exploit the possibilities
Showing 1 - 11 of 11 RSS Feed

Files Date: 2021-02-05

Apple CoreText libType1Scaler.dylib Out-Of-Bounds Write / Integer Overflow
Posted Feb 5, 2021
Authored by Google Security Research, Tim Willis

Apple CoreText libType1Scaler.dylib suffers from a heap out-of-bounds-write due to an integer overflow vulnerability in STOREWV othersubr.

tags | exploit, overflow
systems | apple
advisories | CVE-2020-27944
MD5 | b33deb9c9fd77bb9f85fcccf5c952979
Apple CoreText libFontParser.dylib Stack Corruption
Posted Feb 5, 2021
Authored by Google Security Research, Tim Willis

Apple CoreText libFontParser.dylib suffers from a stack corruption vulnerability in the handling of /BlendDesignPositions Type 1 objects.

tags | exploit
systems | apple
advisories | CVE-2020-0938, CVE-2020-29624
MD5 | c178252e4ec3ca797a19785947f03896
Apple CoreText libType1Scaler.dylib Buffer Overflow
Posted Feb 5, 2021
Authored by Google Security Research, Tim Willis

Apple CoreText libType1Scaler.dylib suffers from a heap buffer overflow vulnerability in the Counter Control Hints.

tags | exploit, overflow
systems | apple
advisories | CVE-2020-27943
MD5 | c4ea7a179bb02915471d29ae7a729d9e
Apple CoreText libType1Scaler.dylib Memory Disclosure
Posted Feb 5, 2021
Authored by Google Security Research, Tim Willis

Apple CoreText libType1Scaler.dylib suffers from a memory disclosure vulnerability via an uninitialized transient array.

tags | exploit
systems | apple
advisories | CVE-2020-27946
MD5 | 58a55471b1e336a6f7a00a43543274c3
XNU Kernel Mach Message Trailers Memory Disclosure
Posted Feb 5, 2021
Authored by Google Security Research, ianbeer

The XNU kernel suffers from a memory disclosure vulnerability in mach message trailers.

tags | exploit, kernel
advisories | CVE-2020-27950
MD5 | fd485ea94f3d1c1a1348a97feddde88b
XNU Kernel Turnstiles Type Confusion
Posted Feb 5, 2021
Authored by Google Security Research, ianbeer

The XNU kernel suffers from a type confusion vulnerability in turnstiles.

tags | exploit, kernel
advisories | CVE-2020-27932
MD5 | a0391836c332c430261f0d75f705ed5a
Apple Safari Remote Code Execution
Posted Feb 5, 2021
Authored by Google Security Research, mjurczyk

Apple Safari is susceptible to a remote code execution vulnerability via an undefined othersubr in Type 1 fonts handled by libType1Scaler.dylib on macOS and iOS.

tags | exploit, remote, code execution
systems | apple, ios
advisories | CVE-2020-27930
MD5 | 46ada3aa4a5cf57b7f656c84696a56cc
Sudo 1.8.31p2 / 1.9.5p1 Buffer Overflow
Posted Feb 5, 2021
Authored by Blasty, Spencer McIntyre, Qualys Security Advisory, bwatters-r7, Alexander Krog | Site metasploit.com

A heap based buffer overflow exists in the sudo command line utility that can be exploited by a local attacker to gain elevated privileges. The vulnerability was introduced in July of 2011 and affects version 1.8.2 through 1.8.31p2 as well as 1.9.0 through 1.9.5p1 in their default configurations. The technique used by this implementation leverages the overflow to overwrite a service_user struct in memory to reference an attacker controlled library which results in it being loaded with the elevated privileges held by sudo.

tags | exploit, overflow, local
advisories | CVE-2021-3156
MD5 | 5a520123546e73d450b7fef8df23c9de
SEO Panel 4.6.0 Remote Code Execution
Posted Feb 5, 2021
Authored by Kr0ff

SEO Panel version 4.6.0 remote code execution exploit. Original discovery of code execution in this version is attributed to Daniel Monzon and Kiko Andreu in October of 2020.

tags | exploit, remote, code execution
MD5 | 2f04e3b36a0b97b2f762e8c3d014f7b6
PhreeBooks 5.2.3 Remote Code Execution
Posted Feb 5, 2021
Authored by Kr0ff

PhreeBooks ERP version 5.2.3 remote code execution exploit. Original discovery of this vulnerability is attributed to Abdullah Celebi in April of 2019.

tags | exploit, remote, code execution
MD5 | fb7c63b7c4b6efc88fbf4aa31255c050
LiteSpeed Web Server Enterprise 5.4.11 Command Injection
Posted Feb 5, 2021
Authored by SunCSR, cmOs

LiteSpeed Web Server Enterprise version 5.4.11 suffers from an authenticated remote command injection vulnerability.

tags | exploit, remote, web
MD5 | 4ccb7816f0ee2cec9578a104021a7947
Page 1 of 1
Back1Next

File Archive:

February 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    33 Files
  • 2
    Feb 2nd
    30 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    8 Files
  • 5
    Feb 5th
    11 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    1 Files
  • 8
    Feb 8th
    37 Files
  • 9
    Feb 9th
    15 Files
  • 10
    Feb 10th
    11 Files
  • 11
    Feb 11th
    26 Files
  • 12
    Feb 12th
    8 Files
  • 13
    Feb 13th
    1 Files
  • 14
    Feb 14th
    1 Files
  • 15
    Feb 15th
    9 Files
  • 16
    Feb 16th
    33 Files
  • 17
    Feb 17th
    6 Files
  • 18
    Feb 18th
    10 Files
  • 19
    Feb 19th
    20 Files
  • 20
    Feb 20th
    1 Files
  • 21
    Feb 21st
    1 Files
  • 22
    Feb 22nd
    17 Files
  • 23
    Feb 23rd
    15 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    28 Files
  • 26
    Feb 26th
    25 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close