Twenty Year Anniversary
Showing 1 - 25 of 13,092 RSS Feed

Arbitrary Files

phpMyAdmin 4.x Remote Code Execution
Posted Jun 18, 2018
Authored by Matteo Cantoni, Cure53, Michal AihaA | Site metasploit.com

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace implementation.

tags | exploit, remote, arbitrary, php
advisories | CVE-2016-5734
MD5 | 40f298aed179561d60e3ea947664bb79
Ubuntu Security Notice USN-3687-1
Posted Jun 18, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3687-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2018-12293, CVE-2018-4190, CVE-2018-4199, CVE-2018-4218, CVE-2018-4222, CVE-2018-4232, CVE-2018-4233
MD5 | 55bf9fa9e7a0502036a4c6a0c0d90f46
Gentoo Linux Security Advisory 201806-04
Posted Jun 14, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201806-4 - Multiple vulnerabilities have been found in Quassel, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 0.12.5 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-1000178, CVE-2018-1000179
MD5 | 91ace9408ba723aeae4ed05c0edaab3a
Ubuntu Security Notice USN-3686-1
Posted Jun 14, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3686-1 - Alexander Cherepanov discovered that file incorrectly handled a large number of notes. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. Alexander Cherepanov discovered that file incorrectly handled certain long strings. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. Alexander Cherepanov discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9620, CVE-2014-9621, CVE-2014-9653, CVE-2015-8865, CVE-2018-10360
MD5 | d461c5706afdf66b380cf8a86deaf4f6
Ubuntu Security Notice USN-3684-1
Posted Jun 13, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3684-1 - It was discovered that Perl incorrectly handled certain archive files. An attacker could possibly use this to overwrite arbitrary files.

tags | advisory, arbitrary, perl
systems | linux, ubuntu
advisories | CVE-2018-12015
MD5 | 682ba37fc142ec50b37e732a6884afae
Gentoo Linux Security Advisory 201806-02
Posted Jun 13, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201806-2 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 30.0.0.113 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-4944, CVE-2018-4945, CVE-2018-5000, CVE-2018-5001, CVE-2018-5002
MD5 | 22791d9866b7d08fbdc78e485cbcd7fc
Ubuntu Security Notice USN-3684-2
Posted Jun 13, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3684-2 - USN-3684-1 fixed a vulnerability in perl. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Perl incorrectly handled certain archive files. An attacker could possibly use this to overwrite arbitrary files.

tags | advisory, arbitrary, perl
systems | linux, ubuntu
advisories | CVE-2018-12015
MD5 | 00c9c5a21a48d1c5060750b8a91b2e86
Gentoo Linux Security Advisory 201806-01
Posted Jun 13, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201806-1 - A vulnerability in GNU Wget could allow arbitrary cookies to be injected. Versions less than 1.19.5 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2018-0494
MD5 | ad4dbfd3990efbe661009dfe20b19e68
DHCP Client Command Injection (DynoRoot)
Posted Jun 12, 2018
Authored by Felix Wilhelm | Site metasploit.com

This Metasploit module exploits the DynoRoot vulnerability, a flaw in how the NetworkManager integration script included in the DHCP client in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier processes DHCP options. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.

tags | exploit, arbitrary, local, root, spoof, protocol
systems | linux, redhat, fedora
advisories | CVE-2018-1111
MD5 | 5260d2ef5bb8f8bbc5edbc0ec7cb7c67
Ubuntu Security Notice USN-3682-1
Posted Jun 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3682-1 - A heap buffer overflow was discovered in Skia. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service, or execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-6126
MD5 | 9d8d0a4e3481a5f69358902a80dbe817
Ubuntu Security Notice USN-3677-2
Posted Jun 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3677-2 - USN-3677-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. It was discovered that the netfilter subsystem of the Linux kernel did not properly validate ebtables offsets. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-1068, CVE-2018-1092, CVE-2018-7492, CVE-2018-8087, CVE-2018-8781
MD5 | 396409805add6cf9f38ac282a0bfd084
Ubuntu Security Notice USN-3677-1
Posted Jun 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3677-1 - It was discovered that the netfilter subsystem of the Linux kernel did not properly validate ebtables offsets. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service when mounted. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-1068, CVE-2018-1092, CVE-2018-7492, CVE-2018-8087, CVE-2018-8781
MD5 | d1a66b35374f1624dabb3b438cacb544
Ubuntu Security Notice USN-3674-2
Posted Jun 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3674-2 - USN-3674-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the netfilter subsystem of the Linux kernel did not properly validate ebtables offsets. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-0627, CVE-2018-1068, CVE-2018-7492, CVE-2018-8781
MD5 | 5559e14a261b2b1caff2653f93380832
Ubuntu Security Notice USN-3674-1
Posted Jun 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3674-1 - It was discovered that the netfilter subsystem of the Linux kernel did not properly validate ebtables offsets. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a NULL pointer dereference existed in the RDS protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2017-0627, CVE-2018-1068, CVE-2018-7492, CVE-2018-8781
MD5 | 7580ee1c4975048c3bd3f4059fd6b003
Schools Alert Management Script Arbitrary File Delete
Posted Jun 11, 2018
Authored by M3 at Pandas

Schools Alert Management Script suffers from an arbitrary file deletion vulnerability.

tags | exploit, arbitrary
advisories | CVE-2018-12053
MD5 | 6cc245a57e784529f9b7a0b8e525530c
Schools Alert Management Scripts Arbitrary File Read
Posted Jun 11, 2018
Authored by M3 at Pandas

Schools Alert Management Script suffers from an arbitrary file real vulnerability.

tags | exploit, arbitrary
advisories | CVE-2018-12054
MD5 | ebbd916045de80f68e5148aadf248e0f
Debian Security Advisory 4225-1
Posted Jun 9, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4225-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code or bypass of JAR signature validation.

tags | advisory, java, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-2790, CVE-2018-2794, CVE-2018-2795, CVE-2018-2796, CVE-2018-2797, CVE-2018-2798, CVE-2018-2799, CVE-2018-2800, CVE-2018-2814, CVE-2018-2815
MD5 | adc0a79a22e87a683003ba79045b5048
Debian Security Advisory 4220-1
Posted Jun 8, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4220-1 - Ivan Fratric discovered a buffer overflow in the Skia graphics library used by Firefox, which could result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2018-6126
MD5 | 34f809c7056ae15863580c0c5e59f50b
Debian Security Advisory 4219-1
Posted Jun 8, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4219-1 - Several vulnerabilities were discovered in jruby, a Java implementation of the Ruby programming language. They would allow an attacker to use specially crafted gem files to mount cross-site scripting attacks, cause denial of service through an infinite loop, write arbitrary files, or run malicious code.

tags | advisory, java, denial of service, arbitrary, vulnerability, xss, ruby
systems | linux, debian
advisories | CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079
MD5 | 7d3ba91bea7cc4af627f93c7f93e2120
Ubuntu Security Notice USN-3672-1
Posted Jun 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3672-1 - Henri Salo discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-11683, CVE-2018-11684, CVE-2018-11685
MD5 | 9ee509364bd7e5d668826b242cc13db1
Ubuntu Security Notice USN-3671-1
Posted Jun 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3671-1 - Etienne Stalmans discovered that git did not properly validate git submodules files. A remote attacker could possibly use this to craft a git repo that causes arbitrary code execution when "git clone --recurse-submodules" is used. It was discovered that an integer overflow existed in git's pathname sanity checking code when used on NTFS filesystems. An attacker could use this to cause a denial of service or expose sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, arbitrary, code execution
systems | linux, ubuntu
advisories | CVE-2018-11233, CVE-2018-11235
MD5 | 25303632420b77046f5c6aa93da590ef
Ubuntu Security Notice USN-3658-2
Posted Jun 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3658-2 - USN-3658-1 fixed a vulnerability in procps-ng. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that libprocps incorrectly handled the file2strvec function. A local attacker could possibly use this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2018-1124, CVE-2018-1126
MD5 | 8c11d4a226d2b323f1f81e8bb5ccbe5a
Ubuntu Security Notice USN-3669-1
Posted Jun 5, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3669-1 - It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-11410, CVE-2018-11440, CVE-2018-11577
MD5 | fc1bfc637ae762561c44f451839b1f0f
Ubuntu Security Notice USN-3668-1
Posted Jun 4, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3668-1 - It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to hang or crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-18233, CVE-2017-18234, CVE-2017-18236, CVE-2017-18238, CVE-2018-7728, CVE-2018-7729, CVE-2018-7730, CVE-2018-7731
MD5 | 30f478a7ea99f4d7e41b68bbd1c3c994
Debian Security Advisory 4217-1
Posted Jun 4, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4217-1 - It was discovered that Wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for PCP, ADB, NBAP, UMTS MAC, IEEE 802.11, SIGCOMP, LDSS, GSM A DTAP and Q.931, which result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability, protocol
systems | linux, debian
advisories | CVE-2018-11358, CVE-2018-11360, CVE-2018-11362, CVE-2018-7320, CVE-2018-7334, CVE-2018-7335, CVE-2018-7419, CVE-2018-9261, CVE-2018-9264, CVE-2018-9273
MD5 | ed14b6ee0b3f3db808323e7d461242ca
Page 1 of 524
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

June 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    14 Files
  • 2
    Jun 2nd
    1 Files
  • 3
    Jun 3rd
    3 Files
  • 4
    Jun 4th
    18 Files
  • 5
    Jun 5th
    21 Files
  • 6
    Jun 6th
    9 Files
  • 7
    Jun 7th
    16 Files
  • 8
    Jun 8th
    18 Files
  • 9
    Jun 9th
    5 Files
  • 10
    Jun 10th
    2 Files
  • 11
    Jun 11th
    21 Files
  • 12
    Jun 12th
    34 Files
  • 13
    Jun 13th
    15 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    4 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    2 Files
  • 18
    Jun 18th
    13 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close