what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2016-06-17 to 2016-06-18

Debian Security Advisory 3604-1
Posted Jun 17, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3604-1 - A privilege escalation vulnerability has been found in the User module of the Drupal content management framework.

tags | advisory
systems | linux, debian
SHA-256 | 8f79d23f66f6e046a4caf4392ad8e9054d091240e38bd46fc6c498783c860d7c
Red Hat Security Advisory 2016-1237-01
Posted Jun 17, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1237-01 - ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application.

tags | advisory, remote, arbitrary, shell
systems | linux, redhat
advisories | CVE-2015-8895, CVE-2015-8896, CVE-2015-8897, CVE-2015-8898, CVE-2016-5118, CVE-2016-5239, CVE-2016-5240
SHA-256 | dd956fe375193ac7d12e484e761baab83a6050e459ddac505b9bdadb473df483
Gentoo Linux Security Advisory 201606-06
Posted Jun 17, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201606-6 - Multiple vulnerabilities have been found in nginx, the worst of which may allow a remote attacker to cause a Denial of Service. Versions less than 1.10.1 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2016-0742, CVE-2016-0746, CVE-2016-0747, CVE-2016-4450
SHA-256 | 349be5f178a7ffd3a0cdb33c99ffc6c5cd0d4399feee2ba5f8af5d80fe024bb6
Red Hat Security Advisory 2016-1238-01
Posted Jun 17, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1238-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 11.2.202.626. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125, CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130, CVE-2016-4131, CVE-2016-4132, CVE-2016-4133, CVE-2016-4134, CVE-2016-4135, CVE-2016-4136, CVE-2016-4137, CVE-2016-4138, CVE-2016-4139, CVE-2016-4140, CVE-2016-4141, CVE-2016-4142, CVE-2016-4143, CVE-2016-4144, CVE-2016-4145, CVE-2016-4146, CVE-2016-4147, CVE-2016-4148, CVE-2016-4149, CVE-2016-4150
SHA-256 | c0c9fbef4ec7a269fa643ac58d395d29ca13045fcab606f33211d418abde9278
Vicidial 2.11 Cross Site Scripting
Posted Jun 17, 2016
Authored by David Silveiro

Vicidial version 2.11 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c154000fe038c38e5a527c576851756b894d34262d4f6ca5d1577383530115ac
SAP NetWeaver AS JAVA 7.5 XXE Injection
Posted Jun 17, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from an XML external entity injection vulnerability.

tags | exploit, java, xxe
advisories | CVE-2016-3974
SHA-256 | 44897fd3de22b74e679203c9cb11f3fb82fcf5325291f376823810d3b828f093
pfSense 2.3.1-RELEASE-p1 Squid 0.4.16_2 XSS / Log Manipulation
Posted Jun 17, 2016
Authored by Remco Sprooten

Squid version 0.4.16_2 running on pfSense version 2.3.1-RELEASE-p1 suffers from cross site scripting and log manipulation vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 9a1e23727f0bd75e3599c55ec0df330eb1089ffd1fe5614a09bdf57d070f6540
SAP NetWeaver AS JAVA 7.5 Cross Site Scripting
Posted Jun 17, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a cross site scripting vulnerability.

tags | exploit, java, xss
advisories | CVE-2016-3975
SHA-256 | 20052cfd6741d7dfcf904514b3be697e271bc2041eeead1cb9b3ca48a8d8d899
SAP NetWeaver AS JAVA 7.5 Directory Traversal
Posted Jun 17, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a directory traversal vulnerability.

tags | exploit, java
advisories | CVE-2016-3976
SHA-256 | 790e576e203d8d6179e7abc17a655e8165edc85deda7e8a80645173db2db72a8
WordPress Ultimate Product Catalog 3.8.1 Privilege Escalation
Posted Jun 17, 2016
Authored by Joaquin Ramirez Martinez

WordPress Ultimate Product Catalog plugin versions 3.8.1 and below suffer from a privilege escalation vulnerability.

tags | exploit
SHA-256 | 26e16b8111d6776a483b80f13ec222d56319239cdae60821e333d1e54f5b61b3
Skype For Business 2013 User Enumeration
Posted Jun 17, 2016
Authored by nyxgeek

Skype for Business 2013 suffers from a user enumeration timing attack vulnerability.

tags | exploit
SHA-256 | dedc70fffc5ea2d07f68d69fbe8ae570b34e97daacc51b72c8224705bb509cbc
phpATM 1.32 Cross Site Request Forgery / Path Disclosure
Posted Jun 17, 2016
Authored by Paolo Massenio

phpATM versions 1.32 and below suffers from cross site request forgery and path disclosure vulnerabilities.

tags | exploit, vulnerability, file inclusion, info disclosure, csrf
SHA-256 | df0c2e8cdde4cef425a90d37b3280ca2ab7ba7b73bf71860018c5dd1ad11740f
WordPress Gravity Forms 1.8.19 Shell Upload
Posted Jun 17, 2016
Authored by Abk Khan

WordPress Gravity Forms plugin version 1.8.19 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 08f28d9eb0582588c81b63481ca58e5db3c64a1f7c6546c4b854f69d5d88da51
Microsoft Internet Explorer 11 Garbage Collector Attribute Type Confusion
Posted Jun 17, 2016
Authored by SkyLined

With MS16-063, Microsoft has patched CVE-2016-0199 which relates to a memory corruption bug in the garbage collector of the JavaScript engine used in Internet Explorer 11.

tags | exploit, javascript
advisories | CVE-2016-0199
SHA-256 | 8d60da32ba3ba0db4a0f218c7ca375ed14206761ebd4594a313e25dd2ebe4eae
phpATM 1.32 Remote Command Execution / Shell Upload
Posted Jun 17, 2016
Authored by Paolo Massenio

phpATM version 1.32 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | bd06692dea631ae0422f2ca3b556ff56ffbb8f5f6d8db4dccba08d74b62429d9
Tiki Wiki CMS Calendar Remote Code Execution
Posted Jun 17, 2016
Authored by Dany Ouellet

Tiki Wiki CMS Calendar versions 14.2, 12.5 LTS, 9.11 LTS, and 6.15 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 4685c3289b13b709e9edc89b3d6c123f6e13f0a8d27d431dac59b8798f51c5d0
Adobe Flash Player DLL Hijacking
Posted Jun 17, 2016
Authored by Stefan Kanthak

Adobe Flash Player versions prior to 22.0.0.192 and 18.0.0.360 suffer from a DLL hijacking vulnerability.

tags | exploit
systems | windows
advisories | CVE-2016-1014
SHA-256 | f6c1e0db1cf0414a2c4e623656746bf18311c21d232ce0247945fb82f69047ed
Solarwinds Virtualization Manager 6.3.1 Weak Crypto
Posted Jun 17, 2016
Authored by Nate Kettlewell

Solarwinds Virtualization Manager versions 6.3.1 and below use weak cryptography in /etc/shadow.

tags | advisory
advisories | CVE-2016-5709
SHA-256 | a117ac64d0e6467644e089addb1236c0f9a9beae0263d71706ae7d3b857fa245
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close