exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 573 RSS Feed

Files Date: 2018-01-01 to 2018-01-31

Linux/x86 Egghunter Shellcode
Posted Jan 28, 2018
Authored by Nipun Jaswal

12 bytes small Linux/x86 egghunter shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | fe608657531464244ba0fcdcaf55bcdccafd471e55a385c7e7fa19e06d8989ab
Netis-WF2419 Cross Site Request Forgery
Posted Jan 28, 2018
Authored by Sajibe Kanti

Netis-WF2419 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 6313ad8b216f8f105926c36e32be0fe6d548167e3d020d1c809948b4e8ce2ec7
Artifex MuJS 1.0.2 Integer Overflow
Posted Jan 27, 2018
Authored by Andrea Sindoni

Artifex MuJS version 1.0.2 suffers from an integer overflow vulnerability because of incorrect exponent validation.

tags | exploit, overflow
advisories | CVE-2018-6191
SHA-256 | 9f04c78e5f3bfe66cd92ba4f01b988a0a6bf71bf4076f0acc7c28035c0e4451a
Artifex MuJS Denial Of Service
Posted Jan 27, 2018
Authored by Andrea Sindoni

Artifex MuJS suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2018-5759
SHA-256 | b5e85f6016216c998e0156693260ccc448ac852c9179b3a381daee1dac8312b9
Gentoo Linux Security Advisory 201801-20
Posted Jan 27, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-20 - A vulnerability has been discovered in Fossil allowing for user-assisted remote execution of arbitrary code. Versions less than 2.4 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2017-17459
SHA-256 | d89d91c5f6e1fb0de2591e3ec2375bcf2b806b8dc60a5785f462d55a2850d1fe
MacOS sysctl_vfs_generic_conf Stack Leak
Posted Jan 27, 2018
Authored by Jann Horn, Google Security Research

MacOS suffers from a sysctl_vfs_generic_conf stack leak through struct padding.

tags | advisory
advisories | CVE-2018-4090
SHA-256 | f86f459fed34d2758bc7afdb4fcef32bf63e54b576afb9b0927a394572fc33d9
MacOS sysctl_default_netsvctype_to_dscp_map / sysctl_dscp_to_wifi_ac_map Stack Leak
Posted Jan 27, 2018
Authored by Jann Horn, Google Security Research

MacOS suffers from a sysctl_default_netsvctype_to_dscp_map and sysctl_dscp_to_wifi_ac_map stack leak through struct padding.

tags | advisory
advisories | CVE-2018-4093
SHA-256 | df123f1752352626e2f5ca90380694872e823fb6a97a286f3c72f66745e6b86d
KeystoneJS Cross Site Request Forgery
Posted Jan 27, 2018
Authored by Saurabh Banawar

KeystoneJS versions prior to 4.0.0-beta.7 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2017-16570
SHA-256 | 2acad8be2e3b48cc361cd983970ee74f698beafd591902bba094ed773b099d39
WordPress Splashing Images 2.1 Cross Site Scripting / PHP Object Injection
Posted Jan 26, 2018
Authored by Nicolas Buzy-Debat

WordPress Splashing Images plugin version 2.1 suffers from PHP object injection and cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss
advisories | CVE-2018-6194, CVE-2018-6195
SHA-256 | f823008fea66b0021c833453bd6c4aac61316139e958c6f79169a07a153f4d42
Gentoo Linux Security Advisory 201801-19
Posted Jan 26, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-19 - Multiple vulnerabilities have been found in ClamAV, the worst of which may allow execution of arbitrary code. Versions less than 0.99.3 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377, CVE-2017-12378, CVE-2017-12379, CVE-2017-12380
SHA-256 | 054be71aa5dea65b8f6967b9e54fbb2c81b654dd62d1eeb6188e2fb51d3c4dd0
Sophos Web Gateway 4.4.1 Cross Site Scripting
Posted Jan 26, 2018
Authored by Matthew Bergin | Site korelogic.com

Sophos Web Gateway version 4.4.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, web, xss
SHA-256 | 137dda80750280087cb36ed57d850fc6348d18929065d814c14652da40181992
BMC Track-It! 11.4 Code Execution / Information Disclosure
Posted Jan 26, 2018
Authored by Pedro Ribeiro

BMC Track-It! version 11.4 suffers from remote code execution and credential disclosure vulnerabilities.

tags | exploit, remote, vulnerability, code execution
advisories | CVE-2016-6598, CVE-2016-6599
SHA-256 | 730930cd82684c933b0bc63f3b3b94295c0661fa95347f9c3091dffb51321802
Dodocool DC38 N300 Cross Site Request Forgery
Posted Jan 26, 2018
Authored by Raffaele Sabato

Dodocool DC38 N300 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-5720
SHA-256 | bad19b8394e8d9ff06978626f9a82d149a6ba4642f882961e006ba076ced8e42
Asus Router Cross Site Script / Authentication Bypass
Posted Jan 26, 2018
Authored by 4TT4CK3R

ASUS router DSL-RT-N13 suffers from an authentication bypass vulnerability. ASUS router DSL-N14U B1 suffers from a cross site scripting vulnerability.

tags | exploit, xss, bypass
SHA-256 | ecd0df4f22f0d4912a1afa3664402f13bcaad09a5016db632a5a8c7a042a6edc
VMware Security Advisory 2018-0006
Posted Jan 26, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0006 - vRealize Automation, vSphere Integrated Containers, and AirWatch Console updates address multiple security vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2017-4947, CVE-2017-4951
SHA-256 | a7f5423f8c7f90cafb0c91ed85894d3602ee3b38644e311a2ffdc0c540119c74
Ubuntu Security Notice USN-3548-2
Posted Jan 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3548-2 - USN-3548-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jay Vosburgh discovered a logic error in the x86-64 syscall entry implementation in the Linux kernel, introduced as part of the mitigations for the Spectre vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, x86, kernel, local, vulnerability
systems | linux, ubuntu
SHA-256 | 97850f068669b2301a4aab4eca4fb5ae165ae609c43f89d22ead75197ea12d5f
Ubuntu Security Notice USN-3548-1
Posted Jan 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3548-1 - Jay Vosburgh discovered a logic error in the x86-64 syscall entry implementation in the Linux kernel, introduced as part of the mitigations for the Spectre vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, x86, kernel, local
systems | linux, ubuntu
SHA-256 | fd6620cdf4dbb2cacfee77be628eed34cca4832975ddbbfbc7643bbb36829c21
WordPress Good LMS SQL Injection
Posted Jan 26, 2018
Authored by Esecurity.ir

WordPress Good LMS Learning Management System plugin suffers from a remote SQL Injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5c4f05a28c0b825956279439df7485e50b7e71967578df55296cfb56a110311a
Microsoft Security Bulletin Updates For January, 2018
Posted Jan 26, 2018
Site microsoft.com

This Microsoft bulletin summary holds CVE revision updates for CVE-2018-0764.

tags | advisory
advisories | CVE-2018-0764
SHA-256 | 84bd718ca924e890916e3ce3ef374cea93511807332ce6452fa8cdd8c06316dd
BMC BladeLogic 8.3.00.64 Remote Command Execution
Posted Jan 26, 2018
Authored by Paul Taylor

BMC BladeLogic version 8.3.00.64 suffers from a remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2016-1542, CVE-2016-1543
SHA-256 | 96811628a219d1a2d4e997236cfb9d820c95744d7700660a86a9edcebd7d80a0
LiveCRM SaaS Cloud 1.0 Cross Site Scripting
Posted Jan 26, 2018
Authored by indoushka

LiveCRM SaaS Cloud version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fe8199bc4ad732c89bf1017811cf0427b3c096c1301046a206a9481a3d39ecc3
Packet Fence 7.4.0
Posted Jan 26, 2018
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: New database access layer (DAL) for upcoming multi-tenancy support. New portal module to permanently set roles. Added portal module for selecting a role for the device being registered on the portal. Various other updates and enhancements.
tags | tool, remote
systems | unix
SHA-256 | d9895baf1962e7c2df1e15666c6c019a95c44eebe30dd4896359b6832463740c
Clam AntiVirus Toolkit 0.99.3
Posted Jan 26, 2018
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Security patch release.
tags | tool, virus
systems | unix
SHA-256 | 00fa5292a6e00a3a4035b826267748965d5d2c4943d8ff417d740238263e8e84
WebKitGTK+ Memory Corruption / Spoofing / Code Execution
Posted Jan 26, 2018
Authored by WebKitGTK+ Team

WebKitGTK+ versions 2.18.x suffer from various memory corruption, user interface spoofing, and code execution vulnerabilities.

tags | advisory, spoof, vulnerability, code execution
advisories | CVE-2017-13884, CVE-2017-13885, CVE-2017-7153, CVE-2017-7160, CVE-2017-7161, CVE-2017-7165, CVE-2018-4088, CVE-2018-4089, CVE-2018-4096
SHA-256 | d4e7bccd0f285c7927463b7aecd4699b02c7859eca96da95b7af180acddb67f8
AsusWRT Router Remote Code Execution
Posted Jan 26, 2018
Authored by Pedro Ribeiro

AsusWRT Router versions prior to 3.0.0.4.380.7743 suffer from an unauthenticated LAN remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-5999, CVE-2018-6000
SHA-256 | d1c7e3083bad3b151c9ec2e284e0a81a21a91275554106af01e0a4934e1d7a8e
Page 3 of 23
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close