Exploit the possiblities
Showing 101 - 125 of 12,866 RSS Feed

Arbitrary Files

Gentoo Linux Security Advisory 201801-10
Posted Jan 9, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-10 - A vulnerability has been found in LibXfont and LibXfont2 which may allow for arbitrary file access. Versions less than 1.5.4 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2017-16611
MD5 | 45825f2f21534fee2d8e4a23924f3c39
Gentoo Linux Security Advisory 201801-09
Posted Jan 8, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-9 - Multiple vulnerabilities have been found in WebkitGTK+, the worst of which may lead to arbitrary code execution. Versions less than 2.18.4:4 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2017-13856, CVE-2017-13866, CVE-2017-13870, CVE-2017-7156, CVE-2017-7157
MD5 | 7a69897bcc45af80b685f85aeeba037a
Gentoo Linux Security Advisory 201801-08
Posted Jan 8, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-8 - A vulnerability in MiniUPnPc might allow remote attackers to execute arbitrary code. Versions less than 2.0.20170509 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2015-6031
MD5 | b66a9b0df42ed88519f4fcbcd1874ba3
Gentoo Linux Security Advisory 201801-07
Posted Jan 8, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-7 - A vulnerability has been found in Emacs which may allow for arbitrary command execution. Versions less than 23.4-r16:23 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2017-14482
MD5 | 99abf29efdb0acb5706456aa6b852ad5
Gentoo Linux Security Advisory 201801-06
Posted Jan 8, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-6 - A command injection vulnerability in 'Back in Time' may allow for the execution of arbitrary shell commands. Versions less than 1.1.24 are affected.

tags | advisory, arbitrary, shell
systems | linux, gentoo
advisories | CVE-2017-16667
MD5 | 667f2f846b80b660a5b921b15407001a
Red Hat Security Advisory 2018-0061-01
Posted Jan 8, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0061-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.5.2. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-7829, CVE-2017-7846, CVE-2017-7847, CVE-2017-7848
MD5 | 57ab4436794ccc7f5375e140dae03e15
Gentoo Linux Security Advisory 201801-04
Posted Jan 8, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-4 - A vulnerability in LibXcursor might allow remote attackers to execute arbitrary code. Versions less than 1.1.15 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2017-16612
MD5 | 7cda63ba854417dce0e94e8e326ba58d
Gentoo Linux Security Advisory 201801-03
Posted Jan 8, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-3 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the execution of arbitrary code. Versions less than 63.0.3239.108 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-15407, CVE-2017-15408, CVE-2017-15409, CVE-2017-15410
MD5 | 4846caaa7bf97d56343aa5b6148633cb
Gentoo Linux Security Advisory 201801-02
Posted Jan 8, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-2 - Multiple vulnerabilities have been found in OptiPNG, the worst of which may allow execution of arbitrary code. Versions less than 0.7.6-r2 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-1000229, CVE-2017-16938
MD5 | 8a39797c412de0c8652a13e263b09781
Debian Security Advisory 4079-1
Posted Jan 8, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4079-1 - Multiple vulnerabilities were discovered in the poppler PDF rendering library, which could result in denial of service or the execution of arbitrary code if a malformed PDF file is processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2017-14517, CVE-2017-14518, CVE-2017-14519, CVE-2017-14520, CVE-2017-14975, CVE-2017-14976, CVE-2017-14977, CVE-2017-15565, CVE-2017-9406, CVE-2017-9408, CVE-2017-9775, CVE-2017-9776, CVE-2017-9865
MD5 | 4e6b6686f8a7ad9cf6aa121d43d477c0
WordPress LearnDash 2.5.3 File Upload
Posted Jan 8, 2018
Authored by NinTechNet

WordPress LearnDash plugin version 2.5.3 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
MD5 | 16db1a477dfec3557bd4c33fa68145e7
Debian Security Advisory 4078-1
Posted Jan 5, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4078-1 - Multiple researchers have discovered a vulnerability in Intel processors, enabling an attacker controlling an unprivileged process to read memory from arbitrary addresses, including from the kernel and all other processes running on the system.

tags | advisory, arbitrary, kernel
systems | linux, debian
advisories | CVE-2017-5754
MD5 | 28ba510efb89d5e80a6e8f3edfa26dc7
Ayukov NFTP FTP Client Buffer Overflow
Posted Jan 5, 2018
Authored by sinn3r, Daniel Teixeira, Berk Cem Goksel | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability against Ayukov NFTPD FTP Client 2.0 and earlier. By responding with a long string of data for the SYST request, it is possible to cause a denial-of-service condition on the FTP client, or arbitrary remote code execution under the context of the user if successfully exploited.

tags | exploit, remote, overflow, arbitrary, code execution
advisories | CVE-2017-15222
MD5 | 586e39e9c2691a57d4f738d9226a1a4f
Ubuntu Security Notice USN-3515-1
Posted Jan 4, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3515-1 - It was discovered that Ruby allows FTP command injection. An attacker could use this to cause arbitrary command execution.

tags | advisory, arbitrary, ruby
systems | linux, ubuntu
advisories | CVE-2017-17405
MD5 | f7b58732c56f4b529a4dc406db0c50ed
Ubuntu Security Notice USN-3430-3
Posted Jan 4, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3430-3 - USN-3430-2 fixed several vulnerabilities. The update introduced a new regression that breaks DNS resolution. This update addresses the problem. Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496
MD5 | 2e78e5477e350e6229ac4eeeb1a64bea
Ubuntu Security Notice USN-3514-1
Posted Jan 4, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3514-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2017-13856, CVE-2017-13866, CVE-2017-13870, CVE-2017-7156
MD5 | 485f3d664c8d9b91f9a34e0bb3715a85
Red Hat Security Advisory 2018-0004-01
Posted Jan 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0004-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-6346, CVE-2017-12165, CVE-2017-12167, CVE-2017-12189, CVE-2017-12629, CVE-2017-7559, CVE-2017-7561
MD5 | 2ca6effdab3cd5decbed50e07509a63b
Red Hat Security Advisory 2018-0002-01
Posted Jan 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0002-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-6346, CVE-2017-12165, CVE-2017-12167, CVE-2017-12189, CVE-2017-12629, CVE-2017-7559, CVE-2017-7561
MD5 | 0894af1f635e49e7a3ce1d8a874115ef
Red Hat Security Advisory 2018-0003-01
Posted Jan 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0003-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-6346, CVE-2017-12165, CVE-2017-12167, CVE-2017-12189, CVE-2017-12629, CVE-2017-7559, CVE-2017-7561
MD5 | 0a5412e7af365baf178d6fd067479b13
Ubuntu Security Notice USN-3477-4
Posted Jan 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3477-4 - USN-3477-1 fixed vulnerabilities in Firefox. The update introduced a crash reporting issue where background tab crash reports were sent to Mozilla without user opt-in. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, bypass same-origin restrictions, bypass CSP protections, bypass mixed content blocking, spoof the addressbar, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-7828, CVE-2017-7830, CVE-2017-7831, CVE-2017-7832, CVE-2017-7833, CVE-2017-7834, CVE-2017-7835, CVE-2017-7837, CVE-2017-7838, CVE-2017-7839, CVE-2017-7840, CVE-2017-7842
MD5 | 752ba5a2397fdce5c95ee5e6d29bb7de
pfSense 2.1.3-RELEASE (amd64) Remote Command Execution
Posted Dec 28, 2017
Authored by wetw0rk, Jared Stephens | Site metasploit.com

pfSense, a free BSD based open source firewall distribution, versions 2.2.6 and below contain a remote command execution vulnerability post authentication in the _rrd_graph_img.php page. The vulnerability occurs via the graph GET parameter. A non-administrative authenticated attacker can inject arbitrary operating system commands and execute them as the root user. Verified against 2.1.3.

tags | exploit, remote, arbitrary, root, php
systems | bsd
MD5 | 9e31715f8e4cf15c616cd81794fa4e26
Xerox DC260 EFI Fiery Controller Webtools 2.0 Arbitrary File Disclosure
Posted Dec 28, 2017
Authored by LiquidWorm | Site zeroscience.mk

Xerox DC260 EFI Fiery Controller Webtools version 2.0 suffers from an arbitrary file disclosure vulnerability.

tags | exploit, arbitrary
MD5 | a44e185804302ccb4969d4ebe063fbdf
DotNetNuke DreamSlider 01.01.02 Arbitrary File Download
Posted Dec 27, 2017
Authored by Glafkos Charalambous | Site metasploit.com

This Metasploit module exploits an unauthenticated arbitrary file download vulnerability in DotNetNuke DreamSlider versions 01.01.02 and below.

tags | exploit, arbitrary, info disclosure
MD5 | 4327a3d759e2c7b56c383e8a4b2e8844
Sony Playstation 4 4.05 FW Local Kernel Loader
Posted Dec 27, 2017
Authored by CTurt, Specter, Flatz, qwertyoruiopz

In this project you will find a full implementation of the "namedobj" kernel exploit for the PlayStation 4 on 4.05. It will allow you to run arbitrary code as kernel in order to allow jailbreaking and kernel-level modifications to the system. This release does not contain any code related to defeating anti-piracy mechanisms or running homebrew. This exploit does include a loader that listens for payloads on port 9020 and will execute them.

tags | exploit, arbitrary, kernel
MD5 | 6e9225b53fdb3efaead6d09703fee799
Telesquare SKT LTE Router SDT-CS3B1 CSRF / Command Execution
Posted Dec 27, 2017
Authored by LiquidWorm | Site zeroscience.mk

The Telesquare SKT LTE SDT-CS3B1 router suffers from authenticated arbitrary system command execution. The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.

tags | exploit, web, arbitrary, csrf
MD5 | 4b9db3573ba7740ca38f47752d155a59
Page 5 of 515
Back34567Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

February 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    15 Files
  • 2
    Feb 2nd
    15 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    13 Files
  • 5
    Feb 5th
    16 Files
  • 6
    Feb 6th
    15 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    15 Files
  • 9
    Feb 9th
    18 Files
  • 10
    Feb 10th
    8 Files
  • 11
    Feb 11th
    8 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    15 Files
  • 14
    Feb 14th
    15 Files
  • 15
    Feb 15th
    17 Files
  • 16
    Feb 16th
    18 Files
  • 17
    Feb 17th
    37 Files
  • 18
    Feb 18th
    2 Files
  • 19
    Feb 19th
    16 Files
  • 20
    Feb 20th
    11 Files
  • 21
    Feb 21st
    3 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close