Twenty Year Anniversary
Showing 1 - 25 of 102,481 RSS Feed

Files

CMS Made Simple 2.2.5 Authenticated Remote Command Execution
Posted Jul 19, 2018
Authored by Jacob Robles, Mustafa Hasen | Site metasploit.com

CMS Made Simple version 2.2.5 allows an authenticated administrator to upload a file and rename it to have a .php extension. The file can then be executed by opening the URL of the file in the /uploads/ directory.

tags | exploit, php
advisories | CVE-2018-1000094
MD5 | 1cbcf8ed9ea5ef18b9981873d99697eb
WordPress All In One Favicon 4.6 Cross Site Scripting
Posted Jul 19, 2018
Authored by Javier Olmedo

WordPress All In One Favicon plugin version 4.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-13832
MD5 | 4e1fd052af536e388490d26a91809868
Chrome Swiftshader Blitting Floating-Point Precision Errors
Posted Jul 19, 2018
Authored by Google Security Research, Mark Brand

Chrome suffers from floating-point precision errors in Swiftshader blitting.

tags | exploit
MD5 | 7b98d22e3cda5e01a29a389816481305
MyBB New Threads 1.1 Cross Site Scripting
Posted Jul 19, 2018
Authored by 0xB9

MyBB New Threads plugin version 1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-14392
MD5 | ad2681c777df161b9e3674786e010194
Chrome SwiftShader OpenGL Texture Binding Reference Count Leak
Posted Jul 19, 2018
Authored by Google Security Research, Mark Brand

Chrome suffers from a reference count leak in SwiftShader OpenGL texture bindings.

tags | exploit
MD5 | 94c654dcb20a0856b832d97f6fed38a0
Red Hat Security Advisory 2018-2214-01
Posted Jul 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2214-01 - openstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools, which can be used to help deploy OpenStack. Security fix: openstack-tripleo-heat-templates: Default ODL deployment uses hard coded administrative credentials.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-10898
MD5 | 22c4ad1ba13183cd0722045a58738725
Slackware Security Advisory - httpd Updates
Posted Jul 19, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-1333, CVE-2018-8011
MD5 | 1b2e26414f81c1134f812030199009fd
Red Hat Security Advisory 2018-2228-01
Posted Jul 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2228-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-3639
MD5 | d3c8def83c9a3ce2f920fcfdd6aa1b87
Adobe Systems Main lead DBMS Arbitrary Code Injection
Posted Jul 19, 2018
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Adobe Systems Mail Lead DBMS suffers from an arbitrary code injection vulnerability.

tags | exploit, arbitrary
MD5 | ada369cd2544ba228b1d487fb353258d
Debian Security Advisory 4252-1
Posted Jul 19, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4252-1 - Jeriko One discovered two vulnerabilities in the ZNC IRC bouncer which could result in privilege escalation or denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2018-14055, CVE-2018-14056
MD5 | c90446d52a966d5de3ab8623b48c7f59
Debian Security Advisory 4251-1
Posted Jul 19, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4251-1 - A use-after-free was discovered in the MP4 demuxer of the VLC media player, which could result in the execution of arbitrary code if a malformed media file is played.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2018-11529
MD5 | 578af880b8c241e67bd77d1304296670
Red Hat Security Advisory 2018-2225-01
Posted Jul 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2225-01 - Fluentd is an open source data collector designed to scale and simplify log management. It can collect, process and ship many kinds of data in near real-time. Issues addressed include an escape sequence injection vulnerability that allows for arbitrary code execution.

tags | advisory, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2017-10906
MD5 | 51a4fd1c76a8b3c0e5fd0dd3eb09a0a2
Chrome Swiftshader Texture Allocation Integer Overflow
Posted Jul 19, 2018
Authored by Google Security Research, Mark Brand

Chrome suffers from an integer overflow vulnerability in Swiftshader texture allocation.

tags | exploit, overflow
MD5 | b3eb960cb7d3278d871332f5993c7d6c
Red Hat Security Advisory 2018-2224-01
Posted Jul 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2224-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.7 will be retired as of December 31, 2018, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 6.7 EUS after December 31, 2018.

tags | advisory
systems | linux, redhat
MD5 | 81c13150a8b88c62cbabdff6aee1e056
Wireshark Analyzer 2.6.2
Posted Jul 19, 2018
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Updated to QCustomPlot 1.3.2. Various other updates.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | 086d235509717190d06554b2ab870209
Linux BPF Sign Extension Local Privilege Escalation
Posted Jul 19, 2018
Authored by h00die, Jann Horn, vnik, rlarabee, bleidl, bcoles | Site metasploit.com

Linux kernel versions prior to 4.14.8 utilize the Berkeley Packet Filter (BPF) which contains a vulnerability where it may improperly perform signing for an extension. This can be utilized to escalate privileges. The target system must be compiled with BPF support and must not have kernel.unprivileged_bpf_disabled set to 1. This Metasploit module has been tested successfully on many different kernels.

tags | exploit, kernel
systems | linux
advisories | CVE-2017-16995
MD5 | 4596fc215a7899eb6de8fccca0e92708
Suricata IDPE 4.0.5
Posted Jul 19, 2018
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Multiple bugs have been addressed.
tags | tool, intrusion detection
systems | unix
MD5 | ea0cb823d6a86568152f75ade6de442f
Capstone 3.0.5
Posted Jul 18, 2018
Authored by Nguyen Anh Quynh | Site capstone-engine.org

Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.

Changes: Fixed the include path for Android builds when building cstool. Added possibility to disable universal build for Mac OS. Various other updates and fixes.
tags | tool
systems | unix
MD5 | 2cd59a5a83b50fbf7663b1678bae9410
AntiVirus Evasion With Metasploit's Web Delivery
Posted Jul 18, 2018
Authored by Dr. Adrian Vollmer

Whitepaper called AntiVirus Evasion with Metasploit's Web Delivery - Leveraging PowerShell to Execute Arbitrary Shellcode.

tags | paper, web, arbitrary, shellcode
MD5 | 68e94c755f9d49405de6fd9c85c19ce2
Barracuda Cloud Control 7.1.1.003 Cross Site Scripting
Posted Jul 18, 2018
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Barracuda Cloud Control version 7.1.1.003 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ff2e83501f0a7393dc41facb92cd154f
Debian Security Advisory 4250-1
Posted Jul 18, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4250-1 - A vulnerability was discovered in Wordpress, a web blogging tool. It allowed remote attackers with specific roles to execute arbitrary code.

tags | advisory, remote, web, arbitrary
systems | linux, debian
advisories | CVE-2018-12895
MD5 | c77d3671a0226dd735d8b2e5abd1ea23
Barracuda Cloud Control 3.020 Cross Site Scripting
Posted Jul 18, 2018
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Barracuda Cloud Control version 3.020 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f23473cf4a6e820950f67bcee0f9bdf1
Smart SMS And Email Manager 3.3 SQL Injection
Posted Jul 18, 2018
Authored by Ozkan Mustafa Akkus

Smart SMS and Email Manager version 3.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a6d5202d3365300bb015064a17f8729d
Modx Revolution Remote Code Execution
Posted Jul 18, 2018
Authored by Vitalii Rudnykh

Modx Revolution versions prior to 2.6.4 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-1000207
MD5 | 6676ba0c95250f29f12815696ab2b9e4
JavaScript Core Arbitrary Code Execution
Posted Jul 18, 2018
Authored by ret2

JavaScript Core arbitrary code execution exploit.

tags | exploit, arbitrary, javascript, code execution
advisories | CVE-2018-4192
MD5 | 451614b5b6654ae9f5e8d9bc10001aef
Page 1 of 4,100
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    21 Files
  • 17
    Jul 17th
    15 Files
  • 18
    Jul 18th
    15 Files
  • 19
    Jul 19th
    17 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close