exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 442 RSS Feed

Files Date: 2019-02-01 to 2019-02-28

SHAREit For Android 4.0.38 Authentication Bypass / File Download
Posted Feb 27, 2019
Authored by Abdulrahman Nour | Site redforce.io

DUMPit is an exploit for the SHAREit mobile app abusing two recently discovered vulnerabilities affecting SHAREit Android application versions 4.0.38 and below. The first one allows an attacker to bypass SHAREit device authentication mechanism, and the other one enables the authenticated attacker to download arbitrary files from the user's device. Both vulnerabilities were reported to the vendor and patches have been released.

tags | exploit, arbitrary, vulnerability
SHA-256 | dca3c57e123cd7505a079d465df0e3ed6eb0383632d057de092d08aa581a3e30
Ubuntu Security Notice USN-3898-2
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3898-2 - USN-3898-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM. Hanno BAPck and Damian Poddebniak discovered that NSS incorrectly handled certain CMS functions. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-18508
SHA-256 | 1d29daa586638d1687e2c77add0bb7c8b731fb2a215cc537c3825c522bfe4767
Slackware Security Advisory - openssl Updates
Posted Feb 27, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssl packages are available for Slackware 14.2 to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-1559
SHA-256 | 5c1cdf9684c784e3419f4f62d1ea6abbe56bd1569166ff01ede23c6e0f9a6356
Ubuntu Security Notice USN-3898-1
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3898-1 - Hanno BAPck and Damian Poddebniak discovered that NSS incorrectly handled certain CMS functions. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-18508
SHA-256 | 65d8d1d3213e311db3f67d9de307f4175536c1d87172fe22447aa6e2df8f42f3
Ubuntu Security Notice USN-3899-1
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3899-1 - Juraj Somorovsky, Robert Merget, and Nimrod Aviram discovered that certain applications incorrectly used OpenSSL and could be exposed to a padding oracle attack. A remote attacker could possibly use this issue to decrypt data.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2019-1559
SHA-256 | 314dd057e4f3b505847675be956a215758d853b3d9060ea0c5c55356b5e867b6
Chrome PaymentRequest Service Use-After-Free
Posted Feb 27, 2019
Authored by Google Security Research, Mark Brand

Chrome suffers from multiple use-after-free vulnerabilities in the PaymentRequest service.

tags | exploit, vulnerability
SHA-256 | fb9baf689c47875cf56ed6918386a270499142ea5e915be52d8936b09ba2adbb
Zentyal Server Development Edition 6.0 Cross Site Scripting
Posted Feb 27, 2019
Authored by Ozer Goker

Zentyal Server Development Edition version 6.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1dd3682af8e86e66ede142a3e3ecd5ee4b86fe668c2a76bb2b415cc98deb0bf2
Chrome FileWriterImpl Use-After-Free
Posted Feb 27, 2019
Authored by Google Security Research, Mark Brand

Chrome suffers from a use-after-free vulnerability in FileWriterImpl.

tags | exploit
SHA-256 | 2dd17dbd1895915d6546d52f25a07461fc335eb44dcded0bf7d33720916ebe5c
Ubuntu Security Notice USN-3895-1
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3895-1 - It was discovered that LDB incorrectly handled certain search expressions. A remote attacker could possibly use this issue to cause the Samba LDAP process to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-3824
SHA-256 | 2b2e15be3d1d6bdd1eeb95b8e0be3f5ad3dc34c9b908b95f55d32d379fe55a61
Chrome P2PSocketDispatcherHost Use-After-Free
Posted Feb 27, 2019
Authored by Google Security Research, Mark Brand

Chrome suffers from a use-after-free vulnerability in the RenderProcessHostImpl binding for P2PSocketDispatcherHost.

tags | exploit
SHA-256 | 11fb3cadf252944e7b29e9069845929d7d4986f025488c7c0c80f5dc9b88bb27
tcpdump Out-Of-Bounds Read
Posted Feb 27, 2019
Authored by Google Security Research, mjurczyk

tcpdump was found to suffer from multiple out-of-bounds read vulnerabilities.

tags | exploit, vulnerability
SHA-256 | cea131972888984634d05f66fcb925a4eaa31822c00269467fbc5939cb230885
Chrome RenderFrameHostImpl::CreateMediaStreamDispatcherHost Use-After-Free
Posted Feb 27, 2019
Authored by Google Security Research, Mark Brand

Chrome suffers from a use-after-free vulnerability in RenderFrameHostImpl::CreateMediaStreamDispatcherHost.

tags | exploit
SHA-256 | fb031633c01be0530ba93f915787ad97df1516fb4d5cc8dcbb8d0b436e7ca99a
Ubuntu Security Notice USN-3896-1
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3896-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass same origin protections, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-18356
SHA-256 | a72423c41131d6f0eab08f80f97e7919e4ef553b52bff4b3bdc59fce70235de0
Hydra Network Logon Cracker 8.9.1
Posted Feb 27, 2019
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Clarification for rdp error message. CIDR notation (hydra -l test -p test 192.168.0.0/24 ftp) was not detected, fixed.
tags | tool, web, imap
systems | cisco, unix
SHA-256 | 7c615622d9d22a65b007e545f2d85da06c422a042f720bd6c5578a1844dec40e
Ubuntu Security Notice USN-3897-1.t.xt
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3897-1 - A use-after-free was discovered in libical. If a user were tricked in to opening a specially crafted ICS calendar file, an attacker could potentially exploit this to cause a denial of service. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-5824, CVE-2018-18509
SHA-256 | b874881641fd7509c472416c48d3b2ffe94626ff3840fa1538992148440c2484
Simple Online Hotel Reservation System Cross Site Request Forgery
Posted Feb 27, 2019
Authored by Mr Winst0n

Simple Online Hotel Reservation System suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | c37555b23a0682c85d048543ed9bbd91aee430dfb3252aaa2d192b608774e2d2
Joomla Alberghi 2.1.3 File Upload / SQL Injection
Posted Feb 27, 2019
Authored by KingSkrupellos

Joomla Alberghi component version 2.1.3 suffers from arbitrary file upload and remote SQL injection vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, sql injection, file upload
SHA-256 | 4108d89cd5aacaa5aba00bce1d89efdaca7515189ceb474f8a7a6e3a9ecd5ac2
Red Hat Security Advisory 2019-0415-01
Posted Feb 26, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0415-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a race condition vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2018-10902
SHA-256 | 21480fe02116b1998f4a25a82c619e388937930d0a494affab02c1646b7ebe5b
Red Hat Security Advisory 2019-0420-01
Posted Feb 26, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0420-01 - The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Issues addressed include an auth hijacking vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-6133
SHA-256 | 9d215922debd8fb7cdfec01420ddbc6e0b621cb31a7eaaea23b02be171fb8e8d
DomainMOD 4.11.01 Custom Domain Cross Site Scripting
Posted Feb 26, 2019
Authored by Mohammed Abdul Raheem

DomainMOD version 4.11.01 suffers from a cross site scripting vulnerability in the custom domains fields page.

tags | exploit, xss
advisories | CVE-2018-19750
SHA-256 | b7f2bf6a2c81c5c51b98752fce5e1a6eef8695a29d0c56a434778c0e32ac0dd7
XOR Encoder / Decoder
Posted Feb 26, 2019
Authored by Daniele Votta

45 bytes small Linux/x86 XOR encoder and decoder shellcode tool.

tags | x86, shellcode
systems | linux
SHA-256 | 53cc6383c1503adc9fee0b000a25b33ee5a694c3e686d5c465a656763c1d5585
vBulletin 4.2.0 ChangUonDyU Chatbox 3.6.0 Cross Site Scripting
Posted Feb 26, 2019
Authored by KingSkrupellos

vBulletin version 4.2.0 with ChangUonDyU Chatbox plugin version 3.6.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | bb1231371b917c4f9e749a0a46ebf3e8059e33f4abd5c0f9cd3a8c41f8b16d9a
Ubuntu Security Notice USN-3894-1
Posted Feb 26, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3894-1 - It was discovered that GNOME Keyring incorrectly cleared out credentials supplied to the PAM module. A local attacker could possibly use this issue to discover login credentials.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-20781
SHA-256 | a20948c7dee901d679f7307e7614b3e46af63d7076b753513dd72f2fc7cac6fa
Red Hat Security Advisory 2019-0408-01
Posted Feb 26, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0408-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a file descriptor handling issue in runc.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-5736
SHA-256 | f242eb1bc1a662c6c05d8031be82a78052768334224c021465f22ec8423fba33
SQLiteManager 1.2.0 / 1.2.4 SQL Injection
Posted Feb 26, 2019
Authored by Rafael Pedrero

SQLiteManager versions 1.2.0 and 1.2.4 suffer from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2019-9083
SHA-256 | f05d89a50e34425c7eaf33707af3151232c78c66c9d035d35ba381c9d994a25e
Page 1 of 18
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close