what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2019-08-07 to 2019-08-08

Daily Expense Manager 1.0 Cross Site Request Forgery
Posted Aug 7, 2019
Authored by Mr Winst0n

Daily Expense Manager version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | f8eed60508e8e9594b73d61a302fe23c508f6927f003f384139e0c5e65b7a940
Fortinet FortiRecorder 2.7.3 Hardcoded Password
Posted Aug 7, 2019
Authored by XORcat

Fortinet FortiRecorder versions 2.7.3 and below have a hardcoded password vulnerability.

tags | exploit
advisories | CVE-2019-6698
SHA-256 | 3a6315c0671057bcf74ea761ef9ba1a63e3cd4c86918a3e6eeb31fa0a17f45d3
iOS Messaging Tools
Posted Aug 7, 2019
Authored by saelo, Google Security Research, natashenka

This repository contains several tools Project Zero uses to test iPhone messaging. It includes SmsSimulator: an SMS simulator for iPhone, iMessage: tools for sending and dumping iMessage messages, and imapiness: a fuzzer for IMAP clients. See the directory for each tool for further instructions and contact information. This is not an officially supported Google product. These tools were released and presented at BlackHat USA 2019.

tags | tool, telephony, imap, fuzzer
systems | apple, iphone
SHA-256 | fa8f560293640c4759f220069490d2498cf18f75ce1183b3ab8f77dd819585e5
Scapy Packet Manipulation Tool 2.4.3
Posted Aug 7, 2019
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: Better native support for FreeBSD, NetBSD, OpenBSD. Latency improvements. Bluetooth/BTLE rework. Various other updates and improvements.
tags | tool, scanner, python
systems | unix
SHA-256 | 40a44ec7924dab19c6d0954fee409b9bea68df405ef9074741f34bee18038923
Opencart 3.0.3.2 Insecure OCMod Generation Pre-Authentication Remote Code Execution
Posted Aug 7, 2019
Authored by Todor Donev

Opencart versions 3.0.3.2 and below insecure OCMod generation pre-authentication remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | aff700064927d5ac0527010e924dfb35a2658666867ef180d347026bd4dce7c2
Ubuntu Security Notice USN-4089-1
Posted Aug 7, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4089-1 - It was discovered that Rack incorrectly handled carefully crafted requests. A remote attacker could use this issue to execute a cross-site scripting attack.

tags | advisory, remote, xss
systems | linux, ubuntu
advisories | CVE-2018-16471
SHA-256 | ca3a2542adb8b014e4980393a5037646cf859cb370907aa152998819b189f0d7
Red Hat Security Advisory 2019-2411-01
Posted Aug 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2411-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-1125, CVE-2019-13272
SHA-256 | 047d05f784457ec09bc3083cf9e694ae3aac8eded39bd2eb1e1ea51dff7ade8a
Ubuntu Security Notice USN-4088-1
Posted Aug 7, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4088-1 - It was discovered that PHP incorrectly handled certain regular expressions. An attacker could possibly use this issue to expose sensitive information, cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2019-13224
SHA-256 | dc28ef210c6e8c252367083a1a5c6515f27768aa4455ff5a3b255b7ce315d8d9
Red Hat Security Advisory 2019-2405-01
Posted Aug 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2405-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-1125, CVE-2019-13272
SHA-256 | 412c1c44ac3d87cbbad738856106f7406cb4301044d240cb7523bedeafb903e9
Red Hat Security Advisory 2019-2399-01
Posted Aug 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2399-01 - The libssh2 packages provide a library that implements the SSH2 protocol. Issues addressed include an out of bounds write vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2019-3855, CVE-2019-3856, CVE-2019-3857, CVE-2019-3863
SHA-256 | 2c7b52210a9dbb15c07cfe183bdc2bf24cf676d8726f61b8fe418f83c930eef9
Red Hat Security Advisory 2019-2403-01
Posted Aug 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2403-01 - Augeas is a configuration editing tool. It parses configuration files in their native formats and transforms them into a tree. Configuration changes are made by manipulating this tree and saving it back into native config files. A memory corruption vulnerability was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-7555
SHA-256 | 35303eabbc088f2190b4762e166886d8f4f9268c4f463ef28dac774e3542a38a
Red Hat Security Advisory 2019-2401-01
Posted Aug 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2401-01 - The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. Issues addressed include a heap overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2018-1124
SHA-256 | 47ae16696b0e5b96efbdda51cb748fdbfd8d87e31974ac412038d46d7eda2b73
Red Hat Security Advisory 2019-2402-01
Posted Aug 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2402-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Stack overflow vulnerabilities have been addressed.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-16864, CVE-2018-16865
SHA-256 | acea42bd46edaf2078173eb391f758e7695ba32e4216ac70d687b67255ff6bae
Red Hat Security Advisory 2019-2400-01
Posted Aug 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2400-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow, perl
systems | linux, redhat
advisories | CVE-2018-18311
SHA-256 | 40cb0438d7e5583476efd1460c7ad022ae9f70b85d61b6f7f310bd1aa53ba633
Red Hat Security Advisory 2019-2002-01
Posted Aug 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2002-01 - Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-10192, CVE-2019-10193
SHA-256 | a78e39b8347f82c5deda449c03eef68970092376c58c9981e797979baea0b685
WordPress JoomSport 3.3 SQL Injection
Posted Aug 7, 2019
Authored by Pablo Santiago

WordPress JoomSport plugin version 3.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2019-14348
SHA-256 | 8086b0c85c73e5f8bf6d357e49fd9f003ace61f16398d977655fe43de8072198
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close