exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2018-06-25

GRR 3.2.3.0
Posted Jun 25, 2018
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: UI improvements and bugfixes. Various other updates.
tags | tool, remote, web, forensics
systems | unix
SHA-256 | 89ae585973d5671dd7de7fce250978f6d6663739a8d09d6a194984018abf6165
Ecessa ShieldLink SL175EHQ 10.7.4 Add Superuser Cross Site Request Forgery
Posted Jun 25, 2018
Authored by LiquidWorm | Site zeroscience.mk

Ecessa ShieldLink SL175EHQ version 10.7.4 suffers from an add superuser cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 5cc4b074d5af1b150d7925eb5d77aa54a0146fc3c23b9644b4d72c74d23cc8aa
Ecessa WANWorx WVR-30 10.7.4 Add Superuser Cross Site Request Forgery
Posted Jun 25, 2018
Authored by LiquidWorm | Site zeroscience.mk

Ecessa WANWorx WVR-30 version 10.7.4 suffers from an add superuser cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 62c07f7b254f3a6ce8a21457ddf801f96a6c3d50e43e8a0558fc0ffaeca24c4d
Ecessa Edge EV150 10.7.4 Add Superuser Cross Site Request Forgery
Posted Jun 25, 2018
Authored by LiquidWorm | Site zeroscience.mk

Ecessa Edge EV150 version 10.7.4 suffers from an add superuser cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 4f74f98f4865e02f46d175bb9446106924075340a1808f6f2da019f58f0929a2
Red Hat Security Advisory 2018-1975-01
Posted Jun 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1975-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP15. Issues addressed include a deserialization vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2018-2783, CVE-2018-2790, CVE-2018-2794, CVE-2018-2795, CVE-2018-2796, CVE-2018-2797, CVE-2018-2798, CVE-2018-2799, CVE-2018-2800
SHA-256 | 8195fccd479514f27690fbfaf526994432154f6f8c773640850c17eae2361e26
Debian Security Advisory 4234-1
Posted Jun 25, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4234-1 - Two vulnerabilities were discovered in LAVA, a continuous integration system for deploying operating systems for running tests, which could result in information disclosure of files readable by the lavaserver system user or the execution of arbitrary code via a XMLRPC call.

tags | advisory, arbitrary, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2018-12564, CVE-2018-12565
SHA-256 | 4b36bb80b9eff7fda1252931c9c7609bbbf15d6d56fbd6dcf6993945219b4394
Digisol DG-BR4000NG Cross Site Scripting
Posted Jun 25, 2018
Authored by Adipta Basu

Digisol DG-BR4000NG suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-12705
SHA-256 | 403454afe70a151672a21b8cb3a9e4bf518534299f9b53c0bfd09f55fe0d1c54
Intex Router N-150 Cross Site Request Forgery
Posted Jun 25, 2018
Authored by Navina Asrani

Intex Router N-150 suffers from an add admin cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 0cddaf5d95a9539a3cdef00fd49c5f4a82243e1b5830ec1c557016a7f9f09470
WordPress Advanced Order Export For WooCommerce CSV Injection
Posted Jun 25, 2018
Authored by Bhushan B. Patil

WordPress Advanced Order Export for WooCommerce plugins versions prior to 1.5.4 suffer from a CSV injection vulnerability.

tags | exploit
advisories | CVE-2018-11525
SHA-256 | b442bfc1ff5a550668767180da731e6414671e0ecaa40bad1a7e49e4990151ae
Digisol DG-BR4000NG Buffer Overflow
Posted Jun 25, 2018
Authored by Adipta Basu

Digisol DG-BR4000NG buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
advisories | CVE-2018-12706
SHA-256 | dac99d336f857ce13743c116d4e127f6b0b03e4118792e8bc6547d08f6ca4be2
Foxit Reader 9.0.1.1049 Remote Code Execution
Posted Jun 25, 2018
Authored by mr_me

Foxit Reader version 9.0.1.1049 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-9948, CVE-2018-9958
SHA-256 | bf72b6326ebb4c4437a3f788a33ad75112bc77e87bca036144808a27a94871f6
WordPress iThemes Security SQL Injection
Posted Jun 25, 2018
Authored by Clirim Emini

WordPress iThemes Security plugin versions prior to 7.0.3 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-12636
SHA-256 | 107663c120501616b8eb96371f4388f40e15818b829af2e9c65a7a05bc9016d1
WordPress Comments Import And Export CSV Injection
Posted Jun 25, 2018
Authored by Bhushan B. Patil

WordPress Comments Import and Export plugin versions prior to 2.0.4 suffer from a CSV injection vulnerability.

tags | exploit
advisories | CVE-2018-11526
SHA-256 | dd726e7afd5756b20eab3a209cfe55c9eaee45075174c01a420cc8ca9eea7330
Intex Router N-150 Arbitrary File Upload
Posted Jun 25, 2018
Authored by Samrat Das

Intex Router N-150 suffers from a remote arbitrary file upload vulnerability.

tags | exploit, remote, arbitrary, file upload
SHA-256 | 41f7b18f0ddc4a27bac0aab0fa06a2941cfae7193e219a23716bcf83456465cd
AsusWRT RT-AC750GF Cross Site Request Forgery
Posted Jun 25, 2018
Authored by Wadeek

AsusWRT RT-AC750GF suffers from a cross site request forgery vulnerability in the change admin password flow.

tags | exploit, csrf
SHA-256 | 363560f7c28221e14f216c3e9133cd294040a8d4e3874784d921d8085a9c6803
KVM Nest Virtualization L1 Guest Privilege Escalation
Posted Jun 25, 2018
Authored by Google Security Research, Felix Wilhelm

When KVM (on Intel) virtualizes another hypervisor as L1 VM it does not verify that VMX instructions from the L1 VM (which trigger a VM exit and are emulated by L0 KVM) are coming from ring 0.

tags | exploit
SHA-256 | e4f92891c53308037346815989f93e355401e22ad52a077945971a06a625d400
Red Hat Security Advisory 2018-1974-01
Posted Jun 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1974-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP25. Issues addressed include a deserialization vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2018-2783, CVE-2018-2790, CVE-2018-2794, CVE-2018-2795, CVE-2018-2796, CVE-2018-2797, CVE-2018-2798, CVE-2018-2799, CVE-2018-2800
SHA-256 | 845e1273b91ea122e2412665711776fc99d8d94609b34d54213ab9e3c6cfcc70
Red Hat Security Advisory 2018-1972-01
Posted Jun 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1972-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Issues addressed include bypass and code execution vulnerabilities.

tags | advisory, web, vulnerability, code execution, ruby
systems | linux, redhat
advisories | CVE-2018-1101, CVE-2018-1104, CVE-2018-7750
SHA-256 | b140dd006daf760c636deaa14803fc48a9e08b6f5c14a57c32fa7e771317d912
Debian Security Advisory 4233-1
Posted Jun 25, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4233-1 - It was discovered that the low-level interface to the RSA key pair generator of Bouncy Castle (a Java implementation of cryptographic algorithms) could perform less Miller-Rabin primality tests than expected.

tags | advisory, java
systems | linux, debian
advisories | CVE-2018-1000180
SHA-256 | dcbba3a290782dccb23af4e8190fd52a91230c8057b760f300fecdae85ecaae6
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close