what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 366 RSS Feed

Files Date: 2018-03-01 to 2018-03-31

Microsoft Exchange Open Redirect
Posted Mar 28, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Exchange suffers from an open redirect vulnerability.

tags | exploit
advisories | CVE-2016-3378
SHA-256 | 984f3e5bf9a46dde0835b0d4970d3406f20883bb6d60759b4da0a53b6e0ee2ab
RSA Authentication Agent For Web XSS / Buffer Overflow
Posted Mar 28, 2018
Authored by Harrison Neal | Site emc.com

RSA Authentication Agent for Web for both IIS and Apache Web Server version 8.0. 1 and earlier contain multiple vulnerabilities that could potentially be exploit ed by malicious users to compromise affected systems. These issues include cross site scripting, buffer overflow, and information disclosure.

tags | advisory, web, overflow, vulnerability, xss, info disclosure
advisories | CVE-2018-1232, CVE-2018-1233, CVE-2018-1234
SHA-256 | 824af128e2d83214afc6cfd21dd6dd7b691bc610075d88c3421407f35c6e5466
Debian Security Advisory 4153-1
Posted Mar 28, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4153-1 - It was discovered that a use-after-free in the compositor of Firefox can result in the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2018-5148
SHA-256 | 6fdc327eeeed36a23c75517202563b99a3b87fd50fea612fd920dbbe3b88833b
ManageEngine Service Desk Plus Cross Site Scripting
Posted Mar 28, 2018
Authored by Okan Coskun

ManageEngine Service Desk Plus versions prior to 9403 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-5799
SHA-256 | 18c8b8c9f96e716e3767d9ce3cef7dc2fab52a801c35c39e4cdbdf13647d3e04
Debian Security Advisory 4152-1
Posted Mar 28, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4152-1 - Two vulnerabilities were discovered in MuPDF, a PDF, XPS, and e-book viewer, which may result in denial of service or remote code execution. An attacker can craft a PDF document which, when opened in the victim host, might consume vast amounts of memory, crash the program, or, in some cases, execute code in the context in which the application is running.

tags | advisory, remote, denial of service, vulnerability, code execution
systems | linux, debian
advisories | CVE-2018-1000051, CVE-2018-6544
SHA-256 | 4cae0d16fb6f8a731689702d39274a33edc04ac35c3e35b8938bcc0b279edac0
Microsoft Skype Mobile 8.12 / 8.13 Denial Of Service
Posted Mar 28, 2018
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Microsoft Skype Mobile versions 8.12 and 8.13 suffer from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 627876f417919cd828a3a6e72a859f920ead6c00795181bacedee7e3d7cd18cb
Sandoba CP:Shop CMS 2016.1 Cross Site Scripting
Posted Mar 28, 2018
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

Sandoba CP:Shop CMS version 2016.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 64ca989b68e545c4ba0ee54044dee644fa3c5bfa7dc7a7e45edf2ff8068e580f
TestLink Open Source Test Management Code Execution
Posted Mar 28, 2018
Authored by Manish Tanwar

TestLink Open Source Test Management versions prior to 1.9.16 remote proof of concept code execution exploit.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2018-7466
SHA-256 | 7f1cec95295792a263ea245ef75d239589db9afc06b5a1a8e021fc6d031a4154
Open-AuditIT Professional 2.1 Cross Site Scripting
Posted Mar 28, 2018
Authored by Nilesh Sapariya

Open-AuditIT Professional version 2.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-8903
SHA-256 | ad8b6267228824f15774008cba1ef47e47dc5d189886b7ab5d3f3ddfc68b62bc
Dell EMC ScaleIO Buffer Overflow / Command Injection
Posted Mar 27, 2018
Authored by David Berard | Site emc.com

Dell EMC ScaleIO customers are encouraged to update to ScaleIO version 2.5, which contains fixes for multiple security vulnerabilities in earlier ScaleIO software versions that could potentially be exploited by malicious users to compromise the affected system.

tags | advisory, vulnerability
advisories | CVE-2018-1205, CVE-2018-1237, CVE-2018-1238
SHA-256 | 3507cdff27820aa937d3111f0f6bd571ce359e4860750499ab690e86563a2437
Scapy Packet Manipulation Tool 2.4.0
Posted Mar 27, 2018
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: Python3 support added. Pcap/PcapNg improvements added as well as enhanced Windows support. TLS 1.3 supported. Various other updates.
tags | tool, scanner, python
systems | unix
SHA-256 | c3410d57e3a76cbe1bdfb3b36e321cab36c61de9cf16b9301782de853e40fbe9
AEF CMS 1.0.9 Cross Site Scripting
Posted Mar 27, 2018
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

AEF CMS version 1.0.9 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 739ebadac904c2e0ecabc85ae1478c4d95070c0f3f8ca05379bf94f63fb19574
Tenda N11 Wireless Router 5.07.43_en_NEX01 Remote DNS Changer
Posted Mar 27, 2018
Authored by Todor Donev

Tenda N11 wireless router version 5.07.43_en_NEX01 cookie session weakness remote dns change proof of concept exploit.

tags | exploit, remote, proof of concept
SHA-256 | 7769592903cc52121c247391cc124a5d6218695a72a935e2c8c9d86e2641f44b
Slackware Security Advisory - mozilla-firefox Updates
Posted Mar 27, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | df0aa4b0965da4bab70883e78846c348756967b65497f753bb791225f409c94a
Debian Security Advisory 4151-1
Posted Mar 27, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4151-1 - Bas van Schaik and Kevin Backhouse discovered a stack-based buffer overflow vulnerability in librelp, a library providing reliable event logging over the network, triggered while checking x509 certificates from a peer. A remote attacker able to connect to rsyslog can take advantage of this flaw for remote code execution by sending a specially crafted x509 certificate.

tags | advisory, remote, overflow, code execution
systems | linux, debian
advisories | CVE-2018-1000140
SHA-256 | 03bef87016943cf8c000ab439d8a73f722b0b3f8eb4dde15fbdd9741af026bfa
OpenSSL Security Advisory 20180327
Posted Mar 27, 2018
Site openssl.org

OpenSSL Security Advisory 20180327 - Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Other issues were also addressed.

tags | advisory, denial of service
advisories | CVE-2015-3193, CVE-2016-0701, CVE-2017-3732, CVE-2017-3736, CVE-2017-3738, CVE-2018-0733, CVE-2018-0739
SHA-256 | 06f896618c972892739490677cca48ef1283e588c8790590bbec26307dcc26b6
Weblication CMS Core And Grid 12.6.24 Cross Site Scripting
Posted Mar 27, 2018
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Weblication CMS Core and Grid version 12.6.24 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | d1f28592e1cc5ef115207e3e9b1b508f788fba37af1f62e9ce8f2fb27537bc28
Red Hat Security Advisory 2018-0592-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0592-01 - The Simple Logging Facade for Java or is a simple facade for various logging APIs allowing the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging. Issues addressed include a code execution vulnerability.

tags | advisory, java, code execution
systems | linux, redhat
advisories | CVE-2018-8088
SHA-256 | 44499719d5db1934cda9adadcdd61989c34d033f0f25bd30b92ee6bf7ee05054
Red Hat Security Advisory 2018-0591-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0591-01 - The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines. Unlike SSL, the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. The protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel. Issues addressed include a bypass vulnerability.

tags | advisory, remote, arbitrary, protocol, python, bypass
systems | linux, redhat
advisories | CVE-2018-7750
SHA-256 | 9466c7fad42a7b2db119a2fd8ed5038da83e1f2e069300c3ca745f69d0391801
Red Hat Security Advisory 2018-0585-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0585-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby23-ruby, rh-ruby23-rubygems, rh-ruby23-rubygem-json, rh-ruby23-rubygem-minitest, rh-ruby23-rubygem-psych. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, ruby
systems | linux, redhat
advisories | CVE-2017-0898, CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, CVE-2017-0902, CVE-2017-0903, CVE-2017-10784, CVE-2017-14033, CVE-2017-14064, CVE-2017-17405, CVE-2017-17790
SHA-256 | 32edc7a8e98876134eade824682c38c4747c8ccb99d1f61ad5768f31b8e2a899
Red Hat Security Advisory 2018-0586-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0586-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql57-mysql. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2018-2565, CVE-2018-2573, CVE-2018-2576, CVE-2018-2583, CVE-2018-2586, CVE-2018-2590, CVE-2018-2600, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2645, CVE-2018-2646, CVE-2018-2647, CVE-2018-2665, CVE-2018-2667, CVE-2018-2668, CVE-2018-2696, CVE-2018-2703
SHA-256 | 6a0383465921e6d276a3e32b78a816be133e7c7ef37a0d4a42126f41f8f52513
Red Hat Security Advisory 2018-0587-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0587-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql56-mysql. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2018-2562, CVE-2018-2573, CVE-2018-2583, CVE-2018-2590, CVE-2018-2591, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2645, CVE-2018-2647, CVE-2018-2665, CVE-2018-2668, CVE-2018-2696, CVE-2018-2703
SHA-256 | 2d69f3d47bf717cae435ed725d94feb898f884b9e386ab1041bbdd5a42395bc1
Red Hat Security Advisory 2018-0584-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0584-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby24-ruby. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, ruby
systems | linux, redhat
advisories | CVE-2017-17405, CVE-2017-17790
SHA-256 | dea992b54e8cfb1c73003fbf6fcaec90a98151343a4ac0cbbb910ca2378daf62
Red Hat Security Advisory 2018-0583-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0583-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby22-ruby, rh-ruby22-rubygems, rh-ruby22-rubygem-psych, rh-ruby22-rubygem-json. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, ruby
systems | linux, redhat
advisories | CVE-2009-5147, CVE-2015-7551, CVE-2017-0898, CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, CVE-2017-0902, CVE-2017-0903, CVE-2017-10784, CVE-2017-14033, CVE-2017-14064, CVE-2017-17405, CVE-2017-17790
SHA-256 | d58b91f41c3af49c25194b7dd7e8e121612b8c39301ad79038c25380fc087b1d
Red Hat Security Advisory 2018-0582-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0582-01 - The Simple Logging Facade for Java or is a simple facade for various logging APIs allowing the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging. Issues addressed include a code execution vulnerability.

tags | advisory, java, code execution
systems | linux, redhat
advisories | CVE-2018-8088
SHA-256 | d4f27dc616cfbe1e5b22b462e975bb1d773dd59515f721c6edbe9dbc9fb92817
Page 3 of 15
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close