what you don't know can hurt you
Showing 1 - 25 of 27,720 RSS Feed

Remote Files

Gym Management System 1.0 Remote Code Execution
Posted May 21, 2020
Authored by Bobby Cooke

Gym Management System version 1.0 suffers from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | ce64ae85eae1a7a26c36e368e636d47b
Ubuntu Security Notice USN-4370-2
Posted May 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4370-2 - USN-4370-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-3327, CVE-2020-3341
MD5 | 41f2316b173eea1d00d120657fb88797
Ubuntu Security Notice USN-4371-1
Posted May 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4371-1 - It was discovered that libvirt incorrectly handled an active pool without a target path. A remote attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. It was discovered that libvirt incorrectly handled memory when retrieving certain domain statistics. A remote attacker could possibly use this issue to cause libvirt to consume resources, resulting in a denial of service. This issue only affected Ubuntu 19.10. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-10703, CVE-2020-12430
MD5 | 277d54e2071edbe532c6f11bdd7e2022
Ubuntu Security Notice USN-4372-1
Posted May 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4372-1 - It was discovered that QEMU incorrectly handled bochs-display devices. A local attacker in a guest could use this to cause a denial of service or possibly execute arbitrary code in the host. This issue only affected Ubuntu 19.10. It was discovered that QEMU incorrectly handled memory during certain VNC operations. A remote attacker could possibly use this issue to cause QEMU to consume resources, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-15034, CVE-2019-20382, CVE-2020-10702, CVE-2020-11869, CVE-2020-1983
MD5 | abf7184cc2087c06b76ddc60ed0d60ed
Ubuntu Security Notice USN-4370-1
Posted May 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4370-1 - It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing PDF files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-3327, CVE-2020-3341
MD5 | 39f5e383f91d9ec029fffde8daa2385b
WebLogic Server Deserialization Remote Code Execution
Posted May 21, 2020
Authored by Shelby Pace, Y4er, Jang | Site metasploit.com

This Metasploit module exploits a Java object deserialization vulnerability in multiple versions of WebLogic. Unauthenticated remote code execution can be achieved by sending a serialized BadAttributeValueExpException object over the T3 protocol to vulnerable WebLogic servers.

tags | exploit, java, remote, code execution, protocol
advisories | CVE-2020-2555
MD5 | e3a30f51596b55d810e3f2ed09788c15
OpenEDX Ironwood 2.5 Remote Code Execution
Posted May 20, 2020
Authored by Daniel Monzon

OpenEDX platform Ironwood version 2.5 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-13144
MD5 | eb74b7ef637d95cec604f0cd7433300a
Ubuntu Security Notice USN-4365-2
Posted May 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4365-2 - USN-4365-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service, or possibly use Bind to perform a reflection attack. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | 5b0e56c1eabe20b3f39807b88f195a78
Craft CMS 3 vCard 1.0.0 Remote Code Execution
Posted May 20, 2020
Authored by Wade Guest

Craft CMS 3 with vCard plugin version 1.0.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 076cdf1ae5f96d31a7d5d08945141f4e
Protection Licensing Toolkit ReadyAPI 3.2.5 Code Execution / Deserialization
Posted May 19, 2020
Authored by Moritz Bechler

Protection Licensing Toolkit ReadyAPI version 3.2.5 suffers from an unsafe deserialization vulnerability that allows for remote code execution.

tags | exploit, remote, code execution
advisories | CVE-2020-12835
MD5 | 04d24a10d080f67a99623c2a47d1d455
Red Hat Security Advisory 2020-2213-01
Posted May 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2213-01 - The ipmitool packages contain a command-line utility for interfacing with devices that support the Intelligent Platform Management Interface specification. IPMI is an open standard for machine health, inventory, and remote power control. Issues addressed include a buffer overflow vulnerability.

tags | advisory, remote, overflow
systems | linux, redhat
advisories | CVE-2020-5208
MD5 | d1efeeeaea3cb2a8aa392d5517fd688e
Ubuntu Security Notice USN-4366-1
Posted May 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4366-1 - It was discovered that Exim incorrectly handled certain inputs. An remote attacker could possibly use this issue to access sensitive information or authentication bypass.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-12783
MD5 | 9ea6a9371b1e8c0b4e1fe271b5d74364
Victor CMS 1.0 Shell Upload
Posted May 19, 2020
Authored by Kishan Lal Choudhary

Victor CMS version 1.0 suffers from an authenticated remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 7f5c0f7f129fcb1e7e08e68329e0210b
PHP-Fusion 9.03.50 SQL Injection
Posted May 19, 2020
Authored by SunCSR

PHP-Fusion version 9.03.50 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 0a1a9de287822195e0373a79ec7c6409
Ubuntu Security Notice USN-4365-1
Posted May 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4365-1 - Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service, or possibly use Bind to perform a reflection attack. Tobias Klein discovered that Bind incorrectly handled checking TSIG validity. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly perform other attacks. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | d997e46eed2a4a36615bb449b70ab0cb
Victor CMS 1.0 SQL Injection
Posted May 19, 2020
Authored by Kishan Lal Choudhary

Victor CMS version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ef63f4969dde8a1daaa8ced535329dba
Oracle Hospitality RES 3700 5.7 Remote Code Execution
Posted May 18, 2020
Authored by Walid Faour

Oracle Hospitality RES 3700 versions 5.7 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-3025
MD5 | c43ca26e1faff41ecc77118d33516e65
WordPress Ajax Load More 5.3.1 SQL Injection
Posted May 18, 2020
Authored by Nguyen Khang

WordPress Ajax Load More plugin version 5.3.1 suffers from an authenticated remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 28e6409feee28f6bcdeb20ea4ed162f0
Online Chatting System 1.0 SQL Injection
Posted May 18, 2020
Authored by BKpatron

Online Chatting System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a6039a21614d2e9ba8d00930dc11c018
Online Healthcare Management System 1.0 SQL Injection
Posted May 18, 2020
Authored by BKpatron

Online Healthcare Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | f2306a51314966bb8d44be79d83b4cd1
Online Healthcare Patient Record Management System 1.0 SQL Injection
Posted May 18, 2020
Authored by Daniel Monzon

Online Healthcare Patient Record Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | cf22f6afb7e05bc86655142c256f69fd
Online Examination System 1.0 SQL Injection
Posted May 18, 2020
Authored by BKpatron

Online Examination System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | dd5b4fc41616acdedf874099bfaa2b50
Mikrotik Router Monitoring System 1.2.3 SQL Injection
Posted May 16, 2020
Authored by jul10l1r4

Mikrotik Router Monitoring System versions 1.2.3 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2020-13118
MD5 | bd665b3db2289d0623576f8779b1c973
TOR Virtual Network Tunneling Tool 0.4.3.5
Posted May 15, 2020
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.4.3.5 is the first stable release in the 0.4.3.x series. This series adds support for building without relay code enabled, and implements functionality needed for OnionBalance with v3 onion services. It includes significant refactoring of our configuration and controller functionality, and fixes numerous smaller bugs and performance issues.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | 0ad32a560bce8eeb64496d2a0fd8035c
ManageEngine AssetExplorer Authenticated Command Execution
Posted May 15, 2020
Authored by Sahil Dhar, xen1thLabs

ManageEngine AssetExplorer versions prior to 6.5 (6503) suffer from an authenticated remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2019-19034
MD5 | 7b8d9baa42ea19829e2e131700345178
Page 1 of 1,109
Back12345Next

File Archive:

May 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    14 Files
  • 2
    May 2nd
    3 Files
  • 3
    May 3rd
    1 Files
  • 4
    May 4th
    18 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    21 Files
  • 7
    May 7th
    15 Files
  • 8
    May 8th
    19 Files
  • 9
    May 9th
    1 Files
  • 10
    May 10th
    2 Files
  • 11
    May 11th
    18 Files
  • 12
    May 12th
    39 Files
  • 13
    May 13th
    15 Files
  • 14
    May 14th
    17 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    2 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    21 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    6 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close