exploit the possibilities
Showing 1 - 25 of 36 RSS Feed

Files Date: 2019-05-23

Red Hat Security Advisory 2019-1268-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1268-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include wrong permissions in systemd admin-sock due to a missing SocketMode parameter.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-10132
MD5 | c7f0d660142b57ece86ba530c3d999fa
Red Hat Security Advisory 2019-1269-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1269-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | 425d5423e580dbfd5416ae1a3c86ff5c
Red Hat Security Advisory 2019-1264-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1264-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include wrong permissions in systemd admin-sock due to a missing SocketMode parameter.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10132
MD5 | 4c0f215935c8811f8ae661e6936de997
Red Hat Security Advisory 2019-1267-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1267-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | e73ac7e2d27531b4bb229fecc5310833
Red Hat Security Advisory 2019-1265-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1265-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | 665a4248296acddccf6877f808db5ba8
Wireshark Analyzer 3.0.2
Posted May 23, 2019
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Wireshark dissection engine crash fixed. Fixed an issue where Wireshark could call extcap with empty multicheck argument. Various other updates.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | e344675283d6329a4bc213b621d7f46a
GRR 3.3.0.0
Posted May 23, 2019
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: This is the first GRR release that works with the new relational data model. The legacy, AFF4-based data store is still available in this release but new GRR setups are encouraged to switch to the relational data store. Various other updates.
tags | tool, remote, web, forensics
systems | unix
MD5 | 87a3550dd2e53c167e769f14e87dd007
Quest KACE Systems Management Appliance 9.0 Cross Site Scripting
Posted May 23, 2019
Authored by Julien Ahrens | Site rcesecurity.com

Quest KACE Systems Management Appliance versions 9.0 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-11604
MD5 | 6e4257cec5ce63b2a13ee85f7cc0f5b9
Bitbucket Path Traversal / Remote Code Execution
Posted May 23, 2019
Authored by Atlassian

Bitbucket Data Center had a path traversal vulnerability in the Data Center migration tool. A remote attacker with authenticated user with admin permissions can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Bitbucket Data Center. Bitbucket Server versions without a Data Center license are not vulnerable to this vulnerability. Versions of Bitbucket Server starting with 5.13.0 before 5.13.6 (the fixed version for 5.13.x), from 5.14.0 before 5.14.4 (fixed version for 5.14.x), from 5.15.0 before 5.15.3 (fixed version for 5.13.x), from 6.0.0 before 6.0.3 (fixed version for 6.0.x), and from 6.1.0 before 6.1.2 (the fixed version for 6.1.x) are affected by this vulnerability.

tags | advisory, remote, arbitrary, code execution, file inclusion
advisories | CVE-2019-3397
MD5 | 657e273aa3e0e9c381f5de0e31630a90
Slackware Security Advisory - curl Updates
Posted May 23, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-5435, CVE-2019-5436
MD5 | 7de7e6dc7a9b1db2e5d3c236a0dab575
Debian Security Advisory 4449-1
Posted May 23, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4449-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-15822, CVE-2018-1999011, CVE-2019-11338, CVE-2019-9718
MD5 | 22da8d2aeb5c71c9d95d9a6968d0cb4d
Ubuntu Security Notice USN-3977-2
Posted May 23, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3977-2 - USN-3977-1 provided mitigations for Microarchitectural Data Sampling vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for Intel Cherry Trail and Bay Trail processor families. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
MD5 | 297ce249a55bb6a9f1b348e0dfd86bc7
Opencart 3.0.3.2 extension/feed/google_base Denial Of Service
Posted May 23, 2019
Authored by Todor Donev

Opencart versions 3.0.3.2 and below extension/feed/google_base remote denial of service proof of concept exploit.

tags | exploit, remote, denial of service, proof of concept
MD5 | 8f7d02198514d6db4dfef8e0e72e0139
Anviz M3 RFID Missing Access Controls
Posted May 23, 2019
Authored by WizLab.it | Site wizlab.it

Security issues have been found in the Anviz M3 RFID Access Control device when working in standalone mode connected to a TCP/IP network that could lead to access control bypass and private information leakage and alteration.

tags | exploit, tcp
advisories | CVE-2019-11523
MD5 | d287a6a5ec4c66808bc02415ae2ea2e4
Nagios XI 5.6.1 SQL Injection
Posted May 23, 2019
Authored by Jameel Nabbo

Nagios XI version 5.6.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2019-12279
MD5 | 6a81223d724b2e54b0d9646abba4f855
Microsoft Windows Win32k Privilege Escalation
Posted May 23, 2019
Authored by ExpLife0011

Proof of concept exploit for an elevation of privilege vulnerability that exists in Windows when the Win32k component fails to properly handle objects in memory.

tags | exploit, proof of concept
systems | windows
advisories | CVE-2019-0803
MD5 | 91e99823c59717f23a26ea09901bf4fb
Interspire Email Marketer 6.20 Remote Code Execution
Posted May 23, 2019
Authored by numan turle

Interspire Email Marketer version 6.20 suffers from a remote code execution vulnerability in surveys_submit.php.

tags | exploit, remote, php, code execution
advisories | CVE-2018-19550
MD5 | b195e66a0ac9e8901e18bb374e2f4d7a
Internet Explorer JavaScript Privilege Escalation
Posted May 23, 2019
Authored by SandboxEscaper

Internet Explorer 11 exploit that allows attackers to execute JavaScript with higher system access than is normally permitted by the browser sandbox.

tags | exploit, javascript
advisories | CVE-2019-0841
MD5 | 935c249a0cf1e2fa49afb683f0e4aa80
Angry Polar Bear 2: Microsoft Windows Error Reporting Local Privilege Escalation
Posted May 23, 2019
Authored by SandboxEscaper

Angry Polar Bear 2 is a Microsoft Windows error reporting privilege escalation exploit.

tags | exploit
systems | windows
advisories | CVE-2019-0863
MD5 | e2a7c2229624d5b912617778c52d6a08
NetAware 1.20 Add Block / Share Name Denial Of Service
Posted May 23, 2019
Authored by Alejandra Sanchez

NetAware version 1.20 Share Name and Add Block denial of service proof of concept exploits.

tags | exploit, denial of service, proof of concept
MD5 | a38547dd80a67a5d5a0b40a2186404d3
WordPress Tigin 1.0.5 Open Redirection
Posted May 23, 2019
Authored by KingSkrupellos

WordPress Tigin theme version 1.0.5 suffers from an open redirection vulnerability.

tags | exploit
MD5 | 0fec1a909100ac7db30532316b491f05
WordPress Xunjin 4.6 Open Redirection
Posted May 23, 2019
Authored by KingSkrupellos

WordPress Xunjin theme version 4.6 suffers from an open redirection vulnerability.

tags | exploit
MD5 | e45743269242f64043bc0c9a8fa8c2b4
WordPress Divi-Child 1.0 Open Redirection
Posted May 23, 2019
Authored by KingSkrupellos

WordPress Divi-Child theme version 1.0 suffers from an open redirection vulnerability.

tags | exploit
MD5 | 9a984ef85d6284ff498080d2c37f6099
WordPress Howsci 1.8 Open Redirection
Posted May 23, 2019
Authored by KingSkrupellos

WordPress Howsci theme version 1.8 suffers from an open redirection vulnerability.

tags | exploit
MD5 | 89ca9eeada2e95e2e61bc601d84407b0
WordPress Antena_Ri Institute 2.0 Open Redirection
Posted May 23, 2019
Authored by KingSkrupellos

WordPress Antena_Ri Institute theme version 2.0 suffers from an open redirection vulnerability.

tags | exploit
MD5 | 561e2e314ba4ff379bfa92174e10714c
Page 1 of 2
Back12Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    14 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close