sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
7bd7f6e25fa407c482356769f7f7ba0eThis Metasploit module exploits the trusted $PATH environment variable of the SUID binary omniresolve in Micro Focus (HPE) Data Protector versions A.10.40 and below. The omniresolve executable calls the oracleasm binary using a relative path and the trusted environment $PATH, which allows an attacker to execute a custom binary with root privileges.
176176eb167f93f37396bef2dc4cc6a0This archive contains all of the 170 exploits added to Packet Storm in October, 2019.
8a340f9c35ddb81632882ccfd2fab1ddeIDAS-Node versions 2.3 and below suffer from an authentication bypass vulnerability.
65072a0c9c2296301838749bb045f471Red Hat Security Advisory 2019-3300-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue was addressed.
ea89ba3e13dae1bcf3172b6046169d59Red Hat Security Advisory 2019-3299-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and information leakage vulnerabilities.
0b3a743000a8d1ce9382590da63feba1Apple Security Advisory 2019-10-29-3 - tvOS 13.2 is now available and addresses code execution and cross site scripting vulnerabilities.
409e1b4bbfece56a931ed6dda5a585f7Apple Security Advisory 2019-10-29-11 - iOS 13.1 and iPadOS 13.1 address code execution and resource exhaustion vulnerabilities.
74560e2ec0a182f44a5fbc3f305fd141Apple Security Advisory 2019-10-29-2 - macOS Catalina 10.15.1, Security Update 2019-001 Mojave, Security Update 2019-006 High Sierra are now available and address code execution and denial of service vulnerabilities.
9a38fdcb0067e1455b3e5e2369b0afe8Apple Security Advisory 2019-10-29-10 - macOS Catalina 10.15 addresses buffer overflow, code execution, cross site scripting, denial of service, and resource exhaustion vulnerabilities.
518f9e92c63508e719b53c82e5f17e67Apple Security Advisory 2019-10-29-4 - watchOS 6.1 is now available and addresses code execution and cross site scripting vulnerabilities.
16d46a9008552ffd5aed03e5b33b7111Apple Security Advisory 2019-10-29-8 - watchOS 6 addresses buffer overflow, code execution, cross site scripting, and denial of service vulnerabilities.
4f3ca39a9410b921b50a3449e7321ce6Apache Solr version 8.2.0 suffers from a remote code execution vulnerability.
178538737f29c3953d6ee25a8ede0bc9Apple Security Advisory 2019-10-29-6 - iOS 13 addresses buffer overflow, code execution, cross site scripting, and denial of service vulnerabilities.
31217f2b59e711140acc94a36bdcfddcApple Security Advisory 2019-10-29-9 - tvOS 13 addresses buffer overflow, code execution, cross site scripting, and denial of service vulnerabilities.
4c976214a058b43168361e333355b8c1ownCloud version 10.3.0 Stable suffers from a cross site request forgery vulnerability.
c50590357ac359cdf9a8476bb5f7da9dApple Security Advisory 2019-10-29-5 - Safari 13.0.3 is now available and addresses code execution and cross site scripting vulnerabilities.
f49545b2ea44a8e739b76d721d1b536dApple Security Advisory 2019-10-29-1 - iOS 13.2 and iPadOS 13.2 are now available and address code execution and cross site scripting vulnerabilities.
24f4f16e2436b2a0d8c4428c5320e1aaApple Security Advisory 2019-10-29-7 - Safari 13 addresses code execution and cross site scripting vulnerabilities.
b8a854411133161eda404295b80e58bcOpenVPN Private Tunnel version 2.8.4 suffers from an ovpnagent unquoted service path vulnerability.
04a62ff89d68a0968bef289b5a954cecTheJshen contentManagementSystem version 1.04 suffers from a remote SQL injection vulnerability.
c3d5cc605298db70d11011d59c71fed3Red Hat Security Advisory 2019-3297-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.5.0 serves as an update to Red Hat Process Automation Manager 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and deserialization vulnerabilities.
8e812f0abc4be96b7e0d7b38b692675eRed Hat Security Advisory 2019-3286-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue was addressed.
a411df94a49b4d272eceff9bbc0ef65dRed Hat Security Advisory 2019-3287-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue was addressed.
6d6ec7c1a7537484209f9de4cb88fce8Red Hat Security Advisory 2019-3292-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.5.0 serves as an update to Red Hat Decision Manager 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and deserialization vulnerabilities.
8f6485ac2a3393fff6ebeea06cf75376
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed