CMS Afroditi version 1.0 suffers from a remote blind SQL injection vulnerability.
24268d032758b3a26e8d832ca265c267accb897a59979da9cb5ffc116dcf3625ACal version 2.2.6 suffers from authentication bypass, cross site scripting, and local file inclusion vulnerabilities.
511a1d027ab58b124b1f26063b3c337a2208eff63967679b47f5076351eb9b0cYersinia implements several attacks for the following protocols: Spanning Tree (STP), Cisco Discovery (CDP), Dynamic Host Configuration (DHCP), Hot Standby Router (HSRP), Dynamic Trunking (DTP), 802.1q and VLAN Trunking (VTP), helping a pen-tester with different tasks.
042abc466c5b470b97079e0049b4029a8cbb75d583cfbfb756fca76e460d40b4Ophcrack version 3.6 local stack based buffer overflow exploit. Works on Windows 8 64-bit.
0be61e9632ecb1d28ddf2fffce00da4b5cfe5daf17694f3476753649c809805dThe call for papers for H2HC 11th edition is now open. H2HC is a hacker conference taking place in Sao Paulo, Brazil, from October 18th through the 19th, 2014.
c0abc031dca8e02aaf8118e1e54cd66c1f8ff98c68ffff71cd13fdb60b178bb0This program maps memory pages to the low range above 64k to avoid conflicts with /proc/sys/vm/mmap_min_addr and then triggers the virtual-86 mode. Due to unhandled FPU errors, task switch will fail afterwards, kernel will attempt to kill other tasks when switching.
ad658d72431edc17d84f7ede3e6041ec2ef755c6e9a6f0e063d9951b0dd8656fDebian Linux Security Advisory 2829-1 - Multiple vulnerabilities have been found in the HP Linux Printing and in PackageKit and the insecure hp-upgrade service has been disabled.
7f66cf46f3fd1529cdf09546ae8258fcde1c2abdabfa3412509c82a4b988c067NoticeBoardPro version 1.x suffers from a remote SQL injection vulnerability.
e0f9bb7c8e1aeac55b2e064f82d87116e084600e77beaa14dc364db6bee942a9THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.
52120bee2da3d25820f021b5c4d6fc79e220e685e2a505b74b48046b608cba8cThis Metasploit module exploits a vulnerability found in PhotoStore version 4.0.7. By abusing the uploadify.php file, a malicious user can upload a file to a temp directory without authentication, which results in arbitrary code execution.
3bdbec107d32194db2d22bea603f8df3b12edc8ee908c6cb6fb759053cc04b0bDebian Linux Security Advisory 2828-1 - Multiple vulnerabilities have been discovered in Drupal, a fully-featured request forgery protection, insecure pseudo random number generation, code execution and incorrect security token validation.
9fca0e872421aa3d505fa144d23009d1dc2627543758b7bd99600341f0efc3acGentoo Linux Security Advisory 201312-16 - A vulnerability in Xfig could result in execution of arbitrary code or Denial of Service. Versions less than 3.2.5b-r1 are affected.
329cda66c4f48a35b5aad71508c2e2994cd0c1f2425e37faf5a3f26fa4e57ef8This is a brief write-up called Twenty Reasons Why Mass Surveillance Is Dangerous.
a3b2989e9050e8ee56d2b66ee2be1883dd4ff40472f7b0d217eb8861368e23bfFireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
37f1e7d5c241a3f4ce1e796eaace4f02f1908548c3c42a44f902f0ad2c67cf30As prior disclosure to Snapchat has not resulted in fixes, the researchers at Gibson Security have released exploits and documentation on the previously undocumented API.
fac0b4639306a9c24f63349abdcdd3a9a44619200b2d4d71132244cce7879d9bipset_list is a wrapper script for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. Optionally, the output can be colorized.
3317782f2ed93f994a6fd03ed831a7bac730972a59fc5d84944923207d06687bIBM Web Content Manager versions 6.x, 7.x, and 8.x suffer from blind XPath injection attacks. This allows an attacker to get current application configuration, enumerate nodes, and extract other valuable information from vulnerable installations of Web Content Manager.
69ed54de30dd34415932f287057413898bcb590a08bf4420d7b20ebaa5b7b2aaThis Metasploit module exploits a SQL injection vulnerability in the "explorer" action of "miq_policy" controller of the Red Hat CloudForms Management Engine 5.1 (ManageIQ Enterprise Virtualization Manager 5.0 and earlier) by changing the password of the target account to the specified password.
b55583d572b94d5be808ddfcb5ca09620c6e831caa6772d47ef4ca397a0d8dfcThe PhishingAlert of Safari stops functioning in Windows systems if an abnormal URL is being used.
79d05414fca80bf21d6c2eb1c842e21bb4fd3ab573ff1e90f90b60fa32541ebbAmazon Web Services Elastic Beanstalk suffers from a code execution vulnerability.
9627d5239332fca927a6137f308067102214ba471ccb72e6c5da1b446bc2f5dcPHPSurveyor suffers from a remote shell upload vulnerability.
1ae2be6659eceab6f2fe08517e7d5ee0c444690d71d791f904fc264c5ccdc978Ofilter Player version 1.1 integer division by zero exploit that creates a malicious .wav file.
82448eb9a0eb3e37a6df8d7c7ac93b3401c0c63f6d2f2ebbad44bb6503c592ccThis Metasploit module exploits a stack-based buffer overflow vulnerability in version 16.0.3.51 and 16.0.2.32 of RealNetworks RealPlayer, caused by improper bounds checking of the version and encoding attributes inside the XML declaration. By persuading the victim to open a specially-crafted .RMP file, a remote attacker could execute arbitrary code on the system or cause the application to crash.
8a8a413478986610cfe01a2463f28c4cb1a4e732df507042bac07cef2741232eWordPress Ad-minister plugin version 0.6 suffers from a cross site scripting vulnerability.
00c782cd1bf296e3d433962ceb1d7976f641f78821242d9e2dcb9de59a95273cAskApache Firefox Adsense WordPress plugin version 3.0 suffers from a cross site request forgery vulnerability.
83e2b745be93d36c6d8f251eb3ff8e050c3d08d2693edf4929bbd4bd6f6b2a97
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed