exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 36 RSS Feed

Files Date: 2019-05-23

Red Hat Security Advisory 2019-1268-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1268-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include wrong permissions in systemd admin-sock due to a missing SocketMode parameter.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-10132
SHA-256 | 5e33374ee511a6177cb296ad8608ed8954c6b49e422a6eebd6589ddcc28816a0
Red Hat Security Advisory 2019-1269-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1269-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
SHA-256 | fbee5170db375b3d91941cb07f2ba27bcfb9a84cf4b53b8dcccbf4fbd8716f11
Red Hat Security Advisory 2019-1264-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1264-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include wrong permissions in systemd admin-sock due to a missing SocketMode parameter.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10132
SHA-256 | 89709fdf9f1aab40053d83ef7567f59964bd668be75e13198034ef8daa04b3b7
Red Hat Security Advisory 2019-1267-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1267-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
SHA-256 | c6e7155e7416cfb68cc04e1c989838cfbc3d5433f74b1b0317dbf609a6f20135
Red Hat Security Advisory 2019-1265-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1265-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
SHA-256 | a0c42636e0c91502637faa4f359fdb2c32abbdeeebfb99420b97ed8275037807
Wireshark Analyzer 3.0.2
Posted May 23, 2019
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Wireshark dissection engine crash fixed. Fixed an issue where Wireshark could call extcap with empty multicheck argument. Various other updates.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 7e1ec5664a0dba4493d8729f9922378bdd05040fb159c2b03b42111efda2e53b
GRR 3.3.0.0
Posted May 23, 2019
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: This is the first GRR release that works with the new relational data model. The legacy, AFF4-based data store is still available in this release but new GRR setups are encouraged to switch to the relational data store. Various other updates.
tags | tool, remote, web, forensics
systems | unix
SHA-256 | 89ae266ede4d0d36eda8e3f278eb029a4a4d618c6c9e76a854d25e2d23cd3ae2
Quest KACE Systems Management Appliance 9.0 Cross Site Scripting
Posted May 23, 2019
Authored by Julien Ahrens | Site rcesecurity.com

Quest KACE Systems Management Appliance versions 9.0 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-11604
SHA-256 | 65f3a081afe40db41f6639b1bc6e910e5e069fe0b2e9e5ad97c5da01c2da144f
Bitbucket Path Traversal / Remote Code Execution
Posted May 23, 2019
Authored by Atlassian

Bitbucket Data Center had a path traversal vulnerability in the Data Center migration tool. A remote attacker with authenticated user with admin permissions can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Bitbucket Data Center. Bitbucket Server versions without a Data Center license are not vulnerable to this vulnerability. Versions of Bitbucket Server starting with 5.13.0 before 5.13.6 (the fixed version for 5.13.x), from 5.14.0 before 5.14.4 (fixed version for 5.14.x), from 5.15.0 before 5.15.3 (fixed version for 5.13.x), from 6.0.0 before 6.0.3 (fixed version for 6.0.x), and from 6.1.0 before 6.1.2 (the fixed version for 6.1.x) are affected by this vulnerability.

tags | advisory, remote, arbitrary, code execution, file inclusion
advisories | CVE-2019-3397
SHA-256 | eb7fab9f199284bc9dc00a27ebbd15225692c071a07f834c3e67ddca2bd8df05
Slackware Security Advisory - curl Updates
Posted May 23, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-5435, CVE-2019-5436
SHA-256 | c7b7d3aa5f310b98feb164aa85e9a57822005f12b22d8493cbbe0a4062035529
Debian Security Advisory 4449-1
Posted May 23, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4449-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-15822, CVE-2018-1999011, CVE-2019-11338, CVE-2019-9718
SHA-256 | f288e09d2c0dcc0ea84e6812f141e1b65ed1bfe3dfccee0d7f7a76c267e67de0
Ubuntu Security Notice USN-3977-2
Posted May 23, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3977-2 - USN-3977-1 provided mitigations for Microarchitectural Data Sampling vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for Intel Cherry Trail and Bay Trail processor families. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
SHA-256 | b95bf43c6402dc66b19fd844854fcacfcf6aa487e5936270e78fa5298c536caa
Opencart 3.0.3.2 extension/feed/google_base Denial Of Service
Posted May 23, 2019
Authored by Todor Donev

Opencart versions 3.0.3.2 and below extension/feed/google_base remote denial of service proof of concept exploit.

tags | exploit, remote, denial of service, proof of concept
SHA-256 | 95196c99a218a7f9fac52a75974542b8918ccfc5260c75f3fc68347f513ce7a7
Anviz M3 RFID Missing Access Controls
Posted May 23, 2019
Authored by WizLab.it | Site wizlab.it

Security issues have been found in the Anviz M3 RFID Access Control device when working in standalone mode connected to a TCP/IP network that could lead to access control bypass and private information leakage and alteration.

tags | exploit, tcp
advisories | CVE-2019-11523
SHA-256 | c1ad183da60120552ef4da27582e26b8013025e79bc583b88967bdff43a3cbeb
Nagios XI 5.6.1 SQL Injection
Posted May 23, 2019
Authored by Jameel Nabbo

Nagios XI version 5.6.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2019-12279
SHA-256 | 0418d537082bf935ad351ffdfcfdf6c33a613a01b22067a727425bd053ea4db5
Microsoft Windows Win32k Privilege Escalation
Posted May 23, 2019
Authored by ExpLife0011

Proof of concept exploit for an elevation of privilege vulnerability that exists in Windows when the Win32k component fails to properly handle objects in memory.

tags | exploit, proof of concept
systems | windows
advisories | CVE-2019-0803
SHA-256 | af82cc1fd927d501487e9bfd4d47ae1c8b398596eef61abe6f6b5625872c0564
Interspire Email Marketer 6.20 Remote Code Execution
Posted May 23, 2019
Authored by numan turle

Interspire Email Marketer version 6.20 suffers from a remote code execution vulnerability in surveys_submit.php.

tags | exploit, remote, php, code execution
advisories | CVE-2018-19550
SHA-256 | 45d131e6a2425bb502f4a5d754152dd1a73aa4d4cac8f190794723acfe99d49e
Internet Explorer JavaScript Privilege Escalation
Posted May 23, 2019
Authored by SandboxEscaper

Internet Explorer 11 exploit that allows attackers to execute JavaScript with higher system access than is normally permitted by the browser sandbox.

tags | exploit, javascript
advisories | CVE-2019-0841
SHA-256 | 7201c91d0285dfceb33caf8cf4b721c934c72d5d2f45225ca7e38a1614207c23
Angry Polar Bear 2: Microsoft Windows Error Reporting Local Privilege Escalation
Posted May 23, 2019
Authored by SandboxEscaper

Angry Polar Bear 2 is a Microsoft Windows error reporting privilege escalation exploit.

tags | exploit
systems | windows
advisories | CVE-2019-0863
SHA-256 | 5acdfb34c398811a4f8c1dd9e52decb18e0d1a86ec622eba5000824ef62936ba
NetAware 1.20 Add Block / Share Name Denial Of Service
Posted May 23, 2019
Authored by Alejandra Sanchez

NetAware version 1.20 Share Name and Add Block denial of service proof of concept exploits.

tags | exploit, denial of service, proof of concept
SHA-256 | 6c84040b138495f6660c8edd2b942bb104ca3c330de37c714b526db29500e0ec
WordPress Tigin 1.0.5 Open Redirection
Posted May 23, 2019
Authored by KingSkrupellos

WordPress Tigin theme version 1.0.5 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 3d29202ebf60fe8aa79edaa07fe92001705f95e55dafc55df22bc1415c965cd5
WordPress Xunjin 4.6 Open Redirection
Posted May 23, 2019
Authored by KingSkrupellos

WordPress Xunjin theme version 4.6 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 472807dea6c8ebff739626aa3cc82c7f3add8f45ed3f45d39207b3c1d5f71446
WordPress Divi-Child 1.0 Open Redirection
Posted May 23, 2019
Authored by KingSkrupellos

WordPress Divi-Child theme version 1.0 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | ec7bd7aa0d6d7f4a1c9302e75470149f20bcec4e76defb4f83f0f02d3cdd99d6
WordPress Howsci 1.8 Open Redirection
Posted May 23, 2019
Authored by KingSkrupellos

WordPress Howsci theme version 1.8 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | cf395eba98f23ba17578ab45705702c87ce371522a242fc28e713d1e6ca6e19a
WordPress Antena_Ri Institute 2.0 Open Redirection
Posted May 23, 2019
Authored by KingSkrupellos

WordPress Antena_Ri Institute theme version 2.0 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 70dde7194325351f1f0fb8c5ac6011731d1a3c8f0edcc2a8ae9bb9d2028a3d7b
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close