Twenty Year Anniversary
Showing 1 - 16 of 16 RSS Feed

Files Date: 2018-12-05

Slackware Security Advisory - mozilla-nss Updates
Posted Dec 5, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-nss packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-12404
MD5 | 2a4a4004fac372faa324e2b8686af6eb
Typesetter 5.1 Cross Site Scripting
Posted Dec 5, 2018
Authored by Mithat Gogebakan | Site netsparker.com

Typesetter version 5.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1816367e52467af90ad6a1ced2ce4278
Chrome V8 Math.expm1 Incorrect Type Information
Posted Dec 5, 2018
Authored by Google Security Research, sroett

Chrome V8 sets incorrect type information on Math.expm1.

tags | advisory
MD5 | 8d398e4f8f1b1a35eddcca69c66a88fc
Wireshark find_signature Heap Out-Of-Bounds Read
Posted Dec 5, 2018
Authored by Google Security Research, mjurczyk

Wireshark suffers from a heap out-of-bounds read in find_signature.

tags | exploit
advisories | CVE-2018-19627
MD5 | 84046c2a04b1da337321b35fd5743a13
NUUO NVRMini2 3.9.1 Command Injection
Posted Dec 5, 2018
Authored by Artem Metla

NUUO NVRMini2 version 3.9.1 suffers from an authenticated command injection vulnerability.

tags | exploit
advisories | CVE-2018-15716
MD5 | 067cc6cb85987b44c58f4479e6cd0e1d
Dolibarr ERP / CRM 8.0.3 Cross Site Scripting
Posted Dec 5, 2018
Authored by Ozkan Mustafa Akkus

Dolibarr ERP / CRM version 8.0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-19799
MD5 | 7e9f5d0ce4da13a127e9bec17063e7ec
DomainMOD 4.11.01 Cross Site Scripting
Posted Dec 5, 2018
Authored by Mohammed Abdul Raheem

DomainMOD version 4.11.01 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2018-19749, CVE-2018-19750, CVE-2018-19751, CVE-2018-19752
MD5 | a8c0991331f173f598dda46519c17265
OpenSSH User Enumeration
Posted Dec 5, 2018
Authored by Matthew Daley, Justin Gardner, Lee David Painter

OpenSSH versions prior to 7.7 suffer from a user enumeration vulnerability.

tags | exploit
advisories | CVE-2018-15473
MD5 | f8e41eaa193966b2c6d7937c1bcb82c2
SolarWinds SFTP Insecure Password Storage / XXE Injection
Posted Dec 5, 2018
Authored by ajcraggs

In SolarWinds SFTP/SCP Server through 2018-09-10, the configuration file is world readable and writable, and stores user passwords in an insecure manner, allowing an attacker to determine passwords for potentially privileged accounts. This also grants the attacker an ability to backdoor the server. SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via a world readable and writable configuration file that allows an attacker to exfiltrate data. These vulnerabilities affect versions prior to November 2018 release.

tags | advisory, vulnerability
advisories | CVE-2018-16791, CVE-2018-16792
MD5 | aaab688e387b4121b6c3cdd953319217
Xorg X11 Server (AIX) Local Privilege Escalation
Posted Dec 5, 2018
Authored by 0xdono

Xorg X11 server on AIX local privilege escalation exploit.

tags | exploit, local
systems | aix
advisories | CVE-2018-14665
MD5 | ef9b5b428615417d7a3e9bc170952de3
Seopanel 3.13.0 Cross Site Scripting
Posted Dec 5, 2018
Authored by Zekvan Arslan | Site netsparker.com

Seopanel version 3.13.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 1b99438121466bd44121c4561d8b8519
Rockwell Automation Allen-Bradley PowerMonitor 1000 Authentication Bypass
Posted Dec 5, 2018
Authored by Luca.Chiou

Rockwell Automation Allen-Bradley PowerMonitor 1000 suffers from an incorrect access control that can allow for authentication bypass.

tags | exploit, bypass
advisories | CVE-2018-19616
MD5 | 57967474fd7ae3be982029c2c92a54a6
Google Allo Denial Of Service
Posted Dec 5, 2018
Authored by KnocKout

Google Allo suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 13ca085d91ceec5c5140d7bbdd7dcaf7
Microsoft Lync For Mac 2011 Injection
Posted Dec 5, 2018
Authored by nyxgeek

Microsoft Lync for Mac 2011 suffers from a forced browsing / download injection vulnerability.

tags | exploit
advisories | CVE-2018-8474
MD5 | 84c7ba26a7e029d539a7580b1a2cab80
Linux/x64 Reverse (0.0.0.0:1907/TCP) Shell Shellcode
Posted Dec 5, 2018
Authored by Kagan Capar

119 bytes small Linux/x64 reverse (0.0.0.0:1907/TCP) shell shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | a1db6d316aa892b3b81d8165639238c0
Linux/x86 /usr/bin/head -n99 cat etc/passwd Shellcode
Posted Dec 5, 2018
Authored by Nelis

61 bytes small Linux/x86 /usr/bin/head -n99 cat etc/passwd shellcode.

tags | x86, shellcode
systems | linux
MD5 | 2fbbef5bdb2a35867aacd529a1fda03c
Page 1 of 1
Back1Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    10 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close