Twenty Year Anniversary
Showing 26 - 50 of 5,346 RSS Feed

Operating System: Windows

Foxit Reader 8.3.1.21155 DLL Hijacking
Posted Apr 20, 2018
Authored by Ye Yint Min Thu Htut

Foxit Reader versions 8.3.1.21155 and below suffer from a dll hijacking vulnerability.

tags | advisory
systems | windows
MD5 | eb22e505d49272a974ea0a09ea10533a
Microsoft Windows WLDP CLSID Policy .NET COM Instantiation UMCI Bypass
Posted Apr 19, 2018
Authored by James Forshaw, Google Security Research

The enlightened Windows Lockdown Policy check for COM Class instantiation can be bypassed by using a bug in .NET leading to arbitrary code execution on a system with UMCI enabled (e.g. Device Guard).

tags | exploit, arbitrary, code execution
systems | windows
MD5 | 9af4ae4b97751a5713a7402ad0feb6c6
Microsoft Windows Kernel nt!NtQueryVirtualMemory Stack Memory Disclosure
Posted Apr 17, 2018
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a 64-bit stack memory disclosure vulnerability in nt!NtQueryVirtualMemory (MemoryImageInformation).

tags | exploit, kernel
systems | windows
advisories | CVE-2018-0968
MD5 | d945b68fdd1c9e8436634fd2987bc3c8
Microsoft Windows Kernel nt!NtQueryVirtualMemory Stack Memory Disclosure
Posted Apr 17, 2018
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a 64-bit stack memory disclosure vulnerability in nt!NtQueryVirtualMemory (Memory(Privileged)BasicInformation).

tags | exploit, kernel
systems | windows
advisories | CVE-2018-0974
MD5 | 86867b4c99f8622edfa1f1524af90f0f
Microsoft Windows Kernel nt!NtQueryInformationProcess Memory Disclosure
Posted Apr 17, 2018
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a 64-bit pool / stack memory disclosure vulnerability in nt!NtQueryInformationProcess (ProcessImageFileName).

tags | exploit, kernel
systems | windows
advisories | CVE-2018-0973
MD5 | df5a55deeaf075ec47d80a3863ce2a4b
Microsoft Windows Kernel nt!NtQueryInformationTransactionManager Pool Memory Disclosure
Posted Apr 17, 2018
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a pool memory disclosure vulnerability in nt!NtQueryInformationTransactionManager (TransactionManagerRecoveryInformation).

tags | exploit, kernel
systems | windows
advisories | CVE-2018-0972
MD5 | 0c23649c7eecdc1126d54237634aa782
Microsoft Windows Kernel nt!NtQuerySystemInformation Stack Memory Disclosure
Posted Apr 17, 2018
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a 64-bit stack memory disclosure vulnerability in nt!NtQuerySystemInformation (SystemPageFileInformation(Ex)).

tags | exploit, kernel
systems | windows
advisories | CVE-2018-0971
MD5 | 076794ccd2fb215a95924c9dc5b1883f
Microsoft Windows Kernel nt!NtQueryVolumeInformationFile Stack Memory Disclosure
Posted Apr 17, 2018
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryVolumeInformationFile.

tags | exploit, kernel
systems | windows
advisories | CVE-2018-0970
MD5 | bffef04b79c69684d6401043c15978e2
Microsoft Windows Kernel nt!NtQueryAttributesFile Stack Memory Disclosure
Posted Apr 17, 2018
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryAttributesFile.

tags | exploit, kernel
systems | windows
advisories | CVE-2018-0969
MD5 | c2731a6f484ca280626d987eeb7a3807
Microsoft Windows Kernel nt!NtQueryFullAttributesFile Stack Memory Disclosure
Posted Apr 17, 2018
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryFullAttributesFile.

tags | exploit, kernel
systems | windows
advisories | CVE-2018-0975
MD5 | 6d84610a89094cd36dc7885b78e328f8
Microsoft Windows jscript Use-After-Free
Posted Apr 5, 2018
Authored by Ivan Fratric, Google Security Research

Microsoft Windows suffers from multiple use-after-free issues in jscript Array methods.

tags | exploit
systems | windows
advisories | CVE-2018-0935
MD5 | 54dbc94c4392c67aa6871073166ebbc0
Wireshark Analyzer 2.4.6
Posted Apr 3, 2018
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Many vulnerabilities have been fixed.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | 8cfb73e286dd6427ca4405e6e802d13e
ProcessMaker Plugin Code Execution
Posted Apr 3, 2018
Authored by Brendan Coles | Site metasploit.com

This Metasploit module will generate and upload a plugin to ProcessMaker resulting in execution of PHP code as the web server user. Credentials for a valid user account with Administrator roles is required to run this module. This Metasploit module has been tested successfully on ProcessMaker versions 1.6-4276, 2.0.23, 3.0 RC 1, 3.2.0, 3.2.1 on Windows 7 SP 1; and version 3.2.0 on Debian Linux 8.

tags | exploit, web, php
systems | linux, windows, debian, 7
MD5 | 62ca13841303372ebfe7885ec8e1b271
Debian Security Advisory 4160-1
Posted Apr 2, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4160-1 - It was discovered that insufficient input sanitising in libevt, a library to access the Windows Event Log (EVT) format, could result in denial of service or the execution of arbitrary code if a malformed EVT file is processed.

tags | advisory, denial of service, arbitrary
systems | linux, windows, debian
advisories | CVE-2018-8754
MD5 | 56083155a69e5261367f558feae2ff21
Apple Security Advisory 2018-3-29-8
Posted Mar 30, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-3-29-8 - iCloud for Windows 7.4 is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | windows, apple, 7
advisories | CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4121, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4130, CVE-2018-4144, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165
MD5 | 5159368594b492a7a1fa30f912b8bb64
Apple Security Advisory 2018-3-29-7
Posted Mar 30, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-3-29-7 - iTunes 12.7.4 for Windows is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | windows, apple
advisories | CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4121, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4130, CVE-2018-4144, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165
MD5 | 0b10f3fc739228ad2a5ae93a2ff0fa41
Microsoft Windows Remote Assistance XXE Injection
Posted Mar 28, 2018
Authored by Nabeel Ahmed

Microsoft Windows Remote Assistance suffers from an XML external entity injection vulnerability.

tags | exploit, remote, xxe
systems | windows
advisories | CVE-2018-0878
MD5 | cb3025652af207020bf6755d7274530e
ClipBucket beats_uploader Unauthenticated Arbitrary File Upload
Posted Mar 26, 2018
Authored by Touhid M.Shaikh | Site metasploit.com

This Metasploit module exploits a vulnerability found in ClipBucket versions before 4.0.0 (Release 4902). A malicious file can be uploaded using an unauthenticated arbitrary file upload vulnerability. It is possible for an attacker to upload a malicious script to issue operating system commands. This issue is caused by improper session handling in /action/beats_uploader.php file. This Metasploit module was tested on ClipBucket before 4.0.0 - Release 4902 on Windows 7 and Kali Linux.

tags | exploit, arbitrary, php, file upload
systems | linux, windows, 7
MD5 | d2275d600b73e806af00c2c4d704c496
MIMEDefang Email Scanner 2.84
Posted Mar 23, 2018
Authored by Dianne Skoll | Site mimedefang.org

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.

Changes: A couple bug fixes.
tags | tool
systems | windows, unix
MD5 | d18447ebfe55fb1d826d6a519b9e1674
Microsoft Windows Embedded OpenType Font Engine hdmx Table Information Disclosure
Posted Mar 22, 2018
Authored by Hossein Lotfi | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to disclose certain information. The vulnerability is caused due to an error when processing hdmx table and can be exploited to cause an out-of-bounds read memory access.

tags | advisory
systems | windows
advisories | CVE-2018-0761
MD5 | 6020df111c75f8cc65302ac832a29acf
Microsoft Windows Embedded OpenType Font Engine Font Glyphs Handling Information Disclosure
Posted Mar 22, 2018
Authored by Hossein Lotfi | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to disclose certain information. The vulnerability is caused due to an error within the t2embed.dll module when handling font glyphs and can be exploited to cause an out-of-bounds read memory access.

tags | advisory
systems | windows
advisories | CVE-2018-0760
MD5 | bae913487702ff016f83f35d6937a4cf
Microsoft Windows Embedded OpenType Font Engine "MTX_IS_MTX_Data()" Information Disclosure
Posted Mar 22, 2018
Authored by Hossein Lotfi | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to disclose certain information. The vulnerability is caused due to an error within the "MTX_IS_MTX_Data()" function (t2embed.dll) and can be exploited to cause an out-of-bounds read memory access.

tags | advisory
systems | windows
advisories | CVE-2018-0755
MD5 | 84d2907184e537dd1469959220020503
Windows Kernel Exploitation Tutorial Part 7: Uninitialized Heap Variable
Posted Mar 22, 2018
Authored by rootkit

Whitepaper called Windows Kernel Exploitation Tutorial Part 7: Uninitialized Heap Variable.

tags | paper, kernel
systems | windows
MD5 | 8a5fed53f0bdf1f7ef88fe45b509e265
Microsoft Windows Kernel win32kbase!CoreMessagingK Memory Disclosure
Posted Mar 21, 2018
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a 64-bit pool memory disclosure vulnerability in the win32kbase!CoreMessagingK interface.

tags | advisory, kernel
systems | windows
advisories | CVE-2018-0926
MD5 | b4af3ca3b1834c222727f776e825c122
Microsoft Windows Desktop Bridge Privilege Escalation
Posted Mar 21, 2018
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from a Desktop Bridge Virtual Registry NtLoadKey arbitrary file read / write privilege escalation vulnerability.

tags | exploit, arbitrary, registry
systems | windows
advisories | CVE-2018-0882
MD5 | df20338cea8e10f24722840588aeb572
Page 2 of 214
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

June 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    14 Files
  • 2
    Jun 2nd
    1 Files
  • 3
    Jun 3rd
    3 Files
  • 4
    Jun 4th
    18 Files
  • 5
    Jun 5th
    21 Files
  • 6
    Jun 6th
    8 Files
  • 7
    Jun 7th
    16 Files
  • 8
    Jun 8th
    18 Files
  • 9
    Jun 9th
    5 Files
  • 10
    Jun 10th
    2 Files
  • 11
    Jun 11th
    21 Files
  • 12
    Jun 12th
    32 Files
  • 13
    Jun 13th
    15 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    4 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    2 Files
  • 18
    Jun 18th
    15 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    15 Files
  • 21
    Jun 21st
    15 Files
  • 22
    Jun 22nd
    7 Files
  • 23
    Jun 23rd
    2 Files
  • 24
    Jun 24th
    1 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close