exploit the possibilities
Showing 1 - 24 of 24 RSS Feed

Files Date: 2019-07-29

Redis Unauthenticated Code Execution
Posted Jul 29, 2019
Authored by Green-m | Site metasploit.com

This Metasploit module can be used to leverage the extension functionality added by Redis 4.x and 5.x to execute arbitrary code. To transmit the given extension it makes use of the feature of Redis which called replication between master and slave.

tags | exploit, arbitrary
MD5 | 03fcdfcc132d84c1c12ef813ee857cb1
WordPress Simple Membership 3.8.4 Cross Site Request Forgery
Posted Jul 29, 2019
Authored by rubyman

WordPress Simple Membership plugin version 3.8.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2019-14328
MD5 | eed176e4223e7d40e2546897deb1da64
Kernel Live Patch Security Notice LSN-0053-1
Posted Jul 29, 2019
Authored by Benjamin M. Romer

Vasiliy Kulikov discovered that the Bluetooth stack did not correctly check that device name strings were NULL terminated. A local attacker could exploit this to crash the system, leading to a denial of service, or leak contents of kernel stack memory, leading to a loss of privacy. It was discovered that the Linux kernel on ARM processors allowed a tracing process to modify a syscall after a seccomp decision had been made on that syscall. A local attacker could possibly use this to bypass seccomp restrictions. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2011-1079, CVE-2011-11833, CVE-2011-11884, CVE-2019-11815, CVE-2019-2054
MD5 | 5d39e34bd8b180177429a30ccd754900
Ubuntu Security Notice USN-4077-1
Posted Jul 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4077-1 - It was discovered that tmpreaper incorrectly handled certain mount operations. A local attacker could possibly use this issue to create arbitrary files, leading to privilege escalation.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-3461
MD5 | bba08e3c5c697f212e524ad414322f6d
Red Hat Security Advisory 2019-1931-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1931-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A memory corruption issue was addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2017-1000112
MD5 | 174dcb76eceb59b25a17e6a7bf2641ec
Red Hat Security Advisory 2019-1932-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1932-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A memory corruption issue was addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2017-1000112
MD5 | c04efd6211b00c50248c9a94a2fd4955
NSKeyedUnarchiver ObjC Object Use-After-Free
Posted Jul 29, 2019
Authored by saelo, Google Security Research

NSKeyedUnarchiver suffers from a use-after-free vulnerability with ObjC objects when unarchiving OITSUIntDictionary instances even if secureCoding is required.

tags | exploit
advisories | CVE-2019-8662
MD5 | 70ef6bfcfed7ece0d7495dba139227e2
Red Hat Security Advisory 2019-1930-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1930-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 75.0.3770.142. Crash and information disclosure vulnerabilities were addressed.

tags | advisory, web, vulnerability, info disclosure
systems | linux, redhat
advisories | CVE-2019-5847, CVE-2019-5848
MD5 | 17f1af72da55659d81f0b6a3003611ac
GigToDo 1.3 Cross Site Scripting
Posted Jul 29, 2019
Authored by m0ze

GigToDo versions 1.3 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3a6a535984f7271af1b14f3229ecb83b
Red Hat Security Advisory 2019-1907-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1907-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. An issue was address where an improper symlink resolution allows access to host files when executing podman cp on running containers.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10152
MD5 | 06631cb76ecc865ef15ffc8481064ca7
Red Hat Security Advisory 2019-1910-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1910-01 - Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-15664
MD5 | 38ab2c83b964d4f348bc70e4af76c8c4
WordPress Real Estate Theme 2.8.9 Cross Site Scripting
Posted Jul 29, 2019
Authored by m0ze

WordPress Real Estate theme version 2.8.9 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 118bd6bd2d2b5e0c800c3f2bb8f7a15a
JSC ValueProfiles JSValue Use-After-Free
Posted Jul 29, 2019
Authored by saelo, Google Security Research

JavaScriptCore suffers from an issue where there's a JSValue use-after-free vulnerability in ValueProfiles.

tags | advisory
advisories | CVE-2019-8672
MD5 | 1ab75d03880956f7d5252f34b059120a
Red Hat Security Advisory 2019-1880-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1880-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. An NTLM password overflow via integer overflow issue was addressed.

tags | advisory, web, overflow, protocol
systems | linux, redhat
advisories | CVE-2018-14618
MD5 | f20180ddc8d7518634c8febc673e0968
Red Hat Security Advisory 2019-1896-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1896-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2019-3883
MD5 | 8156e8ecc9b5fd6623864cc0db45b17f
Red Hat Security Advisory 2019-1881-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1881-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2018-20815
MD5 | 2f5d538b0c939ea13546c716f69695ee
Red Hat Security Advisory 2019-1873-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1873-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-16871, CVE-2018-16884, CVE-2019-11085, CVE-2019-11811
MD5 | 97aac09cd7872fd07f454c1525452154
Red Hat Security Advisory 2019-1883-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1883-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2019-6778
MD5 | 3a0b2e513308e31ff2c3b978bc3c512c
Red Hat Security Advisory 2019-1891-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1891-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-16871, CVE-2018-16884, CVE-2019-11085, CVE-2019-11811
MD5 | 818465e3d669789571a2cbfeee3b8154
Red Hat Security Advisory 2019-1898-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1898-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A weak Digest auth nonce generation in mod_auth_digest was addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2018-1312
MD5 | 58971685f6ba85789ac51569f703e084
JSC DFG LICM Object Property Access Unguarded
Posted Jul 29, 2019
Authored by saelo, Google Security Research

JavaScriptCore DFG loop-invariant code motion (LICM) has an issue where it leaves object property access unguarded.

tags | advisory
advisories | CVE-2019-8671
MD5 | f7edad8829fb8a634c008e209dbf7127
Red Hat Security Advisory 2019-1884-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1884-01 - The libssh2 packages provide a library that implements the SSH2 protocol. An out-of-bounds memory comparison was addressed.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2019-3862
MD5 | 98d86d5dd3776b6f9b209f2c16acc2e9
Ubuntu Security Notice USN-3990-2
Posted Jul 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3990-2 - USN-3990-1 fixed a vulnerability in urllib3. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2019-11236
MD5 | 4dbbf8ceb828139d8b61388063c04e47
Linux/x86 NOT +SHIFT-N+ XOR-N Encoded /bin/sh Shellcode
Posted Jul 29, 2019
Authored by Pedro Cabral

168 bytes small Linux/x86 NOT +SHIFT-N+ XOR-N encoded /bin/sh shellcode.

tags | x86, shellcode
systems | linux
MD5 | 32827fc6af6dccd09e46406ee764bca1
Page 1 of 1
Back1Next

File Archive:

January 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    8 Files
  • 2
    Jan 2nd
    11 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    2 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    18 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    10 Files
  • 10
    Jan 10th
    13 Files
  • 11
    Jan 11th
    2 Files
  • 12
    Jan 12th
    4 Files
  • 13
    Jan 13th
    21 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    12 Files
  • 16
    Jan 16th
    18 Files
  • 17
    Jan 17th
    11 Files
  • 18
    Jan 18th
    3 Files
  • 19
    Jan 19th
    2 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    22 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close