Twenty Year Anniversary
Showing 1 - 25 of 406 RSS Feed

Files Date: 2018-09-01 to 2018-09-30

Airties AIR5750 1.0.0.18 Cross Site Scripting
Posted Sep 29, 2018
Authored by Ismail Tasdelen

A cross site scripting vulnerability has been discovered in the AIR5750 modem of the AirTies manufacturer. AirTies Air 5750 devices have XSS via the top.html productboardtype parameter.

tags | exploit, xss
advisories | CVE-2018-17587
MD5 | 191eadb771bfc0e5afaae48f27fcce0d
Airties AIR5650 1.0.0.18 Cross Site Scripting
Posted Sep 29, 2018
Authored by Ismail Tasdelen

A cross site scripting vulnerability has been discovered in the AIR5650 modem of the AirTies manufacturer. AirTies Air 5650 devices have XSS via the top.html productboardtype parameter.

tags | exploit, xss
advisories | CVE-2018-17589
MD5 | 402d9822b3d77f6330608c953e536ccd
Airties AIR5021 1.0.0.18 Cross Site Scripting
Posted Sep 29, 2018
Authored by Ismail Tasdelen

A cross site scripting vulnerability has been discovered in the AIR5342 modem of the AirTies manufacturer. AirTies Air 5750 devices have XSS via the top.html productboardtype parameter.

tags | exploit, xss
advisories | CVE-2018-17588
MD5 | 708f3f706a976d8baf67a53e2b3f1114
ManageEngine AssetExplorer 6.2.0 Cross Site Scripting
Posted Sep 29, 2018
Authored by Ismail Tasdelen

In Zoho ManageEngine AssetExplorer, a Stored XSS vulnerability was discovered in the 6.2.0 version via the /AssetDef.do ciName or assetName parameter.

tags | exploit
advisories | CVE-2018-17596
MD5 | fd7e60bcf453204e343a5359ae5144d3
Fork CMS 5.4.0 Cross Site Scripting / HTML Injection
Posted Sep 29, 2018
Authored by Ismail Tasdelen

In the 5.4.0 version of the Fork CMS software, HTML Injection and Stored XSS vulnerabilities were discovered via the /backend/ajax URI.

tags | exploit, vulnerability
MD5 | 10f61a78a31409766f7a2581bb88ad6e
Airties AIR5453 1.0.0.18 Cross Site Scripting
Posted Sep 29, 2018
Authored by Ismail Tasdelen

A cross site scripting vulnerability has been discovered in the AIR5453 modem of the AirTies manufacturer. AirTies Air 5453 devices have XSS via the top.html productboardtype parameter.

tags | exploit, xss
advisories | CVE-2018-17593
MD5 | f929fbfb4a4c70f96dbb9866a60b1dfd
Airties AIR5443v2 1.0.0.18 Cross Site Scripting
Posted Sep 29, 2018
Authored by Ismail Tasdelen

A cross site scripting vulnerability has been discovered in the AIR5442 modem of the AirTies manufacturer. AirTies Air 5442 devices have XSS via the top.html productboardtype parameter.

tags | exploit, xss
advisories | CVE-2018-17590
MD5 | 6b15c628b0ef901178a5af4b7bff9caa
Airties AIR5442 1.0.0.18 Cross Site Scripting
Posted Sep 29, 2018
Authored by Ismail Tasdelen

A cross site scripting vulnerability has been discovered in the AIR5443v2 modem of the AirTies manufacturer. AirTies Air 5443v2 devices have XSS via the top.html productboardtype parameter.

tags | exploit, xss
advisories | CVE-2018-17594
MD5 | c927d058492c8d06be0718e2d4ea1b1f
Airties AIR5343v2 1.0.0.18 Cross Site Scripting
Posted Sep 29, 2018
Authored by Ismail Tasdelen

A cross site scripting vulnerability has been discovered in the AIR5343v2 modem of the AirTies manufacturer. AirTies Air 5343v2 devices have XSS via the top.html productboardtype parameter.

tags | exploit, xss
advisories | CVE-2018-17591
MD5 | b86d5aef9585119ae4f6137421982e0c
Dell EMC Unity Family 4.3.0.x / 4.3.1.x Incorrect File Permissions
Posted Sep 28, 2018
Site emc.com

Dell EMC Unity requires an update to address an Incorrect File Permissions vulnerability with multiple files. This vulnerability may potentially be exploited by malicious local users to compromise the affected system. Dell EMC Unity Operating Environment (OE) versions 4.3.0.x and 4.3.1.x and Dell EMC UnityVSA Operating Environment (OE) versions 4.3.0.x and 4.3.1.x are affected.

tags | advisory, local
advisories | CVE-2018-11064
MD5 | 938d0e334e16f3d61be4cc3ffcb624ff
Debian Security Advisory 4306-1
Posted Sep 28, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4306-1 - Multiple security issues were discovered in Python: ElementTree failed to initialize Expat's hash salt, two denial of service issues were found in difflib and poplib and the shutil module was affected by a command injection vulnerability.

tags | advisory, denial of service, python
systems | linux, debian
advisories | CVE-2018-1000802, CVE-2018-1060, CVE-2018-1061, CVE-2018-14647
MD5 | 59ac7d08f42ae08ee8581f5c3f9f8e4e
Ubuntu Security Notice USN-3719-3
Posted Sep 28, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3719-3 - USN-3719-1 fixed vulnerabilities in Mutt. Unfortunately, the fixes were not correctly applied to the packaging for Mutt in Ubuntu 16.04 LTS. This update corrects the oversight. It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-14349, CVE-2018-14353, CVE-2018-14357, CVE-2018-14358, CVE-2018-14362
MD5 | c5de7c36c1c7844cd0a691144c17c95d
Seqrite End Point Security 7.4 Privilege Escalation
Posted Sep 28, 2018
Authored by Hashim Jawad

Seqrite End Point Security version 7.4 suffers from a weak file permission privilege escalation vulnerability.

tags | exploit
MD5 | 898abbe4a6b29752bce452f19940da56
Skype On Debian Microsoft Apt Repo Addition
Posted Sep 28, 2018
Authored by Enrico Weigelt

Skype on Debian automatically installs apt configuration that adds Microsoft's apt repo to the system's package sources. That way, Microsoft (or anybody holding their repo's private key) can easily inject malicious packages via regular update and replace distro packages w/ their own manipulated ones.

tags | advisory
systems | linux, debian
MD5 | 29907a8788a851294654cf6bba1d66ac
Intel Extreme Tuning Utility 6.4.1.23 Code Execution / Privilege Escalation
Posted Sep 28, 2018
Authored by Stefan Kanthak

Intel Extreme Tuning Utility version 6.4.1.23 suffers from code execution, privilege escalation, and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, code execution
MD5 | b97fc3e513620c2444e56ab028d820d5
Red Hat Security Advisory 2018-2835-01
Posted Sep 28, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2835-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.2.1 ESR. Issues addressed include a crash.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2018-12383, CVE-2018-12385
MD5 | 8f9c83d61cb277d76f94999c085df60b
Red Hat Security Advisory 2018-2834-01
Posted Sep 28, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2834-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.2.1 ESR. Issues addressed include a crash.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2018-12383, CVE-2018-12385
MD5 | b69b990087b2042ffe81272b960516ab
Red Hat Security Advisory 2018-2822-01
Posted Sep 28, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2822-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2018-11806
MD5 | 1677bdde8f0e5bc598d02229208feb61
AppArmor Filesystem Blacklisting Bypass
Posted Sep 27, 2018
Authored by Jann Horn, Google Security Research

AppArmor has an issue where filesystem blacklisting can be bypassed by moving parents.

tags | exploit
MD5 | 639fa99eb3859f6045557741289c460b
PCProtect 4 8.35 Privilege Escalation
Posted Sep 27, 2018
Authored by Hashim Jawad

PCProtect 4 version 8.35 suffers from a weak file permission privilege escalation vulnerability.

tags | exploit
MD5 | f01e6efef117c274cd2af28a68f535ec
Rausoft ID.prove 2.95 SQL Injection
Posted Sep 27, 2018
Authored by Ilya Timchenko

Rausoft ID.prove version 2.95 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 8620e03766a504cc03be6e2f4dcead25
ManageEngine Desktop Central 10.0.271 Cross Site Scripting
Posted Sep 27, 2018
Authored by Ismail Tasdelen

ManageEngine Desktop Central version 10.0.271 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e76e3a52832dfa703a96d54c2c8a150a
iWay Data Quality Suite Web Console 10.6.1.ga XML Injection
Posted Sep 27, 2018
Authored by Sureshbabu Narvaneni

iWay Data Quality Suite Web Console version 10.6.1.ga suffers from an XML external entity injection vulnerability.

tags | exploit, web
MD5 | 600d4e1ad23f8f4d97e239fea2520065
Microsoft Edge Sandbox Escape
Posted Sep 27, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge suffers from a sandbox escape vulnerability.

tags | exploit
advisories | CVE-2018-8463, CVE-2018-8468, CVE-2018-8469
MD5 | 69c1c3d9c1a1bb35469e2efa12885373
Red Hat Security Advisory 2018-2826-01
Posted Sep 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2826-01 - Mod_perl incorporates a Perl interpreter into the Apache web server, such that the Apache HTTP server can directly execute Perl code. Issues addressed include a code execution vulnerability.

tags | advisory, web, perl, code execution
systems | linux, redhat
advisories | CVE-2011-2767
MD5 | 68d78740d4e091cea9d2b974a51f106c
Page 1 of 17
Back12345Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close