exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2020-08-06

Docker Privileged Container Escape
Posted Aug 6, 2020
Authored by stealthcopter | Site metasploit.com

This Metasploit module escapes from a privileged Docker container and obtains root on the host machine by abusing the Linux cgroup notification on release feature. This exploit should work against any container started with the following flags: --cap-add=SYS_ADMIN, --privileged.

tags | exploit, root
systems | linux
SHA-256 | 96e3dd9d2191efa268a444e84e7547c50e9a4480e50aec7c0ffb4d80ebaaaf32
Ubuntu Security Notice USN-4451-2
Posted Aug 6, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4451-2 - USN-4451-1 fixed a vulnerability in ppp. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Thomas Chauchefoin discovered that ppp incorrectly handled module loading. A local attacker could use this issue to load arbitrary kernel modules and possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-15704
SHA-256 | c68ad231253f0d6c22503e9592ba3197a3976dd3f7f4c996e8cfd1b3669e37e1
Red Hat Security Advisory 2020-3358-01
Posted Aug 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3358-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include bypass, code execution, and cross site scripting vulnerabilities.

tags | advisory, web, vulnerability, code execution, xss, ruby
systems | linux, redhat
advisories | CVE-2020-10777, CVE-2020-10778, CVE-2020-10779, CVE-2020-10780, CVE-2020-10783, CVE-2020-14296, CVE-2020-14324, CVE-2020-14325
SHA-256 | a138441bfdebc4ca9e9ff48d83058e48eaa636fac11e78743531b2cd4814d228
Red Hat Security Advisory 2020-3345-01
Posted Aug 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3345-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.11.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15652, CVE-2020-15659, CVE-2020-6463, CVE-2020-6514
SHA-256 | 81193d17955367f8adc55c9e4a5330e7aacbcfe024ed79330a458d165e75e5d3
Red Hat Security Advisory 2020-3344-01
Posted Aug 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3344-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.11.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15652, CVE-2020-15659, CVE-2020-6463, CVE-2020-6514
SHA-256 | fbced59d2f9e50a187ea2fea05f12398c3f936c15e0db2fc68d6f0d3f7f283d8
Red Hat Security Advisory 2020-3341-01
Posted Aug 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3341-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.11.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15652, CVE-2020-15659, CVE-2020-6463, CVE-2020-6514
SHA-256 | fe1e49003f2f42fbf27b61e1703e459cdfbd024352a1b5dccdcc5e0e9f10e4e6
Red Hat Security Advisory 2020-3342-01
Posted Aug 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3342-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.11.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15652, CVE-2020-15659, CVE-2020-6463, CVE-2020-6514
SHA-256 | e251492539cf309bf34a80476f7a9cfa04a8950e1412ce990ded842b70af1ee1
Red Hat Security Advisory 2020-3343-01
Posted Aug 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3343-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.11.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15652, CVE-2020-15659, CVE-2020-6463, CVE-2020-6514
SHA-256 | 642cd8a07b7b8576ba0df54a6ce07b8576d90d87bbf8122b5b9b0f10b5c25a14
Ubuntu Security Notice USN-4453-1
Posted Aug 6, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4453-1 - Johannes Kuhn discovered that OpenJDK 8 incorrectly handled access control contexts. An attacker could possibly use this issue to execute arbitrary code. Philippe Arteau discovered that OpenJDK 8 incorrectly verified names in TLS server's X.509 certificates. An attacker could possibly use this issue to obtain sensitive information. It was discovered that OpenJDK 8 incorrectly handled exceptions in DerInputStream class and in the DerValue.equals method. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-14556, CVE-2020-14577, CVE-2020-14581, CVE-2020-14583, CVE-2020-14593, CVE-2020-14621
SHA-256 | ec93115e6269588e2af11c449ad74eaae8e44ffea226a1cbea8c285a75e6ed9b
Victor CMS 1.0 SQL Injection
Posted Aug 6, 2020
Authored by Edo Maland

Victor CMS version 1.0 suffers from a search remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to BKpatron.

tags | exploit, remote, sql injection
SHA-256 | bad3758ecc0d87876838d3196bf4d8b6a336133490c00facac4125704570d9fe
Online Shopping Alphaware 1.0 Unauthorized Administrative Access
Posted Aug 6, 2020
Authored by Edo Maland

Online Shopping Alphaware version 1.0 suffers from an unauthorized administrative functionality access vulnerability.

tags | exploit, bypass
SHA-256 | af86f3f2c3fc65a797a7322c542028b83b7c440ae34c67c40b6fb9d42a4d9386
Online Shopping Alphaware 1.0 Arbitrary File Upload
Posted Aug 6, 2020
Authored by Edo Maland

Online Shopping Alphaware version 1.0 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
SHA-256 | 1c73f02370cfc464f48e9e0329d3295cf79cee55b8d21245f13bb4fa92008374
Online Shopping Alphaware 1.0 Cross Site Request Forgery
Posted Aug 6, 2020
Authored by Edo Maland

Online Shopping Alphaware version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 10eaf91c2386843e5718ae708a9128ff7150df99808d437a21dbbd1290208453
Daily Expenses Management System 1.0 SQL Injection
Posted Aug 6, 2020
Authored by Edo Maland

Daily Expenses Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Daniel Ortiz.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 57f241880941f9858b0121795dde9cd336d5411327d71648cab34454c4d2acb2
Daily Expenses Management System 1.0 Cross SIte Request Forgery
Posted Aug 6, 2020
Authored by Edo Maland

Daily Expenses Management System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 859ad6f8002c2e443b458c79c1ead85e85f81ee2ee685da7d4307bcaeed0a865
Daily Expenses Management System 1.0 Cross Site Scripting
Posted Aug 6, 2020
Authored by Edo Maland

Daily Expenses Management System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | d12f856358ece8af5af610c09d4fcccb1a90301f90a9ff55a63f3ad25f12e611
Curfew e-Pass Management System 1.0 SQL Injection
Posted Aug 6, 2020
Authored by Mucahit Karadag

Curfew e-Pass Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to gh1mau.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 02ec0bb1649cf997b05a017aed698bf8edd9fdefbef3abbf9e50334a94facc84
QlikView 12.50.20000.0 Denial Of Service
Posted Aug 6, 2020
Authored by Luis Martinez

QlikView version 12.50.20000.0 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | a3edf93aa60b6c2ce473219431da1889d9f1184493ec40266be41e2f59e5ccb4
ACTi NVR3 Standard / Professional Server 3.0.12.42 Denial Of Service
Posted Aug 6, 2020
Authored by MegaMagnus

ACTi NVR3 Standard or Professional Server version 3.0.12.42 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
advisories | CVE-2020-15956
SHA-256 | 6a57437ddc52274c73f9a7b375791a9ad27fea5817745334f53c8d0c73a32876
Debian Security Advisory 4742-1
Posted Aug 6, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4742-1 - Tim Starling discovered two vulnerabilities in firejail, a sandbox program to restrict the running environment of untrusted applications.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2020-17367, CVE-2020-17368
SHA-256 | 6a4df3c7ad1367dcd699c32aacb749682658d724271d0b74dde2c46776b6fd35
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close