what you don't know can hurt you
Showing 51 - 75 of 13,347 RSS Feed

Local Files

National Instruments Circuit Design Suite 14.0 Privilege Escalation
Posted Oct 11, 2019
Authored by Ivan Marmolejo

National Instruments Circuit Design Suite version 14.0 suffers from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | 98aa4b631011caf494a631d35959d1da
DeviceViewer 3.12.0.1 Local Buffer Overflow
Posted Oct 9, 2019
Authored by Alessandro Magnosi, Alessandro Magnosiu

DeviceViewer version 3.12.0.1 add user local buffer overflow exploit with DEP bypass.

tags | exploit, overflow, local
MD5 | 70ae5f2f1f2b9c91d4222fed2be40c4b
ASX To MP3 Converter 3.1.3.7 Local Stack Overflow
Posted Oct 7, 2019
Authored by max7253

ASX to MP3 Converter version 3.1.3.7 .asx local stack overflow exploit.

tags | exploit, overflow, local
MD5 | 20f8d66dda4e923b5433ade635fb4ca1
Ubuntu Security Notice USN-4147-1
Posted Oct 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4147-1 - It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup. A physically proximate attacker could use this to cause a denial of service. It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-0136, CVE-2019-10207, CVE-2019-13631, CVE-2019-15090, CVE-2019-15117, CVE-2019-15118, CVE-2019-15211, CVE-2019-15212, CVE-2019-15215, CVE-2019-15217, CVE-2019-15218, CVE-2019-15220, CVE-2019-15221, CVE-2019-15223, CVE-2019-15538, CVE-2019-15925, CVE-2019-15926, CVE-2019-9506
MD5 | 9b6a21a8a4483fda16543f89ef6b5f9b
Ubuntu Security Notice USN-4145-1
Posted Oct 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4145-1 - It was discovered that a race condition existed in the GFS2 file system in the Linux kernel. A local attacker could possibly use this to cause a denial of service. It was discovered that the IPv6 implementation in the Linux kernel did not properly validate socket options in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-10905, CVE-2017-18509, CVE-2018-20961, CVE-2018-20976, CVE-2019-0136, CVE-2019-10207, CVE-2019-11487, CVE-2019-13631, CVE-2019-15211, CVE-2019-15215, CVE-2019-15926
MD5 | ea50ef6fe5c28f797b35ddfa61c716dc
Ubuntu Security Notice USN-4144-1
Posted Oct 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4144-1 - It was discovered that the XFS file system in the Linux kernel did not properly handle mount failures in some situations. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. Benjamin Moody discovered that the XFS file system in the Linux kernel did not properly handle an error condition when out of disk quota. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-20976, CVE-2019-15538
MD5 | a08d6c0764fd808ec1d2ad89c0113cd9
Duplicator Pro 1.3.14 Local Information Disclosure
Posted Sep 29, 2019

Duplicator Pro version 1.3.14 and below suffer from a local information disclosure vulnerability.

tags | exploit, local, info disclosure
MD5 | 3e7a8b3a11b1663559ba3dc5c9329650
Samsung Mobile Android SamsungTTS Privilege Escalation
Posted Sep 25, 2019
Authored by flanker

The Samsung Text-to-speech Engine System Component on Android suffers from a local privilege escalation vulnerability. Versions before 3.0.02.7 and 3.0.00.101 are affected.

tags | advisory, local
advisories | CVE-2019-16253
MD5 | 8f7af7fb883fdaea5d4b41303321e322
ABRT sosreport Privilege Escalation
Posted Sep 24, 2019
Authored by rebel, Brendan Coles | Site metasploit.com

This Metasploit module attempts to gain root privileges on RHEL systems with a vulnerable version of Automatic Bug Reporting Tool (ABRT) configured as the crash handler. sosreport uses an insecure temporary directory, allowing local users to write to arbitrary files (CVE-2015-5287). This module has been tested successfully on abrt 2.1.11-12.el7 on RHEL 7.0 x86_64 and abrt 2.1.11-19.el7 on RHEL 7.1 x86_64.

tags | exploit, arbitrary, local, root
advisories | CVE-2015-5287
MD5 | 0f23d5ba9a3e00fce536b47e337e69e0
Easy File Sharing Web Server 7.2 SEH Buffer Overflow
Posted Sep 24, 2019
Authored by x00pwn

Easy File Sharing Web Server version 7.2 local SEH buffer overflow exploit.

tags | exploit, web, overflow, local
MD5 | 6ee9f6c71745a4d56ab197185d1c6d0c
Ubuntu Security Notice USN-4134-2
Posted Sep 23, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4134-2 - USN-4134-1 fixed a vulnerability in IBus. The security fix introduced a regression when being used with Qt applications. This update reverts the security fix pending further investigation. Simon McVittie discovered that IBus did not enforce appropriate access controls on its private D-Bus socket. A local unprivileged user who discovers the IBus socket address of another user could exploit this to capture the key strokes of the other user. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
MD5 | f3dd6bb956db553071cad73e67c6b26c
Gila CMS Local File Inclusion
Posted Sep 23, 2019
Authored by Sainadh Jamalpur

Gila CMS versions prior to 1.11.1 suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2019-16679
MD5 | ce5dec0eb4e015a8c838b87741efe71c
TOR Virtual Network Tunneling Tool 0.4.1.6
Posted Sep 19, 2019
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release backports several bugfixes to improve stability and correctness. Anyone experiencing build problems or crashes with 0.4.1.5, or experiencing reliability issues with single onion services, should upgrade.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | d5e290d2a09d4225693cebc37a83097f
macOS 18.7.0 Kernel Local Privilege Escalation
Posted Sep 19, 2019
Authored by A2nkF

macOS version 18.7.0 kernel local privilege escalation exploit that may only work on Macs before 2016.

tags | exploit, kernel, local
MD5 | 8157e1ede5cfd34c7e3aa2019494c8bb
Ubuntu Security Notice USN-4135-1
Posted Sep 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4135-1 - Peter Pi discovered a buffer overflow in the virtio network backend implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service or possibly execute arbitrary code in the host OS. It was discovered that the Linux kernel on PowerPC architectures did not properly handle Facility Unavailable exceptions in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14835, CVE-2019-15030, CVE-2019-15031
MD5 | 95e7c4187500bf769ca3eaa74251777d
Ubuntu Security Notice USN-4135-2
Posted Sep 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4135-2 - Peter Pi discovered a buffer overflow in the virtio network backend implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service or possibly execute arbitrary code in the host OS. It was discovered that the Linux kernel on PowerPC architectures did not properly handle Facility Unavailable exceptions in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14835, CVE-2019-15030, CVE-2019-15031
MD5 | d96f38d38b0c0c92e88f66fa91d9dbfa
Ubuntu Security Notice USN-4134-1
Posted Sep 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4134-1 - Simon McVittie discovered that IBus did not enforce appropriate access controls on its private D-Bus socket. A local unprivileged user who discovers the IBus socket address of another user could exploit this to capture the key strokes of the other user.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-14822
MD5 | 6002dfaf1a23b111091bd34ff316b088
Ubuntu Security Notice USN-4133-1
Posted Sep 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4133-1 - It was discovered that Wireshark improperly handled certain input. A remote or local attacker could cause Wireshark to crash by injecting malformed packets onto the wire or convincing someone to read a malformed packet trace file.

tags | advisory, remote, local
systems | linux, ubuntu
advisories | CVE-2019-12295
MD5 | 5beae93d0843329763e065d95b120cde
FTPShell Client 6.74 Buffer Overflow
Posted Sep 13, 2019
Authored by Debashis Pal

FTPShell Client version 6.74 suffers from a local buffer overflow denial of service vulnerability.

tags | exploit, denial of service, overflow, local
MD5 | 57c456409533cdc1763216b90f4971a2
Ubuntu Security Notice USN-4120-2
Posted Sep 11, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4120-2 - USN-4120-1 fixed a vulnerability in systemd. The update included a recent SRU from the updates pocket that introduced networking problems for some users. This update fixes the problem. It was discovered that the systemd-resolved D-Bus interface did not enforce appropriate access controls. A local unprivileged user could exploit this to modify a system's DNS resolver settings. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
MD5 | 82d8f28d12fffac3503d35d76ab85de6
Kernel Live Patch Security Notice LSN-0055-1
Posted Sep 7, 2019
Authored by Benjamin M. Romer

It was discovered that a use-after-free error existed in the block layer subsystem of the Linux kernel when certain failure conditions occurred. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2018-20856, CVE-2019-10207, CVE-2019-11478, CVE-2019-13233, CVE-2019-14283, CVE-2019-14284
MD5 | 024d77eed49a23432c14adc8f067c9ad
Ubuntu Security Notice USN-4120-1
Posted Sep 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4120-1 - It was discovered that the systemd-resolved D-Bus interface did not enforce appropriate access controls. A local unprivileged user could exploit this to modify a system's DNS resolver settings.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-15718
MD5 | 7234aab1bef208f524e07f03bf6b1160
Ubuntu Security Notice USN-4118-1
Posted Sep 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4118-1 - It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-13053, CVE-2018-13093, CVE-2018-13098, CVE-2018-13099, CVE-2018-13100, CVE-2018-14610, CVE-2018-14611, CVE-2018-14612, CVE-2018-14614, CVE-2018-14616, CVE-2018-14617, CVE-2018-16862, CVE-2018-19985, CVE-2018-20169, CVE-2018-20511, CVE-2018-20784, CVE-2018-20856, CVE-2018-5383, CVE-2019-0136, CVE-2019-10126, CVE-2019-10207, CVE-2019-10638, CVE-2019-10639, CVE-2019-11085, CVE-2019-11487, CVE-2019-11599
MD5 | 606239d761ad7f615ccb6ead5cc82c96
Ubuntu Security Notice USN-4116-1
Posted Sep 2, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4116-1 - It was discovered that a use-after-free error existed in the block layer subsystem of the Linux kernel when certain failure conditions occurred. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code. Amit Klein and Benny Pinkas discovered that the Linux kernel did not sufficiently randomize IP ID values generated for connectionless networking protocols. A remote attacker could use this to track particular Linux devices. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2018-20856, CVE-2019-10638, CVE-2019-13648, CVE-2019-14283, CVE-2019-14284, CVE-2019-3900
MD5 | 6f30126d89e5e8e65cce204ca2609eba
Ubuntu Security Notice USN-4115-1
Posted Sep 2, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4115-1 - Hui Peng and Mathias Payer discovered that the Option USB High Speed driver in the Linux kernel did not properly validate metadata received from the device. A physically proximate attacker could use this to cause a denial of service. Zhipeng Xie discovered that an infinite loop could triggered in the CFS Linux kernel process scheduler. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-19985, CVE-2018-20784, CVE-2019-0136, CVE-2019-10207, CVE-2019-10638, CVE-2019-10639, CVE-2019-11487, CVE-2019-11599, CVE-2019-11810, CVE-2019-13631, CVE-2019-13648, CVE-2019-14283, CVE-2019-14284, CVE-2019-14763, CVE-2019-15090, CVE-2019-15211, CVE-2019-15212, CVE-2019-15214, CVE-2019-15215, CVE-2019-15216, CVE-2019-15218, CVE-2019-15220, CVE-2019-15221, CVE-2019-15292, CVE-2019-3701, CVE-2019-3819, CVE-2019-3900
MD5 | d33b91a9062e22127c5fc65115ec33fe
Page 3 of 534
Back12345Next

File Archive:

December 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    1 Files
  • 2
    Dec 2nd
    16 Files
  • 3
    Dec 3rd
    17 Files
  • 4
    Dec 4th
    23 Files
  • 5
    Dec 5th
    11 Files
  • 6
    Dec 6th
    10 Files
  • 7
    Dec 7th
    1 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    15 Files
  • 10
    Dec 10th
    30 Files
  • 11
    Dec 11th
    8 Files
  • 12
    Dec 12th
    20 Files
  • 13
    Dec 13th
    1 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close