what you don't know can hurt you
Showing 1 - 25 of 11,496 RSS Feed

Overflow Files

SQLMAP - Automatic SQL Injection Tool 1.4.12
Posted Dec 1, 2020
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Bug fixes.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 63f11245bc7cdef373e7b5a811aa3c43
Red Hat Security Advisory 2020-5275-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5275-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer over-read, buffer overflow, code execution, information leakage, null pointer, and out of bounds read vulnerabilities.

tags | advisory, web, overflow, php, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-11045, CVE-2019-11047, CVE-2019-11048, CVE-2019-11050, CVE-2019-19203, CVE-2019-19204, CVE-2019-19246, CVE-2020-7059, CVE-2020-7060, CVE-2020-7062, CVE-2020-7063, CVE-2020-7064, CVE-2020-7065, CVE-2020-7066
MD5 | 15b6e660f7ec10e7b1caf283b0e647fa
libupnp 1.6.18 Denial Of Service
Posted Nov 26, 2020
Authored by Patrik Lantz

libupnp version 1.6.18 stack-based buffer overflow denial of service exploit.

tags | exploit, denial of service, overflow
advisories | CVE-2012-5958
MD5 | eec0f79236ada16154ef65b5142e8111
SyncBreeze 10.0.28 Remote Buffer Overflow
Posted Nov 25, 2020
Authored by Abdessalam King

SyncBreeze version 10.0.28 suffers from a remote buffer overflow vulnerability.

tags | exploit, remote, overflow
MD5 | bc1a7022ff9c1b9889c27f49798311ef
Code16 Notes Magazine 02
Posted Nov 23, 2020
Authored by Cody Sixteen, code16

Code16 is a compilation of notes from research performed by Cody16. This issue discusses exploring heap overflows and more.

tags | paper, overflow, magazine
MD5 | 69a5018313932a09abe01bb1cf8ab55f
Boxoft Audio Converter 2.3.0 Buffer Overflow
Posted Nov 23, 2020
Authored by Luis Martinez

Boxoft Audio Converter version 2.3.0 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 991f7441c38b85a7dd514c9bf046acc8
IBM Tivoli Storage Manager 5.2.0.1 Buffer Overflow
Posted Nov 20, 2020
Authored by Paolo Stagno

IBM Tivoli Storage Manager version 5.2.0.1 suffers from a command line administrative interface buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 4a0e4ac1048da1123852d71eb40c733b
Boxoft Convert Master 1.3.0 Local Buffer Overflow
Posted Nov 20, 2020
Authored by Achilles

Boxoft Convert Master version 1.3.0 SEH local buffer overflow exploit.

tags | exploit, overflow, local
MD5 | f956aa989b00a65c070070cfbabf0008
Free MP3 CD Ripper 2.8 Buffer Overflow
Posted Nov 20, 2020
Authored by ZwX, Gionathan Reale | Site metasploit.com

This Metasploit module exploits a buffer overflow in Free MP3 CD Ripper versions 2.6 and 2.8. By constructing a specially crafted WMA WAV M3U ACC FLAC file and attempting to convert it to an MP3 file in the application, a buffer is overwritten, which allows for running shellcode.

tags | exploit, overflow, shellcode
advisories | CVE-2019-9767
MD5 | 93482b8f1d9c8f6f9b71706c24ed882a
Internet Download Manager 6.38.12 Buffer Overflow
Posted Nov 19, 2020
Authored by Vincent Wolterman

Internet Download Manager version 6.38.12 suffers from a scheduler downloads scheduler buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 75f8a4e63787ca4ceecda8a6cac0ad9f
AIX 5.3L libc Buffer Overflow
Posted Nov 17, 2020
Authored by Hacker Fantastic

AIX version 5.3L libc local environment handling local root exploit. The AIX 5.3L (and possibly others) libc is vulnerable to multiple buffer overflow issues in the handling of locale environment variables. This allows for exploitation of any setuid root binary that makes use of functions such as setlocale() which do not perform bounds checking when handling LC_* environment variables. An attacker can leverage this issue to obtain root privileges on an impacted AIX system. This exploit makes use of the "/usr/bin/su" binary to trigger the overflow through LC_ALL and obtain root.

tags | exploit, overflow, local, root
systems | aix
MD5 | 5a8e7e11f2da1598bdca5bdbbf71d224
Apple Security Advisory 2020-11-13-7
Posted Nov 15, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-11-13-7 - Update 2020-005 High Sierra and Security Update 2020-005 Mojave address buffer overflow, code execution, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2020-10011, CVE-2020-13520, CVE-2020-9941, CVE-2020-9954, CVE-2020-9961, CVE-2020-9968, CVE-2020-9973, CVE-2020-9981, CVE-2020-9986
MD5 | 0fe8239f9a75edd0ffb540f132347ccf
Apple Security Advisory 2020-11-13-6
Posted Nov 14, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-11-13-6 - watchOS 7.0 addresses buffer overflow, code execution, cross site scripting, denial of service, information leakage, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, spoof, vulnerability, code execution, xss
systems | apple
advisories | CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-15358, CVE-2020-9849, CVE-2020-9876, CVE-2020-9941, CVE-2020-9943, CVE-2020-9944, CVE-2020-9946, CVE-2020-9947, CVE-2020-9949, CVE-2020-9950, CVE-2020-9951, CVE-2020-9952, CVE-2020-9954, CVE-2020-9961, CVE-2020-9965, CVE-2020-9966, CVE-2020-9968, CVE-2020-9969, CVE-2020-9976, CVE-2020-9981, CVE-2020-9983, CVE-2020-9989, CVE-2020-9991, CVE-2020-9993
MD5 | 1b3f70a0b803d4aba27dee55ca9e87ef
Apple Security Advisory 2020-11-13-4
Posted Nov 13, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-11-13-4 - tvOS 14.0 addresses buffer overflow, code execution, cross site scripting, denial of service, information leakage, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, xss
systems | apple
advisories | CVE-2020-10013, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-15358, CVE-2020-9849, CVE-2020-9876, CVE-2020-9943, CVE-2020-9944, CVE-2020-9947, CVE-2020-9949, CVE-2020-9950, CVE-2020-9951, CVE-2020-9952, CVE-2020-9954, CVE-2020-9961, CVE-2020-9965, CVE-2020-9966, CVE-2020-9968, CVE-2020-9969, CVE-2020-9976, CVE-2020-9979, CVE-2020-9981, CVE-2020-9983, CVE-2020-9991
MD5 | e65d5de230a8b7448d59d553c86fe14c
Apple Security Advisory 2020-11-13-3
Posted Nov 13, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-11-13-3 - Updates for iOS 14.0 and iPadOS 14.0 address buffer overflow, code execution, cross site scripting, denial of service, information leakage, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, spoof, vulnerability, code execution, xss
systems | apple, ios
advisories | CVE-2019-14899, CVE-2020-10013, CVE-2020-13434, CVE-2020-13435, CVE-2020-13520, CVE-2020-13630, CVE-2020-13631, CVE-2020-15358, CVE-2020-6147, CVE-2020-9773, CVE-2020-9849, CVE-2020-9876, CVE-2020-9941, CVE-2020-9943, CVE-2020-9944, CVE-2020-9946, CVE-2020-9947, CVE-2020-9949, CVE-2020-9950, CVE-2020-9951, CVE-2020-9952, CVE-2020-9954, CVE-2020-9958, CVE-2020-9959, CVE-2020-9961, CVE-2020-9963, CVE-2020-9964, CVE-2020-9965
MD5 | f15d74568f4f6adf383e272deddb869b
ReadyTalk Avian JVM FileOutputStream.write() Integer Overflow
Posted Nov 13, 2020
Authored by Pietro Oliva

ReadyTalk Avian JVM versions 1.2.0 before 27th October 2020 suffer from a FileOutputStream.write() integer overflow vulnerability.

tags | exploit, overflow
MD5 | 0eeb53af3d334c2876f02c02ffa0e8e8
Ubuntu Security Notice USN-4632-1
Posted Nov 12, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4632-1 - It was discovered that the SLiRP networking implementation of the QEMU emulator did not properly manage memory under certain circumstances. An attacker could use this to cause a heap-based buffer overflow or other out- of-bounds access, which can lead to a denial of service or potentially execute arbitrary code. It was discovered that the SLiRP networking implementation of the QEMU emulator misuses snprintf return values. An attacker could use this to cause a denial of service or potentially execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-7039, CVE-2020-8608
MD5 | 4a371d27b914f9fc59555d745600a57f
Red Hat Security Advisory 2020-5086-01
Posted Nov 11, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5086-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.

tags | advisory, web, overflow, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2020-15095, CVE-2020-8116, CVE-2020-8201, CVE-2020-8252
MD5 | 247b6393a653a918a5800b4ee4e00b08
Gentoo Linux Security Advisory 202011-10
Posted Nov 11, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202011-10 - A buffer overflow in tmux might allow remote attacker(s) to execute arbitrary code. Versions less than 3.1c are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2020-27347
MD5 | ee250d62f4dcb03826e96c97380d6875
Red Hat Security Advisory 2020-4999-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4999-01 - The unixODBC packages contain a framework that supports accessing databases through the ODBC protocol. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, protocol
systems | linux, redhat
advisories | CVE-2018-7409, CVE-2018-7485
MD5 | de7e8ca6255adb8f20983c5d0b02b466
Chrome ConvertToJavaBitmap Heap Buffer Overflow
Posted Nov 9, 2020
Authored by Google Security Research, Glazvunov

Chrome on Android suffers from a ConvertToJavaBitmap heap buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2020-16011
MD5 | c8867dbfed920c86be64013795e08eb9
Apple Security Advisory 2020-11-05-7
Posted Nov 9, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-11-05-7 - tvOS 14.2 is now available and addresses code execution, integer overflow, out of bounds read, out of bounds write, path sanitization, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2020-10002, CVE-2020-10003, CVE-2020-10010, CVE-2020-10016, CVE-2020-10017, CVE-2020-27905, CVE-2020-27909, CVE-2020-27910, CVE-2020-27911, CVE-2020-27912, CVE-2020-27916, CVE-2020-27917, CVE-2020-27918, CVE-2020-27927, CVE-2020-9974
MD5 | afdd7d495da761675d9100b068a53d3c
SunSSH Solaris 10.0 / 11.0 x86 Remote Root
Posted Nov 9, 2020
Authored by Hacker Fantastic

A trivial to reach stack-based buffer overflow is present in libpam on Solaris. The vulnerable code exists in pam_framework.c parse_user_name() which allocates a fixed size buffer of 512 bytes on the stack and parses a username supplied to PAM modules (such as authtok_get used by SunSSH). This issue can be reached remotely pre-authentication via SunSSH when "keyboard-interactive" is enabled to use PAM based authentication. The vulnerability was discovered being actively exploited by FireEye in the wild and is part of an APT toolkit called "EVILSUN". The vulnerability is present in both SPARC/x86 versions of Solaris and others (eg. illumos). This exploit uses ROP gadgets to disable nxstack through mprotect on x86 and a helper shellcode stub. Tested against latest Solaris 10 without patch applied and the configuration is vulnerable in a default vanilla install. This exploit requires libssh2, the vulnerability has been identified and confirmed reachable on Solaris 10 through 11.0.

tags | exploit, overflow, x86, shellcode
systems | solaris
advisories | CVE-2020-14871
MD5 | 3fbcd0fdda16b92f50dc244f60276db1
Red Hat Security Advisory 2020-4974-01
Posted Nov 9, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4974-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 86.0.4240.183. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-16004, CVE-2020-16005, CVE-2020-16006, CVE-2020-16008, CVE-2020-16009
MD5 | 439c305b39ff65ddfffe37601d84a451
Apple Security Advisory 2020-11-05-1
Posted Nov 9, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-11-05-1 - iOS 14.2 and iPadOS 14.2 are now available and addresses code execution, integer overflow, out of bounds read, out of bounds write, path sanitization, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple, ios
advisories | CVE-2020-10002, CVE-2020-10003, CVE-2020-10004, CVE-2020-10010, CVE-2020-10011, CVE-2020-10016, CVE-2020-10017, CVE-2020-13524, CVE-2020-27902, CVE-2020-27905, CVE-2020-27909, CVE-2020-27910, CVE-2020-27911, CVE-2020-27912, CVE-2020-27916, CVE-2020-27917, CVE-2020-27918, CVE-2020-27925, CVE-2020-27926, CVE-2020-27927, CVE-2020-27930, CVE-2020-27932, CVE-2020-27950, CVE-2020-9974
MD5 | e316caeb924e1e7eb685c0783a056ddb
Page 1 of 460
Back12345Next

File Archive:

December 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    22 Files
  • 2
    Dec 2nd
    33 Files
  • 3
    Dec 3rd
    11 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close