what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-02-07

Ubuntu Security Notice USN-3560-1
Posted Feb 7, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3560-1 - It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update allows QEMU to expose new CPU features added by microcode updates to guests on amd64, i386, and s390x. On amd64 and i386, new CPU models that match the updated microcode features were added with an -IBRS suffix. Certain environments will require guests to be switched manually to the new CPU models after microcode updates have been applied to the host. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2017-5715
SHA-256 | ecf30c2ab3063f7c4453fd5a2f25fd20a9a0811b8b750790af31f961d51b10e9
Red Hat Security Advisory 2018-0285-01
Posted Feb 7, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0285-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 28.0.0.161. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2018-4877, CVE-2018-4878
SHA-256 | 8a55ff082adb2050d0ba197537f62c4ce0a4d5b6d98222bd4250b5d7e7669d5a
Cisco ASA Crash Proof Of Concept
Posted Feb 7, 2018
Authored by Sean Dillon

Cisco ASA crash proof of concept exploit.

tags | exploit, denial of service, proof of concept
systems | cisco
advisories | CVE-2018-0101
SHA-256 | 22410b089089e7b8ffef27f7fb0a008e7affff448aee37013b0a41335bb533a6
InfoZip UnZip 6.00 / 6.1c22 Buffer Overflow
Posted Feb 7, 2018
Authored by Rene Freingruber | Site sec-consult.com

InfoZip UnZip versions 6.00 and below and 6.1c22 and below suffer from multiple buffer overflow vulnerabilities.

tags | exploit, overflow, vulnerability
advisories | CVE-2018-1000031, CVE-2018-1000032, CVE-2018-1000033, CVE-2018-1000034, CVE-2018-1000035
SHA-256 | dac731d2690cb1af2ab661aed3d50c9247b02e31917bc2d087907958bbe12e5e
Online Test Script 2.0.7 SQL Injection
Posted Feb 7, 2018
Authored by Borna Nematzadeh

Online Test Script version 2.0.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | cd0307298550cabc1a7b58b19655a9a29aeb8cff02e9c0b935e0fe15968f04a1
Hot Script Clone Script Classified 3.1 Cross Site Scripting
Posted Feb 7, 2018
Authored by Prasenjit Kanti Paul

Hot Scripts Clone Script Classified version 3.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a554ae59f4aaf8356bc6b8c7762da4da53560fbad14fa447eea25964c957af53
MalwareFox AntiMalware 2.74.0.150 Privilege Escalation
Posted Feb 7, 2018
Authored by Souhail Hammou

MalwareFox AntiMalware version 2.74.0.150 suffers from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2018-6606
SHA-256 | 535e902bcb52d7119719f4adb46efa5dabeaf1f0cebc17dec4b5c1a39e6a597e
Ubuntu Security Notice USN-3559-1
Posted Feb 7, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3559-1 - It was discovered that Django incorrectly handled certain requests. An attacker could possibly use this to access sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2017-12794, CVE-2018-6188
SHA-256 | 24fb96a7aeea6dbab0ee7506db4be544a25951c589739278125f848889e699cc
Multilanguage Real Estate MLM Script 3.0 Cross Site Scripting
Posted Feb 7, 2018
Authored by Prasenjit Kanti Paul

Multilanguage Real Estate MLM Script versions 3.0 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0a4aca6bb487cb20980af32211fbd36458c05e66b8b8f15dbda9f9ef91e9794d
Entrepreneur Dating Script 2.0.2 SQL Injection
Posted Feb 7, 2018
Authored by Borna Nematzadeh

Entrepreneur Dating Script version 2.0.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 84761ebe94d4e8b348271d4375c41149aac86b810d75bf91bafce3c38837934c
Debian Security Advisory 4105-1
Posted Feb 7, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4105-1 - It was discovered that mpv, a media player, was vulnerable to remote code execution attacks. An attacker could craft a malicious web page that, when used as an argument in mpv, could execute arbitrary code in the host of the mpv user.

tags | advisory, remote, web, arbitrary, code execution
systems | linux, debian
advisories | CVE-2018-6360
SHA-256 | 9d62b2442745a4c9c4bd227c62bd0a6d2955e0b06fe5fa74c04517dcf75ea546
Naukri Clone Script 3.0.3 Cross Site Scripting
Posted Feb 7, 2018
Authored by Prasenjit Kanti Paul

Naukri Clone Script version 3.0.3 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f1763de7f69cc82f9ce26a172c0914028e16e5677132fe8edf6d14b892185c27
PHP Scripts Mall Doctor Search Script 1.0.2 Cross Site Scripting
Posted Feb 7, 2018
Authored by Prasenjit Kanti Paul

PHP Scripts Mall Doctor Search Script version 1.0.2 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
advisories | CVE-2018-6655
SHA-256 | fdb04a7140d76d1de3c87907bf8d52105b86c40b5a030e237341874df608e6c3
Adobe Coldfusion 11.0.03.292866 Remote Code Execution
Posted Feb 7, 2018
Authored by Faisal Tameesh

Adobe Coldfusion version 11.0.03.292866 BlazeDS java object deserialization remote code execution exploit.

tags | exploit, java, remote, code execution
advisories | CVE-2017-3066
SHA-256 | 9f43954491b5424ac6ee32a1cc680c100107de9af5a045c39dae3bcff46fe242
Geovision Inc. IP Camera / Video Server Remote Command Execution
Posted Feb 7, 2018
Authored by bashis

Geovision Inc. IP Camera and Video Server remote command execution proof of concept exploit.

tags | exploit, remote, proof of concept
SHA-256 | f762d019583e0d7096722348281e9a3c4ba29f54f060ab1b5ed4d4e9e947c0f4
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close