exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2018-07-19

CMS Made Simple 2.2.5 Authenticated Remote Command Execution
Posted Jul 19, 2018
Authored by Jacob Robles, Mustafa Hasen | Site metasploit.com

CMS Made Simple version 2.2.5 allows an authenticated administrator to upload a file and rename it to have a .php extension. The file can then be executed by opening the URL of the file in the /uploads/ directory.

tags | exploit, php
advisories | CVE-2018-1000094
SHA-256 | 665002696e6aa2586a51b8816a8a1e2a503f1bc489989a9294e0d3632c5224f2
WordPress All In One Favicon 4.6 Cross Site Scripting
Posted Jul 19, 2018
Authored by Javier Olmedo

WordPress All In One Favicon plugin version 4.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-13832
SHA-256 | 0981c4f9c549ca322909202cf2f6c2af66fabbb260e7ca87b4d6c92465148a64
Chrome Swiftshader Blitting Floating-Point Precision Errors
Posted Jul 19, 2018
Authored by Google Security Research, Mark Brand

Chrome suffers from floating-point precision errors in Swiftshader blitting.

tags | exploit
SHA-256 | 55329bd2920eaa9d39110322696bef158e0b340f65c27b63cceed9585601bc64
MyBB New Threads 1.1 Cross Site Scripting
Posted Jul 19, 2018
Authored by 0xB9

MyBB New Threads plugin version 1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-14392
SHA-256 | da11ef1523cf7cf91c93aba43e31032f36aa53b573118e55a7e1163ecc6beee6
Chrome SwiftShader OpenGL Texture Binding Reference Count Leak
Posted Jul 19, 2018
Authored by Google Security Research, Mark Brand

Chrome suffers from a reference count leak in SwiftShader OpenGL texture bindings.

tags | exploit
SHA-256 | 04d325a817231ab9f0764272b559378b2d3fe10f9b33e17341521360cd5f6b9e
Red Hat Security Advisory 2018-2214-01
Posted Jul 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2214-01 - openstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools, which can be used to help deploy OpenStack. Security fix: openstack-tripleo-heat-templates: Default ODL deployment uses hard coded administrative credentials.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-10898
SHA-256 | a645c04c2db09c0649ed6428ff4db02a66c1aab543361fa03329e0fb6f8a778d
Slackware Security Advisory - httpd Updates
Posted Jul 19, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-1333, CVE-2018-8011
SHA-256 | 1751e466b4765f6a7eca3f634337ed57a540c0de395d8e2c93ff160039c66312
Red Hat Security Advisory 2018-2228-01
Posted Jul 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2228-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-3639
SHA-256 | a38d8b4a9ef269f1deca8c1b814952165139072ed0330610b2f751e9234a8f7f
Adobe Systems Main lead DBMS Arbitrary Code Injection
Posted Jul 19, 2018
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Adobe Systems Mail Lead DBMS suffers from an arbitrary code injection vulnerability.

tags | exploit, arbitrary
SHA-256 | 357c23ee595cb19eb4f7d1df4da74a5cd49b57362eca78f2c93da9a6de10959a
Debian Security Advisory 4252-1
Posted Jul 19, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4252-1 - Jeriko One discovered two vulnerabilities in the ZNC IRC bouncer which could result in privilege escalation or denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2018-14055, CVE-2018-14056
SHA-256 | 914b3ea83f72d0dcc9b0c6d010d1220d255648be0af6699555b952847a50ca3e
Debian Security Advisory 4251-1
Posted Jul 19, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4251-1 - A use-after-free was discovered in the MP4 demuxer of the VLC media player, which could result in the execution of arbitrary code if a malformed media file is played.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2018-11529
SHA-256 | 5253b4c31d0da0c19893d064e2ba6b3b47effeaa41bab133435beffacb724256
Red Hat Security Advisory 2018-2225-01
Posted Jul 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2225-01 - Fluentd is an open source data collector designed to scale and simplify log management. It can collect, process and ship many kinds of data in near real-time. Issues addressed include an escape sequence injection vulnerability that allows for arbitrary code execution.

tags | advisory, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2017-10906
SHA-256 | 72bc959e6e96b4bd37a7660348b389326f89e770aab54d67e5b9c4ecf9c1133e
Chrome Swiftshader Texture Allocation Integer Overflow
Posted Jul 19, 2018
Authored by Google Security Research, Mark Brand

Chrome suffers from an integer overflow vulnerability in Swiftshader texture allocation.

tags | exploit, overflow
SHA-256 | 6587e8951f4e79c87ecd7b6a16fa91a40d27b5f94453f1ea87b0a9789512a6be
Red Hat Security Advisory 2018-2224-01
Posted Jul 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2224-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.7 will be retired as of December 31, 2018, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 6.7 EUS after December 31, 2018.

tags | advisory
systems | linux, redhat
SHA-256 | 2743dd98e6c725e5bc7053f65fbd45caf468ec93410522770ccc5fa455a8d5b3
Wireshark Analyzer 2.6.2
Posted Jul 19, 2018
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Updated to QCustomPlot 1.3.2. Various other updates.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 49b2895ee3ba17ef9ef0aebfdc4d32a778e0f36ccadde184516557d5f3357094
Linux BPF Sign Extension Local Privilege Escalation
Posted Jul 19, 2018
Authored by h00die, Jann Horn, vnik, rlarabee, bleidl, bcoles | Site metasploit.com

Linux kernel versions prior to 4.14.8 utilize the Berkeley Packet Filter (BPF) which contains a vulnerability where it may improperly perform signing for an extension. This can be utilized to escalate privileges. The target system must be compiled with BPF support and must not have kernel.unprivileged_bpf_disabled set to 1. This Metasploit module has been tested successfully on many different kernels.

tags | exploit, kernel
systems | linux
advisories | CVE-2017-16995
SHA-256 | 3a7fa7070c41ddc4726fd312fb66650ad5d4cd33a694060cfd4542206f2d48f1
Suricata IDPE 4.0.5
Posted Jul 19, 2018
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Multiple bugs have been addressed.
tags | tool, intrusion detection
systems | unix
SHA-256 | 74dacb4359d57fbd3452e384eeeb1dd77b6ae00f02e9994ad5a7b461d5f4c6c2
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close