exploit the possibilities
Showing 26 - 50 of 57 RSS Feed

Files Date: 2015-02-09 to 2015-02-10

WordPress Google Doc Embedder 2.5.18 Cross Site Scripting
Posted Feb 9, 2015
Authored by Morten Nortoft, Kenneth Jepsen, Mikkel Vej

WordPress Google Doc Embedder plugin version 2.5.18 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0a4338016488d3db9766d931aa6fa4f9
u5CMS 3.9.3 Cross Site Scripting
Posted Feb 9, 2015
Authored by LiquidWorm | Site zeroscience.mk

u5CMS version 3.9.3 suffers from multiple stored and reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 2ede30d6067d2236d1a7e8b32cb1fdf1
Gentoo Linux Security Advisory 201502-08
Posted Feb 9, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201502-8 - Multiple vulnerabilities have been found in Libav, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 9.17 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-3934, CVE-2011-3935, CVE-2011-3946, CVE-2013-0848, CVE-2013-0851, CVE-2013-0852, CVE-2013-0860, CVE-2013-0868, CVE-2013-3672, CVE-2013-3674, CVE-2014-4609
MD5 | ae166207a2c30281785e22b2989d13a8
Gentoo Linux Security Advisory 201502-07
Posted Feb 9, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201502-7 - Multiple integer overflow errors in libevent could result in execution of arbitrary code or Denial of Service. Versions less than 2.0.22 are affected.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2014-6272
MD5 | 45d3682b9f4700aa9f89c3bc202303f5
Gentoo Linux Security Advisory 201502-06
Posted Feb 9, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201502-6 - An SSL session fixation vulnerability in nginx may allow remote attackers to obtain sensitive information. Versions less than 1.7.6 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2014-3616
MD5 | cc136ed9dd5809fc18819dbc435b0cb5
Gentoo Linux Security Advisory 201502-05
Posted Feb 9, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201502-5 - Multiple vulnerabilities in tcpdump could result in execution of arbitrary code or Denial of Service. Versions less than 4.6.2-r1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-8767, CVE-2014-8768, CVE-2014-8769, CVE-2014-9140
MD5 | 7d228bcbe40d6dba7d96f604de7d81a1
Debian Security Advisory 3155-1
Posted Feb 9, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3155-1 - Several vulnerabilities have been found in PostgreSQL-9.1, a SQL database system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-8161, CVE-2015-0241, CVE-2015-0243, CVE-2015-0244
MD5 | 4a477a1b2d8f2f6587e2021bcb90b944
Mandriva Linux Security Advisory 2015-037
Posted Feb 9, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-037 - oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service via a crafted raw file.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2014-9640
MD5 | 7f9214f050c78be15d1127a7fa5f9fe7
Mandriva Linux Security Advisory 2015-035
Posted Feb 9, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-035 - The XML getters for for save images and snapshots objects don't check ACLs for the VIR_DOMAIN_XML_SECURE flag and might possibly dump security sensitive information. A remote attacker able to establish a connection to libvirtd could use this flaw to cause leak certain limited information from the domain xml file.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2015-0236
MD5 | 093d5bc09c38b41d09d3f14d46af2fef
Mandriva Linux Security Advisory 2015-036
Posted Feb 9, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-036 - Jedediah Smith discovered that Django incorrectly handled underscores in WSGI headers. A remote attacker could possibly use this issue to spoof headers in certain environments. Mikko Ohtamaa discovered that Django incorrectly handled user-supplied redirect URLs. A remote attacker could possibly use this issue to perform a cross-site scripting attack. Alex Gaynor discovered that Django incorrectly handled reading files in django.views.static.serve(). A remote attacker could possibly use this issue to cause Django to consume resources, resulting in a denial of service.

tags | advisory, remote, denial of service, spoof, xss
systems | linux, mandriva
advisories | CVE-2015-0219, CVE-2015-0220, CVE-2015-0221
MD5 | 036ae02df1f36d7e5e2d39ae60d8554f
Gentoo Linux Security Advisory 201502-04
Posted Feb 9, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201502-4 - Multiple vulnerabilities have been found in MediaWiki, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 1.23.8 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2013-6451, CVE-2013-6452, CVE-2013-6453, CVE-2013-6454, CVE-2013-6472, CVE-2014-1610, CVE-2014-2242, CVE-2014-2243, CVE-2014-2244, CVE-2014-2665, CVE-2014-2853, CVE-2014-5241, CVE-2014-5242, CVE-2014-5243, CVE-2014-7199, CVE-2014-7295, CVE-2014-9276, CVE-2014-9277, CVE-2014-9475, CVE-2014-9476, CVE-2014-9477, CVE-2014-9478, CVE-2014-9479, CVE-2014-9480, CVE-2014-9481, CVE-2014-9487, CVE-2014-9507
MD5 | f69be912e383460746c986dd5865eb9e
Mandriva Linux Security Advisory 2015-034
Posted Feb 9, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-034 - An off-by-one flaw, leading to a heap-based buffer overflow, was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. An unrestricted stack memory use flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2014-8157, CVE-2014-8158
MD5 | f0b64a078df8077e9256e6312ed86227
Mandriva Linux Security Advisory 2015-033
Posted Feb 9, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-033 - Updated java-1.7.0 packages fix security vulnerabilities. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Various other issues were also addressed.

tags | advisory, java, vulnerability
systems | linux, mandriva
advisories | CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412
MD5 | fe10b55f8d2720e269b6767594ab1423
Debian Security Advisory 3154-1
Posted Feb 9, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3154-1 - Several vulnerabilities were discovered in the ntp package, an implementation of the Network Time Protocol.

tags | advisory, vulnerability, protocol
systems | linux, debian
advisories | CVE-2014-9297, CVE-2014-9298
MD5 | f07a488f03e2076e30703631a2ce8016
Mandriva Linux Security Advisory 2015-031
Posted Feb 9, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-031 - The modprobe command in busybox before 1.23.0 uses the basename of the module argument as the module to load, allowing arbitrary modules, even when some kernel subsystems try to prevent this.

tags | advisory, arbitrary, kernel
systems | linux, mandriva
advisories | CVE-2014-9645
MD5 | 1bcfb8d5027532ef3c92913a4df8a916
Mandriva Linux Security Advisory 2015-032
Posted Feb 9, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-032 - sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a.php file, does not properly consider the mapping's length during processing of an invalid file that begins with a # character and lacks a newline character, which causes an out-of-bounds read and might allow remote attackers to obtain sensitive information from php-cgi process memory by leveraging the ability to upload a.php file or trigger unexpected code execution if a valid PHP script is present in memory locations adjacent to the mapping. Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate numerical keys within the serialized properties of an object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142. The exif_process_unicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service via crafted EXIF data in a JPEG image. The updated php packages have been upgraded to the 5.5.21 version which is not vulnerable to these issues. Additionally, the timezonedb package has been upgraded to the latest 2015.1 version, the php-suhosin package has been upgraded to the latest 0.9.37.1 and the PECL packages which requires so has been rebuilt for php-5.5.21.

tags | advisory, remote, denial of service, arbitrary, cgi, php, code execution
systems | linux, mandriva
advisories | CVE-2014-9427, CVE-2015-0231, CVE-2015-0232
MD5 | 7b0d111bfd7c5b81e9ac5a250a889f42
Mandriva Linux Security Advisory 2015-029
Posted Feb 9, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-029 - Multiple vulnerabilities have been found and corrected in binutils. Multiple integer overflows in the _objalloc_alloc function in objalloc.c and objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service via vectors related to the addition of CHUNK_HEADER_SIZE to the length, which triggers a heap-based buffer overflow. The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service via a small S-record. Various other issues have also been addressed. The updated packages provide a solution for these security issues.

tags | advisory, remote, denial of service, overflow, vulnerability
systems | linux, mandriva
advisories | CVE-2012-3509, CVE-2014-8484, CVE-2014-8485, CVE-2014-8501, CVE-2014-8502, CVE-2014-8503, CVE-2014-8504, CVE-2014-8737, CVE-2014-8738
MD5 | e492e5b069ecf80b0d74ef8685d78f8b
Mandriva Linux Security Advisory 2015-030
Posted Feb 9, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-030 - Some code in Bugzilla does not properly utilize 3 arguments form for open() and it is possible for an account with editcomponents permissions to inject commands into product names and other attributes.

tags | advisory
systems | linux, mandriva
advisories | CVE-2014-8630
MD5 | 6385998b552d6642d8fcd60b68242edd
Gentoo Linux Security Advisory 201502-03
Posted Feb 9, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201502-3 - Multiple vulnerabilities have been found in BIND, allowing remote attackers to cause a denial of service condition. Versions less than 9.10.1_p1 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2014-3214, CVE-2014-8500, CVE-2014-8680
MD5 | be719719020a0902e0f148f347191613
Gentoo Linux Security Advisory 201502-09
Posted Feb 9, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201502-9 - A buffer overflow vulnerability in Antiword could result in execution of arbitrary code or Denial of Service. Versions less than 0.37-r1 are affected.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2014-8123
MD5 | 810081793781f7e83e7e9669f5260a62
Chemtool 1.6.14 Memory Corruption
Posted Feb 9, 2015
Authored by Pablo Gonzalez

Chemtool version 1.6.14 suffers from a memory corruption vulnerability.

tags | exploit
MD5 | d84fabe4dd7d71145d099885a5e55584
WordPress Redirection Page 1.2 CSRF / XSS
Posted Feb 9, 2015
Authored by Morten Nortoft, Kenneth Jepsen, Mikkel Vej

WordPress Redirection Page plugin version 1.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | b58afc15b08e9edd86090add8983744b
WordPress Spider Facebook 1.0.10 Cross Site Scripting
Posted Feb 9, 2015
Authored by Morten Nortoft, Kenneth Jepsen, Mikkel Vej

WordPress Spider Facebook plugin version 1.0.10 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 5ae2006e6373317ecbc6c44ef5cdd2ca
WordPress Cross Slide 2.0.5 Cross Site Request Forgery / Cross Site Scripting
Posted Feb 9, 2015
Authored by Morten Nortoft, Kenneth Jepsen, Mikkel Vej

WordPress Cross Slide plugin version 2.0.5 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 7e63664677f4703778a373adb4bd087f
Mooplayer 1.3.0 Buffer Overflow
Posted Feb 9, 2015
Authored by Samandeep Singh

Mooplayer version 1.3.0 .m3u structured exception handler buffer overflow exploit.

tags | exploit, overflow
MD5 | b6bb224486dfd8ef31da62cb93d5f82e
Page 2 of 3
Back123Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close