exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 369 RSS Feed

Files Date: 2020-10-01 to 2020-10-31

Wireshark Analyzer 3.4.0
Posted Oct 30, 2020
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: The Protobuf fields defined as google.protobuf.Timestamp type of Protobuf standard library can now be dissected as Wireshark fields of absolute time type. The Windows installers now ship with Npcap 1.00. The Windows installers now ship with Qt 5.15.1. Various other updates.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 67e4ebbd9153fc589fd67dc21b93176674c73adc3d5a43934c3ac69d8594a8ae
Microsoft Windows Kernel cng.sys Buffer Overflow
Posted Oct 30, 2020
Authored by Mateusz Jurczyk, Google Security Research, hawkes

The Microsoft Windows Kernel Cryptography Driver (cng.sys) exposes a \Device\CNG device to user-mode programs and supports a variety of IOCTLs with non-trivial input structures. It constitutes a locally accessible attack surface that can be exploited for privilege escalation (such as sandbox escape).

tags | exploit, kernel
systems | windows
advisories | CVE-2020-17087
SHA-256 | dcd9bb74f157ccd45992a6aeffd77f590ad19684a1b4e9e165f72d39d919d700
Simple College Website 1.0 Code Execution / SQL Injection
Posted Oct 30, 2020
Authored by yunaranyancat

Simple College Website version 1.0 suffers from code execution and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, code execution, sql injection
SHA-256 | e376096cc757722a9a9b5bcf16b207b9a9f8c5a06614c2fffac7d004d52259f8
Wondershare Dr.Fone 3.0.0 Unquoted Service Path
Posted Oct 30, 2020
Authored by Andrea Intilangelo

Wondershare Dr.Fone version 3.0.0 suffers from an unquoted service path vulnerability.

tags | exploit
systems | windows
advisories | CVE-2020-27992
SHA-256 | 26d7040b3fa2dbb8ced8f3b58bfb1ce674ab78449709550e871465d9e6e67d4f
Citadel WebCit Session Hijacking
Posted Oct 30, 2020
Authored by Simone Quatrini

Citadel WebCit versions prior to 926 suffer from a session hijacking vulnerability.

tags | exploit
SHA-256 | 98e86cf86cfca145e13b74edda9a1fa5f16f57a911984a2cb0932be7f86782f8
Agent Tesla Botnet Cross Site Scripting
Posted Oct 30, 2020
Authored by n4pst3r

Agent Tesla Botnet suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c170c4d163099300f40d75af8844855f539b42a13b5df9177ea5e5f8d09782f0
DedeCMS 5.8 Cross Site Scripting
Posted Oct 30, 2020
Authored by Noth

DedeCMS version 5.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-27533
SHA-256 | e9495aef3d8a7055dd27be701c095038e70287427e269abcd76a29e03771c740
CSE Bookstore 1.0 Cross Site Scripting
Posted Oct 30, 2020
Authored by Vyshnav NK

CSE Bookstore version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 43b48eac38ffbd3edb385a455b2a2eb549a7ebfca5a7d897033f98bd7f828bf3
Ubuntu Security Notice USN-4610-1
Posted Oct 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4610-1 - It was discovered that fastd did not properly handle receive buffers under certain circumstances. A remote attacker could possibly use this issue to cause a memory leak, resulting in a denial of service.

tags | advisory, remote, denial of service, memory leak
systems | linux, ubuntu
advisories | CVE-2020-27638
SHA-256 | 7225f406912029ab5850aa49817a45def40c82882cd9a1c3d4b2da243bdd102c
Oracle WebLogic Server Remote Code Execution
Posted Oct 29, 2020
Authored by Nguyen Jang

Oracle WebLogic Server versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0 remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2020-14882
SHA-256 | 269998241a3473e130c36a33e8a41a91634ae92b38578c7c0fcfcf81171abc62
Microsoft Edge Information Disclosure / Remote Code Execution
Posted Oct 29, 2020
Authored by Ofir Moskovitch

Microsoft Edge suffers from information disclosure and remote code execution vulnerabilities. Affected builds include 85.0.564.83, 85.0.564.86, 85.0.564.70, 86.0.622.38, 86.0.622.43, 86.0.622.48, 86.0.622.51, and 86.0.622.56.

tags | advisory, remote, vulnerability, code execution, info disclosure
SHA-256 | bb8cd2e39b9bd27d75181a59ceee00e3eec255d78eb18356de802e4d80798460
Red Hat Security Advisory 2020-4401-01
Posted Oct 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4401-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8. Issues addressed include an XML injection vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2020-25649
SHA-256 | b7a02e45e46a228bef4652e4bb70313bcdbe4a054740dfa641d3a40949ec80f3
Genexis Platinum-4410 P4410-V2-1.28 Cross Site Request Forgery
Posted Oct 29, 2020
Authored by Mohammed Farhan

Genexis Platinum-4410 version P4410-V2-1.28 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | cd3794a1c45a5196d326376b26aa0d62abf73663d405a3b352ac105735b4a929
Lot Reservation Management System 1.0 Cross Site Scripting
Posted Oct 29, 2020
Authored by Ankita Pal

Lot Reservation Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8fb8b5d6d2181fe1523827a17f4627a5c49aa055796b0e3e5ab5f3bc01aa3b1a
Lot Reservation Management System 1.0 SQL Injection
Posted Oct 29, 2020
Authored by Ankita Pal

Lot Reservation Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 82d342e2bf7eda1f9e1546ed794e9b91d12e1025ccb9a63ba9876f781aa39c9e
Icewarp WebMail 11.4.5.0 Cross Site Scripting
Posted Oct 29, 2020
Authored by Harun Karakis

Icewarp WebMail version 11.4.5.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-27982
SHA-256 | bd4b225bf09ba2d23836eae6d0eef301010ef1a0c956eef8b47d2a92c566bc58
Ubuntu Security Notice USN-4609-1
Posted Oct 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4609-1 - Fabian Henneke discovered that GOsa incorrectly handled client cookies. An authenticated user could exploit this with a crafted cookie to perform file deletions in the context of the user account that runs the web server. It was discovered that GOsa incorrectly handled user access control. A remote attacker could use this issue to log into any account with a username containing the word "success". Various other issues were also addressed.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2018-1000528, CVE-2019-11187, CVE-2019-14466
SHA-256 | daa46d595ce73c679a0617cf76033ccd2ccb549456af6f754422eaa95cc0f686
Mailman 2.1.23 Cross Site Scripting
Posted Oct 29, 2020
Authored by Valerio Alessandroni

Mailman versions 1.x up through 2.1.23 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-5950
SHA-256 | 3acd354767ea65719c08384106b042f59668c91d3587059546459b8bc4c33aa3
Point Of Sales 1.0 Cross Site Scripting
Posted Oct 29, 2020
Authored by Ankita Pal

Point of Sales version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b1abcd5d7eb0894c7563e29ca9a278b410be32cd7afa181ae98954a8747fbcb7
Red Hat Security Advisory 2020-4402-01
Posted Oct 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4402-01 - Red Hat JBoss Enterprise Application Platform 7.3 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3. Issues addressed include an XML injection vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2020-25649
SHA-256 | f8f28f5ec717284a1b7ad5d39c088e87cc54b36b3b01f6f0b0e3b6a38a22f0aa
Online Examination System 1.0 Cross Site Scripting
Posted Oct 29, 2020
Authored by Nikhil Kumar

Online Examination System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | abf23d72c2354792e43130404aef9ac045c0c9a640bd817b3ac572f49386bb3c
Red Hat Security Advisory 2020-4390-01
Posted Oct 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4390-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Issues addressed include denial of service, memory exhaustion, and remote SQL injection vulnerabilities.

tags | advisory, remote, web, denial of service, vulnerability, sql injection, python
systems | linux, redhat
advisories | CVE-2019-12781, CVE-2019-14232, CVE-2019-14233, CVE-2019-14234, CVE-2019-14235
SHA-256 | 4cebf7d44e31c240a760ae6facd694e9856c3d52ac9e2b2f51d8b4f4f0e24ad7
Red Hat Security Advisory 2020-4391-01
Posted Oct 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4391-01 - OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fiber Channel, iSCSI, and NFS mounts attached to Compute nodes.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2020-10755
SHA-256 | fa5591d87819bf308f377e7976839eb0308369434f2c875830e243f4ee5ae53d
Ubuntu Security Notice USN-4552-3
Posted Oct 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4552-3 - USN-4552-1 and USN-4552-2 fixed a vulnerability in Pam-python. The update introduced a regression which prevented PAM modules written in Python from importing python modules from site-specific directories. Malte Kraus discovered that Pam-python mishandled certain environment variables. A local attacker could potentially use this vulnerability to execute programs as root. Various other issues were also addressed.

tags | advisory, local, root, python
systems | linux, ubuntu
advisories | CVE-2019-16729
SHA-256 | 51483cd9b602df9bae06a2d916daa0499320d343ef1be1b1afd3b143c509400a
Debian Security Advisory 4769-1
Posted Oct 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4769-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, guest-to-host privilege escalation or information leaks.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2020-25595, CVE-2020-25596, CVE-2020-25597, CVE-2020-25599, CVE-2020-25600, CVE-2020-25601, CVE-2020-25602, CVE-2020-25603, CVE-2020-25604
SHA-256 | e6c5001c6e839fbf6f78b7b8d62d2d143bd2b61990509f9e7883301ff985de3e
Page 1 of 15
Back12345Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    32 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close