what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2018-07-19 to 2018-07-20

CMS Made Simple 2.2.5 Authenticated Remote Command Execution
Posted Jul 19, 2018
Authored by Jacob Robles, Mustafa Hasen | Site metasploit.com

CMS Made Simple version 2.2.5 allows an authenticated administrator to upload a file and rename it to have a .php extension. The file can then be executed by opening the URL of the file in the /uploads/ directory.

tags | exploit, php
advisories | CVE-2018-1000094
SHA-256 | 665002696e6aa2586a51b8816a8a1e2a503f1bc489989a9294e0d3632c5224f2
WordPress All In One Favicon 4.6 Cross Site Scripting
Posted Jul 19, 2018
Authored by Javier Olmedo

WordPress All In One Favicon plugin version 4.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-13832
SHA-256 | 0981c4f9c549ca322909202cf2f6c2af66fabbb260e7ca87b4d6c92465148a64
Chrome Swiftshader Blitting Floating-Point Precision Errors
Posted Jul 19, 2018
Authored by Google Security Research, Mark Brand

Chrome suffers from floating-point precision errors in Swiftshader blitting.

tags | exploit
SHA-256 | 55329bd2920eaa9d39110322696bef158e0b340f65c27b63cceed9585601bc64
MyBB New Threads 1.1 Cross Site Scripting
Posted Jul 19, 2018
Authored by 0xB9

MyBB New Threads plugin version 1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-14392
SHA-256 | da11ef1523cf7cf91c93aba43e31032f36aa53b573118e55a7e1163ecc6beee6
Chrome SwiftShader OpenGL Texture Binding Reference Count Leak
Posted Jul 19, 2018
Authored by Google Security Research, Mark Brand

Chrome suffers from a reference count leak in SwiftShader OpenGL texture bindings.

tags | exploit
SHA-256 | 04d325a817231ab9f0764272b559378b2d3fe10f9b33e17341521360cd5f6b9e
Red Hat Security Advisory 2018-2214-01
Posted Jul 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2214-01 - openstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools, which can be used to help deploy OpenStack. Security fix: openstack-tripleo-heat-templates: Default ODL deployment uses hard coded administrative credentials.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-10898
SHA-256 | a645c04c2db09c0649ed6428ff4db02a66c1aab543361fa03329e0fb6f8a778d
Slackware Security Advisory - httpd Updates
Posted Jul 19, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-1333, CVE-2018-8011
SHA-256 | 1751e466b4765f6a7eca3f634337ed57a540c0de395d8e2c93ff160039c66312
Red Hat Security Advisory 2018-2228-01
Posted Jul 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2228-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-3639
SHA-256 | a38d8b4a9ef269f1deca8c1b814952165139072ed0330610b2f751e9234a8f7f
Adobe Systems Main lead DBMS Arbitrary Code Injection
Posted Jul 19, 2018
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Adobe Systems Mail Lead DBMS suffers from an arbitrary code injection vulnerability.

tags | exploit, arbitrary
SHA-256 | 357c23ee595cb19eb4f7d1df4da74a5cd49b57362eca78f2c93da9a6de10959a
Debian Security Advisory 4252-1
Posted Jul 19, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4252-1 - Jeriko One discovered two vulnerabilities in the ZNC IRC bouncer which could result in privilege escalation or denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2018-14055, CVE-2018-14056
SHA-256 | 914b3ea83f72d0dcc9b0c6d010d1220d255648be0af6699555b952847a50ca3e
Debian Security Advisory 4251-1
Posted Jul 19, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4251-1 - A use-after-free was discovered in the MP4 demuxer of the VLC media player, which could result in the execution of arbitrary code if a malformed media file is played.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2018-11529
SHA-256 | 5253b4c31d0da0c19893d064e2ba6b3b47effeaa41bab133435beffacb724256
Red Hat Security Advisory 2018-2225-01
Posted Jul 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2225-01 - Fluentd is an open source data collector designed to scale and simplify log management. It can collect, process and ship many kinds of data in near real-time. Issues addressed include an escape sequence injection vulnerability that allows for arbitrary code execution.

tags | advisory, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2017-10906
SHA-256 | 72bc959e6e96b4bd37a7660348b389326f89e770aab54d67e5b9c4ecf9c1133e
Chrome Swiftshader Texture Allocation Integer Overflow
Posted Jul 19, 2018
Authored by Google Security Research, Mark Brand

Chrome suffers from an integer overflow vulnerability in Swiftshader texture allocation.

tags | exploit, overflow
SHA-256 | 6587e8951f4e79c87ecd7b6a16fa91a40d27b5f94453f1ea87b0a9789512a6be
Red Hat Security Advisory 2018-2224-01
Posted Jul 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2224-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.7 will be retired as of December 31, 2018, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 6.7 EUS after December 31, 2018.

tags | advisory
systems | linux, redhat
SHA-256 | 2743dd98e6c725e5bc7053f65fbd45caf468ec93410522770ccc5fa455a8d5b3
Wireshark Analyzer 2.6.2
Posted Jul 19, 2018
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Updated to QCustomPlot 1.3.2. Various other updates.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 49b2895ee3ba17ef9ef0aebfdc4d32a778e0f36ccadde184516557d5f3357094
Linux BPF Sign Extension Local Privilege Escalation
Posted Jul 19, 2018
Authored by h00die, Jann Horn, vnik, rlarabee, bleidl, bcoles | Site metasploit.com

Linux kernel versions prior to 4.14.8 utilize the Berkeley Packet Filter (BPF) which contains a vulnerability where it may improperly perform signing for an extension. This can be utilized to escalate privileges. The target system must be compiled with BPF support and must not have kernel.unprivileged_bpf_disabled set to 1. This Metasploit module has been tested successfully on many different kernels.

tags | exploit, kernel
systems | linux
advisories | CVE-2017-16995
SHA-256 | 3a7fa7070c41ddc4726fd312fb66650ad5d4cd33a694060cfd4542206f2d48f1
Suricata IDPE 4.0.5
Posted Jul 19, 2018
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Multiple bugs have been addressed.
tags | tool, intrusion detection
systems | unix
SHA-256 | 74dacb4359d57fbd3452e384eeeb1dd77b6ae00f02e9994ad5a7b461d5f4c6c2
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close