what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-12-23

Gentoo Linux Security Advisory 202012-09
Posted Dec 23, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-9 - Multiple vulnerabilities have been found in Cherokee, the worst of which could result in a Denial of Service condition. Versions less than or equal to 1.2.104-r2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2006-1681, CVE-2019-20798, CVE-2019-20799, CVE-2019-20800, CVE-2020-12845
MD5 | 1e0c65e5e30332a045ae05b315474c26
Microsoft Windows splWOW64 Privilege Escalation
Posted Dec 23, 2020
Authored by Google Security Research, Maddie Stone

CVE-2020-0986, which was exploited in the wild, was not fixed. The vulnerability still exists, just the exploitation method had to change. A low integrity process can send LPC messages to splwow64.exe (Medium integrity) and gain a write-what-where primitive in splwow64’s memory space. The attacker controls the destination, the contents that are copied, and the number of bytes copied through a memcpy call.

tags | exploit
advisories | CVE-2020-0986, CVE-2020-17008
MD5 | 43653a72a19a4fb4ecc7c809b0ae1e68
usrsctp COOKIE-ECHO Use-After-Free
Posted Dec 23, 2020
Authored by Google Security Research, Tim Willis

usrsctp suffers from a use-after-free write when handling a malicious COOKIE-ECHO.

tags | exploit
MD5 | a155eaa93037f6e176e030160ef6c1d6
Asterisk Project Security Advisory - AST-2020-004
Posted Dec 23, 2020
Authored by Kevin Harwell, Mikhail Ivanov | Site asterisk.org

Asterisk Project Security Advisory - A crash can occur in Asterisk when a SIP 181 response is received that has a Diversion header, which contains a tel-uri.

tags | advisory
MD5 | 0b17669792f94478ab39dea3f00ba745
Sales And Inventory System For Grocery Store 1.0 Cross Site Scripting
Posted Dec 23, 2020
Authored by Vijay Sachdeva

Sales and Inventory System for Grocery Store version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | d16452f83710abd82962e968798a298b
Asterisk Project Security Advisory - AST-2020-003
Posted Dec 23, 2020
Authored by Kevin Harwell, Torrey Searle | Site asterisk.org

Asterisk Project Security Advisory - A crash can occur in Asterisk when a SIP message is received that has a History-Info header, which contains a tel-uri. Note, the remote client must be authenticated, or Asterisk must be configured for anonymous calling in order for this problem to manifest.

tags | advisory, remote
MD5 | 867a17b7983791085f3cbf5b7f504239
Object Prototype Pollution Attack
Posted Dec 23, 2020
Authored by SunCSR

Whitepaper called Object Prototype Pollution Attack.

tags | paper
MD5 | 47102dc9d96a280fceb29bd1300d2a6a
Online Learning Management System 1.0 Cross Site Scripting
Posted Dec 23, 2020
Authored by Aakash Madaan

Online Learning Management System version 1.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 68e69d9e1042cc074baef57a56b42176
Online Learning Management System 1.0 SQL Injection
Posted Dec 23, 2020
Authored by Aakash Madaan

Online Learning Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 8c7acabf19029f8ed44b300a69d00d6d
Class Scheduling System 1.0 Cross Site Scripting
Posted Dec 23, 2020
Authored by Aakash Madaan

Class Scheduling System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 7de1e30b55f9502c394b3d3adf4f7ac3
Baby Care System 1.0 SQL Injection
Posted Dec 23, 2020
Authored by Vijay Sachdeva

Baby Care System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3b937189e39e35048099144a997b52c2
TerraMaster TOS 4.2.06 Remote Code Execution
Posted Dec 23, 2020
Authored by IHTeam, Ozkan Mustafa Akkus | Site metasploit.com

This Metasploit module exploits an unauthenticated command execution vulnerability in TerraMaster TOS version 4.2.06 leveraging include/makecvs.php.

tags | exploit, php
MD5 | 72ff1d9e5912a41c8347d8d1f28bc5dd
10-Strike Network Inventory Explorer Pro 9.05 Buffer Overflow
Posted Dec 23, 2020
Authored by Florian Gassner

10-Strike Network Inventory Explorer Pro version 9.05 SEH buffer overflow exploit.

tags | exploit, overflow
MD5 | 1cdfcd11b09b399ea25b195cb97e7f74
TerraMaster TOS 4.2.06 Remote Code Execution
Posted Dec 23, 2020
Authored by IHTeam

TerraMaster TOS version 4.2.06 unauthenticated remote code execution exploit.

tags | exploit, remote, code execution
MD5 | e329fd73d943bdbaa8923efb67b925a9
WordPress Epsilon Framework SSRF / Denial of Service
Posted Dec 23, 2020
Authored by gx1

Multiple themes from the WordPress Epsilon Framework suffer from an unauthenticated function injection vulnerability that allows for server-side request forgery and denial of service attacks.

tags | exploit, denial of service
MD5 | 1a7135b3d676a97dd2fb9320f9f08ffa
Page 1 of 1
Back1Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close