what you don't know can hurt you
Showing 1 - 12 of 12 RSS Feed

Files Date: 2018-12-07

Adiscon LogAnalyzer 4.1.6 Cross Site Scripting
Posted Dec 7, 2018
Authored by Gustavo Sorondo

Adiscon LogAnalyzer versions 4.1.6 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-19877
MD5 | 1f0cea0032676330845007e01bc272e2
VistaPortal SE 5.1 Cross Site Scripting
Posted Dec 7, 2018
Authored by Rafael Pedrero

VistaPortal SE version 5.1 build 51029 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2018-19649, CVE-2018-19765, CVE-2018-19766, CVE-2018-19767, CVE-2018-19768, CVE-2018-19769, CVE-2018-19770, CVE-2018-19771, CVE-2018-19772, CVE-2018-19773, CVE-2018-19774, CVE-2018-19775, CVE-2018-19809, CVE-2018-19810, CVE-2018-19811, CVE-2018-19812, CVE-2018-19813, CVE-2018-19814, CVE-2018-19815, CVE-2018-19816, CVE-2018-19817, CVE-2018-19818, CVE-2018-19819, CVE-2018-19820, CVE-2018-19821, CVE-2018-19822
MD5 | 6edb126f7aa16dacfe59cfa661c90adb
MiniShare 1.4.1 HEAD / POST Buffer Overflow
Posted Dec 7, 2018
Authored by Rafael Pedrero

MiniShare version 1.4.1 suffers from multiple buffer overflow vulnerabilities.

tags | exploit, overflow, vulnerability
advisories | CVE-2004-2271, CVE-2018-19861, CVE-2018-19862
MD5 | 597a47d5ba041592c6980bf8d2f57017
Textpad 8.1.2 Denial Of Service
Posted Dec 7, 2018
Authored by Gionathan Reale

Textpad version 8.1.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 99124ae8e987aef00a89a47629373903
SQLMAP - Automatic SQL Injection Tool 1.2.12
Posted Dec 7, 2018
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Various updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 431249d7af567a0c9086f93e62aa44fa
FutureNet NXR-G240 Series ShellShock Command Injection
Posted Dec 7, 2018
Authored by Nassim Asrir

FutureNet NXR-G240 Series remote shellshock command injection exploit.

tags | exploit, remote
advisories | CVE-2014-6271
MD5 | c16ed470e8102d32f5c571792cdedf24
Debian Security Advisory 4350-1
Posted Dec 7, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4350-1 - It was discovered that incorrect processing of very high UIDs in Policykit, a framework for managing administrative policies and privileges, could result in authentication bypass.

tags | advisory
systems | linux, debian
advisories | CVE-2018-19788
MD5 | f77c7575733e7e18b3953cef1e1c78a2
Apple Security Advisory 2018-12-06-1
Posted Dec 7, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-12-06-1 - watchOS 5.1.2 is now available and addresses code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple
advisories | CVE-2018-4303, CVE-2018-4429, CVE-2018-4431, CVE-2018-4435, CVE-2018-4436, CVE-2018-4437, CVE-2018-4438, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4447, CVE-2018-4460, CVE-2018-4461, CVE-2018-4464, CVE-2018-4465
MD5 | b0d98ec66ebb93dbb6524584ecfdaccf
i-doit CMDB 1.11.2 Remote Code Execution
Posted Dec 7, 2018
Authored by Ozkan Mustafa Akkus

i-doit CMDB version 1.11.2 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | ba7b86d06f5ef7da921deebaed1791b1
Gentoo Linux Security Advisory 201812-05
Posted Dec 7, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201812-5 - A vulnerability in EDE could result in privilege escalation. Versions less than 1.07 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2012-0035
MD5 | 5230c0480d1f9e56a62f956da5c48b5b
Ubuntu Security Notice USN-3840-1
Posted Dec 7, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3840-1 - Samuel Weiser discovered that OpenSSL incorrectly handled DSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private DSA keys. Samuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-0734, CVE-2018-0735, CVE-2018-5407
MD5 | 5994d027f01038463cf5bc485763f923
Ubuntu Security Notice USN-3831-2
Posted Dec 7, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3831-2 - USN-3831-1 fixed vulnerabilities in Ghostscript. Ghostscript 9.26 introduced a regression when used with certain options. This update fixes the problem. It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
MD5 | 90e4e6902a9545090e0ab2f68dbb0ec5
Page 1 of 1
Back1Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    4 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close