what you don't know can hurt you
Showing 1 - 21 of 21 RSS Feed

Files Date: 2019-04-01

Chrome V8TrustedTypePolicyOptions::ToImpl Type Confusion
Posted Apr 1, 2019
Authored by Google Security Research, Glazvunov

Chrome suffers from a type confusion vulnerability in V8TrustedTypePolicyOptions::ToImpl.

tags | exploit
MD5 | 98c38647d36157a9c19284e8e46c2d46
WebKitGTK+ ThreadedCompositor Race Condition
Posted Apr 1, 2019
Authored by Google Security Research, Glazvunov

The compositor thread in WebKitGTK+ might alter a FilterOperation object's reference count variable at the same time as the main thread. Then the reference count corruption might lead to a use-after-free condition.

tags | exploit
MD5 | 7cf03baad452fd88cc65c2145f359558
XNU Unsafe Pidversion Increment During Execve
Posted Apr 1, 2019
Authored by saelo, Google Security Research

XNU has an issue where pidversion increment during execve is unsafe.

tags | exploit
advisories | CVE-2019-8514
MD5 | 98cad986f696210bc1f2b23ff3589ba7
JavaScriptCore createRegExpMatchesArray Fails To Respect Inferred Types
Posted Apr 1, 2019
Authored by saelo, Google Security Research

JavaScriptCore has an issue where createRegExpMatchesArray does not respect inferred types.

tags | exploit
advisories | CVE-2019-8506
MD5 | 890d106035374c388ef370b205c1ca00
Oracle Weblogic Server Deserialization MarshalledObject Remote Code Execution
Posted Apr 1, 2019
Authored by Jacob Baines, Aaron Soto, Andres Rodriguez | Site metasploit.com

An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object (weblogic.corba.utils.MarshalledObject) to the interface to execute code on vulnerable hosts.

tags | exploit
advisories | CVE-2016-3510
MD5 | 73d8d9705d5c9f614936a80d2fffaf41
SQLMAP - Automatic SQL Injection Tool 1.3.4
Posted Apr 1, 2019
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Various updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 1c8380669ea9d9d35dc6340928d1d738
Botan C++ Crypto Algorithms Library 2.10.0
Posted Apr 1, 2019
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Changes: Added a new certificate store implementation that can access the MacOS keychain certificate store. Add BMI2 implementations of SHA-512 and SHA-3 which improve performance by 25-35% on common CPUs. Various other updates.
tags | library
MD5 | 0c3e80e402d71c4f65f5a5b90659b027
Red Hat Security Advisory 2019-0693-01
Posted Apr 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0693-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 5.9 will be retired as of March 31, 2020, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 5.9 AMC after March 31, 2020.

tags | advisory
systems | linux, redhat
MD5 | a70123436ffaf9d2ab00c0260cd1d210
Ubuntu Security Notice USN-3928-1
Posted Apr 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3928-1 - It was discovered that Dovecot incorrectly handled reading certain headers from the index. A local attacker could possibly use this issue to escalate privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-7524
MD5 | e8e381e3194fa8e084140ffae3875bdb
Debian Security Advisory 4421-1
Posted Apr 1, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4421-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2019-5787, CVE-2019-5788, CVE-2019-5789, CVE-2019-5790, CVE-2019-5791, CVE-2019-5792, CVE-2019-5793, CVE-2019-5794, CVE-2019-5795, CVE-2019-5796, CVE-2019-5797, CVE-2019-5798, CVE-2019-5799, CVE-2019-5800, CVE-2019-5802, CVE-2019-5803
MD5 | 171d11d0d28b852d7b325aae926554a0
Debian Security Advisory 4420-1
Posted Apr 1, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4420-1 - Multiple security issues have been found in the Thunderbird mail client, which could lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2018-18506, CVE-2019-9788, CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, CVE-2019-9796
MD5 | 9c341e17cb151e9b9a82c377fba7c543
Debian Security Advisory 4419-1
Posted Apr 1, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4419-1 - Fabien Potencier discovered that twig, a template engine for PHP, did not correctly enforce sandboxing. This could result in potential information disclosure.

tags | advisory, php, info disclosure
systems | linux, debian
advisories | CVE-2019-9942
MD5 | d00cef3c5e5b02edd0fc91a7aea7b3a8
Fiverr Clone Script 1.2.2 Cross Site Scripting / SQL Injection
Posted Apr 1, 2019
Authored by Mr Winst0n

Fiverr Clone Script version 1.2.2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | aa633fc8b896ed59cd8c18665450b533
WordPress Ultimate Member 2.0.38 Cross Site Request Forgery
Posted Apr 1, 2019
Authored by Georg Knabl

WordPress Ultimate Member plugin version 2.0.38 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2019-10673
MD5 | 81c0af98e4ecea26b52dd1aa67fb05fc
zStore 1.10 Cross Site Scripting
Posted Apr 1, 2019
Authored by indoushka

zStore version 1.10 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4c00e0738e3016954ee20c83582c53d5
zipperSNAP 7.0.28 Cross Site Scripting
Posted Apr 1, 2019
Authored by indoushka

zipperSNAP version 7.0.28 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 99bcb1b503333f00561cf36a8f07c26d
zipperSNAP 7.0.28 Directory Traversal
Posted Apr 1, 2019
Authored by indoushka

zipperSNAP version 7.0.28 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 68133bd8f39ff33782a37a6e67421103
Zeuscart 3.0 User Detail Disclosure
Posted Apr 1, 2019
Authored by indoushka

Zeuscart version 3.0 appears to suffer from a user detail information disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 4f117d148304a4e5c015e95b04f3fca1
SphereFTP 2.0 Denial Of Service
Posted Apr 1, 2019
Authored by Sachin Wagh

SphereFTP server version 2.0 suffers from a remote denial of service vulnerability.

tags | exploit, remote, denial of service
MD5 | d09d9c2d9a6160f5942f71f57f0d51ce
Classified Ad Lister 2.0 Arbitrary File Upload
Posted Apr 1, 2019
Authored by Mehmet Emiroglu

Classified Ad Lister version 2.0 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
MD5 | b866bad380e0c3b19bc902c7eb5f1dae
Packet Storm New Exploits For March, 2019
Posted Apr 1, 2019
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 205 exploits added to Packet Storm in March, 2019.

tags | exploit
MD5 | b7141ac743587ac3ee7f52336fd376a9
Page 1 of 1

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    26 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    11 Files
  • 8
    May 8th
    2 Files
  • 9
    May 9th
    2 Files
  • 10
    May 10th
    13 Files
  • 11
    May 11th
    17 Files
  • 12
    May 12th
    22 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By