what you don't know can hurt you
Showing 101 - 125 of 13,200 RSS Feed

Local Files

HTML Video Player 1.2.5 Local Buffer Overflow
Posted Jan 29, 2019
Authored by Dino Covotsos

HTML Video Player version 1.2.5 suffers from a local buffer overflow vulnerability.

tags | exploit, overflow, local
MD5 | fb293b160674d4eeb22080384cd6bd4f
MySQL User-Defined (Linux) x32 / x86_64 sys_exec Privilege Escalation
Posted Jan 29, 2019
Authored by D7X

MySQL User-Defined (Linux) x32 / x86_64 sys_exec function local privilege escalation exploit.

tags | exploit, local
systems | linux
MD5 | 6836b2b8653660838622bcc3b783c738
Faleemi Desktop Software 1.8 Local Buffer Overflow
Posted Jan 29, 2019
Authored by bzyo

Faleemi Desktop Software version 1.8 local SEH buffer overflow exploit with DEP bypass.

tags | exploit, overflow, local
MD5 | 6fe28cf8e13b1400f7afc55898edbfa6
R 3.4.4 Local Buffer Overflow
Posted Jan 27, 2019
Authored by Dino Covotsos

R version 3.4.4 local non-SEH buffer overflow exploit for Windows XP SP3.

tags | exploit, overflow, local
systems | windows, xp
MD5 | db8103189a864d8a8c0b76e3ae669ef3
MySQL User-Defined (Linux) x32 / x86_64 sys_exec Local Privilege Escalation
Posted Jan 24, 2019
Authored by D7X

MySQL user-defined (Linux) x32 / x86_64 sys_execfunction local privilege escalation exploit. Can be leveraged against versions 4.x and 5.x.

tags | exploit, local
systems | linux
MD5 | 11297728ea4b88223b36ef198b04aabc
Joomla! Easy Shop 1.2.3 Local File Inclusion
Posted Jan 23, 2019
Authored by Ihsan Sencan

Joomla! Easy Shop component version 1.2.3 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 3509bcf57a850b72f093872afe9be95f
PHP Dashboards NEW 5.8 Local File Inclusion
Posted Jan 21, 2019
Authored by Ihsan Sencan

PHP Dashboards NEW version 5.8 suffers from a local file inclusion vulnerability.

tags | exploit, local, php, file inclusion
MD5 | b848b3c5fb7d6f6a2ec83b189546a946
SeoToaster Ecommerce 3.0.0 Local File Inclusion
Posted Jan 18, 2019
Authored by Ihsan Sencan

SeoToaster Ecommerce version 3.0.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 9f2299407ce91ffabeb1fed35708460f
Mozilla Firefox 64 Information Disclosure
Posted Jan 17, 2019
Authored by Dr. Vladimir Bostanov

Mozilla Firefox versions 64 and below have an issue where an overly liberal same-origin policy for file URIs and a bug in the implementation of this policy make Firefox vulnerable to exposure of local files to a remote attacker.

tags | exploit, remote, local
MD5 | fe019fa6ad6c40086ca4f91c26ff77f8
Check Point ZoneAlarm 8.8.1.110 Local Privilege Escalation
Posted Jan 17, 2019
Authored by Chris Anastasio

Check Point ZoneAlarm version 8.8.1.110 suffers from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | d5cc68c9e775edbaf57809134a79ebcb
Ubuntu Security Notice USN-3861-2
Posted Jan 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3861-2 - USN-3861-1 fixed a vulnerability in PolicyKit. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PolicyKit incorrectly handled certain large user UIDs. A local attacker with a large UID could possibly use this issue to perform privileged actions. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-19788
MD5 | 1d929df08d738a1407781094c847f6a4
Ubuntu Security Notice USN-3861-1
Posted Jan 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3861-1 - It was discovered that PolicyKit incorrectly handled certain large user UIDs. A local attacker with a large UID could possibly use this issue to perform privileged actions.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-19788
MD5 | a1e50592c0cb58f40bf65035005c7ba9
xorg-x11-server Local Privilege Escalation
Posted Jan 14, 2019
Authored by Marco Ivaldi

xorg-x11-server versions prior to 1.20.3 Solaris 11 inittab local privilege escalation exploit.

tags | exploit, local
systems | solaris
advisories | CVE-2018-14665
MD5 | c844abebb3b3d8d2300403bc8e829523
Debian Security Advisory 4365-1
Posted Jan 11, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4365-1 - Stephen Roettger discovered a race condition in tmpreaper, a program that cleans up files in directories based on their age, which could result in local privilege escalation.

tags | advisory, local
systems | linux, debian
advisories | CVE-2019-3461
MD5 | b7df79db42b0fc4f6ea9529905cda3e3
Ubuntu Security Notice USN-3855-1
Posted Jan 11, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3855-1 - It was discovered that systemd-journald allocated variable-length buffers for certain message fields on the stack. A local attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. It was discovered that systemd-journald allocated variable-length arrays of objects representing message fields on the stack. A local attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2018-16864, CVE-2018-16865, CVE-2018-16866
MD5 | 42433c95e77000de53479462231b8fa3
Code Blocks 17.12 Local Buffer Overflow
Posted Jan 11, 2019
Authored by bzyo

Code Blocks version 17.12 suffers from a local buffer overflow vulnerability.

tags | exploit, overflow, local
MD5 | e15e64174e078aee560c7bd3cb29a211
Ubuntu Security Notice USN-3850-1
Posted Jan 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3850-1 - Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. It was discovered that NSS incorrectly handled certain v2-compatible ClientHello messages. A remote attacker could possibly use this issue to perform a replay attack. It was discovered that NSS incorrectly handled certain padding oracles. A remote attacker could possibly use this issue to perform a variant of the Bleichenbacher attack. Various other issues were also addressed.

tags | advisory, remote, local
systems | linux, ubuntu
advisories | CVE-2018-0495, CVE-2018-12384, CVE-2018-12404
MD5 | f31e765a83742d73f9519be5d73246a3
TOR Virtual Network Tunneling Tool 0.3.5.7
Posted Jan 8, 2019
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.3.5.7 is the first stable release in its series; it includes compilation and portability fixes, and a fix for a severe problem affecting directory caches.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | 8076f11045b5a94fd4ef0a0114b845f6
RSA Authentication Manager Path Traversal
Posted Jan 7, 2019
Authored by Dell Product Security Incident Response Team | Site dellemc.com

The Quick Setup component of RSA Authentication Manager versions prior to 8.4 is vulnerable to a relative path traversal vulnerability. A local attacker could potentially provide an administrator with a crafted license that if used during the quick setup deployment of the initial RSA Authentication Manager system, could allow the attacker unauthorized access to that system.

tags | advisory, local
advisories | CVE-2018-15782
MD5 | 931d37612cf8560f64b71f15da93dbc1
Gentoo Linux Security Advisory 201812-11
Posted Dec 31, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201812-11 - Multiple vulnerabilities have been found in Rust, the worst which may allow local attackers to execute arbitrary code. Versions less than 1.29.1 are affected.

tags | advisory, arbitrary, local, vulnerability
systems | linux, gentoo
advisories | CVE-2018-1000622, CVE-2018-1000810
MD5 | 8bd40344a33775e5023f354026bc9486
Terminal Services Manager 3.1 Local Buffer Overflow
Posted Dec 27, 2018
Authored by bzyo

Terminal Services Manager version 3.1 SEH local buffer overflow exploit.

tags | exploit, overflow, local
MD5 | ad2ab586467fac1fecdbf7d288d6ed0f
AnyBurn 4.3 Local Buffer Overflow
Posted Dec 22, 2018
Authored by Matteo Malvica

AnyBurn version 4.3 SEH local buffer overflow exploit.

tags | exploit, overflow, local
MD5 | 2647139a9e50e499f8b41f2579de83bf
GIGABYTE Driver Privilege Escalation
Posted Dec 21, 2018
Authored by Core Security Technologies, Diego Juarez | Site coresecurity.com

Multiple vulnerabilities were found in the GPCIDrv and GDrv drivers as bundled with several GIGABYTE and AORUS branded motherboard and graphics card utilities, which could allow a local attacker to elevate privileges. Affected versions include GIGABYTE APP Center 1.05.21 and below, AORUS GRAPHICS ENGINE 1.33 and below, XTREME GAMING ENGINE 1.25 and below, and OC GURU II 2.08.

tags | exploit, local, vulnerability
advisories | CVE-2018-19320, CVE-2018-19321, CVE-2018-19322, CVE-2018-19323
MD5 | 5cad18f5b078e0d55bd9a0c74f26e7cc
ASUS Driver Privilege Escalation
Posted Dec 21, 2018
Authored by Core Security Technologies, Diego Juarez | Site coresecurity.com

Multiple vulnerabilities were found in the GLCKIo and Asusgio drivers installed by ASUS Aura Sync, which could allow a local attacker to elevate privileges. ASUS Aura Sync versions 1.07.22 and below are affected.

tags | exploit, local, vulnerability
advisories | CVE-2018-18535, CVE-2018-18536, CVE-2018-18537
MD5 | bf9ed2614877e99c373ab955e1c3e901
Ubuntu Security Notice USN-3849-1
Posted Dec 21, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3849-1 - It was discovered that a NULL pointer dereference existed in the keyring subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-2647, CVE-2018-10902, CVE-2018-12896, CVE-2018-14734, CVE-2018-16276, CVE-2018-18386, CVE-2018-18690, CVE-2018-18710
MD5 | ab84b9e247a45108e4c874fdfe0f245f
Page 5 of 528
Back34567Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    12 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    16 Files
  • 22
    May 22nd
    13 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close