what you don't know can hurt you
Showing 101 - 125 of 6,373 RSS Feed

Code Execution Files

BRAKTOOTH: Causing Havoc On Bluetooth Link Manager
Posted Sep 3, 2021
Authored by Vaibhav Bedi, Matheus E. Garbelini, Ernest Kurniawan, Sudipta Chattopadhyay, Sumei Sun | Site asset-group.github.io

This whitepaper discusses BRAKTOOTH, a family of new security vulnerabilities in commercial BT stacks that range from denial of service (DoS) via firmware crashes and deadlocks in commodity hardware to arbitrary code execution (ACE) in certain IoTs.

tags | advisory, paper, denial of service, arbitrary, vulnerability, code execution
advisories | CVE-2021-28135, CVE-2021-28136, CVE-2021-28139, CVE-2021-28155, CVE-2021-31609, CVE-2021-31610, CVE-2021-31611, CVE-2021-31612, CVE-2021-31613, CVE-2021-31717, CVE-2021-31785, CVE-2021-31786, CVE-2021-34143, CVE-2021-34144, CVE-2021-34145, CVE-2021-34146, CVE-2021-34147, CVE-2021-34148, CVE-2021-34149, CVE-2021-34150
MD5 | 83e56767b319b5f79741b2ed5ec789fa
Geutebruck Remote Command Execution
Posted Sep 2, 2021
Authored by Titouan Lazard, Sebastien Charbonnier, Ibrahim Ayadhi | Site metasploit.com

This Metasploit module bypasses the HTTP basic authentication used to access the /uapi-cgi/ folder and exploits multiple authenticated arbitrary command execution vulnerabilities within the parameters of various pages on Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions 1.12.0.27 and below as well as firmware versions 1.12.13.2 and 1.12.14.5. Successful exploitation results in remote code execution as the root user.

tags | exploit, remote, web, arbitrary, cgi, root, vulnerability, code execution
advisories | CVE-2021-33543, CVE-2021-33544, CVE-2021-33548, CVE-2021-33550, CVE-2021-33551, CVE-2021-33552, CVE-2021-33553, CVE-2021-33554
MD5 | 92b73b5927fb8541093395f2793bd346
Backdoor.Win32.MoonPie.40 Authentication Bypass / Code Execution
Posted Sep 2, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.MoonPie.40 malware suffers from bypass and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
MD5 | 7286027878b606377863d3d65933a272
WPanel 4.3.1 Remote Code Execution
Posted Sep 2, 2021
Authored by Sentinal920

WPanel version 4.3.1 authenticated remote code execution exploit.

tags | exploit, remote, code execution
MD5 | 98f907af7b13f3c7d59def1f5f35ac5d
Linux eBPF ALU32 32-bit Invalid Bounds Tracking Local Privilege Escalation
Posted Sep 1, 2021
Authored by Grant Willcox, chompie1337, Manfred Paul | Site metasploit.com

Linux kernels from 5.7-rc1 prior to 5.13-rc4, 5.12.4, 5.11.21, and 5.10.37 are vulnerable to a bug in the eBPF verifier's verification of ALU32 operations in the scalar32_min_max_and function when performing AND operations, whereby under certain conditions the bounds of a 32 bit register would not be properly updated. This can be abused by attackers to conduct an out of bounds read and write in the Linux kernel and therefore achieve arbitrary code execution as the root user. The target system must be compiled with eBPF support and not have kernel.unprivileged_bpf_disabled set, which prevents unprivileged users from loading eBPF programs into the kernel. Note that if kernel.unprivileged_bpf_disabled is enabled this module can still be utilized to bypass protections such as SELinux, however the user must already be logged as a privileged user such as root.

tags | exploit, arbitrary, kernel, root, code execution
systems | linux
advisories | CVE-2021-3490
MD5 | 6ead3e5e5296fe145b5eb92da7ae8088
Confluence Server 7.12.4 OGNL Injection Remote Code Execution
Posted Sep 1, 2021
Authored by h3v0x

Confluence Server version 7.12.4 unauthenticated OGNL injection remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2021-26084
MD5 | 0340434a86c779c9694e3699eb42446f
Traffic Offense Management System 1.0 SQL Injection / Remote Code Execution
Posted Sep 1, 2021
Authored by Tagoletta

Traffic Offense Management System version 1.0 remote code execution exploit that leverages a remote SQL vulnerability.

tags | exploit, remote, code execution, sql injection
MD5 | b273c6fcac7e557727fa0ed573991ad0
Red Hat Security Advisory 2021-3365-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3365-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Issues addressed include a code execution vulnerability.

tags | advisory, remote, code execution
systems | linux, redhat
advisories | CVE-2021-3621
MD5 | 50dcd1431c236a477839e4b01f0ace72
Ubuntu Security Notice USN-5054-1
Posted Aug 31, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5054-1 - Felix Wilhelm discovered a buffer overflow flaw in the mod_proxy_uwsgi module. An attacker could use this vulnerability to provoke an information disclosure or potentially remote code execution.

tags | advisory, remote, overflow, code execution, info disclosure
systems | linux, ubuntu
advisories | CVE-2020-11984
MD5 | 020feed894a3c2eeaf34898ceb9a2a21
BSCW Server Remote Code Execution
Posted Aug 31, 2021
Authored by Armin Stock | Site sec-consult.com

BSCW Server versions 7.4.2 and below, 7.3.2 and below, 5.2.3 and below, 5.1.9 and below, and 5.0.11 and below suffer from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2021-39271
MD5 | 12410f10bd52d3cf3699a47fcca71d3b
Backdoor.Win32.Hupigon.aejq Authentication Bypass / Code Execution
Posted Aug 31, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.aejq malware suffers from bypass and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
MD5 | 5dad3a4f5ae4950a7afef65689f3849e
Git LFS Clone Command Execution
Posted Aug 31, 2021
Authored by Shelby Pace, Matheus Tavares, Johannes Schindelin | Site metasploit.com

Git clients that support delay-capable clean / smudge filters and symbolic links on case-insensitive file systems are vulnerable to remote code execution while cloning a repository. Usage of clean / smudge filters through Git LFS and a case-insensitive file system changes the checkout order of repository files which enables the placement of a Git hook in the .git/hooks directory. By default, this Metasploit module writes a post-checkout script so that the payload will automatically be executed upon checkout of the repository.

tags | exploit, remote, code execution
advisories | CVE-2021-21300
MD5 | b389779a9c5da6a81739bfdce3bfb340
Red Hat Security Advisory 2021-3336-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3336-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Issues addressed include code execution and memory leak vulnerabilities.

tags | advisory, remote, vulnerability, code execution, memory leak
systems | linux, redhat
advisories | CVE-2021-3621
MD5 | 2123481367856498a2969f1d72ed5139
Backdoor.Win32.Delf.wr Authentication Bypass / Code Execution
Posted Aug 31, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Delf.wr malware suffers from bypass and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
MD5 | 2bf0712acd2e8a34bf4e09296b35e733
Red Hat Security Advisory 2021-3295-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3295-01 - libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Issues addressed include buffer overflow and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-3246
MD5 | 2a22c006ed367354015bef163b7b222a
Red Hat Security Advisory 2021-3298-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3298-01 - libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Issues addressed include buffer overflow and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-3246
MD5 | 7237d8e2c83d6dec42eb5e0b986e0584
Backdoor.Win32.Delf.um Authentication Bypass / Code Execution
Posted Aug 31, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Delf.um malware suffers from bypass and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
MD5 | 301c46cd59e9b97621f8c1ce759887df
Backdoor.Win32.Antilam.11 Code Execution
Posted Aug 30, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Antilam.11 malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
MD5 | 79dfd5329300e92b79d0e8815a7d5227
Strapi CMS 3.0.0-beta.17.4 Remote Code Execution
Posted Aug 30, 2021
Authored by Musyoka Ian

Strapi CMS version 3.0.0-beta.17.4 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2019-18818, CVE-2019-19609
MD5 | 24052d1b097427f8b6282a7680d8abbc
Red Hat Security Advisory 2021-3297-01
Posted Aug 30, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3297-01 - libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Issues addressed include buffer overflow and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-3246
MD5 | b2ad76e09d5eceb25aec631cac795e32
Red Hat Security Advisory 2021-3254-01
Posted Aug 30, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3254-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include buffer overflow, code execution, cross site scripting, denial of service, information leakage, integer overflow, and traversal vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, xss, python
systems | linux, redhat
advisories | CVE-2020-25659, CVE-2020-27619, CVE-2020-27783, CVE-2020-28493, CVE-2020-36242, CVE-2021-20095, CVE-2021-23336, CVE-2021-28957, CVE-2021-29921, CVE-2021-3177, CVE-2021-33503, CVE-2021-3426, CVE-2021-3572
MD5 | 70a4248bf0bf2e0433ba6e3b6f69dd2b
Strapi 3.0.0-beta.17.7 Remote Code Execution
Posted Aug 30, 2021
Authored by David Uton

Strapi version 3.0.0-beta.17.7 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2019-19609
MD5 | 14652910b1bea391615b3abe532186d4
Red Hat Security Advisory 2021-3235-01
Posted Aug 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3235-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, bypass, code execution, out of bounds write, and privilege escalation vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-22555, CVE-2021-3609, CVE-2021-3621
MD5 | a0f931b8ffa1b934372d05413683bd39
Red Hat Security Advisory 2021-3252-01
Posted Aug 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3252-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include buffer overflow, code execution, denial of service, and traversal vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, python
systems | linux, redhat
advisories | CVE-2020-27619, CVE-2020-28493, CVE-2021-20095, CVE-2021-20270, CVE-2021-23336, CVE-2021-27291, CVE-2021-3177
MD5 | 64d7bbcc756663f32879557072f66329
Red Hat Security Advisory 2021-3253-01
Posted Aug 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3253-01 - libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Issues addressed include buffer overflow and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-3246
MD5 | 050993a2f945877792bcd85bb9e1eeee
Page 5 of 255
Back34567Next

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close