016
Authored by RootByte

translate.avira.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ab04777ff72d00d63da6a230c91eaed3
WordPress Simple Add Pages Or Posts 1.6 Cross Site Request Forgery
Posted Jan 29, 2016
Authored by ALIREZA_PROMIS

WordPress Simple Add Pages Or Posts plugin version 1.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 3ee8673a15eddab2fb8bea7cd7fdbad8
HP Security Bulletin HPSBGN03542 1
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03542 1 - A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Operations Manager for Windows. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.

tags | advisory, java, remote, code execution
systems | windows
advisories | CVE-2016-1985
MD5 | e17bd176f38963018b6c0ecee4ecc5a5
ProjectSend r582 Bypass / SQL Injection / File Read
Posted Jan 29, 2016
Authored by Filippo Cavallarin

ProjetSend version r582 suffers from authentication bypass, remote SQL injection, insecure direct object reference, and directory traversal / arbitrary file read vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, sql injection
MD5 | 8a8ca63e1ef564c23c17f2ea23ca1e65
Apache Hive 1.0.1 / 1.1.0 / 1.2.1 Authorization Bug Disclosure
Posted Jan 29, 2016
Authored by Sushanth Sowmyan, Olaf Flebbe

Some partition-level operations exist that do not explicitly also authorize privileges of the parent table. This can lead to issues when the parent table would have denied the operation, but no denial occurs because the partition-level privilege is not checked by the authorization framework, which defines authorization entities only from the table level upwards. This issue is known to affect Hive clusters protected by both Ranger as well as SqlStdHiveAuthorization. Apache Hive versions 1.0.0 through 1.0.1, 1.1.0 through 1.1.1, and 1.2.0 through 1.2.1 are affected.

tags | advisory, info disclosure
advisories | CVE-2015-7521
MD5 | 79e855ca810454b257359484284a8dc6
HP Security Bulletin HPSBHF03538 1
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03538 1 - Potential security vulnerabilities in Adobe Flash have been addressed with HPE iMC Service Health Manager (SHM), and iMC PLAT. The vulnerabilities could be exploited remotely resulting in execution of code or Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2015-3113, CVE-2015-5122
MD5 | 89b506907f63f7614403feb19a1b698c
HP Security Bulletin HPSBHF03535 3
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03535 3 - Potential security vulnerabilities in Adobe Flash have been addressed with HPE iMC Service Health Manager (SHM) and iMC PLAT. The vulnerabilities could be exploited remotely resulting in execution of code, Denial of Service (DoS), or other impacts to affect confidentiality, integrity, and availability. Revision 3 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2015-5568, CVE-2015-5570, CVE-2015-5571, CVE-2015-5572, CVE-2015-5573, CVE-2015-5574, CVE-2015-5575, CVE-2015-5576, CVE-2015-5577, CVE-2015-5578, CVE-2015-5579, CVE-2015-5580, CVE-2015-5581, CVE-2015-5582, CVE-2015-5584, CVE-2015-5587, CVE-2015-5588, CVE-2015-6676, CVE-2015-6677, CVE-2015-6678, CVE-2015-6679, CVE-2015-6682
MD5 | 8ee97ef31a5348369207d5504ddc0e33
Linux TCP Reverse Shell Shellcode
Posted Jan 29, 2016
Authored by Sathish Kumar

122 bytes small Linux/x64 TCP reverse shell with password. Polymorphic version.

tags | shell, tcp, shellcode
systems | linux
MD5 | 8715bf5b1cbd3040b8bf30ae48f25523
Netlife Photosuite Pro Cross Site Scripting
Posted Jan 29, 2016
Authored by Iran Cyber Security Group | Site vulnerability-lab.com

Netlife Photosuite Pro suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 37cb715c8aafc9b49e879002ba181a41
Red Hat Security Advisory 2016-0087-01
Posted Jan 28, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0087-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2016-1568, CVE-2016-1714
MD5 | 233a50dce35d01a977e0a02556f8b518
Red Hat Security Advisory 2016-0085-01
Posted Jan 28, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0085-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2016-1714
MD5 | 4fa0b330a02471e2ba73baa071526ca9
Debian Security Advisory 3459-1
Posted Jan 28, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3459-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.47.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2016-0505, CVE-2016-0546, CVE-2016-0596, CVE-2016-0597, CVE-2016-0598, CVE-2016-0600, CVE-2016-0606, CVE-2016-0608, CVE-2016-0609, CVE-2016-0616
MD5 | 9bcd1e0331009e6ccd525d2e62eed9b8
Page 1 of 17
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    10 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close