what you don't know can hurt you
Showing 1 - 25 of 300 RSS Feed

Files Date: 2021-09-01 to 2021-09-30

iOS 15.0 Nehelper Wifi Info Entitlement Check Bypass
Posted Sep 27, 2021
Authored by IllusionOfChaos | Site github.com

Zero day exploit for Nehelper Wifi Info on iOS 15.0. XPC endpoint com.apple.nehelper accepts user-supplied parameter sdk-version, and if its value is less than or equal to 524288, the com.apple.developer.networking.wifi-info entitlement check is skipped. This makes it possible for any qualifying application (e.g. possessing location access authorization) to gain access to Wifi information without the required entitlement. This happens in -[NEHelperWiFiInfoManager checkIfEntitled:] in /usr/libexec/nehelper.

tags | exploit
systems | apple, ios
MD5 | 8e0fa4b843bff3eb37d125be61cefb65
iOS 15.0 nehelper Enumeration
Posted Sep 27, 2021
Authored by IllusionOfChaos | Site github.com

Zero day exploit for nehelper on iOS 15.0 that allows any user-installed application to determine whether any application is installed on the device given its bundle ID.

tags | exploit, vulnerability
systems | apple, ios
MD5 | b12949ee6a8798fde4f715bd963ec313
iOS 15.0 Gamed Information Disclosure
Posted Sep 27, 2021
Authored by IllusionOfChaos | Site github.com

Zero day exploit for Gamed on iOS 15.0 that demonstrates information disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure
systems | apple, ios
MD5 | fccf7e2b0e471a0f2129a9f0a9ffc40d
OpenSSH 8.8p1
Posted Sep 27, 2021
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Various minor bug fixes and improvements.
tags | tool, encryption
systems | linux, unix, openbsd
MD5 | 8ce5f390958baeeab635aafd0ef41453
Red Hat Security Advisory 2021-3666-01
Posted Sep 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3666-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, path sanitization, and use-after-free vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
MD5 | 3aacdf0ac0725d59c35f942b8086154e
Simple Attendance System 1.0 Authentication Bypass
Posted Sep 27, 2021
Authored by Richard Jones

Simple Attendance System version 1.0 authentication bypass exploit that adds an administrator.

tags | exploit
MD5 | b2f87481c6c45cf469745634e60b237d
WordPress Wappointment 2.2.4 Cross Site Scripting
Posted Sep 27, 2021
Authored by Renos Nikolaou

WordPress Wappointment plugin version 2.2.4 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 06d4d37cea6659e1b1dea2a83e10132f
Backdoor.Win32.Hupigon.afjk Directory Traversal
Posted Sep 27, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.afjk malware suffers from a directory traversal vulnerability.

tags | exploit
systems | windows
MD5 | 61fc3a13b826d38448d6768065fb8df7
CMS Made Simple 2.1.3 Remote Code Execution
Posted Sep 27, 2021
Authored by Raed Ahsan

CMS Made Simple version 2.1.3 details on how to achieve remote code execution.

tags | exploit, remote, code execution
MD5 | 1d05bbd0a0739e3bf334b6bce440369c
Library System 1.0 SQL Injection
Posted Sep 27, 2021
Authored by Vinay Bhuria

Library System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to Aitor Herrero in January of 2021.

tags | exploit, remote, sql injection
MD5 | d0c4580d1bd205323dd7bab92ebe585b
Backdoor.Win32.Hupigon.afjk Authentication Bypass / Code Execution
Posted Sep 27, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.afjk malware suffers from bypass and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
MD5 | 5b6de1178afe2ed5b2303cbea0cbbf1d
XAMPP 7.4.3 Privilege Escalation
Posted Sep 27, 2021
Authored by Salman Asad

XAMPP version 7.4.3 suffers from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2020-11107
MD5 | 8d79f4e52bb5093cf49c0944c183d58f
Backdoor.Win32.Hupigon.fjcd Unauthenticated Open Proxy
Posted Sep 27, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.fjcd malware suffers from an unauthenticated open proxy vulnerability.

tags | exploit
systems | windows
MD5 | 9f539aae0a6b1909254c301aba1440b2
Backdoor.Win32.RmtSvc.l Denial Of Service
Posted Sep 27, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.RmtSvc.l malware suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | windows
MD5 | 09e8acfed6b4068568149eba68fc62ca
Backdoor.Win32.Agent.aer Insecure Transit / Password Disclosure
Posted Sep 27, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.aer malware suffers from an insecure transit vulnerability that allows for password disclosure.

tags | exploit
systems | windows
MD5 | fac30efd864960f252c7828460753ff6
Cisco Small Business RV130W 1.0.3.44 Injection
Posted Sep 27, 2021
Authored by Michael Alamoot

Cisco Small Business RV130W version 1.0.3.44 exploit that injects counterfeit routers.

tags | exploit
systems | cisco
MD5 | 8105912f99299f70ea04dd7e3b10d5e3
Ether MP3 CD Burner 1.3.8 Buffer Overflow
Posted Sep 27, 2021
Authored by Achilles

Ether MP3 CD Burner version 1.3.8 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 7d84f60cf94b71ebe01dc62a0fdd3c71
Backdoor.Win32.Agent.aer Denial Of Service
Posted Sep 27, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.aer malware suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | windows
MD5 | 0062ae4627d932cbf3405da07381ca26
Trojan-Downloader.Win32.VB.abb Insecure Permissions
Posted Sep 27, 2021
Authored by malvuln | Site malvuln.com

Trojan-Downloader.Win32.VB.abb malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
MD5 | 7020f4386ea41a1c414771c49ad351a6
PASS-PHP 1.0 SQL Injection / Cross Site Scripting
Posted Sep 27, 2021
Authored by nu11secur1ty

PASS-PHP version 1.0 suffers from remote SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, php, vulnerability, xss, sql injection
MD5 | 0c7e1fdc0dcd0a919eee65b9dd1e364d
Cyberfox Web Brwoser 52.9.1 Denial Of Service
Posted Sep 26, 2021
Authored by Aryan Chehreghani

Cyberfox Web Browser version 52.9.1 suffers from a denial of service vulnerability.

tags | exploit, web, denial of service
MD5 | 53a9ae840440137e496d1a5af82f0dae
OWASP TimeGap Theory Handbook
Posted Sep 25, 2021
Authored by Abhi M Balakrishnan

This is the OWASP TimeGap Theory handbook that discusses TOC/TOU vulnerabilities.

tags | paper, vulnerability
MD5 | 2f4416fa87f9f8c04a77c55b05f6ef6f
Red Hat Security Advisory 2021-3653-01
Posted Sep 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3653-01 - Red Hat Advanced Cluster Management 2.1.11 security fix and container updates are available.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-27777, CVE-2021-22555, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23017, CVE-2021-29154, CVE-2021-29650, CVE-2021-31535, CVE-2021-32399, CVE-2021-36222, CVE-2021-3653, CVE-2021-37750
MD5 | ef43f11cebe0cd0e7f13da5997e4271e
OpenVPN Monitor 1.1.3 Cross Site Request Forgery
Posted Sep 24, 2021
Authored by Sylvain Heiniger, Emanuel Duss

OpenVPN Monitor versions 1.1.3 and below suffer from a cross site request forgery vulnerability that allows an attacker to disconnect arbitrary VPN clients.

tags | exploit, arbitrary, csrf
advisories | CVE-2021-31604
MD5 | 8fe8676ce55952fcce460972fb63424c
Apple Security Advisory 2021-09-23-2
Posted Sep 24, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-09-23-2 - Security Update 2021-006 Catalina addresses a code execution vulnerability.

tags | advisory, code execution
systems | apple
advisories | CVE-2021-30869
MD5 | da2fbee1b8de7e4786058168460ba81d
Page 1 of 12
Back12345Next

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    2 Files
  • 19
    Sep 19th
    2 Files
  • 20
    Sep 20th
    14 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    28 Files
  • 23
    Sep 23rd
    13 Files
  • 24
    Sep 24th
    10 Files
  • 25
    Sep 25th
    1 Files
  • 26
    Sep 26th
    1 Files
  • 27
    Sep 27th
    20 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close