Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-12-05

Ubuntu Security Notice USN-3504-1
Posted Dec 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3504-1 - Wei Lei discovered that libxml2 incorrectly handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-16932
MD5 | d91e527dde8befa7059434fa3b97b541
Ubuntu Security Notice USN-3504-2
Posted Dec 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3504-2 - USN-3504-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04 ESM. Wei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-16932
MD5 | ac546ea4fe8b36423b1f4cf2d396fb07
Red Hat Security Advisory 2017-3384-01
Posted Dec 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3384-01 - Liblouis is an open source braille translator and back-translator named in honor of Louis Braille. It features support for computer and literary braille, supports contracted and uncontracted translation for many languages and has support for hyphenation. New languages can easily be added through tables that support a rule or dictionary based approach. Liblouis also supports math braille. Security Fix: A missing fix for one stack-based buffer overflow in findTable() for CVE-2014-8184 was discovered. An attacker could cause denial of service or potentially allow arbitrary code execution.

tags | advisory, denial of service, overflow, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2017-15101
MD5 | 6b1c4e7910732ff3e19aab6c052d649f
WordPress Smart Marketing SMS And Newsletters Forms 1.1.1 XSS
Posted Dec 5, 2017
Authored by Ricardo Sanchez

WordPress Smart Marketing SMS and Newsletters Forms plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 107d4a628f05b49647ad046218a61ea0
VirtualBox Man-In-The-Middle
Posted Dec 5, 2017
Authored by Mark Wadham

VirtualBox suffers from a remote code execution vulnerability due to downloading updates over HTTP.

tags | exploit, remote, web, code execution
MD5 | ec205f1c7d32d9c26e1cabb826548444
Claymore's Dual Miner 10.1 Stack Buffer Overflow
Posted Dec 5, 2017
Authored by tintinweb

Claymore's Dual ETH + DCR/SC/LBC/PASC GPU Miner versions 10.1 and below suffer from a stack buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-16929, CVE-2017-16930
MD5 | b5b0150ca62d32caa7710ac0b8863a4c
WordPress WP Mailster 1.5.4.0 Cross Site Scripting
Posted Dec 5, 2017
Authored by Ricardo Sanchez

WordPress WP Mailster plugin version 1.5.4.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | b99fe238c6deceb9c0356cc5201dd253
BSides SF 2018 Call For Papers
Posted Dec 5, 2017
Site bsidessf.org

BSides SF is soliciting papers and presentations for the 2018 annual BSidesSF conference. It will be located at City View at the Metreon in downtown San Francisco April 15th through the 16th, 2018.

tags | paper, conference
MD5 | 8e4bb752ebfe8549d15d25391de519f6
WordPress Z-URL Preview 1.6.1 Cross Site Scripting
Posted Dec 5, 2017
Authored by Ricardo Sanchez

WordPress Z-URL Preview plugin version 1.6.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2049f91b261ca0923e0064f03667d973
WordPress Super Simple Custom CSS 1.2 Cross Site Scripting
Posted Dec 5, 2017
Authored by Ricardo Sanchez

WordPress Super Simple Custom CSS plugin version 1.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 91009decf866411ea09c3d6b5295a4c1
WordPress 3rd-Party Inject Results 0.2 Cross Site Scripting
Posted Dec 5, 2017
Authored by Ricardo Sanchez

WordPress 3rd-Party Inject Results plugin version 0.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6d2a2496807bbfc5b9169ebcdb5486a0
Chakra CFG Bypass By Overwriting JavaScript Bytecode
Posted Dec 5, 2017
Authored by Ivan Fratric, Google Security Research

Chakra suffers from a CFG bypass by overwriting JavaScript bytecode.

tags | advisory, javascript
MD5 | 9e57eaebd2d21e12b8ff2602894b0871
Chakra CFG Bypass Due To Bug In ServerFreeAllocation
Posted Dec 5, 2017
Authored by Ivan Fratric, Google Security Research

Charka suffers from a CFG bypass due to a bug in ServerFreeAllocation.

tags | advisory
advisories | CVE-2017-11874
MD5 | 6411c53089610f19e5d46f685bd4d1a1
Chakra CFG Bypass With leafInterpreterFrame
Posted Dec 5, 2017
Authored by Ivan Fratric, Google Security Research

Chakra suffers from a CFG bypass with leafInterpreterFrame. Every JavaScript variable in Chakra (except a tagged int) is a pointer. From this pointer, using an arbitrary read, it is possible to follow a chain of pointers and end up with a pointer to the native stack. This allows disclosing the stack location and subsequently overwriting a return address on the stack leading to CFG bypass.

tags | advisory, arbitrary, javascript
MD5 | d1393f9681bc2674203c0bdd4afaea99
Arq Backup 5.9.7 Local Root Privilege Escalation
Posted Dec 5, 2017
Authored by Mark Wadham

Arq Backup versions 5.9.7 and below suffer from a local root privilege escalation vulnerability.

tags | exploit, local, root
advisories | CVE-2017-16895
MD5 | 6e034780e44ad140d984b98d2baff8d8
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close