Exploit the possiblities
Showing 1 - 25 of 26 RSS Feed

Files Date: 2016-05-02

RSA Data Loss Prevention XSS / Information Disclosure
Posted May 2, 2016
Site emc.com

RSA Data Loss Prevention 9.6.SP2 P5 contains fixes for multiple security vulnerabilities that could potentially be exploited by malicious users to compromise the affected system. These include information disclosure, cross site scripting, and clickjacking issues.

tags | advisory, vulnerability, xss, info disclosure
advisories | CVE-2016-0892, CVE-2016-0893, CVE-2016-0894, CVE-2016-0895
MD5 | 99d1d2560ecc40f12dd6ecd45800c989
WordPress Advanced Custom Fields 4.4.7 Cross Site Scripting
Posted May 2, 2016
Authored by Rahul Pratap Singh

WordPress Advanced Custom Fields plugin version 4.4.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1d06c368059fb88e0eb7e756377c885b
HP Security Bulletin HPSBGN03547 3
Posted May 2, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03547 3 - A security vulnerability in glibc has been addressed with HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus components. The vulnerability could be exploited remotely resulting in arbitrary execution of code. Revision 3 of this advisory.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat, centos
advisories | CVE-2015-7547
MD5 | 757524927a6673094cb2d8fa759c4cbe
Ubuntu Security Notice USN-2936-2
Posted May 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2936-2 - USN-2936-1 fixed vulnerabilities in Firefox. The update caused Firefox to crash on startup with the Oxygen GTK theme due to a pre-existing bug in the Oxygen-GTK3 theme engine. This update fixes the problem. Various other issues were also addressed.

tags | advisory, remote, web, denial of service, overflow, arbitrary, javascript, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2016-2807, CVE-2016-2808, CVE-2016-2814, CVE-2016-2816, CVE-2016-2817, CVE-2016-2820
MD5 | 3bf270eb158f27c30fe86ab140838c9c
Gentoo Linux Security Advisory 201605-01
Posted May 2, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201605-1 - Git contains multiple vulnerabilities that allow for the remote execution of arbitrary code. Versions less than 2.7.3-r1 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-7545
MD5 | deca772986365cfb296617c1da0b7000
Ubuntu Security Notice USN-2957-2
Posted May 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2957-2 - USN-2957-1 fixed a vulnerability in Libtasn1. This update provides the corresponding update for Ubuntu 16.04 LTS. Pascal Cuoq and Miod Vallat discovered that Libtasn1 incorrectly handled certain malformed DER certificates. A remote attacker could possibly use this issue to cause applications using Libtasn1 to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2016-4008
MD5 | 7c4d43bc8753e7b5d46d617f064946c3
Ubuntu Security Notice USN-2957-1
Posted May 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2957-1 - Pascal Cuoq and Miod Vallat discovered that Libtasn1 incorrectly handled certain malformed DER certificates. A remote attacker could possibly use this issue to cause applications using Libtasn1 to hang, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2016-4008
MD5 | fbd4f04ae892225bee3faadd8633f485
Ubuntu Security Notice USN-2958-1
Posted May 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2958-1 - It was discovered that the poppler pdfseparate tool incorrectly handled certain filenames. A local attacker could use this issue to cause the tool to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 12.04 LTS. It was discovered that poppler incorrectly parsed certain malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2013-4473, CVE-2013-4474, CVE-2015-8868
MD5 | f4199826a8346f253e3a2d607616801e
Debian Security Advisory 3565-1
Posted May 2, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3565-1 - Several security vulnerabilities were found in botan1.10, a C++ library which provides support for many common cryptographic operations, including encryption, authentication, X.509v3 certificates and CRLs.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-5726, CVE-2015-5727, CVE-2015-7827, CVE-2016-2194, CVE-2016-2195, CVE-2016-2849
MD5 | cd50012514d39abd7cf811008e3da768
Debian Security Advisory 3564-1
Posted May 2, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3564-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2016-1660, CVE-2016-1661, CVE-2016-1662, CVE-2016-1663, CVE-2016-1664, CVE-2016-1665, CVE-2016-1666
MD5 | 43eb711451915f9aeee0332249c6cfb0
Red Hat Security Advisory 2016-0708-01
Posted May 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0708-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 6 to version 6 SR16-FP25. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449
MD5 | 91c202c500925b18d83df4e3af9b20c1
Red Hat Security Advisory 2016-0706-01
Posted May 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0706-01 - Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. Security Fix: It was discovered that Mercurial failed to properly check Git sub-repository URLs. A Mercurial repository that includes a Git sub-repository with a specially crafted URL could cause Mercurial to execute arbitrary code. It was discovered that the Mercurial convert extension failed to sanitize special characters in Git repository names. A Git repository with a specially crafted name could cause Mercurial to execute arbitrary code when the Git repository was converted to a Mercurial repository.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2016-3068, CVE-2016-3069
MD5 | f9b1ff5d1677d865a51f97532864511e
Red Hat Security Advisory 2016-0705-01
Posted May 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0705-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a newer upstream version: rh-mysql56-mysql. Security Fix: This update fixes several vulnerabilities in the MySQL database server.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2015-4792, CVE-2015-4800, CVE-2015-4802, CVE-2015-4815, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4862, CVE-2015-4870, CVE-2015-4890, CVE-2015-4910, CVE-2015-4913, CVE-2016-0503, CVE-2016-0504, CVE-2016-0505, CVE-2016-0546, CVE-2016-0595, CVE-2016-0596, CVE-2016-0597, CVE-2016-0598, CVE-2016-0600, CVE-2016-0605, CVE-2016-0606, CVE-2016-0607, CVE-2016-0608, CVE-2016-0609
MD5 | 21299b34846d2fb5e35d8a961a2bb1af
Red Hat Security Advisory 2016-0707-01
Posted May 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0707-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 50.0.2661.94. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-1660, CVE-2016-1661, CVE-2016-1662, CVE-2016-1663, CVE-2016-1664, CVE-2016-1665, CVE-2016-1666
MD5 | e71be515928e819c07d05adf7fcd1b99
Debian Security Advisory 3563-1
Posted May 2, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3563-1 - It was discovered that a heap overflow in the Poppler PDF library may result in denial of service and potentially the execution of arbitrary code if a malformed PDF file is opened.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2015-8868
MD5 | 4a3dee8565ee4ab5f9b469b1756efe2b
Red Hat Security Advisory 2016-0704-01
Posted May 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0704-01 - In accordance with the Red Hat Storage Support Life Cycle policy, the Red Hat Ceph Storage 1.2 offering will be retired as of May 31, 2016, and support will no longer be provided. Accordingly, Red Hat will not provide extended support for this product, including Critical impact security patches or urgent priority bug fixes, after this date.

tags | advisory
systems | linux, redhat
MD5 | bcc9e0a3a07ef3d5be9a9cb76bc6fac6
Debian Security Advisory 3562-1
Posted May 2, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3562-1 - Several vulnerabilities were discovered in tardiff, a tarball comparison tool.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-0857, CVE-2015-0858
MD5 | cc2a76fc513cf52bf3f4c9dd5de207de
Slackware Security Advisory - subversion Updates
Posted May 2, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New subversion packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-2167, CVE-2016-2168
MD5 | dd68e33205b2369ea8fb93e022b7bc3b
Slackware Security Advisory - php Updates
Posted May 2, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory, php
systems | linux, slackware
advisories | CVE-2016-3074
MD5 | 732feb7bcd9c559f3fe4bace4844ed1b
Slackware Security Advisory - ntp Updates
Posted May 2, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-7704, CVE-2015-8138, CVE-2016-1547, CVE-2016-1548, CVE-2016-1549, CVE-2016-1550, CVE-2016-1551, CVE-2016-2516, CVE-2016-2517, CVE-2016-2518, CVE-2016-2519
MD5 | b41d6e6d104e4c44bb9be1e98e1f332d
Ansvif 1.4.2
Posted May 2, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes bug fixes, more crash code detection for Windows, and better overall crash recognition.
tags | tool, fuzzer
systems | unix
MD5 | f1424cb108c0d4a01cd5f49c2993b8af
Acunetix WVS 10 Remote Command Execution
Posted May 2, 2016
Authored by Daniele Linguaglossa

Acunetix WVS 10 remote command execution exploit that gains SYSTEM privileges.

tags | exploit, remote
MD5 | 7b159668588b997e8bdbcab970b6532c
QSEE PRDiag* Privilege Escalation
Posted May 2, 2016
Authored by laginimaineb

Local privilege escalation exploit for Qualcomm's Secure Execution Environment (QSEE) that leverages PRDiag* commands.

tags | exploit, local
systems | linux
advisories | CVE-2015-6639
MD5 | 55a25c43b01fb4396d7212d488b2a910
WordPress Export To Ghost Export Download
Posted May 2, 2016
Authored by Josh Brody

WordPress Export to Ghost suffers from an unrestricted export download vulnerability.

tags | exploit, info disclosure
MD5 | 455e4a4fd7ff1f46343819ed01203196
VBScan Vulnerability Scanner 0.1.6
Posted May 2, 2016
Authored by Mohammad Reza Espargham | Site owasp.org

VBScan is a black box vBulletin vulnerability scanner written in perl.

Changes: Added automatic vBulletin detection. Added robots.txt analyzer module. Added vbulletin LICENSE checker module. Various other fixes and optimizations.
tags | tool, scanner, perl
systems | unix
MD5 | c1649d6f39cb0e909b68b01e771909b0
Page 1 of 2
Back12Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close