Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-11-13

Red Hat Security Advisory 2017-3190-01
Posted Nov 13, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3190-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Security Fix: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2017-15095
MD5 | 9a8bcef8c8654431c6d5d23ea3265c89
Gentoo Linux Security Advisory 201711-12
Posted Nov 13, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201711-12 - Multiple vulnerabilities have been found in eGroupWare, the worst of which allows remote attackers to execute arbitrary code. Versions less than 1.8.004.20120613 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-2027
MD5 | 23350ea0711228cdbb1e545d4fc1280e
Gentoo Linux Security Advisory 201711-11
Posted Nov 13, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201711-11 - A vulnerability was discovered in VDE which may allow local users to gain root privileges. Versions less than 2.3.2-r4 are affected.

tags | advisory, local, root
systems | linux, gentoo
advisories | CVE-2017-16638
MD5 | a90c470fafed0730b44df4b87f46647a
Red Hat Security Advisory 2017-3193-01
Posted Nov 13, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3193-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2017-3167, CVE-2017-3169, CVE-2017-7668, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798
MD5 | 9c32244644eb4897ec1ed63b28ad3243
Red Hat Security Advisory 2017-3189-01
Posted Nov 13, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3189-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Security Fix: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2017-15095
MD5 | 1e4595725c21fde5e254e79d14e078ad
WordPress Boozang 1.0.0 Cross Site Scripting
Posted Nov 13, 2017
Authored by Ricardo Sanchez

WordPress Boozang plugin version 1.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 07790d7c65071a3b9f6564d2737b13aa
WordPress Cartogiraffe Map 1.0 Cross Site Scripting
Posted Nov 13, 2017
Authored by Ricardo Sanchez

WordPress Cartogiraffe Map version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | c027d61cf82d7dae53de898da6436d15
WordPress Appointments 2.2.2.2 Cross Site Scripting
Posted Nov 13, 2017
Authored by Ricardo Sanchez

WordPress Appointments plugin version 2.2.2.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 31979d5711c68659f005497416506bc2
Xlight FTP Server 3.8.8.5 Buffer Overflow
Posted Nov 13, 2017
Authored by bzyo

Xlight FTP Server version 3.8.8.5 buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
MD5 | 04ca2efc16ac86410b0b8ec54d0cf44a
KirbyCMS Cross Site Scripting
Posted Nov 13, 2017
Authored by Ishaq Mohammed

KirbyCMS versions prior to 2.5.7 suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2017-16807
MD5 | ab1434ceb1cd9757d687ad7f73ee0cca
Gentoo Linux Security Advisory 201711-10
Posted Nov 13, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201711-10 - Multiple vulnerabilities have been found in Cacti, the worst of which could lead to the remote execution of arbitrary code. Versions less than 1.1.20:1.1.20 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-4000, CVE-2016-2313, CVE-2017-12065
MD5 | d56b7c61d4bb4a943eac7740c0966649
Gentoo Linux Security Advisory 201711-09
Posted Nov 13, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201711-9 - A vulnerability in LXC may lead to an unauthorized security bypass. Versions less than 2.0.7 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2016-10124
MD5 | afddc8259e026d70e02c374435afb42f
Monstra CMS 3.0.4 Cross Site Scripting
Posted Nov 13, 2017
Authored by M.R.S.L.Y

Monstra CMS version 3.0.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 41a4c2a8ca6763bd8a884f748040aeb3
IKARUS AntiVirus 2.16.7 Privilege Escalation
Posted Nov 13, 2017
Authored by Parvez Anwar

IKARUS AntiVirus version 2.16.7 suffers from an ntguard_x64 privilege escalation vulnerability.

tags | exploit
advisories | CVE-2017-14961
MD5 | 434c81ff2cd4c040f4946babfa4ec998
Web Viewer 1.0.0.193 (Samsung SRN-1670D) File Upload
Posted Nov 13, 2017
Authored by Omar Mezrag | Site metasploit.com

Web Viewer version 1.0.0.193 on Samsung SRN-1670D suffers from an unrestricted file upload vulnerability.

tags | exploit, web, file upload
advisories | CVE-2015-8279, CVE-2017-16524
MD5 | d9d0141c75c8720896498290d78b9503
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close