what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2017-12-18

GoAhead LD_PRELOAD Remote Code Execution
Posted Dec 18, 2017
Authored by Daniel Hodson | Site github.com

GoAhead http versions 2.5 through 3.6.5 LD_PRELOAD remote code execution exploit.

tags | exploit, remote, web, code execution
advisories | CVE-2017-17562
SHA-256 | 588a3de898e31090547edf122510407656f35323e24561b2cf63e254b71527ba
Microsoft Internet Explorer 11 jscript!JSONStringifyObject Use-After-Free
Posted Dec 18, 2017
Authored by Ivan Fratric, Google Security Research

There is a use-after-free in jscript.dll library that can be exploited in IE11.

tags | exploit
advisories | CVE-2017-11793
SHA-256 | 532b95f0c945c3c74db85cabef11747d21ad3c48fe54f0e7aa07150204b08455
Windows jscript!NameTbl::GetValDef Use-After-Free
Posted Dec 18, 2017
Authored by Ivan Fratric, Google Security Research

There is a use-after-free vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors.

tags | exploit
advisories | CVE-2017-11903
SHA-256 | 99d64f82c3d7bf075a7abe383e8584579a9d5eb097d044428f5817c78c478888
Red Hat Security Advisory 2017-3484-01
Posted Dec 18, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3484-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. CloudForms Management Engine Appliance. CloudForms Management Engine Gemset. Multiple security issues have been addressed.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2017-2664
SHA-256 | 4a3692d773dfdb3a0baf0904f7370f30464bfe25a4d3d753f236f35e7b82503a
Ubuntu Security Notice USN-3382-2
Posted Dec 18, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3382-2 - USN-3382-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that the PHP URL parser incorrectly handled certain URI components. A remote attacker could possibly use this issue to bypass hostname-specific URL checks. Various other issues were also addressed.

tags | advisory, remote, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-10397, CVE-2017-11143, CVE-2017-11144, CVE-2017-11145, CVE-2017-11147, CVE-2017-11628, CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229
SHA-256 | 4730777f8234166a0aca926651b742452e288c5899a8de45f4f97da1ed324225
Red Hat Security Advisory 2017-3481-01
Posted Dec 18, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3481-01 - Heketi provides a RESTful management interface which can be used to manage the life cycle of GlusterFS volumes. With Heketi, cloud services like OpenStack Manila, Kubernetes, and OpenShift can dynamically provision GlusterFS volumes with any of the supported durability types. Heketi will automatically determine the location for bricks across the cluster, making sure to place bricks and its replicas across different failure domains. Heketi also supports any number of GlusterFS clusters, allowing cloud services to provide network file storage without being limited to a single GlusterFS cluster. Multiple security issues have been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-15103, CVE-2017-15104
SHA-256 | 37310c779e064bd1d7d3d726dd8ed07e73249d8788c2ea3f5b64215f3705bdfb
Red Hat Security Advisory 2017-3479-01
Posted Dec 18, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3479-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 63.0.3239.108. Security Fix: A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-15429
SHA-256 | 4f3439f884f8dc482d88454ac75499493936b0ea2e792493d4e8193172ac20a9
Microsoft Windows jscript!RegExpComp::Compile Heap Overflow
Posted Dec 18, 2017
Authored by Ivan Fratric, Google Security Research

There is a heap overflow in jscript.dll when compiling a regex. This issue could potentially be exploited through multiple vectors.

tags | exploit, overflow
advisories | CVE-2017-11890
SHA-256 | d5005d70833db3288d6f3582bebbc45f33bc2b359d5ffcd7ebdfc34a9678b7c2
Joomla! User Bench 1.0 SQL Injection
Posted Dec 18, 2017
Authored by Ihsan Sencan

Joomla! User Bench component version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 0bd0dd252a2516a99fd813ad3c450e3bb97ba20b1581b7ab18746eae7113ef15
Joomla! My Projects 2.0 SQL Injection
Posted Dec 18, 2017
Authored by Ihsan Sencan

Joomla! My Projects component version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8859da0285e0084f9948d557a6115b1034b4a309c85d76aaa5f2875c6b86e9b1
CDex 1.96 Stack Buffer Overflow
Posted Dec 18, 2017
Authored by bzyo

CDex version 1.96 suffers from a local stack buffer overflow vulnerability.

tags | exploit, overflow, local
SHA-256 | d1f98480262d7141e2f7a97dcbd74799ff903f2cbe95fe266a322535ccc79efd
WIndows jscript!JsArraySlice Uninitialized Variable
Posted Dec 18, 2017
Authored by Ivan Fratric, Google Security Research

There is an uninitialized variable vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors.

tags | exploit
advisories | CVE-2017-11855
SHA-256 | 2ca8e665341886d4eb124c000b6d3ba9945621bca1bec2303b4938cb4e8e9611
Joomla! Guru Pro SQL Injection
Posted Dec 18, 2017
Authored by Ihsan Sencan

Joomla! Guru Pro component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e4c5bfd34fe63c889c62fe006a77520dcbde5f52babad3be0eec7da3151afcb7
Clockwork SMS Cross Site Scripting
Posted Dec 18, 2017
Authored by Dimopoulos Elias

Eight different Clockwork SMS WordPress plugins suffer from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | d6223c99604b74a7edf6c5cf012bfac5225d49aadcb5e534936a2270466a4e5b
WordPress Yakadanda Google+ Hangout Events 0.3.7 XSS
Posted Dec 18, 2017
Authored by Ricardo Sanchez

WordPress Yakadanda Google+ Hangout Events plugin version 0.3.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 78ac42141a2cb5534cb78dc52a018484d0bddd7d540f544274d29ca3f1bb8905
WordPress Share This Image 1.03 Cross Site Scripting
Posted Dec 18, 2017
Authored by Ricardo Sanchez

WordPress Share This Image plugin version 1.03 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b5a4b0b2e1b0bcb45a5472fdfd5c1e59a4ffb7e2f4a2f30c7e77361235912758
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close