exploit the possibilities
Showing 101 - 125 of 398 RSS Feed

Files Date: 2018-12-01 to 2018-12-31

PDF Explorer 1.5.66.2 SEH Buffer Overflow
Posted Dec 19, 2018
Authored by Achilles

PDF Explorer version 1.5.66.2 SEH buffer overflow exploit.

tags | exploit, overflow
SHA-256 | f48e127b00a83012716677d4a1c5c49bb04840262f6489f05e55581876ba6547
IBM Operational Decision Manager 8.x XML Injection
Posted Dec 19, 2018
Authored by Mohamed M.Fouad

IBM Operational Decision Manager version 8.x suffers from an XML external entity injection vulnerability.

tags | exploit
advisories | CVE-2018-1821
SHA-256 | 18845ad07f984f9c6c27bb827621215c2f4825597c89ff7c09d4a0f5a8cf3466
Yeswiki Cercopitheque SQL Injection
Posted Dec 19, 2018
Authored by Mickael Brouty

Yeswiki Cercopitheque suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-13045
SHA-256 | 2191ee618f205f47d949b3798efa5fd260cfb4e592d66b79ca96cc83ced25bff
Integria IMS 5.0.83 Cross Site Scripting
Posted Dec 19, 2018
Authored by Javier Olmedo

Integria IMS version 5.0.83 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-19828
SHA-256 | f5770dc8399dab6df8212ba01ad2c7655b3fbc8bf3d3f91de4d8036c00042f20
Integria IMS 5.0.83 Cross Site Request Forgery
Posted Dec 19, 2018
Authored by Javier Olmedo

Integria IMS version 5.0.83 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-19829
SHA-256 | 494dc73a5483a3b5258fb7d29a5efa5434ad403784af2cd871269d10874dfd8e
PassFab RAR 9.3.4 SEH Buffer Overflow
Posted Dec 19, 2018
Authored by Achilles

PassFab RAR version 9.3.2 SEH buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 0604bdbbf645670711942446f2f53027b3d6fa359107f498e6d85edbb203fe9d
Linux/x64 Disable ASLR Security Shellcode
Posted Dec 19, 2018
Authored by Kagan Capar

93 bytes small Linux/x64 disable ASLR Security shellcode.

tags | shellcode
systems | linux
SHA-256 | bfba9bba35bda0b1441d416d81269e233df34a339d9d54d7b408201cb68de428
Linux Kernel 4.4 rtnetlink Stack Memory Disclosure
Posted Dec 19, 2018
Authored by Jinbum Park, Kangjie Lu

Linux kernel version 4.4 rtnetlink stack memory disclosure exploit.

tags | exploit, kernel, info disclosure
systems | linux
advisories | CVE-2016-4486
SHA-256 | 40764dc8fda6722111b000f9b935f1aa492b399d8ebb435a9ac60ad02ac3fbbc
Stegano 0.9.0
Posted Dec 19, 2018
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Added the possibility to shift the encoded bits when using the lsbset module.
tags | tool, encryption, steganography, python
systems | unix
SHA-256 | c23b61f48ebed1afc2c8e7b7ff7258ba4d71afa2e2d246d757fa1ad8754e5e79
Capstone 4.0
Posted Dec 19, 2018
Authored by Nguyen Anh Quynh | Site capstone-engine.org

Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.

Changes: Release 4.0 is a stable release version, with important fixes in the core and several bindings against version 3.0.5.
tags | tool
systems | unix
SHA-256 | 26c6461618670d59215635602ef5fb6f90bf6724006983af88e4983d6af1e67a
Hotel Booking Script 3.4 Cross Site Request Forgery
Posted Dec 19, 2018
Authored by Sainadh Jamalpur

Hotel Booking Script version 3.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | b0b33614e3e299d840feadff31f0d475ed57f5729df9e5d4eeba3073ff28f8cf
VMware Security Advisory 2018-0031
Posted Dec 19, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0031 - vRealize Operations updates address a local privilege escalation vulnerability.

tags | advisory, local
advisories | CVE-2018-6978
SHA-256 | f41524536e72c476e12712b7fba94223e3194bcd61922bab81d01d639ea618bc
Red Hat Security Advisory 2018-3852-01
Posted Dec 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3852-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP25. Issues addressed include a denial of service vulnerability.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2018-13785, CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3169, CVE-2018-3180, CVE-2018-3183, CVE-2018-3214
SHA-256 | 9d4f7bc666bf94a492aff063465bfd97a5d1aa5e574805c94c9ec1e09d2be252
Bolt CMS Cross Site Scripting
Posted Dec 19, 2018
Authored by Raif Berkay Dincel

Bolt CMS versions prior to 3.6.2 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-19933
SHA-256 | facbd08aebdfb510077a57849161e0b3da809998e62d8c36f7fc0b7b5bf4ae81
Microsoft Windows jscript!JsArrayFunctionHeapSort Out-Of-Bounds Write
Posted Dec 18, 2018
Authored by Ivan Fratric, Google Security Research

There is an out-of-bounds write vulnerability in jscript.dll in the JsArrayFunctionHeapSort function. This vulnerability can be exploited through Internet Explorer or potentially through WPAD over local network.

tags | exploit, local
advisories | CVE-2018-8631
SHA-256 | 44579881567c53e64a8aab7be8ad5b9de9c62e57487408187bfa4fe7b1adbd56
SDL Web Content Manager 8.5.0 XML Injection
Posted Dec 18, 2018
Authored by Ahmed Elhady Mohamed

SDL Web Content Manager version 8.5.0 suffers from an XML external entity injection vulnerability.

tags | exploit, web
advisories | CVE-2018-19371
SHA-256 | 2fda5ec43bfad50bcce9b38c70c67bc1f66aa66e741a3d57bde74a938d39f699
AnyBurn 4.3 Buffer Overflow / Denial Of Service
Posted Dec 18, 2018
Authored by Achilles

AnyBurn version 4.3 suffers from buffer overflow and denial of service vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
SHA-256 | 329a83a9154f224e471a4f8a318eb233589b7bf71a625b507a8c8bce7ddd5300
Exel Password Recovery 8.2.0.0 Buffer Overflow / Denial Of Service
Posted Dec 18, 2018
Authored by Achilles

Exel Password Recovery version 8.2.0.0 suffers from buffer overflow and denial of service vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
SHA-256 | 240883100f4e3a59a37f80a2b08d5dac6ffa6ea25b4e98c59c68659d0bb4c1c2
MegaPing Buffer Overflow / Denial Of Service
Posted Dec 18, 2018
Authored by Achilles

MegaPing suffers from buffer overflow and denial of service vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
SHA-256 | 3771733e71abf4ccf921f7daf633291ab543c4b422c126faf6a88047b7d4e228
Nsauditor 3.0.28.0 Buffer Overflow
Posted Dec 18, 2018
Authored by Achilles

Nsauditor version 3.0.28.0 local SEH buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | 8152f4393c9789912076e0de5b3d1c29df24163e03c2f7836e9b77b148b57c08
GRR 3.2.4.5
Posted Dec 18, 2018
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: This release is the last GRR release to work on a legacy AFF4-based datastore. Next generation datastore will also work on top of MySQL but will have a completely different schema, meaning that you will lose historical data with the next GRR upgrade. Tons of small (and not-so-small) bug fixes and code health improvements.
tags | tool, remote, web, forensics
systems | unix
SHA-256 | 8e056afd847dd21c7f973764dd9065fee098707e13ea5afa65b4741683234e00
libexif 0.6.21 Denial Of Service
Posted Dec 18, 2018
Authored by Laurent Delosieres | Site secunia.com

Secunia Research has discovered a vulnerability in libexif, which can be exploited by malicious people to cause a DoS (Denial of Service). An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags can be exploited to exhaust available CPU resources. The vulnerability is confirmed in version 0.6.21. Other versions may also be affected.

tags | advisory, denial of service
advisories | CVE-2018-20030
SHA-256 | a3e0bd35e18db8d27c9c10475a90db33972c41764401685daf843f8770832532
LibRaw 0.19.0 Denial Of Service
Posted Dec 18, 2018
Authored by Laurent Delosieres | Site secunia.com

Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). A type confusion error within the "unpacked_load_raw()" function (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop. An error within the "parse_rollei()" function (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop. An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) can be exploited to exhaust available CPU resources. The vulnerabilities are confirmed in version 0.19.0 and reported in versions prior to 0.19.1.

tags | advisory, denial of service, vulnerability
advisories | CVE-2018-5817, CVE-2018-5818, CVE-2018-5819
SHA-256 | 3db5c91bb6c24888166cacb845b1ca20edac2ec4797287c3534c7c75400e4192
Red Hat Security Advisory 2018-3843-01
Posted Dec 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3843-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and null pointer vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-14646
SHA-256 | 24c105ddb0fdc5ca344569ee52fa527ba5e87cc14d0872695bdcd04d49254cdf
Red Hat Security Advisory 2018-3837-01
Posted Dec 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3837-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-16876
SHA-256 | 67b6c9709b4cc32ae29fa136f89639bdb330cd4a92370e48c6deb28ffbd5645d
Page 5 of 16
Back34567Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close