exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-11-13

Red Hat Security Advisory 2017-3190-01
Posted Nov 13, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3190-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Security Fix: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2017-15095
SHA-256 | 0f66526d3adb74611a2e167794e574844c5c9f442aa93edb3aac396a40765ffe
Gentoo Linux Security Advisory 201711-12
Posted Nov 13, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201711-12 - Multiple vulnerabilities have been found in eGroupWare, the worst of which allows remote attackers to execute arbitrary code. Versions less than 1.8.004.20120613 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-2027
SHA-256 | 37744d37c65dfee73209d39dfc358adb6757ead24256f4aed09c5774cf263a63
Gentoo Linux Security Advisory 201711-11
Posted Nov 13, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201711-11 - A vulnerability was discovered in VDE which may allow local users to gain root privileges. Versions less than 2.3.2-r4 are affected.

tags | advisory, local, root
systems | linux, gentoo
advisories | CVE-2017-16638
SHA-256 | d88345e855901432fe4a05639b963c71bbc0ffb8bbe1372674f0dbfa0a3b76fe
Red Hat Security Advisory 2017-3193-01
Posted Nov 13, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3193-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2017-3167, CVE-2017-3169, CVE-2017-7668, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798
SHA-256 | c37bc00995e2ba215279de8aa06d048a284c1c0b8b6c3f26763b2c0337a767e7
Red Hat Security Advisory 2017-3189-01
Posted Nov 13, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3189-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Security Fix: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2017-15095
SHA-256 | d827bd4f9f80195a614a921ac149b33e2a8efccbd3a08e8611dd7843b70ce7a3
WordPress Boozang 1.0.0 Cross Site Scripting
Posted Nov 13, 2017
Authored by Ricardo Sanchez

WordPress Boozang plugin version 1.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d5be64f855e3c6ed0e85994ffb5bd8bedfd5ede52a0209835fbca7a660bd2e2f
WordPress Cartogiraffe Map 1.0 Cross Site Scripting
Posted Nov 13, 2017
Authored by Ricardo Sanchez

WordPress Cartogiraffe Map version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 873fe871e50fef95299934e75557c04db1b7cffd7587f4fe644f609828a82a8b
WordPress Appointments 2.2.2.2 Cross Site Scripting
Posted Nov 13, 2017
Authored by Ricardo Sanchez

WordPress Appointments plugin version 2.2.2.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | bd41bd6dcc873587a933738767ec2b11fe3a0b55eba9b913f34f1df3f495c5e0
Xlight FTP Server 3.8.8.5 Buffer Overflow
Posted Nov 13, 2017
Authored by bzyo

Xlight FTP Server version 3.8.8.5 buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
SHA-256 | f79376c04b96ef64d71e45013448a23b12819e7f6618b4725d4b9f4c36e4b647
KirbyCMS Cross Site Scripting
Posted Nov 13, 2017
Authored by Ishaq Mohammed

KirbyCMS versions prior to 2.5.7 suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2017-16807
SHA-256 | d4d79980910ad0c31e43a8388ef7879847d00922be17baf0b629c29e67726059
Gentoo Linux Security Advisory 201711-10
Posted Nov 13, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201711-10 - Multiple vulnerabilities have been found in Cacti, the worst of which could lead to the remote execution of arbitrary code. Versions less than 1.1.20:1.1.20 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-4000, CVE-2016-2313, CVE-2017-12065
SHA-256 | 97704550c4ba8ab019b2d037f4857d6a56a9554e0fa2a554f38dfe3205a6fc63
Gentoo Linux Security Advisory 201711-09
Posted Nov 13, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201711-9 - A vulnerability in LXC may lead to an unauthorized security bypass. Versions less than 2.0.7 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2016-10124
SHA-256 | ed3a5291fafca8e6edf35b3f06d5ab7aefc6d5c9618d7a7d2921ee767d1cb618
Monstra CMS 3.0.4 Cross Site Scripting
Posted Nov 13, 2017
Authored by M.R.S.L.Y

Monstra CMS version 3.0.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f22808a7c03e2fca3e2c17ccf6f519d0dfec2e1cc3cf90e6b4303b832dd1c96c
IKARUS AntiVirus 2.16.7 Privilege Escalation
Posted Nov 13, 2017
Authored by Parvez Anwar

IKARUS AntiVirus version 2.16.7 suffers from an ntguard_x64 privilege escalation vulnerability.

tags | exploit
advisories | CVE-2017-14961
SHA-256 | 7ff29cd9d3e648a1a4604d7d8610cc7d6c72e7b699b66509e885061371ea8efe
Web Viewer 1.0.0.193 (Samsung SRN-1670D) File Upload
Posted Nov 13, 2017
Authored by Omar Mezrag | Site metasploit.com

Web Viewer version 1.0.0.193 on Samsung SRN-1670D suffers from an unrestricted file upload vulnerability.

tags | exploit, web, file upload
advisories | CVE-2015-8279, CVE-2017-16524
SHA-256 | 885ec7ceed2d053ced5d897f78056b1ccabe528cc26c52c64e50782a1b9d9921
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close