Debian Linux Security Advisory 3914-1 - memory handling problems and cases of missing or incomplete input sanitizing may result in denial of service, memory disclosure or the execution of arbitrary code if malformed RLE, SVG, PSD, PDB, DPX, MAT, TGA, VST, CIN, DIB, MPC, EPT, JNG, DJVU, JPEG, ICO, PALM or MNG files are processed.
0f034f310d2383ee144c6075970bf32287ef618568e6f3447ec99ae371fb0055
Ubuntu Security Notice 3309-2 - Jakub Jirasek discovered that GnuTLS incorrectly handled certain assignments files. If a user were tricked into processing a specially crafted assignments file, a remote attacker could possibly execute arbitrary code.
d2c0c5302f6559086320ecc7ba3af4421baf11d0f0d29206837bd55883c8d012
Barracuda Load Balancer Firmware versions 6.0.1.006 (2016-08-19) and below post-authentication remote root exploit.
761cc64c788d41c81b773e2661fb538a8d4516f8a3c77082756bc9a65c69ee93
UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.
518d692e08a8aaf7263a46e0a6bddc36c9affafb51d721a8c41cba13585c9e26
Various GPC Sanitization bypasses exist in Cisco WebEx that can permit from arbitrary remote command execution.
2742e774481d9cd4f1486925a8d6d0f5cd50b3e1c50f16db34aa9fee06887044
Ubuntu Security Notice 3354-1 - Felix Wilhelm discovered a path traversal vulnerability in Apport when handling the ExecutablePath field in crash files. An attacker could trick a user into opening a specially crafted crash file and execute arbitrary code with the user's privileges.
d23b12ba59af204c5cc0a7994cb118dba5276e4918828e26d2221716a8af6b73
Ubuntu Security Notice 3274-2 - USN-3274-1 fixed a vulnerability in icu. This update provides the corresponding update for Ubuntu 12.04 ESM. A It was discovered that ICU incorrectly handled certain memory A operations when processing data. If an application using ICU processed A crafted data, a remote attacker could possibly cause it to crash or A potentially execute arbitrary code with the privileges of the user A invoking the program. Various other issues were also addressed.
65f5689b27b022b9425e92be5d0bd4dabc33446115be4104267678813d89a296
Microsoft Internet Explorer suffers from a memory corruption vulnerability in CMarkup::DestroySplayTree. The bug was confirmed on IE version 11.0.9600.18617 (Update version 11.0.40) running on Windows 7 64-bit.
c58903dd193f7839cd836f12f61a126151db2248cb30e60241e98c8ec782dd43
Red Hat Security Advisory 2017-1766-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.
088afa5793e91c519ee5f828bba7a17dd003285a0359e717afe5c0c14d329a65
The Microsoft Windows kernel suffers from a nsiproxy/netio pool memory disclosure vulnerability in the handling of IOCTL 0x120007 (NsiGetParameter).
8229d08febcaa9bd8c80abedcecc4b916525c1c1c631b418d8e2c05fc4e24759
Sophos Web Appliance version 4.3.0.2 reporting JSON trafficType remote command injection exploit.
b7c8712bb8d62608c24d118744810037b7c47dba41c89048cac2b15b57b84234
Red Hat Security Advisory 2017-1759-01 - FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Security Fix: An out-of-bounds write flaw was found in the way FreeRADIUS server handled certain attributes in request packets. A remote attacker could use this flaw to crash the FreeRADIUS server or to execute arbitrary code in the context of the FreeRADIUS server process by sending a specially crafted request packet.
c15bef609eb1ab913d68d88b4c2dc9457c9749eb8feb7d799a533157a6978ec0
Ubuntu Security Notice 3347-2 - USN-3347-1 fixed a vulnerability in Libgcrypt. This update provides the corresponding update for Ubuntu 12.04 ESM. A Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot A Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and A Yuval Yarom discovered that Libgcrypt was susceptible to an attack via A side channels. A local attacker could use this attack to recover RSA A private keys. Various other issues were also addressed.
cef9c437283906f956e60f6df98ddc0f810f887f63be10ecd8f7232cf64dd7e6
Hashicorp vagrant-vmware-fusion versions 4.0.20 and below suffer from a local root privilege escalation vulnerability.
abdc50db20a101b047974cc99ce3df26fbc159554720c0b62b943a6f559177ef
PEGA Platform versions 7.2 ML0 and below suffer from missing access control and cross site scripting vulnerabilities.
20e1a6dbc16ac5196217cef7e109e692ddfeba3348cfea759557d84256536b9d
DotCMS version 4.1.1 suffers from a remote shell upload vulnerability.
e4c3a573a9e295eb33e393e863f9b9d0de5b31c1e1cab1d466e26029dd1e2363
Orangescrum version 1.6.1 suffers from cross site scripting and remote file upload vulnerabilities.
106418e31fa4cbf360e7471d81c2df8932c71452c44b9ba4675115930b0547d9
Belkin NetCam F7D7601 suffers from remote command execution, network fingerprinting, and hard-coded password vulnerabilities.
4bd2b5bb8c5fc1891523e53b3179f3ae7e600feacbf458153657ff0e4b2e1524
FTPGetter version 5.89.0.85 SEH buffer overflow exploit.
4fa92d2f4bc97359cff9f04b584dd37f0cfcc11abec7d9380c43260b85836ec4
Andrey Konovalov discovered a use-after-free vulnerability in the DCCP implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges. Various other vulnerabilities were addressed.
91cb2bc988d62a783323447ecb77bf0d50a13e5d484b3ad48a99a46f99980cdf
Easy File Sharing Web Server version 7.2 SEH buffer overflow PassWD exploit that spawns a reverse shell.
855626ab8af8fc4fef34a5da9dbdf4eba93dbb924d810fcb1456e7f629fe805e
Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.
3bba94b8fd52880d7d3738034de6427eb870fea92f7bb60cd50d54106c946ea2
This template covers IE8/9/10, and uses the user-agent HTTP header to detect the browser version. Please note IE8 and newer may emulate an older IE version in compatibility mode, in that case the module won't be able to detect the browser correctly. This is an example Metasploit module to be used for exploit development.
8143adacc68c1de409f678efae5e4cfb85f69d420b14992c225c72b7072d3163
This exploit module illustrates how a vulnerability could be exploited in an TCP server that has a parsing bug. This is an example Metasploit module to be used for exploit development.
7080c0e0772da0f83c51df64e3f6e1cc4c7d74a7c1c2265e80261599694e52d2
iSmartAlarm CubeOne suffers from a remote command execution vulnerability that allows disabling the alarm and setting it off.
4430cd29b879fd0975002c47989434a03744c202fb70efe80eea72dbabd51292