sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
b0f25a4ba27787ab55cc939969bcc7ddbe550558759859424be478e6363f8bc3This Metasploit module exploits the trusted $PATH environment variable of the SUID binary omniresolve in Micro Focus (HPE) Data Protector versions A.10.40 and below. The omniresolve executable calls the oracleasm binary using a relative path and the trusted environment $PATH, which allows an attacker to execute a custom binary with root privileges.
197967db244e27202009402db1e1d26c3d47f8f13b8233e38059fe7d6f165aa2This archive contains all of the 170 exploits added to Packet Storm in October, 2019.
bd2d581d813158abc225eacce35210eeee1d84351b3fabaa41a98d371247ca63eIDAS-Node versions 2.3 and below suffer from an authentication bypass vulnerability.
abcaa58e91fe819fa9249825cfac8238f70910ce571dbd8fc6495d4a244f7d5eRed Hat Security Advisory 2019-3300-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue was addressed.
beb6b1d77b9bcf9f9ef10db39d78327f2328e4335e115b82bd7b15c5a0f34690Red Hat Security Advisory 2019-3299-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and information leakage vulnerabilities.
3e6fa23a90586dc864b7d2f66f36956feb884ebbfb6236d5061b8a831b9c3da8Apple Security Advisory 2019-10-29-3 - tvOS 13.2 is now available and addresses code execution and cross site scripting vulnerabilities.
4ef41a125e1134fb25e4d7d053ab82f1f36fdf8861accabc9ef3de58ca6e99b8Apple Security Advisory 2019-10-29-11 - iOS 13.1 and iPadOS 13.1 address code execution and resource exhaustion vulnerabilities.
8fd4fdc818768a649f35b14f2540f768dff70a791a7006991a6b15ab8d2f96b0Apple Security Advisory 2019-10-29-2 - macOS Catalina 10.15.1, Security Update 2019-001 Mojave, Security Update 2019-006 High Sierra are now available and address code execution and denial of service vulnerabilities.
1208bac9afc5843ce93d2e878004b47aa3d3a9a09b26b4b5827df695939c9784Apple Security Advisory 2019-10-29-10 - macOS Catalina 10.15 addresses buffer overflow, code execution, cross site scripting, denial of service, and resource exhaustion vulnerabilities.
b0db0d9f5babe0cc674768cef3438e5d2b4245d2a6fff643d9bfbb8d2906aa43Apple Security Advisory 2019-10-29-4 - watchOS 6.1 is now available and addresses code execution and cross site scripting vulnerabilities.
ef63226321dc9e8f027cd7bf05ea7f965bf6738f5849630e48e69298553a9aa2Apple Security Advisory 2019-10-29-8 - watchOS 6 addresses buffer overflow, code execution, cross site scripting, and denial of service vulnerabilities.
7546a27908a8b42cbb95ce794c075aca5e06ecd44858b288feef11c6f6001d4dApache Solr version 8.2.0 suffers from a remote code execution vulnerability.
6f9edda45d2543706780fab6083082539dc4760c48770c2975cc9bd5be303aadApple Security Advisory 2019-10-29-6 - iOS 13 addresses buffer overflow, code execution, cross site scripting, and denial of service vulnerabilities.
6bc6241d865e8182e203727089125bb1dadf31d53fe940fed6f99aeed26e66c1Apple Security Advisory 2019-10-29-9 - tvOS 13 addresses buffer overflow, code execution, cross site scripting, and denial of service vulnerabilities.
a82bed00db21ac94cf46aa1e5f3703cdebb693121e81f9bcc1cf9eef11ddf80bownCloud version 10.3.0 Stable suffers from a cross site request forgery vulnerability.
c22b2a37ba5d1cb6b5858d7411c84b3b052ad0aa8deb6f83ddf846ab7d9d2e99Apple Security Advisory 2019-10-29-5 - Safari 13.0.3 is now available and addresses code execution and cross site scripting vulnerabilities.
bc0c148d8672e38ab1fc185a7b3fc770e79798c8ac7073107e046726603b9e16Apple Security Advisory 2019-10-29-1 - iOS 13.2 and iPadOS 13.2 are now available and address code execution and cross site scripting vulnerabilities.
ec225e25bb93744161a0d71146f8879d61334a1c21a94c2d57c5c5660aff43a4Apple Security Advisory 2019-10-29-7 - Safari 13 addresses code execution and cross site scripting vulnerabilities.
03a2dfda164ab288722395efc4dacce0fb3068d01626f72fbff5275d82e59f8eOpenVPN Private Tunnel version 2.8.4 suffers from an ovpnagent unquoted service path vulnerability.
601b759e7aa7665e1861a3a3970a92ae3c6a1cd2db186097845882044c1600b9TheJshen contentManagementSystem version 1.04 suffers from a remote SQL injection vulnerability.
5270c61b1e0a21aaca05ae6bb267b3f5283614c2720994b35695c1a5dc55f4aeRed Hat Security Advisory 2019-3297-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.5.0 serves as an update to Red Hat Process Automation Manager 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and deserialization vulnerabilities.
482b49e13a101d713d5e44514944c4d9887eff8dd52e0581070afd49e0b6efafRed Hat Security Advisory 2019-3286-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue was addressed.
7304dc47b76c864680b043fc336ccda597671bf04477f555432ebebabf62b6e2Red Hat Security Advisory 2019-3287-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue was addressed.
f2c619fb3e7bb7d49ee0cc9dabfe17e54252f5e593fd2fe152d53a87081f5b36Red Hat Security Advisory 2019-3292-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.5.0 serves as an update to Red Hat Decision Manager 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and deserialization vulnerabilities.
e0caaf13aa781312edf2cfad999a61a2c76e5c4a9bf9bdd4050235eda030f6f1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed