what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2018-04-09

Ubuntu Security Notice USN-3616-2
Posted Apr 9, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3616-2 - USN-3616-1 fixed a vulnerability in Python Crypto. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Python Crypto incorrectly generated ElGamal key parameters. A remote attacker could possibly use this issue to obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, crypto, python
systems | linux, ubuntu
advisories | CVE-2018-6594
SHA-256 | 2c2b3672ce06765299485a82053f137bd3e099ce7a9b7d3dab312ceff6999829
CyberArk Password Vault Web Access Remote Code Execution
Posted Apr 9, 2018
Site redteam-pentesting.de

The CyberArk Password Vault Web Access application uses authentication tokens which consist of serialized .NET objects. By crafting manipulated tokens, attackers are able to gain unauthenticated remote code execution on the web server. Versions prior to 9.9.5, prior to 10.1, and 10.1 are affected.

tags | exploit, remote, web, code execution
advisories | CVE-2018-9843
SHA-256 | d43f74be6b638e83ded4b3a857321d730eb67572bbb1a0727c4cb51696981314
KYOCERA Multi-Set Template Editor 3.4 Out-Of-Band XML External Entity Injection
Posted Apr 9, 2018
Authored by LiquidWorm | Site zeroscience.mk

KYOCERA Multi-Set Template Editor version 3.4.0906 suffers from an out-of-band XML external entity injection vulnerability.

tags | exploit, xxe
SHA-256 | c9052cd2ab7f9839495ce8d05c2a907fa7501d1dceff407eac665610153825a5
Gentoo Linux Security Advisory 201804-09
Posted Apr 9, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-9 - A vulnerability in SPICE VDAgent could allow local attackers to execute arbitrary commands. Versions prior to 0.17.0_p20180319 are affected.

tags | advisory, arbitrary, local
systems | linux, gentoo
advisories | CVE-2017-15108
SHA-256 | 30a696841d7af08af28d07fc73391a014c0adb4fea7d652f8b9fb3c59194c335
WordPress Simple Fields 0.3.5 File Inclusion / Remote Code Execution
Posted Apr 9, 2018
Authored by Graeme Robinson

WordPress Simple Fields plugin versions 0.2 through 0.3.5 suffer from file inclusion and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
SHA-256 | 4338cd5a6fee565ad17148aae284a9aeb2d14240ccb815f68d640689e9cfc13c
WolfCMS 0.8.3.1 Open Redirect
Posted Apr 9, 2018
Authored by Sureshbabu Narvaneni

WolfCMS 0.8.3.1 suffers from an open redirect vulnerability.

tags | exploit
advisories | CVE-2018-8813
SHA-256 | 6f02f9e976128383254307068cb1007e961973019dc0006c6b554f75c1b6ae0d
Gentoo Linux Security Advisory 201804-08
Posted Apr 9, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-8 - Multiple vulnerabilities have been found in QEMU, the worst of which may allow an attacker to execute arbitrary code. Versions less than 2.11.1-r1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-13672, CVE-2017-15124, CVE-2017-16845, CVE-2017-17381, CVE-2017-18030, CVE-2017-18043, CVE-2017-5715, CVE-2018-5683, CVE-2018-5748, CVE-2018-7550
SHA-256 | c0cac496b3a521f32ee1d0f652fd3355c954a2f4b374b783fe8e570dad67297a
MyBB Recent Threads On Index 17.0 Cross Site Scripting
Posted Apr 9, 2018
Authored by Perileos

MyBB Recent Threads On Index plugin version 17.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7f5bcd5124a0662b2bb26f4c57c2a8c8520f51a4ccc24e3ab6702ae8d5f63d02
KYOCERA Net Admin 3.4 Cross Site Request Forgery
Posted Apr 9, 2018
Authored by LiquidWorm | Site zeroscience.mk

KYOCERA Net Admin version 3.4.0906 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 83f4c903b0fefc6a2f66c607da3fa870a1624b171cf0b08f9977509c00d3d1cd
KYOCERA Net Admin 3.4 Cross Site Scripting
Posted Apr 9, 2018
Authored by LiquidWorm | Site zeroscience.mk

KYOCERA Net Admin version 3.4.0906 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | acb0c386bfc4561f3044e0e54bd46cab0c808a5e94978f3f3539d5d517b2b93f
Gentoo Linux Security Advisory 201804-07
Posted Apr 9, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-7 - Multiple vulnerabilities have been discovered in libvirt, the worst of which may result in the execution of arbitrary commands. Versions less than 4.1.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-5748, CVE-2018-6764
SHA-256 | cb3f93c9b3e0a479b010f996073edf699e0fa20b3ce9bb33683651094342f1ff
Gentoo Linux Security Advisory 201804-06
Posted Apr 9, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-6 - Multiple vulnerabilities were discovered in mailx, the worst of which may allow a remote attacker to execute arbitrary commands. Versions less than 8.1.2.20160123 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2004-2771, CVE-2014-7844
SHA-256 | a5df72a482dd10b2fa363784319a3be3dcd1a6afdb5686f7c8dc9a29a2541152
SSH/SSL RSA Private Key Passphrase Dictionary Enumerator
Posted Apr 9, 2018
Authored by Todor Donev

This is a script to perform SSH/SSL RSA private key passphrase enumeration with a dictionary attack.

tags | tool, cracker
SHA-256 | 7ab5a3518579d6225c44138ba1ad72500274b0cd5b6549efb4e201c3f2eb8195
CyberArk Password Vault Memory Disclosure
Posted Apr 9, 2018
Site redteam-pentesting.de

CyberArk Password Vault versions prior to 9.7 and 10 suffer from a memory disclosure vulnerability.

tags | exploit
advisories | CVE-2018-9842
SHA-256 | d1f14348574dde4087832b307cbde895ac38061a530c090febaa92dc0e73f9ff
GoldWave 5.70 Local Buffer Overflow
Posted Apr 9, 2018
Authored by bzyo

GoldWave version 5.70 SEH unicode local buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | 270721afc4bde6c4b82811d30af06a29aa27a552aa2bf876a3e29ada095cbf6a
H2 Database Arbitrary Code Execution
Posted Apr 9, 2018
Authored by gambler

H2 Database suffers from an alias related arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
SHA-256 | 88148b4b175b0f1bd1191d4101ed153fe076d05efa63d53f65f3e544648e46b0
Yahei PHP Prober 0.4.7 Cross Site Scripting
Posted Apr 9, 2018
Authored by ManhNho

Yahei PHP Prober version 0.4.7 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
advisories | CVE-2018-9238
SHA-256 | ca423dc5e4ecd6af7d94fc4ba9947bc41c255e333e707b72c06341b2b8aa426a
WP Live Chat Support 8.0.05 Cross Site Scripting
Posted Apr 9, 2018
Authored by Luigi Gubello

WP Live Chat Support version 8.0.05 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | efa35d38ab04776de3b299f27637dca10dcc8084956e6cd18d59a27bdf49aefb
Buddypress Xprofile Custom Fields Type 2.6.3 Remote Code Execution
Posted Apr 9, 2018
Authored by Lenon Leite

Buddypress Xprofile Custom Fields Type version 2.6.3 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 63e449020fc4822181a468f70382edb5711bb4ab8949e4acc68d07290539856d
Cobub Razor 0.7.2 Add New Superuser Account
Posted Apr 9, 2018
Authored by ppb

Cobub Razor version 0.7.2 bypass exploit to add new superuser account without authentication.

tags | exploit
advisories | CVE-2018-7745
SHA-256 | 14d156ad369b6e07bbbe55a330ea60259070770fdd331ca5108eb2bfbf535660
TestSSL 2.9.5-4
Posted Apr 9, 2018
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: This update contains a bugfix (and a clarification in help/documentation) only. It does not contain any new features.
tags | tool, scanner, protocol, bash
systems | unix
SHA-256 | 5163f76d40acfe404d65145c498cbe8fb716bb49119e8d0773e063203cff9c03
Page 1 of 1
Back1Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    0 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close