what you don't know can hurt you
Showing 1 - 18 of 18 RSS Feed

Files Date: 2018-01-26

WordPress Splashing Images 2.1 Cross Site Scripting / PHP Object Injection
Posted Jan 26, 2018
Authored by Nicolas Buzy-Debat

WordPress Splashing Images plugin version 2.1 suffers from PHP object injection and cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss
advisories | CVE-2018-6194, CVE-2018-6195
SHA-256 | f823008fea66b0021c833453bd6c4aac61316139e958c6f79169a07a153f4d42
Gentoo Linux Security Advisory 201801-19
Posted Jan 26, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-19 - Multiple vulnerabilities have been found in ClamAV, the worst of which may allow execution of arbitrary code. Versions less than 0.99.3 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377, CVE-2017-12378, CVE-2017-12379, CVE-2017-12380
SHA-256 | 054be71aa5dea65b8f6967b9e54fbb2c81b654dd62d1eeb6188e2fb51d3c4dd0
Sophos Web Gateway 4.4.1 Cross Site Scripting
Posted Jan 26, 2018
Authored by Matthew Bergin | Site korelogic.com

Sophos Web Gateway version 4.4.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, web, xss
SHA-256 | 137dda80750280087cb36ed57d850fc6348d18929065d814c14652da40181992
BMC Track-It! 11.4 Code Execution / Information Disclosure
Posted Jan 26, 2018
Authored by Pedro Ribeiro

BMC Track-It! version 11.4 suffers from remote code execution and credential disclosure vulnerabilities.

tags | exploit, remote, vulnerability, code execution
advisories | CVE-2016-6598, CVE-2016-6599
SHA-256 | 730930cd82684c933b0bc63f3b3b94295c0661fa95347f9c3091dffb51321802
Dodocool DC38 N300 Cross Site Request Forgery
Posted Jan 26, 2018
Authored by Raffaele Sabato

Dodocool DC38 N300 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-5720
SHA-256 | bad19b8394e8d9ff06978626f9a82d149a6ba4642f882961e006ba076ced8e42
Asus Router Cross Site Script / Authentication Bypass
Posted Jan 26, 2018
Authored by 4TT4CK3R

ASUS router DSL-RT-N13 suffers from an authentication bypass vulnerability. ASUS router DSL-N14U B1 suffers from a cross site scripting vulnerability.

tags | exploit, xss, bypass
SHA-256 | ecd0df4f22f0d4912a1afa3664402f13bcaad09a5016db632a5a8c7a042a6edc
VMware Security Advisory 2018-0006
Posted Jan 26, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0006 - vRealize Automation, vSphere Integrated Containers, and AirWatch Console updates address multiple security vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2017-4947, CVE-2017-4951
SHA-256 | a7f5423f8c7f90cafb0c91ed85894d3602ee3b38644e311a2ffdc0c540119c74
Ubuntu Security Notice USN-3548-2
Posted Jan 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3548-2 - USN-3548-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jay Vosburgh discovered a logic error in the x86-64 syscall entry implementation in the Linux kernel, introduced as part of the mitigations for the Spectre vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, x86, kernel, local, vulnerability
systems | linux, ubuntu
SHA-256 | 97850f068669b2301a4aab4eca4fb5ae165ae609c43f89d22ead75197ea12d5f
Ubuntu Security Notice USN-3548-1
Posted Jan 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3548-1 - Jay Vosburgh discovered a logic error in the x86-64 syscall entry implementation in the Linux kernel, introduced as part of the mitigations for the Spectre vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, x86, kernel, local
systems | linux, ubuntu
SHA-256 | fd6620cdf4dbb2cacfee77be628eed34cca4832975ddbbfbc7643bbb36829c21
WordPress Good LMS SQL Injection
Posted Jan 26, 2018
Authored by Esecurity.ir

WordPress Good LMS Learning Management System plugin suffers from a remote SQL Injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5c4f05a28c0b825956279439df7485e50b7e71967578df55296cfb56a110311a
Microsoft Security Bulletin Updates For January, 2018
Posted Jan 26, 2018
Site microsoft.com

This Microsoft bulletin summary holds CVE revision updates for CVE-2018-0764.

tags | advisory
advisories | CVE-2018-0764
SHA-256 | 84bd718ca924e890916e3ce3ef374cea93511807332ce6452fa8cdd8c06316dd
BMC BladeLogic 8.3.00.64 Remote Command Execution
Posted Jan 26, 2018
Authored by Paul Taylor

BMC BladeLogic version 8.3.00.64 suffers from a remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2016-1542, CVE-2016-1543
SHA-256 | 96811628a219d1a2d4e997236cfb9d820c95744d7700660a86a9edcebd7d80a0
LiveCRM SaaS Cloud 1.0 Cross Site Scripting
Posted Jan 26, 2018
Authored by indoushka

LiveCRM SaaS Cloud version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fe8199bc4ad732c89bf1017811cf0427b3c096c1301046a206a9481a3d39ecc3
Packet Fence 7.4.0
Posted Jan 26, 2018
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: New database access layer (DAL) for upcoming multi-tenancy support. New portal module to permanently set roles. Added portal module for selecting a role for the device being registered on the portal. Various other updates and enhancements.
tags | tool, remote
systems | unix
SHA-256 | d9895baf1962e7c2df1e15666c6c019a95c44eebe30dd4896359b6832463740c
Clam AntiVirus Toolkit 0.99.3
Posted Jan 26, 2018
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Security patch release.
tags | tool, virus
systems | unix
SHA-256 | 00fa5292a6e00a3a4035b826267748965d5d2c4943d8ff417d740238263e8e84
WebKitGTK+ Memory Corruption / Spoofing / Code Execution
Posted Jan 26, 2018
Authored by WebKitGTK+ Team

WebKitGTK+ versions 2.18.x suffer from various memory corruption, user interface spoofing, and code execution vulnerabilities.

tags | advisory, spoof, vulnerability, code execution
advisories | CVE-2017-13884, CVE-2017-13885, CVE-2017-7153, CVE-2017-7160, CVE-2017-7161, CVE-2017-7165, CVE-2018-4088, CVE-2018-4089, CVE-2018-4096
SHA-256 | d4e7bccd0f285c7927463b7aecd4699b02c7859eca96da95b7af180acddb67f8
AsusWRT Router Remote Code Execution
Posted Jan 26, 2018
Authored by Pedro Ribeiro

AsusWRT Router versions prior to 3.0.0.4.380.7743 suffer from an unauthenticated LAN remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-5999, CVE-2018-6000
SHA-256 | d1c7e3083bad3b151c9ec2e284e0a81a21a91275554106af01e0a4934e1d7a8e
Exodus Wallet (ElectronJS Framework) Remote Code Execution
Posted Jan 26, 2018
Authored by Wflki

Exodus Wallet (ElectronJS Framework) suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-1000006
SHA-256 | aacc879af11e34e3379ab446241a85583e4300f1f3269c73d0b62e82e13d86a3
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close