Twenty Year Anniversary
Showing 1 - 25 of 26,321 RSS Feed

Remote Files

FutureNet NXR-G240 Series ShellShock Command Injection
Posted Dec 7, 2018
Authored by Nassim Asrir

FutureNet NXR-G240 Series remote shellshock command injection exploit.

tags | exploit, remote
advisories | CVE-2014-6271
MD5 | c16ed470e8102d32f5c571792cdedf24
Ubuntu Security Notice USN-3831-2
Posted Dec 7, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3831-2 - USN-3831-1 fixed vulnerabilities in Ghostscript. Ghostscript 9.26 introduced a regression when used with certain options. This update fixes the problem. It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
MD5 | 90e4e6902a9545090e0ab2f68dbb0ec5
Packet Fence 8.2.1
Posted Dec 6, 2018
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Allows for SMS PIN codes to be reused. Various bug fixes.
tags | tool, remote
systems | unix
MD5 | 1e14bb1c2b571fa0e1907a89e0032ace
Ubuntu Security Notice USN-3838-1
Posted Dec 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3838-1 - It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-5807, CVE-2018-5813
MD5 | 879b86e3856df5f621b8482aaf06a069
Hasan MWB 1.0 Time-Based SQL Injection
Posted Dec 6, 2018
Authored by Socket_0x03

Hasan MWB version 1.0 suffers from multiple time-based remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 643d3c7b5bde03097fdee273cac5630a
Ubuntu Security Notice USN-3811-3
Posted Dec 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3811-3 - USN-3811-1 fixed a vulnerability in spamassassin. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-11780, CVE-2018-11781
MD5 | 99e9b14016913915026a9427dfc058dc
Red Hat Security Advisory 2018-3773-01
Posted Dec 6, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3773-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include cleartext password logging.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-16859
MD5 | 51782eb421e92229ef9253f4a7fe3721
Red Hat Security Advisory 2018-3771-01
Posted Dec 6, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3771-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include cleartext password logging.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-16859
MD5 | 4bd45694c8a8b395b599b9ceadd19b98
Red Hat Security Advisory 2018-3770-01
Posted Dec 6, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3770-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include cleartext password logging.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-16859
MD5 | 9bc4b914b4ad03ea6b8a77f27a824435
Red Hat Security Advisory 2018-3772-01
Posted Dec 6, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3772-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include cleartext password logging.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-16859
MD5 | 24ee55b13e8e98e382761f9e6f5a057d
Chamilo 1.11.6 SQL Injection
Posted Dec 6, 2018
Authored by Zekvan Arslan | Site netsparker.com

Chamilo version 1.11.6 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 50c127104e82ada5240331eb4f691d76
HasanMWB 1.0 SQL Injection
Posted Dec 6, 2018
Authored by Ihsan Sencan

HasanMWB version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3450f0c3cb39e414616e5617132b49d4
HP Intelligent Management Java Deserialization Remote Code Execution
Posted Dec 4, 2018
Authored by mr_me, Carsten MaartmannMoe | Site metasploit.com

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebDMDebugServlet, which listens on TCP ports 8080 and 8443 by default. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM.

tags | exploit, remote, arbitrary, tcp
advisories | CVE-2017-12557
MD5 | 7f78f8ca23ae637a5eaf4c38011cf48c
Joomla! JE Photo Gallery 1.1 SQL Injection
Posted Dec 4, 2018
Authored by Ihsan Sencan

Joomla! JE Photo Gallery component version 1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 88144fa68a6daaa6a041b5e07e3f3259
Apache Superset 0.23 Remote Code Execution
Posted Dec 4, 2018
Authored by David May

Apache Superset version 0.23 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-8021
MD5 | 305275d8190fc1d2cd63df2160eca91c
KC GRUP Web Design 1.0 SQL Injection
Posted Dec 4, 2018
Authored by KingSkrupellos

KC GRUP Web Design version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | 4a961ba375685bf4edbb7386d1990d4e
KeyBase Botnet 1.5 SQL Injection
Posted Dec 4, 2018
Authored by n4pst3r

KeyBase Botnet version 1.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c56c96514e7b2c12ae89556aa0befcd7
Red Hat Security Advisory 2018-3757-01
Posted Dec 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3757-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
systems | linux, redhat
advisories | CVE-2018-16850
MD5 | a2205de1b07afe2f0e4e586bbf67cadd
Gentoo Linux Security Advisory 201812-02
Posted Dec 3, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201812-2 - Multiple vulnerabilities have been found in ConnMan, the worst of which could result in the remote execution of code. Versions less than 1.35-r1 are affected.

tags | advisory, remote, vulnerability
systems | linux, gentoo
advisories | CVE-2017-12865, CVE-2017-5716
MD5 | 5e639e0b243ff077abc2032679809193
Siyah Beyaz Bilisim Web Design 1.0 SQL Injection
Posted Dec 3, 2018
Authored by KingSkrupellos

Siyah Beyaz Bilisim Web Design version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | 71e51cbbee06b5b0e7c8aec68c948a70
Gentoo Linux Security Advisory 201811-23
Posted Nov 30, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201811-23 - Multiple vulnerabilities have been found in libsndfile, the worst of which might allow remote attackers to cause a Denial of Service condition. Versions less than 1.0.28-r4 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2017-12562, CVE-2017-14634, CVE-2017-6892, CVE-2017-8361, CVE-2017-8362, CVE-2017-8363, CVE-2017-8365, CVE-2018-13139
MD5 | 97e38014b0f5277a6a8c66b8428ac6a3
Ubuntu Security Notice USN-3795-3
Posted Nov 30, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3795-3 - USN-3795-1 and USN-3795-2 fixed a vulnerability in libssh. The upstream fix introduced a regression. This update fixes the problem. Peter Winter-Smith discovered that libssh incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
MD5 | 7f15bb7924328b6121f1a4772769aefe
Ubuntu Security Notice USN-3831-1
Posted Nov 30, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3831-1 - It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-19409
MD5 | 481e81b6b20a445167d1fc2430b48d4f
Gentoo Linux Security Advisory 201811-22
Posted Nov 29, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201811-22 - Multiple vulnerabilities have been found in RPM, the worst of which could allow a remote attacker to escalate privileges. Versions less than 4.14.1 are affected.

tags | advisory, remote, vulnerability
systems | linux, gentoo
advisories | CVE-2013-6435, CVE-2014-8118, CVE-2017-7501
MD5 | b2e28734ab3686f7eae98681d8c49d65
Joomla Fabrik 3.9 CSRF / LFI / Shell Upload
Posted Nov 29, 2018
Authored by KingSkrupellos

Joomla Fabrik component version 3.9 suffers from cross site request forgery, local file inclusion, and remote shell upload vulnerabilities.

tags | exploit, remote, shell, local, vulnerability, file inclusion, csrf
MD5 | cee583e8df398e9f206f9451d94be1bd
Page 1 of 1,053
Back12345Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    10 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close