Twenty Year Anniversary
Showing 1 - 18 of 18 RSS Feed

Files Date: 2016-06-17

Debian Security Advisory 3604-1
Posted Jun 17, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3604-1 - A privilege escalation vulnerability has been found in the User module of the Drupal content management framework.

tags | advisory
systems | linux, debian
MD5 | 794ab4f9ae3248dd5b1c987eebf784db
Red Hat Security Advisory 2016-1237-01
Posted Jun 17, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1237-01 - ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application.

tags | advisory, remote, arbitrary, shell
systems | linux, redhat
advisories | CVE-2015-8895, CVE-2015-8896, CVE-2015-8897, CVE-2015-8898, CVE-2016-5118, CVE-2016-5239, CVE-2016-5240
MD5 | d462816c4cb92983b77b87d4c25293d2
Gentoo Linux Security Advisory 201606-06
Posted Jun 17, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201606-6 - Multiple vulnerabilities have been found in nginx, the worst of which may allow a remote attacker to cause a Denial of Service. Versions less than 1.10.1 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2016-0742, CVE-2016-0746, CVE-2016-0747, CVE-2016-4450
MD5 | 05b648bfbf775fefcd1b581029d8f4b6
Red Hat Security Advisory 2016-1238-01
Posted Jun 17, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1238-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 11.2.202.626. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125, CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130, CVE-2016-4131, CVE-2016-4132, CVE-2016-4133, CVE-2016-4134, CVE-2016-4135, CVE-2016-4136, CVE-2016-4137, CVE-2016-4138, CVE-2016-4139, CVE-2016-4140, CVE-2016-4141, CVE-2016-4142, CVE-2016-4143, CVE-2016-4144, CVE-2016-4145, CVE-2016-4146, CVE-2016-4147, CVE-2016-4148, CVE-2016-4149, CVE-2016-4150
MD5 | 8684a14a0a8eddf8f5a0f8c3718fd13c
Vicidial 2.11 Cross Site Scripting
Posted Jun 17, 2016
Authored by David Silveiro

Vicidial version 2.11 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 660513aeddfa3d081f077a3d1bbac651
SAP NetWeaver AS JAVA 7.5 XXE Injection
Posted Jun 17, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from an XML external entity injection vulnerability.

tags | exploit, java, xxe
advisories | CVE-2016-3974
MD5 | 027c5e27de4ac68aa0e914eebb31748f
pfSense 2.3.1-RELEASE-p1 Squid 0.4.16_2 XSS / Log Manipulation
Posted Jun 17, 2016
Authored by Remco Sprooten

Squid version 0.4.16_2 running on pfSense version 2.3.1-RELEASE-p1 suffers from cross site scripting and log manipulation vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 41fd8ae67ca56c8d4751e24c16ce626c
SAP NetWeaver AS JAVA 7.5 Cross Site Scripting
Posted Jun 17, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a cross site scripting vulnerability.

tags | exploit, java, xss
advisories | CVE-2016-3975
MD5 | 89bc6878420eace8f85f250f6c99ebdb
SAP NetWeaver AS JAVA 7.5 Directory Traversal
Posted Jun 17, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a directory traversal vulnerability.

tags | exploit, java
advisories | CVE-2016-3976
MD5 | 578e21bb6388d8ce7623d56eeb47a78b
WordPress Ultimate Product Catalog 3.8.1 Privilege Escalation
Posted Jun 17, 2016
Authored by Joaquin Ramirez Martinez

WordPress Ultimate Product Catalog plugin versions 3.8.1 and below suffer from a privilege escalation vulnerability.

tags | exploit
MD5 | 0f3fa9a33db0e6b5c7ce2b5ace906a9f
Skype For Business 2013 User Enumeration
Posted Jun 17, 2016
Authored by nyxgeek

Skype for Business 2013 suffers from a user enumeration timing attack vulnerability.

tags | exploit
MD5 | d7ad11d1077790a2024c31cedcc03b93
phpATM 1.32 Cross Site Request Forgery / Path Disclosure
Posted Jun 17, 2016
Authored by Paolo Massenio

phpATM versions 1.32 and below suffers from cross site request forgery and path disclosure vulnerabilities.

tags | exploit, vulnerability, file inclusion, info disclosure, csrf
MD5 | 288a960878af19898ede25185b8dfdd1
WordPress Gravity Forms 1.8.19 Shell Upload
Posted Jun 17, 2016
Authored by Abk Khan

WordPress Gravity Forms plugin version 1.8.19 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 8a3e5f3b40cd059d526d8e35944a2991
Microsoft Internet Explorer 11 Garbage Collector Attribute Type Confusion
Posted Jun 17, 2016
Authored by SkyLined

With MS16-063, Microsoft has patched CVE-2016-0199 which relates to a memory corruption bug in the garbage collector of the JavaScript engine used in Internet Explorer 11.

tags | exploit, javascript
advisories | CVE-2016-0199
MD5 | 7d748d12572a7120313c25df22e7d62c
phpATM 1.32 Remote Command Execution / Shell Upload
Posted Jun 17, 2016
Authored by Paolo Massenio

phpATM version 1.32 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 9ff2c1d309909265639665f51e7c09f9
Tiki Wiki CMS Calendar Remote Code Execution
Posted Jun 17, 2016
Authored by Dany Ouellet

Tiki Wiki CMS Calendar versions 14.2, 12.5 LTS, 9.11 LTS, and 6.15 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 51b1e77cde06be23cf1a8dffef72b790
Adobe Flash Player DLL Hijacking
Posted Jun 17, 2016
Authored by Stefan Kanthak

Adobe Flash Player versions prior to 22.0.0.192 and 18.0.0.360 suffer from a DLL hijacking vulnerability.

tags | exploit
systems | windows
advisories | CVE-2016-1014
MD5 | b6cfb1889815a450c47413304fcd8016
Solarwinds Virtualization Manager 6.3.1 Weak Crypto
Posted Jun 17, 2016
Authored by Nate Kettlewell

Solarwinds Virtualization Manager versions 6.3.1 and below use weak cryptography in /etc/shadow.

tags | advisory
advisories | CVE-2016-5709
MD5 | 3332d2f61209b8b0a22efaf09f89764c
Page 1 of 1
Back1Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    16 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close