exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-02-26

Apple Security Advisory 2016-02-25-1
Posted Feb 26, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-02-25-1 - Apple TV 7.2.1 is now available and addresses code execution, information disclosure, access bypass, and various other vulnerabilities.

tags | advisory, vulnerability, code execution, info disclosure
systems | apple
advisories | CVE-2012-6685, CVE-2014-0191, CVE-2014-3660, CVE-2015-3730, CVE-2015-3731, CVE-2015-3732, CVE-2015-3733, CVE-2015-3734, CVE-2015-3735, CVE-2015-3736, CVE-2015-3737, CVE-2015-3738, CVE-2015-3739, CVE-2015-3740, CVE-2015-3741, CVE-2015-3742, CVE-2015-3743, CVE-2015-3744, CVE-2015-3745, CVE-2015-3746, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749, CVE-2015-3750, CVE-2015-3751, CVE-2015-3752, CVE-2015-3753, CVE-2015-3759
SHA-256 | bf6f4fe66d502f5d2cfe52364aee2616a8b6313109616db2da1627ad5a4b40a6
WordPress WP Ultimate Exporter 1.0 / 1.1 SQL Injection
Posted Feb 26, 2016
Authored by Henri Salo

WordPress WP Ultimate Exporter plugin versions 1.0 and 1.1 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 16a39c93c4c118309bb6382bf258c1c0fa954639322ef7c55a3a052d1c3848af
Centreon 2.5.3 Code Execution
Posted Feb 26, 2016
Authored by Nicolas Chatelain

Centreon versions 2.5.3 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 3c4451947909782cb24cf03b689934f5d565641465aa23686ec6df8df29ff586
Debian Security Advisory 3492-1
Posted Feb 26, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3492-1 - Daniel Gultsch discovered in Gajim, an XMPP/jabber client. Gajim didn't verify the origin of roster update, allowing an attacker to spoof them and potentially allowing her to intercept messages.

tags | advisory, spoof
systems | linux, debian
advisories | CVE-2015-8688
SHA-256 | 6458ae433eb2d65cf2336d02a0482c8bb4abd3984d7aca3b17a9f73a7114422b
Red Hat Security Advisory 2016-0297-01
Posted Feb 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0297-01 - In accordance with the Red Hat CloudForms Support Life Cycle Policy, support will end on February 28, 2017. Red Hat will not provide extended support for this product. Customers are requested to migrate to the newer Red Hat CloudForms product prior to the end of the life cycle for CloudForms 3.0.

tags | advisory
systems | linux, redhat
SHA-256 | 904c22b05f19c5f99c4de16fbb194e475d9a3ddc6e10364eda2ee73976d76874
Debian Security Advisory 3493-1
Posted Feb 26, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3493-1 - Gustavo Grieco discovered that xerces-c, a validating XML parser library for C++, mishandles certain kinds of malformed input documents, resulting in buffer overflows during processing and error reporting. These flaws could lead to a denial of service in applications using the xerces-c library, or potentially, to the execution of arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2016-0729
SHA-256 | 65b274c933d90cefe3382f57ce846303ac98c8a5232db435954e456e7b506eac
Infor CRM 8.2.0.1136 Cross Site Scripting
Posted Feb 26, 2016
Authored by LiquidWorm | Site zeroscience.mk

Infor CRM version 8.2.0.1136 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | b48e22c74e47621c31af3403d86e083a3f1abc5563fc2dfe8d627d1b581db34c
Zimbra 8.0.9 GA Cross Site Request Forgery
Posted Feb 26, 2016
Authored by Damien Cauquil, Anthony Laou-Hine Tsuei

Zimbra versions 8.0.9 GA and below suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 0da0fe882cf7354bdf4be9e8dafb2bb44b40c75b431e52698d358584cb94db05
HP Security Bulletin HPSBGN03549 1
Posted Feb 26, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03549 1 - HPE IceWall products have addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.

tags | advisory, denial of service, overflow, arbitrary, vulnerability
advisories | CVE-2015-7547
SHA-256 | 5c0bafbdb117854cb467fe44692de91315ec03062242458e577de6b74ec77e61
Htcap Analysis Tool Beta 1.0
Posted Feb 26, 2016
Authored by Filippo Cavallarin

Htcap is a web application analysis tool for detecting communications between javascript and the server. It crawls the target application and maps ajax calls, dynamically inserted scripts, websockets calls, dynamically loaded resources and some interesting elements. The generated report is meant to be a good starting point for a manual web application security audit. Htcap is written in python and uses phantomjs to load pages injecting a probe that analyzes javascript behaviour. Once injected, the probe, overrides native javascript methods in order to intercept communications and DOM changes. It also simulates user interaction by firing all attached events and by filling html inputs.

Changes: Major code rewrite and many features were added.
tags | tool, web, javascript, sniffer, python
SHA-256 | e1b46b0ad4d6efc49d1a685645e3212963cbee25ea12b9f3f64dee6c50699a17
Cygwin DLL Hijacking
Posted Feb 26, 2016
Authored by Stefan Kanthak

Cygwin suffers suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 24171614c6478bf8aec76c25acdb2fc75fc734452867fb86432651acd0df8e10
D-Link / Netgear FIRMADYNE Command Injection / Buffer Overflow
Posted Feb 26, 2016
Authored by Dominic Chen

Various D-Link and Netgear devices that make use of the FIRMADYNE framework suffer from command injection, buffer overflow, and authentication bypass vulnerabilities.

tags | advisory, overflow, vulnerability, info disclosure
advisories | CVE-2016-1555, CVE-2016-1557, CVE-2016-1558, CVE-2016-1559
SHA-256 | e1f65451595116919451f722284040e48ed00ae6e1c4227dd28831ce50e8f637
Google Chrome Cleanup Tool DLL Hijacking
Posted Feb 26, 2016
Authored by Stefan Kanthak

Google's Chrome Cleanup Tool suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | e2bde11264a28f5ba73ff12c3c7437fc0631264903401454d76b59f90187c3bd
GIMP For Windows DLL Hijacking
Posted Feb 26, 2016
Authored by Stefan Kanthak

GIMP for Windows suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | ac97dc5b648db74d6ed97b0c86498de3904d37cb7b8d8c613ef2aa9e05f1cefe
Linux Kernel USERNS Issues
Posted Feb 26, 2016
Authored by halfdog

The Linux kernel suffers from multiple privilege escalation vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux
SHA-256 | 0b1307cf1bccf05f7afed496f827ea994587f2a9aabae71db2922ee6a1d127fd
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close