exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

Files Date: 2024-02-19

Gentoo Linux Security Advisory 202402-28
Posted Feb 19, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202402-28 - Multiple vulnerabilities have been discovered in Samba, the worst of which can lead to remote code execution. Versions greater than or equal to 4.18.9 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2018-14628, CVE-2022-2127, CVE-2023-3347, CVE-2023-34966, CVE-2023-34967, CVE-2023-34968, CVE-2023-3961, CVE-2023-4091, CVE-2023-4154, CVE-2023-42669, CVE-2023-42670
SHA-256 | c1b77ea663583d7b2f9d45426761c56ddbb0b4ac671059fc79dbe605a5da5b12
Debian Security Advisory 5626-1
Posted Feb 19, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5626-1 - It was discovered that malformed DNSSEC records within a DNS zone could result in denial of service against PDNS Recursor, a resolving name server.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2023-50387, CVE-2023-50868
SHA-256 | 49eaeb41d9120ce6fe9d1df8ab49ae3be8aab753012780b8c6b75059b99b0463
Gentoo Linux Security Advisory 202402-27
Posted Feb 19, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202402-27 - A vulnerability has been discovered in Glade which can lead to a denial of service. Versions greater than or equal to 3.38.2 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2020-36774
SHA-256 | 653f6856f17d7d35bb9fb4999d8dcf1015fc7781ecc66eadfa5cc20831dd7623
Proxmark3 4.18218 Custom Firmware
Posted Feb 19, 2024
Authored by Christian Herrmann | Site github.com

This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware. This release is nicknamed "DEFCON is Cancelled".

Changes: ISO15693 Simulation Boost, Generic Overhauls for ISO15693 and ISO14443B, Advanced MIFARE Ultralight / NTAG Identifications. Many bugs were also fixed.
tags | tool
systems | unix
SHA-256 | 535ace3d2395d745aab82b77f7bf83ac08ab9ffb328c07ee2e4ddf340d09536a
Gentoo Linux Security Advisory 202402-26
Posted Feb 19, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202402-26 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. Versions greater than or equal to 115.7.0:esr are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2024-0741, CVE-2024-0742, CVE-2024-0743, CVE-2024-0744, CVE-2024-0745, CVE-2024-0746, CVE-2024-0747, CVE-2024-0748, CVE-2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0752, CVE-2024-0753, CVE-2024-0754
SHA-256 | cc533856037ce3489c1c38f7382c14f40155a8adae6b4f28af227d8e9f39964a
Microsoft Windows Defender / Backdoor_JS.Relvelshe.A Detection / Mitigation Bypass
Posted Feb 19, 2024
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Back in 2022, the researcher released a proof of concept to bypass the Backdoor:JS/Relvelshe.A detection in Windows Defender but it no longer works as it was mitigated. However, adding a simple javascript try catch error statement and eval'ing the hex string, it executes as of the time of this post.

tags | exploit, javascript, proof of concept
systems | windows
SHA-256 | 7ab1d57cbbb29f8168521971a747af06eab9ef184d9f61ee316413db3f71e0c9
Microsoft Windows Defender / Trojan.Win32/Powessere.G VBScript Detection Bypass
Posted Feb 19, 2024
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

This is additional research regarding a mitigation bypass in Windows Defender. Back in 2022, the researcher disclosed how it could be easily bypassed by passing an extra path traversal when referencing mshtml but that issue has since been mitigated. However, the researcher discovered using multiple commas can also be used to achieve the bypass. This issue was addressed. The fix was short lived as the researcher found yet another third trivial bypass. Previously, the researcher disclosed 3 bypasses using rundll32 javascript, but this example leverages the VBSCRIPT and ActiveX engines.

tags | exploit, javascript, activex
systems | windows
SHA-256 | 59fee3164e2fd340144dd80b39280328ebce07f8d7f86686261fc6d4a98c71eb
Gentoo Linux Security Advisory 202402-25
Posted Feb 19, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202402-25 - Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 115.7.0 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2023-3417, CVE-2023-3600, CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208, CVE-2023-37211, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4051
SHA-256 | f6a33c383a67744f956589ebca1e53b97ec85a5c78492b16031da34f30606da1
Gentoo Linux Security Advisory 202402-21
Posted Feb 19, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202402-21 - Multiple vulnerabilities have been discovered in QtNetwork, the worst of which could lead to execution of arbitrary code. Versions greater than or equal to 6.6.1-r2 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2023-32762, CVE-2023-51714
SHA-256 | c9b10b422bfa2fd5f272ddbc98f5162d947f596980bacc005f9eaac00543c155
InstantCMS 2.16.1 Cross Site Scripting
Posted Feb 19, 2024
Authored by SoSPiro

InstantCMS version 2.16.1 suffers from a persistent cross site scripting vulnerability that appears to require administrative access.

tags | exploit, xss
SHA-256 | 7923340c990b9cceb58ce85ba5207a9c3605de4fca54417c061ae374af5da4a9
Gentoo Linux Security Advisory 202402-24
Posted Feb 19, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202402-24 - Multiple vulnerabilities have been discovered in Seamonkey, the worst of which can lead to remote code execution. Versions greater than or equal to 2.53.10.2 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
SHA-256 | 741d35d4bdb23d0b8fa49dc043b5dea8050951485082052e828d295f45be0db1
Gentoo Linux Security Advisory 202402-23
Posted Feb 19, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202402-23 - Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 121.0.6167.139 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2024-0333, CVE-2024-0517, CVE-2024-0518, CVE-2024-0519, CVE-2024-0804, CVE-2024-0805, CVE-2024-0806, CVE-2024-0807, CVE-2024-0808, CVE-2024-0809, CVE-2024-0810, CVE-2024-0811, CVE-2024-0812, CVE-2024-0813
SHA-256 | f4454cfd0cbe05bc91dbf64927220dcb289f6b1c63b52526cc67f7720db5413e
Gentoo Linux Security Advisory 202402-22
Posted Feb 19, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202402-22 - Multiple vulnerabilities have been discovered in intel-microcode, the worst of which can lead to privilege escalation. Versions greater than or equal to 20230214_p20230212 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2021-0127, CVE-2021-0146
SHA-256 | 90ac5f72428988f5743803eb4e6cc56e7eb12428e8c5282266fe0bc0bb97ad82
SureMDM On-Premise CAPTCHA Bypass / User Enumeration
Posted Feb 19, 2024
Authored by Jonas Benjamin Friedli

SureMDM On-Premise versions prior to 6.31 suffer from CAPTCHA bypass and user enumeration vulnerabilities.

tags | exploit, vulnerability, bypass
advisories | CVE-2023-3897
SHA-256 | ee08755ff2c77c77422dc3e6137cfea65ccefc051f98543715278a5b354c366c
Gentoo Linux Security Advisory 202402-20
Posted Feb 19, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202402-20 - A vulnerability has been discovered in Thunar which may lead to arbitrary code execution Versions greater than or equal to 4.17.3 are affected.

tags | advisory, arbitrary, code execution
systems | linux, gentoo
advisories | CVE-2021-32563
SHA-256 | 83355da959645c487a209c226eb25e43186cdf716cdaadcb62ea7d17fc40aa56
Online Library Management System 3 Password Reset
Posted Feb 19, 2024
Authored by SoSPiro

Online Library Management System version 3 suffers from a password reset vulnerability due to a logic flaw of allowing the same email address to be set for multiple users.

tags | exploit
SHA-256 | 96e568ac958cfa59e4d69f8e48e162fd23c330d0dfb5ffe9d4c9a3b792fb411c
Gentoo Linux Security Advisory 202402-19
Posted Feb 19, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202402-19 - A vulnerability has been discovered in libcaca which can lead to arbitrary code execution. Versions greater than or equal to 0.99_beta19-r4 are affected.

tags | advisory, arbitrary, code execution
systems | linux, gentoo
advisories | CVE-2021-3410
SHA-256 | 0245e60107a0303350e4c76919c42747fe3e6976194d4f228f49c0d993a4e02f
Gentoo Linux Security Advisory 202402-18
Posted Feb 19, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202402-18 - Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution. Versions greater than or equal to 4.97.1 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2023-42114, CVE-2023-42115, CVE-2023-42116, CVE-2023-42117, CVE-2023-42119, CVE-2023-51766
SHA-256 | baabebed21673e40b564e5721f4a8c2ad8b2d62a34a694a4ab0c3fd9b9eddfdc
Gentoo Linux Security Advisory 202402-17
Posted Feb 19, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202402-17 - Multiple vulnerabilities have been discovered in CUPS, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 2.4.7 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2022-26691, CVE-2023-32324, CVE-2023-34241, CVE-2023-4504
SHA-256 | 0468bc739c556dc5d72d0990bb0d5e50e913c2c05719800d5e77718a1d6861e0
Employee Management System 1.0 SQL Injection
Posted Feb 19, 2024
Authored by SoSPiro

Employee Management System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of this finding is attributed to Ozlem Balci in January of 2024.

tags | exploit, remote, sql injection
SHA-256 | eac3ee07605d15d68a5d408fecb91498a9bfab9973368c0e16d4816f4539dc97
Chrome chrome.pageCapture.saveAsMHTML() Extension API Blocked Origin Bypass
Posted Feb 19, 2024
Authored by Jann Horn, Google Security Research

Chrome has an issue where the chrome.pageCapture.saveAsMHTML() extension API can be used on blocked origins due to a racy access check.

tags | exploit
advisories | CVE-2024-0811
SHA-256 | c081d9b3a89b0a80ccfbb9fc08c3373284b83957b305d8759f551dfbed038c66
Gentoo Linux Security Advisory 202402-16
Posted Feb 19, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202402-16 - Multiple vulnerabilities have been discovered in Apache Log4j, the worst of which can lead to remote code execution. Versions less than or equal to 1.2.17 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2019-17571, CVE-2020-9488, CVE-2020-9493, CVE-2022-23302, CVE-2022-23305
SHA-256 | 79e0825715a2197c39850bba10de0d238187f4c93dcdf24c6b31b702cdb3131e
Gentoo Linux Security Advisory 202402-15
Posted Feb 19, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202402-15 - A vulnerability has been discovered in e2fsprogs which can lead to arbitrary code execution. Versions greater than or equal to 1.46.6 are affected.

tags | advisory, arbitrary, code execution
systems | linux, gentoo
advisories | CVE-2022-1304
SHA-256 | a2eafff769a48f4258c44d663d740cd5000c7ee83f88308b3caffea113cb1beb
WonderCMS 4.3.2 Cross Site Scripting / Remote Code Execution
Posted Feb 19, 2024
Authored by prodigiousMind

WonderCMS version 4.3.2 remote exploit that leverages cross site scripting to achieve remote code execution.

tags | exploit, remote, code execution, xss
SHA-256 | 371582d2faf62d5876bcf7818755a049e5f6d427635c029647db990dfb673374
User Registration And Login And User Management System 3.1 SQL Injection
Posted Feb 19, 2024
Authored by SoSPiro

User Registration and Login and User Management System version 3.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a778aabc9984b218ebd37f1e8af2db7ea6c66baaade706530c48a38013537c6f
Page 1 of 2
Back12Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    17 Files
  • 24
    Jul 24th
    47 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close