exploit the possibilities
Showing 1 - 20 of 20 RSS Feed

Files Date: 2019-05-22

Debian Security Advisory 4448-1
Posted May 22, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4448-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | 38f258bf454c1e2f51d5d76bae0e17af
Ubuntu Security Notice USN-3993-2
Posted May 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3993-2 - USN-3993-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that curl incorrectly handled memory when receiving data from a TFTP server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-5436
MD5 | 171809959a77766ef2db183f2aa4aa3c
Blue Prism Robotic Process Automation (RPA) Privilege Escalation
Posted May 22, 2019
Authored by Benjamin Hess

Blue Prism Robotic Process Automation (RPA) versions prior to 6.5.0.12573 suffer from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2019-11875
MD5 | f424dfb980dcc7fce293cc0072ec0ff6
Ubuntu Security Notice USN-3992-1
Posted May 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3992-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2019-8595
MD5 | 12b9071fb727c2600c6517cb0d2ade93
Ubuntu Security Notice USN-3993-1
Posted May 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3993-1 - Wenchao Li discovered that curl incorrectly handled memory in the curl_url_set function. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.04. It was discovered that curl incorrectly handled memory when receiving data from a TFTP server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-5435, CVE-2019-5436
MD5 | 7a6b2a7276dd51ccf6aa6ba7840777a5
Slackware Security Advisory - mozilla-firefox Updates
Posted May 22, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | 1830e80e9537df88ff46db52d64b2e19
Ubuntu Security Notice USN-3566-2
Posted May 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3566-2 - USN-3566-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information or possibly cause a crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-10712, CVE-2017-11362, CVE-2017-12933, CVE-2018-20783, CVE-2019-11036
MD5 | 58559ab5996b6d070244fb449b0aaed5
Red Hat Security Advisory 2019-1260-01
Posted May 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1260-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include an information leakage vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2016-10745, CVE-2018-1060, CVE-2018-1061, CVE-2018-14647, CVE-2019-9740, CVE-2019-9947
MD5 | 8789913b6285d14129e87758b445c5a2
Red Hat Security Advisory 2019-1259-01
Posted May 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1259-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. A new version of .NET Core that address security vulnerabilities is now available. The updated version is .NET Core Runtime 2.1.11 and SDK 2.1.507. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2019-0757, CVE-2019-0820, CVE-2019-0980, CVE-2019-0981
MD5 | 44a386813b5e55de226e46426b1f600e
Microsoft Windows Task Scheduler .job Import Arbitrary DACL Write
Posted May 22, 2019
Authored by SandboxEscaper

Microsoft Windows task scheduler .job import arbitrary DACL write proof of concept exploit.

tags | exploit, arbitrary, proof of concept
systems | windows
MD5 | 52b9f1fd108ce77586d458c8e25878fb
TapinRadio 2.11.6 Denial Of Service
Posted May 22, 2019
Authored by Victor Mondragon

TapinRadio version 2.11.6 Address denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | e23d018eb2158ed1b3894de02dcbfb31
BlueStacks 4.80.0.1060 Denial Of Service
Posted May 22, 2019
Authored by Alejandra Sanchez

BlueStacks version 4.80.0.1060 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 747c9bb73ad4ab38e59f1dccda79856c
RarmaRadio 2.72.3 Username / Server Denial Of Service
Posted May 22, 2019
Authored by Victor Mondragon

RarmaRadio version 2.72.3 Server and Username proof of concept denial of service exploits.

tags | exploit, denial of service, proof of concept
MD5 | b67247c5346ea62ca0d016cb5013d0eb
WordPress Inkblot Theme 4.9.10 Cross Site Request Forgery
Posted May 22, 2019
Authored by KingSkrupellos

WordPress Inkblot Theme version 4.9.10 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 1ee15c6a89ac27cbcbbe932cbea16a32
WordPress Memphis Documents Library 3.9.19 Cross Site Request Forgery
Posted May 22, 2019
Authored by Mr Winst0n

WordPress Memphis Documents Library plugin version 3.9.19 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 8eb5cfcb4bd543d3bca72edeb4ef69ea
Zoho ManageEngine ServiceDesk Plus Privilege Escalation
Posted May 22, 2019
Authored by Enter Of VinCSS

Zoho ManageEngine ServiceDesk Plus versions prior to 10.5 suffer from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2019-12252
MD5 | d97b1178405ec6a5d1127af3b7c0e993
Zoho ManageEngine ServiceDesk Plus 9.3 Cross Site Scripting
Posted May 22, 2019
Authored by Enter Of VinCSS

Zoho ManageEngine ServiceDesk Plus version 9.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-12189
MD5 | 5744b5ba08b274ef8062fa3b9ecab06e
FreeBSD rtld execl() Privilege Escalation
Posted May 22, 2019
Authored by stealth, Kingcope | Site metasploit.com

This Metasploit module exploits a vulnerability in the FreeBSD run-time link-editor (rtld). The rtld unsetenv() function fails to remove LD_* environment variables if __findenv() fails. This can be abused to load arbitrary shared objects using LD_PRELOAD, resulting in privileged code execution.

tags | exploit, arbitrary, code execution
systems | freebsd, bsd
advisories | CVE-2009-4146, CVE-2009-4147
MD5 | 8389e3a76ad8302ffe4213d460a38deb
Mac OS X Feedback Assistant Race Condition
Posted May 22, 2019
Authored by timwr, CodeColorist | Site metasploit.com

This Metasploit module exploits a race condition vulnerability in Mac's Feedback Assistant. A successful attempt would result in remote code execution under the context of root.

tags | exploit, remote, root, code execution
advisories | CVE-2019-8565
MD5 | 92e9e59de8b1c44532025e2d75591bf9
Shopware createInstanceFromNamedArguments PHP Object Instantiation
Posted May 22, 2019
Authored by mr_me, Karim Ouerghemmi | Site metasploit.com

This Metasploit module exploits a php object instantiation vulnerability that can lead to remote code execution in Shopware. An authenticated backend user could exploit the vulnerability. The vulnerability exists in the createInstanceFromNamedArguments function, where the code insufficiently performs whitelist check which can be bypassed to trigger an object injection. An attacker can leverage this to deserialize an arbitrary payload and write a webshell to the target system, resulting in remote code execution. Tested on Shopware git branches 5.6, 5.5, 5.4, 5.3.

tags | exploit, remote, arbitrary, php, code execution
advisories | CVE-2017-18357
MD5 | a99c1e8083c3f15ba37bddffdcfae6ae
Page 1 of 1
Back1Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    8 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    4 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close