Twenty Year Anniversary
Showing 26 - 50 of 13,048 RSS Feed

Arbitrary Files

Dell EMC Unity Family OS Command Injection
Posted May 4, 2018
Site emc.com

Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities. A remote application admin user could potentially exploit the vulnerabilities to execute arbitrary OS commands as system root on the system where Dell EMC Unity is installed.

tags | advisory, remote, arbitrary, root, vulnerability
advisories | CVE-2018-1239
MD5 | c698f77203ec3de3839dae52a0afc827
Debian Security Advisory 4189-1
Posted May 4, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4189-1 - Two vulnerabilities were found in the Quassel IRC client, which could result in the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-1000178, CVE-2018-1000179
MD5 | 4e10fa9930830155e8c0fd1d3a361f73
Red Hat Security Advisory 2018-1274-01
Posted May 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1274-01 - The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines. Unlike SSL, the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. The protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel. The following packages have been upgraded to a later upstream version: python-paramiko. Issues addressed include a bypass vulnerability.

tags | advisory, remote, arbitrary, protocol, python, bypass
systems | linux, redhat
advisories | CVE-2018-7750
MD5 | 49944063f4ecc3d703262f227fa06f8f
Gentoo Linux Security Advisory 201805-03
Posted May 3, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201805-3 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the execution of arbitrary code. Versions less than 66.0.3359.139 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-6118
MD5 | 5f97f6ab07c7303a7cf8a3159a6cde13
Gentoo Linux Security Advisory 201805-02
Posted May 3, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201805-2 - A buffer overflow in Python might allow remote attackers to execute arbitrary code. Versions less than 2.7.14:2.7 are affected.

tags | advisory, remote, overflow, arbitrary, python
systems | linux, gentoo
advisories | CVE-2017-1000158
MD5 | d7751fe44f3e06a91458c77c8e139509
Ubuntu Security Notice USN-3637-1
Posted May 2, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3637-1 - Thuan Pham, Marcel Bohme, Andrew Santosa and Alexandru Razvan Caciulescu discovered that WavPack incorrectly handled certain .wav files. An attacker could possibly use this to execute arbitrary code or cause a denial of service. Thuan Pham, Marcel Bohme, Andrew Santosa and Alexandru Razvan Caciulescu discovered that WavPack incorrectly handled certain .wav files. An attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-10536, CVE-2018-10537, CVE-2018-10538, CVE-2018-10539, CVE-2018-10540
MD5 | 73eeb88db81fcd332045b34cfab4a648
Tpshop 2.0.8 Arbitrary File Download / SSRF
Posted May 2, 2018
Authored by Jiawang Zhang, Qian Wu, Bo Wang

Tpshop versions 2.0.8 and below suffer from arbitrary file download and server-side request forgery vulnerabilities.

tags | exploit, arbitrary, vulnerability
advisories | CVE-2018-9919
MD5 | 0d5864b3a0c0b1a3e4edcaee51e69ebe
Ubuntu Security Notice USN-3635-1
Posted May 2, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3635-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165
MD5 | 85531931d71d0277a373662193a6ba19
xdebug Unauthenticated OS Command Execution
Posted May 1, 2018
Authored by Mumbai, Shaksham Jaiswal, Ricter Zheng | Site metasploit.com

This Metasploit module exploits a vulnerability in the eval command present in Xdebug versions 2.5.5 and below. This allows the attacker to execute arbitrary php code as the context of the web user.

tags | exploit, web, arbitrary, php
MD5 | f41618034e1f76ddd17f42794e9dc6c3
Debian Security Advisory 4185-1
Posted May 1, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4185-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code or bypass of JAR signature validation.

tags | advisory, java, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-2790, CVE-2018-2794, CVE-2018-2795, CVE-2018-2796, CVE-2018-2797, CVE-2018-2798, CVE-2018-2799, CVE-2018-2800, CVE-2018-2814, CVE-2018-2815
MD5 | 5671a7d29a470a3d6ff207a9cb9ca89c
Debian Security Advisory 4184-1
Posted May 1, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4184-1 - Multiple vulnerabilities have been discovered in the image loading library for Simple DirectMedia Layer 1.2, which could result in denial of service or the execution of arbitrary code if malformed image files are opened.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2017-12122, CVE-2017-14440, CVE-2017-14441, CVE-2017-14442, CVE-2017-14448, CVE-2017-14450, CVE-2017-2887, CVE-2018-3837, CVE-2018-3838, CVE-2018-3839
MD5 | 35d719a54f7c00bb7862d3ab1a60ef92
Debian Security Advisory 4181-1
Posted Apr 28, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4181-1 - Andrea Basile discovered that the 'archive' plugin in roundcube, a skinnable AJAX based webmail solution for IMAP servers, does not properly sanitize a user-controlled parameter, allowing a remote attacker to inject arbitrary IMAP commands and perform malicious actions.

tags | advisory, remote, arbitrary, imap
systems | linux, debian
advisories | CVE-2018-9846
MD5 | 459f02c0a478f815c8a302259ed429ed
Jfrog Artifactory Code Execution / Shell Upload
Posted Apr 26, 2018
Authored by Alessio Sergi

Jfrog Artifactory versions prior to 4.16 suffer from unauthenticated arbitrary file upload and remote command execution vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, file upload
advisories | CVE-2016-10036
MD5 | dc65bc67fb5a4cdd39a3ef7d94a10ce6
Nintendo Switch / Nvidia Fusee Gelee Disclosure
Posted Apr 26, 2018
Authored by Katherine Temkin

This report documents Fusee Gelee, a coldboot vulnerability that allows full, unauthenticated arbitrary code execution from an early bootROM context via Tegra Recovery Mode (RCM) on NVIDIA's Tegra line of embedded processors. As this vulnerability allows arbitrary code execution on the Boot and Power Management Processor (BPMP) before any lock-outs take effect, this vulnerability compromises the entire root-of-trust for each processor, and allows exfiltration of secrets e.g. burned into device fuses.

tags | paper, arbitrary, root, code execution
MD5 | 0ab768a01218de89b109624ec71ed96b
Ubuntu Security Notice USN-3634-1
Posted Apr 25, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3634-1 - Matthias Gerstner discovered that PackageKit incorrectly handled authentication. A local attacker could possibly use this issue to install arbitrary packages and escalate privileges.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2018-1106
MD5 | d2339a3fef1ada65b63d693ac29d8610
Monstra CMS 3.0.4 Arbitrary Folder Deletion
Posted Apr 25, 2018
Authored by Wenming Jiang

Monstra CMS version 3.0.4 suffers from an arbitrary folder deletion vulnerability.

tags | exploit, arbitrary
advisories | CVE-2018-9038
MD5 | 9f7cb4841fc668bcadbb64cd957faf1d
WordPress Woo Import Export 1.0 Arbitrary File Deletion
Posted Apr 24, 2018
Authored by Lenon Leite

WordPress Woo Import Export plugin version 1.0 suffers from an arbitrary file deletion vulnerability.

tags | exploit, arbitrary
MD5 | 93eb0614801caff53e9b984f9ae70470
Red Hat Security Advisory 2018-1213-02
Posted Apr 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1213-02 - The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines. Unlike SSL, the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. The protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel. Issues addressed include a bypass vulnerability.

tags | advisory, remote, arbitrary, protocol, python, bypass
systems | linux, redhat
advisories | CVE-2018-7750
MD5 | 66effb3d212b94a7d5ef3d7b03018bb4
Ubuntu Security Notice USN-3633-1
Posted Apr 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3633-1 - Jann Horn discovered that the Berkeley Packet Filter implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-16995
MD5 | cd1aaf13ff30c3ce6907068a0d37963f
Ubuntu Security Notice USN-3632-1
Posted Apr 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3632-1 - It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the KVM implementation in the Linux kernel allowed passthrough of the diagnostic I/O port 0x80. An attacker in a guest VM could use this to cause a denial of service in the host OS. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-0861, CVE-2017-1000407, CVE-2017-15129, CVE-2017-16994, CVE-2017-17448, CVE-2017-17450, CVE-2017-17741, CVE-2017-17805, CVE-2017-17806, CVE-2017-17807, CVE-2018-1000026, CVE-2018-5332, CVE-2018-5333, CVE-2018-5344, CVE-2018-8043
MD5 | 5397a8ba2d3c666978177acc78b70114
Ubuntu Security Notice USN-3631-1
Posted Apr 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3631-1 - It was discovered that a buffer overread vulnerability existed in the keyring subsystem of the Linux kernel. A local attacker could possibly use this to expose sensitive information. It was discovered that the DM04/QQBOX USB driver in the Linux kernel did not properly handle device attachment and warm-start. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-13305, CVE-2017-16538, CVE-2018-1000004, CVE-2018-5750, CVE-2018-7566
MD5 | 6a4a387029da1343c93b40b5b9648c5b
Gentoo Linux Security Advisory 201804-22
Posted Apr 24, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-22 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the execution of arbitrary code. Versions less than 66.0.3359.117 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-6085, CVE-2018-6086, CVE-2018-6087, CVE-2018-6088, CVE-2018-6089, CVE-2018-6090, CVE-2018-6091, CVE-2018-6092, CVE-2018-6093, CVE-2018-6094, CVE-2018-6095, CVE-2018-6096, CVE-2018-6097, CVE-2018-6098, CVE-2018-6099, CVE-2018-6100, CVE-2018-6101, CVE-2018-6102, CVE-2018-6103, CVE-2018-6104, CVE-2018-6105, CVE-2018-6106, CVE-2018-6107, CVE-2018-6108, CVE-2018-6109, CVE-2018-6110, CVE-2018-6111, CVE-2018-6112
MD5 | 511838cf23e6450b13068734ac86866b
Gentoo Linux Security Advisory 201804-21
Posted Apr 24, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-21 - A vulnerability has been found in librelp that may allow a remote attacker to execute arbitrary code. Versions less than 1.2.15 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2018-1000140
MD5 | 441da9390abb1e3d967aed3b3d89899a
Gentoo Linux Security Advisory 201804-20
Posted Apr 23, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-20 - Multiple vulnerabilities have been found in unADF that may allow a remote attacker to execute arbitrary code. Versions less than 0.7.12-r1 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-1243, CVE-2016-1244
MD5 | 2a447b72e97100f02b737c072dab7da9
Gentoo Linux Security Advisory 201804-16
Posted Apr 23, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-16 - Multiple vulnerabilities have been found in ClamAV, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 0.99.4 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-6706, CVE-2017-11423, CVE-2017-6418, CVE-2017-6419, CVE-2017-6420, CVE-2018-0202, CVE-2018-1000085
MD5 | 54febe70e860bb3b82356eee9ae9f5da
Page 2 of 522
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

May 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    17 Files
  • 3
    May 3rd
    30 Files
  • 4
    May 4th
    29 Files
  • 5
    May 5th
    2 Files
  • 6
    May 6th
    3 Files
  • 7
    May 7th
    13 Files
  • 8
    May 8th
    27 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    15 Files
  • 11
    May 11th
    8 Files
  • 12
    May 12th
    2 Files
  • 13
    May 13th
    8 Files
  • 14
    May 14th
    7 Files
  • 15
    May 15th
    43 Files
  • 16
    May 16th
    19 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    3 Files
  • 20
    May 20th
    6 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    3 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close