exploit the possibilities
Showing 1 - 25 of 767 RSS Feed

JavaScript Files

AWS CloudShell Terminal Escape Injection / Remote Code Execution
Posted May 10, 2021
Authored by Google Security Research, Felix Wilhelm

The javascript terminal emulator used by AWS CloudShell handles certain terminal escape codes incorrectly. This can lead to remote code execution if attacker controlled data is displayed in a CloudShell instance.

tags | exploit, remote, javascript, code execution
MD5 | a07ebf4a753f14e46c966e23a4c3cf0b
Ubuntu Security Notice USN-4939-1
Posted May 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4939-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2021-1788
MD5 | af4558d62abbfd5bae4e9822b097ced0
Google Chrome XOR Typer Out-Of-Bounds Access / Remote Code Execution
Posted May 3, 2021
Authored by Niklas Baumstark, Grant Willcox, Rajvardhan Agarwal, Bruno Keith | Site metasploit.com

This Metasploit module exploits an issue in the V8 engine on x86_x64 builds of Google Chrome versions prior to 89.0.4389.128/90.0.4430.72 when handling XOR operations in JIT'd JavaScript code. Successful exploitation allows an attacker to execute arbitrary code within the context of the V8 process. As the V8 process is normally sandboxed in the default configuration of Google Chrome, the browser must be run with the --no-sandbox option for the payload to work correctly.

tags | exploit, arbitrary, javascript
advisories | CVE-2021-21220
MD5 | 63f07081f5cf627d484d2e1962bd0302
Apache Druid 0.20.0 Remote Command Execution
Posted Apr 27, 2021
Authored by Litch1, je5442804, Alibaba Cloud Security Team | Site metasploit.com

Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests; however, that feature is disabled by default. In Druid versions prior to 0.20.1, an authenticated user can send a specially-crafted request that both enables the JavaScript code-execution feature and executes the supplied code all at once, allowing for code execution on the server with the privileges of the Druid Server process. More critically, authentication is not enabled in Apache Druid by default.

tags | exploit, javascript, code execution
advisories | CVE-2021-25646
MD5 | e671822283290890d3b9fa839ab97950
SMASH: Synchronized Many-Sided Rowhammer Attacks From JavaScript
Posted Apr 15, 2021
Authored by Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Pietro Frigo, Emanuele Vannacci, Finn de Ridder

In this paper, the authors show that under realistic assumptions, it is indeed possible to bypass TRR directly from JavaScript, allowing attackers to exploit the resurfaced Rowhammer bug inside the browser. In addition, their analysis reveals new requirements for practical TRR evasion. For instance, they discovered that activating many rows in rapid succession as shown in TRRespass may not always be sufficient to produce bit flips. The scheduling of DRAM accesses also plays an important role.

tags | paper, javascript
MD5 | 836e85101be3fa403bf5501797e73520
Chrome V8 JavaScript Engine Remote Code Execution
Posted Apr 13, 2021
Authored by Rajvardhan Agarwal | Site github.com

Chrome V8 Javascript Engine remote code execution zero day exploit. Google is expected to release an update to their browser on tuesday 04/14/2021 that will address this vulnerability.

tags | exploit, remote, overflow, javascript, code execution
MD5 | a76d90d5f2c12f9efc441081adf2aabe
Ubuntu Security Notice USN-4894-1
Posted Mar 30, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4894-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2020-27918, CVE-2021-1799
MD5 | 4e22d60fd6aa436f1afcb95822fbbce6
Red Hat Security Advisory 2021-0831-01
Posted Mar 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0831-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | e4f76ec6cf5d25f7912b627f5880dffb
Red Hat Security Advisory 2021-0830-01
Posted Mar 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0830-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | e48bc69e2cdfde32b4069248f6d31869
Red Hat Security Advisory 2021-0827-01
Posted Mar 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0827-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | 8eca4f2c7dd986de75875e576747b15d
Sticky Notes Apps Using JavaScript 1.0 Cross Site Scripting
Posted Mar 9, 2021
Authored by Richard Jones

Sticky Notes Apps using JavaScript version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, javascript, xss
MD5 | c34812b56f1fa2ae36a2816630cf1b86
Red Hat Security Advisory 2021-0744-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0744-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | b4b85275703a4c86c931e4a7d0597ee5
Red Hat Security Advisory 2021-0740-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0740-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | 08753a3c634b4606c4b4f6b2da8f95c1
Red Hat Security Advisory 2021-0738-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0738-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | 338f3f3813e0f5c43e7a6e5b5e924917
Red Hat Security Advisory 2021-0741-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0741-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | 1bed23e753213411771ae018c380af64
Red Hat Security Advisory 2021-0739-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0739-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | 2bd6951176f39236faaf38759dd2915e
Red Hat Security Advisory 2021-0735-01
Posted Mar 5, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0735-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | ed843d10c99a39c218154c84cfa07276
Red Hat Security Advisory 2021-0734-01
Posted Mar 5, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0734-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | 8734c89713c54635e678ebd2630e7c7c
Ubuntu Security Notice USN-4739-1
Posted Feb 18, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4739-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2020-13558
MD5 | a5feb8fa066d0c3a1865f6e0f2147384
Red Hat Security Advisory 2021-0549-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0549-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, denial of service, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2019-10746, CVE-2019-10747, CVE-2020-7754, CVE-2020-7788, CVE-2020-8265, CVE-2020-8287
MD5 | d12e31190f42f1146fa898afa1452587
Red Hat Security Advisory 2021-0548-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0548-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, buffer overflow, denial of service, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, overflow, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2020-15095, CVE-2020-15366, CVE-2020-7608, CVE-2020-7754, CVE-2020-7774, CVE-2020-7788, CVE-2020-8116, CVE-2020-8252, CVE-2020-8265, CVE-2020-8287
MD5 | 26e22cd5c2bbda37974b7b609c2a39d4
Red Hat Security Advisory 2021-0551-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0551-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, denial of service, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2020-15366, CVE-2020-7754, CVE-2020-7774, CVE-2020-7788, CVE-2020-8265, CVE-2020-8277, CVE-2020-8287
MD5 | ec3cbb4f80cd8b53ddbfdabf27c17f5e
Red Hat Security Advisory 2021-0521-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0521-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, buffer overflow, denial of service, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, overflow, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2020-15095, CVE-2020-15366, CVE-2020-7608, CVE-2020-7754, CVE-2020-7774, CVE-2020-7788, CVE-2020-8116, CVE-2020-8252, CVE-2020-8265, CVE-2020-8287
MD5 | 3b6cb4e248436333bc3fcc18fd68d4c2
Red Hat Security Advisory 2021-0485-01
Posted Feb 11, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0485-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, denial of service, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2019-10746, CVE-2019-10747, CVE-2020-7754, CVE-2020-7788, CVE-2020-8265, CVE-2020-8287
MD5 | ae64f58035319cbf89a8d19531de9980
Red Hat Security Advisory 2021-0421-01
Posted Feb 4, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0421-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, denial of service, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2020-15366, CVE-2020-7754, CVE-2020-7774, CVE-2020-7788, CVE-2020-8265, CVE-2020-8277, CVE-2020-8287
MD5 | e283a998f1a50c5c272a6ee786b5f530
Page 1 of 31
Back12345Next

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    26 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    11 Files
  • 8
    May 8th
    2 Files
  • 9
    May 9th
    2 Files
  • 10
    May 10th
    13 Files
  • 11
    May 11th
    17 Files
  • 12
    May 12th
    22 Files
  • 13
    May 13th
    11 Files
  • 14
    May 14th
    9 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close