exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-07-17

Binance 1.5.0 Insecure File Permission
Posted Jul 17, 2018
Authored by Vulnerability Laboratory, ZwX | Site vulnerability-lab.com

Binance version 1.5.0 suffers from an insecure file permission vulnerability.

tags | exploit
SHA-256 | 0ba40ef38f7c377b34843572406e4fa76e67e64496e66eefba5e463e61a79b4a
HomeMatic Zentrale CCU2 Unauthenticated Remote Code Execution
Posted Jul 17, 2018
Authored by Kacper Szurek

HomeMatic Zentrale CCU2 suffers from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | b4f6a0c88899f62f3f28993af5b88a42122c638c13259600aa79b07025590e42
Ubuntu Security Notice USN-3717-2
Posted Jul 17, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3717-2 - USN-3717-1 fixed a vulnerability in PolicyKit. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PolicyKit incorrectly handled certain duplicate action IDs. A local attacker could use this issue to cause PolicyKit to crash, resulting in a denial of service, or possibly escalate privileges. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2015-3255, CVE-2018-1116
SHA-256 | 0e50fe8144849a5cdb19a5c84bfb390d531f53793544abd196d8c4665d9109c3
Red Hat Security Advisory 2018-2216-01
Posted Jul 17, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2216-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2018-3639
SHA-256 | 3dc70edca078d389b1c668dd81872c380a57b2d0c376028b81cd29fabc95e7af
Debian Security Advisory 4247-1
Posted Jul 17, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4247-1 - A timing attack was discovered in the function for CSRF token validation of the "Ruby rack protection" framework.

tags | advisory, ruby
systems | linux, debian
advisories | CVE-2018-1000119
SHA-256 | 8190086dbd6a857b5e5b9fbeaf2d2e2876e63e54e53d615d5e4fb5c4ce3cedd6
Gentoo Linux Security Advisory 201807-01
Posted Jul 17, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201807-1 - A vulnerability in tqdm could allow remote attackers to execute arbitrary code. Versions less than 4.23.3 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2016-10075
SHA-256 | c2ff1c9645129cc635094a7ab18992e5a9294b30111d5694e55fa9ab84f5b797
Slackware Security Advisory - mutt Updates
Posted Jul 17, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mutt packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 036969020dfa214fb88dfbf1b119f2eedc77ece499f7bc5e881cdf1b874f5f11
Debian Security Advisory 4249-1
Posted Jul 17, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4249-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-10001, CVE-2018-12458, CVE-2018-13300, CVE-2018-13302, CVE-2018-6392, CVE-2018-6621, CVE-2018-7557
SHA-256 | bc817a1ba32502d64e44e0e7934bd20d5286ef7fe74125516251f3732335d796
Debian Security Advisory 4248-1
Posted Jul 17, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4248-1 - Multiple vulnerabilities have been discovered in various parsers of Blender, a 3D modeller/ renderer. Malformed .blend model files and malformed multimedia files (AVI, BMP, HDR, CIN, IRIS, PNG, TIFF) may result in the execution of arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2017-12081, CVE-2017-12082, CVE-2017-12086, CVE-2017-12099, CVE-2017-12100, CVE-2017-12101, CVE-2017-12102, CVE-2017-12103, CVE-2017-12104, CVE-2017-12105, CVE-2017-2899, CVE-2017-2900, CVE-2017-2901, CVE-2017-2902, CVE-2017-2903, CVE-2017-2904, CVE-2017-2905, CVE-2017-2906, CVE-2017-2907, CVE-2017-2908, CVE-2017-2918
SHA-256 | fea67846780c697b0fe1ace22ae0158ab68f7f1e777a3b34e3b13d1bd4e24e80
Doorkeeper 4.3.2 / 5.0.0.rc1 Token Revocation
Posted Jul 17, 2018
Authored by Justin Bull, Roberto Ostinelli

Doorkeeper versions 4.2.0 through 4.3.2 and 5.0.0.rc1 suffer from a token revocation vulnerability.

tags | advisory
advisories | CVE-2018-1000211
SHA-256 | 08ac87e1b829431db9b341f770173cc5f495a8851d19ff3fee5a5def79fd3e39
TP-Link Archer C2 Router 3.0 Remote Code Execution
Posted Jul 17, 2018
Authored by Ismail Tasdelen

TP-Link Archer C2 router version 3.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | a0e5aedad6b9c69fff87c8273ec4601ef3d05652bffa16e3abb3c7a3060d09e6
QNAP Q'Center change_passwd Command Execution
Posted Jul 17, 2018
Authored by Ivan Huertas, Brendan Coles | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in the change_passwd API method within the web interface of QNAP Q'Center virtual appliance versions prior to 1.7.1083. The vulnerability allows the 'admin' privileged user account to execute arbitrary commands as the 'admin' operating system user. Valid credentials for the 'admin' user account are required, however, this module also exploits a separate password disclosure issue which allows any authenticated user to view the password set for the 'admin' user during first install. This Metasploit module has been tested successfully on QNAP Q'Center appliance version 1.6.1075.

tags | exploit, web, arbitrary
advisories | CVE-2018-0706, CVE-2018-0707
SHA-256 | 2512d7b1edc015bac56416ba2dcdd6270221ff0334fb6e455fe43015d981b8ba
Nanopool Claymore Dual Miner APIs Remote Code Execution
Posted Jul 17, 2018
Authored by reversebrain at snado, phra at snado | Site metasploit.com

This Metasploit module takes advantage of miner remote manager APIs to exploit an remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-1000049
SHA-256 | 0ca07392f09cf7f9e00d05b5a58fc620e9f3f2ac9626ff815c38cd1ad9c63d14
TOR Virtual Network Tunneling Tool 0.3.3.9
Posted Jul 17, 2018
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.3.3.9 moves to a new bridge authority, meaning people running bridge relays should upgrade.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | 85346b4d026e6a041c8e326d2cc64b5f5361b032075c89c5854f16dbc02fce6f
GNU Transport Layer Security Library 3.5.19
Posted Jul 17, 2018
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: Various updates.
tags | protocol, library
SHA-256 | 1936eb64f03aaefd6eb16cef0567457777618573826b94d03376bb6a4afadc44
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close