exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 26 RSS Feed

Files Date: 2021-05-03

OATH Toolkit 2.6.7
Posted May 3, 2021
Site nongnu.org

OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.

Changes: Update to pam_oath. Updated gnulib files. Some build and documentation fixes.
tags | tool
systems | unix
SHA-256 | 36eddfce8f2f36347fb257dbf878ba0303a2eaafe24eaa071d5cd302261046a9
IGEL OS Secure VNC/Terminal Command Injection
Posted May 3, 2021
Authored by Rob Vinson, Marisa Mack, James Smith, James Brytan, Steven Laura, Sergey Pashevkin | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in IGEL OS Secure Terminal and Secure Shadow services.

tags | exploit
SHA-256 | 793658696a77b07f44aa82858509f75d27fb6d744c70a1b78fc7ea464a2a5f12
Google Chrome XOR Typer Out-Of-Bounds Access / Remote Code Execution
Posted May 3, 2021
Authored by Niklas Baumstark, Grant Willcox, Rajvardhan Agarwal, Bruno Keith | Site metasploit.com

This Metasploit module exploits an issue in the V8 engine on x86_x64 builds of Google Chrome versions prior to 89.0.4389.128/90.0.4430.72 when handling XOR operations in JIT'd JavaScript code. Successful exploitation allows an attacker to execute arbitrary code within the context of the V8 process. As the V8 process is normally sandboxed in the default configuration of Google Chrome, the browser must be run with the --no-sandbox option for the payload to work correctly.

tags | exploit, arbitrary, javascript
advisories | CVE-2021-21220
SHA-256 | 021951718048ffe0b71a7648ba64e0929b63f860f2b0a3b5424af17523e26274
SQLMAP - Automatic SQL Injection Tool 1.5.5
Posted May 3, 2021
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Minor release with no notes in the changelog.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
SHA-256 | 66a234c3ee60604a8edd685a64110663a633757d3183db314edd76526fe1a0d8
Epic Games Rocket League 1.95 Stack Buffer Overrun
Posted May 3, 2021
Authored by LiquidWorm | Site zeroscience.mk

Epic Games Rocket League version 1.95 suffers from a stack-based buffer overflow vulnerability. The issue is caused due to a boundary error in the processing of a UPK format file, which can be exploited to cause a stack buffer overflow when a user crafts the file with a large array of bytes inserted in the vicinity offset after the magic header. Successful exploitation could allow execution of arbitrary code on the affected machine.

tags | exploit, overflow, arbitrary
SHA-256 | 9aca17edbee1e4311ae8f1782a958f79fa3979f842eee23c1d85f52f471dfe26
Epic Games Rocket League 1.95 Insecure Permissions
Posted May 3, 2021
Authored by LiquidWorm | Site zeroscience.mk

Epic Games Rocket League versions 1.95 and below suffer from an insecure permissions vulnerability.

tags | exploit
SHA-256 | 7265a86350f635261f04efa01c468b9a397f529d7db60a2450121e1dfcc758b2
Kernel Live Patch Security Notice LSN-0076-1
Posted May 3, 2021
Authored by Benjamin M. Romer

It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, x86, kernel, local
systems | linux
advisories | CVE-2021-29154, CVE-2021-3493
SHA-256 | 2804a214253fb2c002641f38c8aae9e4023d617f9897b0c5c01ff06e5794df2b
GitLab Community Edition (CE) 13.10.3 User Enumeration
Posted May 3, 2021
Authored by 4D0niiS

GitLab Community Edition (CE) version 13.10.3 suffers from multiple user enumeration vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 5d420382a54e49ae96ced981f0727ae390e51d108048932dd69d45374578bae6
Gadget Works Online Ordering System 1.0 SQL Injection / Code Execution
Posted May 3, 2021
Authored by Richard Jones

Gadget Works Online Ordering System version 1.0 remote SQL injection to remote code execution exploit.

tags | exploit, remote, code execution, sql injection
SHA-256 | 2d18d2f9555bfff94cfed3277ed76d3a918cd3ddca2e9c2a26e1793755043fd5
Gadget Works Online Ordering System 1.0 SQL Injection
Posted May 3, 2021
Authored by Richard Jones

Gadget Works Online Ordering System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | ace02550215387baeed4b171bd0dee0fd249e7b017d001a279cf46ceb6e41080
Red Hat Security Advisory 2021-1478-01
Posted May 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1478-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-25215
SHA-256 | af20513e6978fc85d3985061fc5723dd0fd2854e0de3c5a21fffdbab758eacb6
Red Hat Security Advisory 2021-1477-01
Posted May 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1477-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-25215
SHA-256 | bcfbac82ac854e75d583aaaa75371751c38db70930f9d32b21ad7413ff2e8457
Red Hat Security Advisory 2021-1479-01
Posted May 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1479-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-25215
SHA-256 | a5b7c2e4f22cce63987a658b6b839efc32b1878a81ec93aaac31328663271d5a
Red Hat Security Advisory 2021-1475-01
Posted May 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1475-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-25215
SHA-256 | 620d7cd24e2af7f261b2564b33071a122adad42c182fc6c73f978cee73e0787c
Red Hat Security Advisory 2021-1476-01
Posted May 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1476-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-25215
SHA-256 | beeca5b535059562d052ad02baff831c11c3a4f674dccf62a32e08dade634956
Gentoo Linux Security Advisory 202104-10
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-10 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 88.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2021-23961, CVE-2021-23968, CVE-2021-23969, CVE-2021-23970, CVE-2021-23971, CVE-2021-23972, CVE-2021-23973, CVE-2021-23974, CVE-2021-23975, CVE-2021-23976, CVE-2021-23977, CVE-2021-23978, CVE-2021-23981, CVE-2021-23982, CVE-2021-23983, CVE-2021-23984, CVE-2021-23985, CVE-2021-23986, CVE-2021-23987, CVE-2021-23988, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945
SHA-256 | 5ca81f664f4e17349799dff5ec0303eacf0a8ec7882e1cb1d495ace0532dfaaa
Gentoo Linux Security Advisory 202104-09
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-9 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 78.10.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2021-23961, CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-23978, CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948
SHA-256 | 14468afd1abbcf533ea6611cd505e671361f822b331808ff4f16194ccb84f300
Gentoo Linux Security Advisory 202104-08
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-8 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 90.0.4430.93 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2021-21142, CVE-2021-21143, CVE-2021-21144, CVE-2021-21145, CVE-2021-21146, CVE-2021-21147, CVE-2021-21148, CVE-2021-21149, CVE-2021-21150, CVE-2021-21151, CVE-2021-21152, CVE-2021-21153, CVE-2021-21154, CVE-2021-21155, CVE-2021-21156, CVE-2021-21157, CVE-2021-21159, CVE-2021-21160, CVE-2021-21161, CVE-2021-21162, CVE-2021-21163, CVE-2021-21165, CVE-2021-21166, CVE-2021-21167, CVE-2021-21168, CVE-2021-21169
SHA-256 | 3c0116aeb3e752ff274eefc0030e2c4cfc941c4cf5a69bc7d93086f56b183f77
Gentoo Linux Security Advisory 202104-07
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-7 - A vulnerability in ClamAV could lead to a Denial of Service condition. Versions less than 0.103.2 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2021-1405
SHA-256 | 68da708b4158f5fb98beecd59c9d158fdc1dc31c9bb39e6957237983a0c4f04b
Gentoo Linux Security Advisory 202104-06
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-6 - Multiple vulnerabilities have been found in LibTIFF, the worst of which could result in the execution of arbitrary code. Versions less than 4.2.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-35521, CVE-2020-35522, CVE-2020-35523, CVE-2020-35524
SHA-256 | 7b0a8d5c5e2063aa65d637133e54bdb98fee21618789b4b305531c3af2d691bc
Gentoo Linux Security Advisory 202104-05
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-5 - Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. Versions less than 2.06_rc1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2020-10713, CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311, CVE-2020-14372, CVE-2020-15705, CVE-2020-15706, CVE-2020-15707, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
SHA-256 | 299d3aa5f1947d880973d356a72e943ce929b133f553e466d411763947ccd7a7
Gentoo Linux Security Advisory 202104-04
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-4 - Multiple vulnerabilities have been found in Python, the worst of which might allow attackers to access sensitive information. Versions less than 3.9.2_p1 are affected.

tags | advisory, vulnerability, python
systems | linux, gentoo
advisories | CVE-2021-23336, CVE-2021-3426
SHA-256 | 4bd66a4b0184575ea646f12aca50c9cce688ba33a729a181be524b704a6299fa
Gentoo Linux Security Advisory 202104-03
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-3 - Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code. Versions less than 2.30.6 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-13558, CVE-2020-27918, CVE-2020-29623, CVE-2020-9947, CVE-2021-1765, CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870
SHA-256 | 42cfd71020fbee05af94a73a16d71b91a80cbad1b727ff5cdca9d08ff0034864
Gentoo Linux Security Advisory 202104-02
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-2 - A vulnerability in X.Org X Server may allow users to escalate privileges. Versions less than 1.20.11 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2021-3472
SHA-256 | a2b1708051bf9ef33bdd436ffce708cfd254521c7c6070c987b74631627084f1
Gentoo Linux Security Advisory 202104-01
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-1 - A vulnerability has been found in Git that could allow a remote attacker to execute arbitrary code. Versions less than 2.26.3 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2021-21300
SHA-256 | 501280a83ea3d468493a03bc6b8c2fd8cb7796e4399b355699ce16447e85a20b
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close