what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2018-11-16

Intel Rapid Storage Technology User Interface And Driver 15.9.0.1015 DLL Hijacking
Posted Nov 16, 2018
Authored by Stefan Kanthak

Intel Rapid Storage Technology User Interface and Driver version 15.9.0.1015 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 6e7d0ae7e36d2519f2a95dd01eee53eeefd5b81452a1fdfc32e7ec88cc304a15
Budabot 4.0 Denial Of Service
Posted Nov 16, 2018
Authored by Ryan Delaney

Budabot versions 0.6 through 4.0 suffer from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2018-19290
SHA-256 | a8620cfd1ed239f5a681eebba7f54e300e332b8a58ce2704698bd1ea6a629401
Easy Outlook Express Recovery 2.0 Denial Of Service
Posted Nov 16, 2018
Authored by Ihsan Sencan

Easy Outlook Express Recovery version 2.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 82cb3c42702d61ce3a30a798b37e6224448fb4750089b14e6c59554868298e79
Ubuntu Security Notice USN-3824-1
Posted Nov 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3824-1 - It was discovered that the Security component of OpenJDK did not properly ensure that manifest elements were signed before use. An attacker could possibly use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. Artem Smotrakov discovered that the HTTP client redirection handler implementation in OpenJDK did not clear potentially sensitive information in HTTP headers when following redirections to different hosts. An attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, java, web
systems | linux, ubuntu
advisories | CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3169, CVE-2018-3180
SHA-256 | 6c5ea49388e7e87aca6197cfe70cc7c9a28214d75613f18a1201e869b8704850
Mumsoft Easy Software 2.0 Denial Of Service
Posted Nov 16, 2018
Authored by Ihsan Sencan

Mumsoft Easy Software version 2.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 2e6d3fa3ab3980ef650c389842587c04d50e541be8b89b6d86e5946e4b8c0473
DomainMOD 4.11.01 Cross Site Scripting
Posted Nov 16, 2018
Authored by Dawood Ansar

DomainMOD versions 4.09.03 through 4.11.01 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-19136
SHA-256 | 4ac91c382335e4c719ecad12b7fb1d13f9831451a63236bd492da8666dd9934e
Helpdezk 1.1.1 Shell Upload
Posted Nov 16, 2018
Authored by Ihsan Sencan

Helpdezk version 1.1.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 4d7c2b7a7f9e0b66c40c6a479ca4b064ccdc419315c37b7f8039d533b556f8f8
Warranty Tracking System 11.06.3 SQL Injection
Posted Nov 16, 2018
Authored by Ihsan Sencan

Warranty Tracking System version 11.06.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6b9d0c36e2b44c903b7a8825cda38efc3260a46b672d47f89e379535595683f1
Kernel Live Patch Security Notice LSN-0045-1
Posted Nov 16, 2018
Authored by Benjamin M. Romer

It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could use this to expose sensitive information or possibly elevate privileges. Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2017-13168, CVE-2018-10880, CVE-2018-16658, CVE-2018-9363
SHA-256 | fbe29704c99306a1bca47b078a9a33c2572ec3b421ae2b3cfb6ccde48d2a5412
Everus.org 1.0.9 Second Factor Redirection
Posted Nov 16, 2018
Authored by Muhammad Shahbaz

The Everus.org Android application version 1.0.9 has a fundamental design flaw where the client can send a random phone number during the second factor flow with an arbitrary existing user id and the server send the attacker the one time password for the other user.

tags | exploit, arbitrary
SHA-256 | e46c0f54b8cf03d1272fe5737ef712ce4a51f293453a2cc14d9e32c21776b79e
Linux Broken UID/GID Mapping
Posted Nov 16, 2018
Authored by Jann Horn, Google Security Research

Linux has a broken uid/gid mapping for nested user namespaces with greater than 5 ranges.

tags | exploit
systems | linux
advisories | CVE-2018-18955
SHA-256 | 53da54afe1913539df473ff36059802468d06980a436040ba7120c6c26f62627
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close