exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2024-10-03

Haveged 1.9.19
Posted Oct 3, 2024
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: Added --time_interval N to add entropy unconditionally every N seconds. Now synchronizes haveged instances during switch root. Fixed warnings in 90-haveged.rules.
tags | tool
systems | linux, unix
SHA-256 | acbb05776668657012273be9bb3310e3140b79959aa4538e4cca8d30d40c0b8f
Ubuntu Security Notice USN-7021-4
Posted Oct 3, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7021-4 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2024-26677, CVE-2024-38570, CVE-2024-39496
SHA-256 | f5bd65d2898e9829d211a6a95b234a34eb25f17b8ac37caf94966dce73810534
Debian Security Advisory 5781-1
Posted Oct 3, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5781-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2024-7025, CVE-2024-9369, CVE-2024-9370
SHA-256 | 1ef039858c6f77289a0121b0f10830b4ab7779904de169e39eb4e8d6420d6fe6
Acronis Cyber Infrastructure Default Password Remote Code Execution
Posted Oct 3, 2024
Authored by h00die-gr3y, Acronis International GmbH | Site metasploit.com

Acronis Cyber Infrastructure (ACI) is an IT infrastructure solution that provides storage, compute, and network resources. Businesses and Service Providers are using it for data storage, backup storage, creating and managing virtual machines and software-defined networks, running cloud-native applications in production environments. This Metasploit module exploits a default password vulnerability in ACI which allow an attacker to access the ACI PostgreSQL database and gain administrative access to the ACI Web Portal. This opens the door for the attacker to upload SSH keys that enables root access to the appliance/server. This attack can be remotely executed over the WAN as long as the PostgreSQL and SSH services are exposed to the outside world. ACI versions 5.0 before build 5.0.1-61, 5.1 before build 5.1.1-71, 5.2 before build 5.2.1-69, 5.3 before build 5.3.1-53, and 5.4 before build 5.4.4-132 are vulnerable.

tags | exploit, web, root
advisories | CVE-2023-45249
SHA-256 | 07990b1f6994d1629f554b31888e1fa6a36fccc954738c75a95e2ac86e270498
dizqueTV 1.5.3 Remote Code Execution
Posted Oct 3, 2024
Authored by Ahmed Said Saud Al-Busaidi

dizqueTV version 1.5.3 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | b18cb14167c97952ef1684789d6a48b83e5c1338a0677edc0b3eaef195497b45
Ubuntu Security Notice USN-7052-1
Posted Oct 3, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7052-1 - It was discovered that GNOME Shell mishandled extensions that fail to reload, possibly leading to extensions staying enabled on the lock screen. An attacker could possibly use this issue to launch applications, view sensitive information, or execute arbitrary commands. It was discovered that the GNOME Shell incorrectly handled certain keyboard inputs. An attacker could possibly use this issue to invoke keyboard shortcuts, and potentially other actions while the workstation was locked.

tags | advisory, arbitrary, shell
systems | linux, ubuntu
advisories | CVE-2017-8288, CVE-2019-3820
SHA-256 | d145ca7fe21493de973870eec17c6d14d6d8ba7536b1cb88569b36730ddfee8c
Debian Security Advisory 5780-1
Posted Oct 3, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5780-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in incorrect parsing of multipart/form-data, bypass of the cgi.force_direct directive or incorrect logging.

tags | advisory, cgi, php
systems | linux, debian
advisories | CVE-2024-8925, CVE-2024-8926, CVE-2024-8927
SHA-256 | bfa3e5a0c7655d65e84e614bda3fc8f53d019f36e25c18e9829db943709ca29b
openSIS 9.1 SQL Injection
Posted Oct 3, 2024
Authored by Devrim Dıragumandan

openSIS version 9.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ddd8a61a144743e851f50537eea6c5ff213dbd687c67b18723cb43b3cce02613
reNgine 2.2.0 Command Injection
Posted Oct 3, 2024
Authored by Caner Tercan

reNgine version 2.2.0 suffers from an authenticated command injection vulnerability.

tags | exploit
SHA-256 | f066bac5f8056ecff7640ad1eda251ee3cfc442c52056ad0305561dcae02504e
WordPress Bricks Builder Theme 1.9.6 Code Injection
Posted Oct 3, 2024
Authored by indoushka

WordPress Bricks Builder Theme version 1.9.6 suffers from a PHP code injection vulnerability.

tags | exploit, php
SHA-256 | 69058773e3397f84487632f50d5da835890bc34fb55c74c497a1b37f090145ec
WordPress Hash Form 1.1.0 Code Injection
Posted Oct 3, 2024
Authored by indoushka

WordPress Hash Form plugin version 1.1.0 suffers from a PHP code injection vulnerability.

tags | exploit, php
SHA-256 | bc7980f4f411a27c7262c68f7fd454a125802275d61a94ede6b68bb2e568c7a7
WordPress GiveWP Donation Fundraising Platform 3.14.1 Code Injection
Posted Oct 3, 2024
Authored by indoushka

WordPress GiveWP Donation Fundraising Platform version 3.14.1 suffers from a PHP code injection vulnerability.

tags | exploit, php
SHA-256 | eb486df34141d18e18b546102e2a364a70c644072728e437923337df6d3968b6
ViciDial 2.0.5 Cross Site Request Forgery
Posted Oct 3, 2024
Authored by indoushka

ViciDial version 2.0.5 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 8d97cf3df17b56471dae55b00de7d5fdb6df05ba2d778c815ad038c1c5af4ade
Vehicle Service Management System 1.0 Cross Site Request Forgery
Posted Oct 3, 2024
Authored by indoushka

Vehicle Service Management System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | cbbb1165632f2703bbc4989bf742873fef70ed8ad0904b983a249605f1abbb36
Transport Management System 1.0 Insecure Direct Object Reference
Posted Oct 3, 2024
Authored by indoushka

Transport Management System version 1.0 suffers from an insecure direct object reference vulnerability.

tags | exploit
SHA-256 | ddb2ecfd9605e960fcf65ed5d6d99463da9d4dc7cef2f1685967819afe88b7de
Printing Business Records Management System 1.0 Insecure Settings
Posted Oct 3, 2024
Authored by indoushka

Printing Business Records Management System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | cfd9d4151bd46ad7de2e0c129a76499f645f7ad0df0b80a0d40a359c199f4f2c
Online Eyewear Shop 1.0 Insecure Settings
Posted Oct 3, 2024
Authored by indoushka

Online Eyewear Shop version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | 2bf05df779783894d1f5d14a01f0b453810086efd504cdb90dfe4889fe4bce31
AVideo 12.4 Code Injection
Posted Oct 3, 2024
Authored by indoushka

AVideo version 12.4 suffers from a PHP code injection vulnerability.

tags | exploit, php
SHA-256 | b36808e21f51e25a7052432f8419f20edcaf24b7c01d2a036f8e75bb34bc7468
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close