exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 496 RSS Feed

Files Date: 2016-10-01 to 2016-10-31

NVIDIA 0x70001b2 DxgkDdiEscape Handler Bounds Checking
Posted Oct 29, 2016
Authored by Google Security Research, ochang

The DxgkDdiEscape handler for 0x70001b2 doesn't do proper bounds checks for its variable size input.

tags | exploit
advisories | CVE-2016-8809
SHA-256 | 3f0707279202aa000fc87188c9423545af5ea5238e8a0a0747d912d04badb09d
NVIDIA Unchedked Write
Posted Oct 29, 2016
Authored by Google Security Research, ochang

The DxgkDdiEscape handler for 0x700010d accepts a user provided pointer as the destination for a memcpy call, without doing any checks on said pointer.

tags | exploit
advisories | CVE-2016-7385
SHA-256 | 00028040fc1696111b53b38186779858df513b4aa81a7ab2a7c1d708f6b717c5
NVIDIA 0x600000D Unchecked Write
Posted Oct 29, 2016
Authored by Google Security Research, ochang

The DxgkDdiEscape handler for 0x600000D passes an unchecked user provided pointer as the destination for a memcpy call. This leads to kernel memory corruption.

tags | exploit, kernel
advisories | CVE-2016-7387
SHA-256 | 88df8868b62f20e6af812714d8f4fbc7c341957f6633b3258e0389967bc4db8e
Mac OS X 10.11.6 launchd Message Control
Posted Oct 29, 2016
Authored by Google Security Research, Ian Beer

A logic issue in launchd message requeuing allows arbitrary mach message control. Mac OS X version 10.11.6 is affected.

tags | advisory, arbitrary
systems | apple, osx
advisories | CVE-2016-4675
SHA-256 | 0c4a95bb9942e2aa50c7ff4c3ea1baae30e2d99475cd575f65c1e1f70c6285a5
NVIDIA Leaked ExAllocatePoolWithTag Memory
Posted Oct 29, 2016
Authored by Google Security Research, ochang

NVIDIA escape code leaks uninitialized ExAllocatePoolWithTag memory to userspace.

tags | exploit
advisories | CVE-2016-7386
SHA-256 | f708d6be27d7323b5b92bfefe4673bcc69a708dc90f8c96a6211dd65b7f7b009
Mac OS X / iOS mach_ports_register Memory Safety Issues
Posted Oct 29, 2016
Authored by Google Security Research, Ian Beer

Multiple memory safety issues exist in Mac OS X and iOS inside of mach_ports_register.

tags | exploit
systems | cisco, apple, osx, ios
advisories | CVE-2016-4669
SHA-256 | 164ada40109fdf8bff76ff09d76b270061f06289e2e74b857944849bdf5cb42e
NVIDIA UVMLiteController Unchecked Input / Output
Posted Oct 29, 2016
Authored by Google Security Research, ochang

NVIDIA's UVMLiteController ioctl handling in nvlddmkm.sys failed to provide proper length checking.

tags | exploit
advisories | CVE-2016-7384
SHA-256 | 35df092ce423d70fd6bbcf76399d366b6e2c33dd7474e617edb4a4aae54093e8
NVIDIA DxgkDdiEscape Memory Corruption
Posted Oct 29, 2016
Authored by Google Security Research, ochang

The DxgkDdiEscape handler for 0x7000194 doesn't do bounds checking with the user provided lengths it receives. When these lengths are passed to memcpy, overreads and memory corruption can occur.

tags | exploit
advisories | CVE-2016-7390
SHA-256 | fe4199c90270a4da962ed45b45ddf04bfdf0f113751182e41c3f39b735a8f2c9
Debian Security Advisory 3701-2
Posted Oct 28, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3701-2 - The update for nginx issued as DSA-3701-1 to address CVE-2016-1247 introduced a packaging issue, which prevents nginx from being reinstalled or upgraded to a subsequent release. Updated packages are now available to address this problem.

tags | advisory
systems | linux, debian
SHA-256 | c6f8c4c108e93298ad8357b758fb00ddea690c42be17e52b058750dde9d4d075
Red Hat Security Advisory 2016-2124-01
Posted Oct 28, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2124-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-1583, CVE-2016-5195
SHA-256 | 583c9262cd833df9ea9a6338f42e103bcfcb9dc8eee2293a0d6668ad40f068a1
Lupusec XT1 1.0.80 XSS / CSRF / DoS / Insecure Transit
Posted Oct 28, 2016
Authored by Foxmole

Lupusec XT1 alarm system version 1.0.80 suffers from cross site request forgery, cross site scripting, insecure transit, and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, xss, csrf
SHA-256 | fbecfed3f109bd160d9f55aa41dc3945ae1969cf15d279a1575d8d43d248f32f
K7 TotalSecurity 15.1.0.289 Privilege Escalation
Posted Oct 28, 2016
Authored by Heliand Dema

K7 TotalSecurity version 15.1.0.289 suffers from an unquoted service path privilege escalation vulnerability.

tags | exploit
SHA-256 | e4e1925f14069c34fd9fc8d74cd27e0486f57e239bc7f945c34c0d26c4af622b
Ubuntu Security Notice USN-3112-1
Posted Oct 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3112-1 - Catalin Dumitru discovered that URLs of resources loaded after a navigation start could be leaked to the following page via the Resource Timing API. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit this to obtain sensitive information. Christoph Diehl, Andrew McCreight, Dan Minor, Byron Campen, Jon Coppeard, Steve Fink, Tyson Smith, and Carsten Book discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-5250, CVE-2016-5257, CVE-2016-5270, CVE-2016-5272, CVE-2016-5274, CVE-2016-5276, CVE-2016-5277, CVE-2016-5278, CVE-2016-5280, CVE-2016-5281, CVE-2016-5284
SHA-256 | b8d665c1a846400e1f7e964a15a632b19104b1717e44ba9ec8f2ec975496481e
Panda Internet Security 17.0.1 Privilege Escalation
Posted Oct 28, 2016
Authored by Heliand Dema

Panda Internet Security version 17.0.1 suffers from an unquoted service path privilege escalation vulnerability.

tags | exploit
SHA-256 | 85c6106ae7d20271fb395f192579ec70aa06342ae7d88ad6c992ceda7befb047
Apple Security Advisory 2016-10-27-3
Posted Oct 28, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-10-27-3 - iTunes 12.5.2 for Windows is now available and addresses information disclosure and code execution vulnerabilities.

tags | advisory, vulnerability, code execution, info disclosure
systems | windows, apple
advisories | CVE-2016-4613, CVE-2016-7578
SHA-256 | 7837c6aba83c29572d902438c64faefb1b3d10d188308858e81f998ce2d4c8a1
Apple Security Advisory 2016-10-27-2
Posted Oct 28, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-10-27-2 - iCloud for Windows v6.0.1 is now available and addresses input validation and memory corruption vulnerabilities.

tags | advisory, vulnerability
systems | windows, apple
advisories | CVE-2016-4613, CVE-2016-7578
SHA-256 | e6b2f11e487a13140de9459c76fdb0c2c16e535686e8418040177a9a2db898d1
IObit Uninstaller 6.0.2.156 Privilege Escalation
Posted Oct 28, 2016
Authored by Heliand Dema

IObit Uninstaller version 6.0.2.156 suffers from an unquoted service path privilege escalation vulnerability.

tags | exploit
SHA-256 | 447134b844e1efc83b8c50c6c0e26f3c7afd3d86c54102d0f962ec0c22554e43
Apple Security Advisory 2016-10-27-1
Posted Oct 28, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-10-27-1 - Xcode 8.1 is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2015-3193, CVE-2015-3194, CVE-2015-6764, CVE-2015-8027, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-1669, CVE-2016-2086, CVE-2016-2216
SHA-256 | df4e9e18d07031af03162429c5cf5f429609a92fcbc73263b3a265198afd9ef3
Microsoft Security Bulletin Out-Of-Band Notification For October, 2016
Posted Oct 28, 2016
Site microsoft.com

The bulletin summary for October 2016 has been updated to include an additional out-of-band bulletin, MS16-128.

tags | advisory
SHA-256 | 0c3532bb83dda985a21572cb64d52961cc762b700e7fc383723f46b26c70262b
WonderShare Filmora 7.5.0 DLL Hijacking
Posted Oct 28, 2016
Authored by ZwX

WonderShare Filmora version 7.5.0 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 3f776e347660267a429faf6e4144c2837a7e4ba0bf215d2e647f9b3d2675c8f7
Vivaldi 1.4.589.11 DLL Hijacking
Posted Oct 28, 2016
Authored by Amir.ght

Vivaldi version 1.4.589.11 suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | cf886466c9c1d14450df4d7944e36410e55f380f972d4348a5d0cf7c1a15d39f
VideoCharge Studio DLL Hijacking
Posted Oct 28, 2016
Authored by Ashiyane Digital Security Team, Amir.ght

VideoCharge Studio suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 1e836755b711a0b91fabb7ee064fa9c854ec157c63a0c2254ac4530dd2b6bd3b
ABT Blog 2.0 Database Disclosure
Posted Oct 28, 2016
Authored by indoushka

ABT Blog version 2.0 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 7c6375cb0f74c04acd20b88fd2f00b9bf454663c2c184a063dace58525d2f8c6
Red Hat Security Advisory 2016-2120-01
Posted Oct 27, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2120-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195
SHA-256 | 21400fd9d46011e6214b97dde47b05d64f82b4980dfff20736f6091bc98770c2
Red Hat Security Advisory 2016-2119-01
Posted Oct 27, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2119-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 11.2.202.643. Security Fix: This update fixes one vulnerability in Adobe Flash Player. This vulnerability, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-7855
SHA-256 | 624a157feed85f8362a2172a09e51473198385362994b73ebaf3945b3e57e548
Page 2 of 20
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close