exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2019-07-15

Ubuntu Security Notice USN-4057-1
Posted Jul 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4057-1 - Mike Salvatore discovered that Zipios mishandled certain malformed ZIP files. An attacker could use this vulnerability to cause a denial of service or consume system resources.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-13453
SHA-256 | 70b208b9719bfbf5019cc1c5d3a3077e5f7f19c66e76de4b1f51bed7d3502bfc
Slackware Security Advisory - bzip2 Updates
Posted Jul 15, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bzip2 packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-3189, CVE-2019-12900
SHA-256 | 00866bf2e5233b7f677d14e90626aa037c9e605450c8c334a00f345e5e7dcabb
Ubuntu Security Notice USN-4056-1
Posted Jul 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4056-1 - It was discovered that Exiv2 incorrectly handled certain PSD files. An attacker could possibly use this issue to cause a denial of service. It was discovered that Exiv2 incorrectly handled certain PNG files. An attacker could possibly use this issue to cause a denial of service. It was discovered that Exiv2 incorrectly handled certain CRW files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-19107, CVE-2019-13112, CVE-2019-13114
SHA-256 | 0efef37b8542ae46f5e1d82b6156d3993f73e9337a7913db88a6969a5cee8653
AppXSvc Hard Link Privilege Escalation
Posted Jul 15, 2019
Authored by James Forshaw, Nabeel Ahmed, Shelby Pace | Site metasploit.com

There exists a privilege escalation vulnerability for Windows 10 builds prior to build 17763. Due to the AppXSvc's improper handling of hard links, a user can gain full privileges over a SYSTEM-owned file. The user can then utilize the new file to execute code as SYSTEM. This Metasploit module employs a technique using the Diagnostics Hub Standard Collector Service (DiagHub) which was discovered by James Forshaw to load and execute a DLL as SYSTEM.

tags | exploit
systems | windows
advisories | CVE-2019-0841
SHA-256 | 768fb56de1ec7de8dd28e560c3995953fbeca7925352b92e82d879e144ae0251
PHP Laravel Framework Token Unserialize Remote Command Execution
Posted Jul 15, 2019
Authored by aushack, Stale Pettersen | Site metasploit.com

This Metasploit module exploits a vulnerability in the PHP Laravel Framework for versions 5.5.40, 5.6.x up to 5.6.29. Remote command execution is possible via a correctly formatted HTTP X-XSRF-TOKEN header, due to an insecure unserialize call of the decrypt method in Illuminate/Encryption/Encrypter.php. Authentication is not required, however exploitation requires knowledge of the Laravel APP_KEY. Similar vulnerabilities appear to exist within Laravel cookie tokens based on the code fix. In some cases the APP_KEY is leaked which allows for discovery and exploitation.

tags | exploit, remote, web, php, vulnerability
advisories | CVE-2017-16894, CVE-2018-15133
SHA-256 | 89a708ff133e6615ee3040a41d60178a5e2e6c21344ec723424eb420b1cc5b8c
Debian Security Advisory 4482-1
Posted Jul 15, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4482-1 - Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing, information disclosure, denial of service or cross-site request forgery.

tags | advisory, denial of service, arbitrary, spoof, xss, info disclosure, csrf
systems | linux, debian
advisories | CVE-2019-11709, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11715, CVE-2019-11717, CVE-2019-11730, CVE-2019-9811
SHA-256 | 69c08ed8e390352134d4e82107d271ecf374e44e67e179253d8ed85a27bb2c5c
Microsoft Windows HTTP To SMB NTLM Reflection Privilege Escalation
Posted Jul 15, 2019
Authored by Google Security Research, Glazvunov

Microsoft Windows suffers from an HTTP to SMB NTLM reflection that leads to a privilege escalation.

tags | exploit, web
systems | windows
advisories | CVE-2019-1019
SHA-256 | 9c438d49a171f163f1fef4b8312a6ae876fbc9dbe34a835fb20edf950b89e9d0
Citrix SD-WAN Appliance 10.2.2 Authentication Bypass / Remote Command Execution
Posted Jul 15, 2019
Authored by Chris Lyne

Citrix SD-WAN Appliance version 10.2.2 suffers from authentication bypass and remote command execution vulnerabilities.

tags | exploit, remote, vulnerability, bypass
advisories | CVE-2019-12989, CVE-2019-12991
SHA-256 | 35d49241776f0e93fd18d36ff74eb03319d7260a004bea11c110838e3f48883e
Red Hat Security Advisory 2019-1777-01
Posted Jul 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1777-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.8.0. Issues addressed include cross site scripting and use-after-free vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11709, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11715, CVE-2019-11717, CVE-2019-11730, CVE-2019-9811
SHA-256 | ded784e6b90862954f145c1efb4dfc722d729e15ce361cac0bf44b2f60382523
Ubuntu Security Notice USN-4055-1
Posted Jul 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4055-1 - Mike Salvatore discovered that FlightCrew improperly handled certain malformed EPUB files. An attacker could potentially use this vulnerability to cause a denial of service. Mike Salvatore discovered that FlightCrew mishandled certain malformed EPUB files. An attacker could use this vulnerability to write arbitrary files to the filesystem. Mike Salvatore discovered that the version of Zipios included in FlightCrew mishandled certain malformed ZIP files. An attacker could use this vulnerability to cause a denial of service or consume system resources. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-13032, CVE-2019-13241, CVE-2019-13453
SHA-256 | 60b71eb50ad6279e40181df1c81e37ae054f0b1496e9e2137ca762d3b2d7e44b
Streamripper 2.6 Buffer Overflow
Posted Jul 15, 2019
Authored by Andrey Stoykov

Streamripper version 2.6 Song Pattern buffer overflow exploit.

tags | exploit, overflow
SHA-256 | ef83fc76efb2de2e63f756763b24c71a9ec0d5274e3cb615c01c2164e72a8401
Red Hat Security Advisory 2019-1774-01
Posted Jul 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1774-01 - Vim is an updated and improved version of the vi editor. An arbitrary command execution vulnerability has been addressed.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2019-12735
SHA-256 | 6bff7b2b95c046972259678d6145ee78c4a7d1b21f8edfec36eb6b3a435531af
Netgear WiFi Router JWNR2010v5 / R6080 Authentication Bypass
Posted Jul 15, 2019
Authored by Wadeek

Netgear WiFi router versions JWNR2010v5 and R6080 suffer from authentication bypass vulnerabilities.

tags | exploit, vulnerability, bypass
SHA-256 | 034ed9038532a99e6b030d733d008140314fd60b1ed467dfb1ef4e92b0fb1609
Red Hat Security Advisory 2019-1775-01
Posted Jul 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1775-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.8.0. Issues addressed include cross site scripting and use-after-free vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11709, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11715, CVE-2019-11717, CVE-2019-11730, CVE-2019-9811
SHA-256 | 1e7c25d77690089f3f49e76d127be073424e1d90116b742f6b339c94ab914f46
Red Hat Security Advisory 2019-1771-01
Posted Jul 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1771-01 - The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, imap
systems | linux, redhat
advisories | CVE-2019-11356
SHA-256 | e87998711b3290fed1dc7b6c512e4c0700288e9f62ee6edb793843b8447f2f99
Android VideoPlayer ihevcd_parse_pps Out-Of-Bounds Write
Posted Jul 15, 2019
Authored by Marcin Kozlowski

VideoPlayer on Android versions 7 through 9 suffer from an ihevcd_parse_pps out-of-bounds write vulnerability.

tags | exploit
advisories | CVE-2019-2107
SHA-256 | 641316a0c31ea9598297b3208706dd4ecbdd3747d0c8cf2d223873bb200df9dd
Microsoft Windows RDP BlueKeep Denial Of Service
Posted Jul 15, 2019
Authored by Ramella Sebastien

Microsoft Windows Remote Desktop BlueKeep denial of service exploit.

tags | exploit, remote, denial of service
systems | windows
advisories | CVE-2019-0708
SHA-256 | fd14625fe2ae16af44ddb6f7a27ab38b1fdc86ac051a831939a1eb569a859ea5
FlightPath Local File Inclusion
Posted Jul 15, 2019
Authored by Mohammed Althibyani

FlightPath versions prior to 4.8.2 and 5.0-rc2 suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2019-13396
SHA-256 | 07738ede136a142d28fdc06fa42ca4d54570a90969c3620af9f5b970d8f9a4b7
PCMan FTP Server 2 ALLO Buffer Overflow
Posted Jul 15, 2019
Authored by Nassim Asrir

PCMan FTP Server 2 ALLO remote buffer overflow exploit.

tags | exploit, remote, overflow
SHA-256 | fbcd68a7373c40b1b827eaa08871e787dbfd381398eaa3428cf4c71ecb575677
Cisco Small Business Switch Information Leakage / Open Redirect
Posted Jul 15, 2019
Authored by Ramikan

Cisco Small Business switches versions 200, 300, and 500 suffer from information leakage and open redirection vulnerabilities.

tags | exploit, vulnerability, info disclosure
systems | cisco
advisories | CVE-2019-1943
SHA-256 | 2bb0ac94980c464d3bdf481b45f48e9917e275cf0b9cfd65dffcfed0b11c7913
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close