exploit the possibilities
Showing 1 - 25 of 28,044 RSS Feed

Remote Files

Ubuntu Security Notice USN-4547-2
Posted Sep 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4547-2 - It was discovered that the LibVNCClient vendored in SSVNC incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-20020
MD5 | 10e3d0622f2e336e51652caf06b7cf9d
Mida eFramework 2.8.9 Remote Code Execution
Posted Sep 28, 2020
Authored by elbae

Mida eFramework version 2.8.9 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-15922
MD5 | f225e35594bf7ff572af9b86a1394a6a
Joplin 1.0.245 Cross Site Scripting / Code Execution
Posted Sep 28, 2020
Authored by Ademar Nowasky Junior

Joplin version 1.0.245 suffers from a cross site scripting vulnerability that can lead to allowing for remote code execution.

tags | exploit, remote, code execution, xss
advisories | CVE-2020-15930
MD5 | 00da71016d73cb06ead4d170f5e72d1c
Ubuntu Security Notice USN-4553-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4553-1 - It was discovered that Teeworlds server did not properly handler certain network traffic. A remote, unauthenticated attacker could use this vulnerability to cause Teeworlds server to crash.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-12066
MD5 | 67e2f0aab1a5f038566b1636c11f252b
Ubuntu Security Notice USN-4551-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4551-1 - Alex Rousskov and Amit Klein discovered that Squid incorrectly handled certain Content-Length headers. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. Amit Klein discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. Various other issues were also addressed.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2020-15049, CVE-2020-15810, CVE-2020-15811, CVE-2020-24606
MD5 | 3eafffe142c5a1479c54fa5c9e297c33
Ubuntu Security Notice USN-4547-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4547-1 - It was discovered that an information disclosure vulnerability existed in the LibVNCServer vendored in iTALC when sending a ServerCutText message. An attacker could possibly use this issue to expose sensitive information. It was discovered that the LibVNCServer and LibVNCClient vendored in iTALC incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, info disclosure
systems | linux, ubuntu
advisories | CVE-2018-15127, CVE-2018-20022, CVE-2018-20023, CVE-2018-20024, CVE-2018-20749, CVE-2018-7225, CVE-2019-15681
MD5 | 9922e4b06254766557616cfff60d0f5a
Ubuntu Security Notice USN-4545-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4545-1 - It was discovered that libquicktime incorrectly handled certain malformed MP4 files. If a user were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause a denial of service. It was discovered that libquicktime incorrectly handled certain malformed MP4 files. If a user were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause libquicktime to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-9122, CVE-2017-9125, CVE-2017-9126, CVE-2017-9127
MD5 | 82a9122d668579c365d56e1def5f7ce8
Sifter 10_r2
Posted Sep 28, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Revision 2 of version 10. Includes separated categories and various additions.
tags | tool, remote, local, scanner, vulnerability
systems | unix
MD5 | 6bee73d58cd39101159e5cda8f2f4469
Ubuntu Security Notice USN-4543-1
Posted Sep 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4543-1 - Michaƅ‚ Bentkowski discovered that Sanitize did not properly sanitize some math or svg HTML under certain circumstances. A remote attacker could potentially exploit this to conduct cross-site scripting attacks.

tags | advisory, remote, xss
systems | linux, ubuntu
advisories | CVE-2020-4054
MD5 | f7276c40d308ac3763e9648293aba821
Ubuntu Security Notice USN-4542-1
Posted Sep 26, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4542-1 - It was discovered that MiniUPnPd did not properly validate callback addresses. A remote attacker could possibly use this issue to expose sensitive information. It was discovered that MiniUPnPd incorrectly handled unpopulated user XML input. An attacker could possibly use this issue to cause MiniUPnPd to crash, resulting in a denial of service. It was discovered that MiniUPnPd incorrectly handled an empty description when port mapping. An attacker could possibly use this issue to cause MiniUPnPd to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-12107, CVE-2019-12110, CVE-2019-12111
MD5 | 74d311d5f6eb54781286c7b5650a1990
Ubuntu Security Notice USN-4540-1
Posted Sep 25, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4540-1 - Denis Andzakovic discovered that atftpd incorrectly handled certain malformed packets. A remote attacker could send a specially crafted packet to cause atftpd to crash, resulting in a denial of service. Denis Andzakovic discovered that atftpd did not properly lock the thread list mutex. An attacker could send a large number of tftpd packets simultaneously when running atftpd in daemon mode to cause atftpd to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-11365, CVE-2019-11366
MD5 | 85a92f5a6833b52838d668bab5904769
BigTree CMS 4.4.10 Remote Code Execution
Posted Sep 25, 2020
Authored by SunCSR

BigTree CMS version 4.4.10 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 353327fef903019f8b589b0223caf8ba
Simple Online Food Ordering System 1.0 SQL Injection
Posted Sep 24, 2020
Authored by Eren Simsek

Simple Online Food Ordering System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 09527c2983cc15af4a2c28bc79a91647
Ubuntu Security Notice USN-4536-1
Posted Sep 24, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4536-1 - Youssouf Boulouiz discovered that SPIP incorrectly handled login error messages. A remote attacker could potentially exploit this to conduct cross-site scripting attacks. Gilles Vincent discovered that SPIP incorrectly handled password reset requests. A remote attacker could possibly use this issue to cause SPIP to enumerate registered users. Guillaume Fahrner discovered that SPIP did not properly sanitize input. A remote authenticated attacker could possibly use this issue to execute arbitrary code on the host server. Various other issues were also addressed.

tags | advisory, remote, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2017-15736, CVE-2019-11071, CVE-2019-16391, CVE-2019-16392, CVE-2019-16393, CVE-2019-16394, CVE-2019-19830
MD5 | 26358c71d5c54c232b20eb20dc1c6bc3
Ubuntu Security Notice USN-4532-1
Posted Sep 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4532-1 - It was discovered that Netty incorrectly handled certain HTTP headers. By sending an HTTP header with whitespace before the colon, a remote attacker could possibly use this issue to perform an HTTP request smuggling attack. It was discovered that Netty incorrectly handled certain HTTP headers. By sending an HTTP header that lacks a colon, a remote attacker could possibly use this issue to perform an HTTP request smuggling attack. Various other issues were also addressed.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2019-16869, CVE-2019-20444, CVE-2019-20445
MD5 | 5ae25a0d5a546f3db8eb194eab1e23cf
Online Food Ordering System 1.0 Remote Code Execution
Posted Sep 23, 2020
Authored by Eren Simsek

Online Food Ordering System version 1.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 45b4d72b18145baad0b4ccdcaf01e06c
Artica Proxy 4.30.000000 Authentication Bypass / Command Injection
Posted Sep 22, 2020
Authored by Redouane Niboucha, Max0x4141 | Site metasploit.com

This Metasploit module exploits an authenticated command injection vulnerability in Artica Proxy, combined with an authentication bypass discovered on the same version, it is possible to trigger the vulnerability without knowing the credentials. The application runs in a virtual appliance and successful exploitation of this vulnerability yields remote code execution as root on the remote system.

tags | exploit, remote, root, code execution
advisories | CVE-2020-17505, CVE-2020-17506
MD5 | 2f2103c5669ae141590617b76ac578f0
Visitor Management System In PHP 1.0 SQL Injection
Posted Sep 22, 2020
Authored by Rahul Ramkumar

Visitor Management System in PHP version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
advisories | CVE-2020-25760
MD5 | eb513471e0235ff5f467e06b619ab1d2
Seat Reservation System 1.0 SQL Injection
Posted Sep 22, 2020
Authored by Rahul Ramkumar

Seat Reservation System version 1.0 suffers from an unauthenticated remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2020-25762
MD5 | 4db79f048b2d69b73114c2fce6c9d015
Ubuntu Security Notice USN-4531-1
Posted Sep 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4531-1 - It was discovered that the BusyBox wget applet incorrectly validated SSL certificates. A remote attacker could possibly use this issue to intercept secure communications.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2018-1000500
MD5 | 35998d78e3effc0e981fd1066145d355
Ubuntu Security Notice USN-4529-1
Posted Sep 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4529-1 - It was discovered that FreeImage incorrectly handled certain memory operations. If a user were tricked into opening a crafted TIFF file, a remote attacker could use this issue to cause a heap buffer overflow, resulting in a denial of service attack. It was discovered that FreeImage incorrectly processed images under certain circumstances. If a user were tricked into opening a crafted TIFF file, a remote attacker could possibly use this issue to cause a stack exhaustion condition, resulting in a denial of service attack. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow
systems | linux, ubuntu
advisories | CVE-2019-12211, CVE-2019-12213
MD5 | e4d795e868523f46e11bced7d75ce497
Ubuntu Security Notice USN-4528-1
Posted Sep 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4528-1 - Adam Mohammed discovered that Ceph incorrectly handled certain CORS ExposeHeader tags. A remote attacker could possibly use this issue to perform an HTTP header injection attack. Lei Cao discovered that Ceph incorrectly handled certain POST requests with invalid tagging XML. A remote attacker could possibly use this issue to cause Ceph to crash, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, remote, web, denial of service
systems | linux, ubuntu
advisories | CVE-2020-10753, CVE-2020-12059, CVE-2020-1760
MD5 | fab54bac4dc3199926f75767984dd1fa
Comodo Unified Threat Management Web Console 2.7.0 Remote Code Execution
Posted Sep 22, 2020
Authored by Milad Fadavvi

Comodo Unified Threat Management Web Console version 2.7.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, web, code execution
advisories | CVE-2018-17431
MD5 | e8a98806bdfaf3bf9d3fdfa1f17a5049
Ubuntu Security Notice USN-4523-1
Posted Sep 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4523-1 - It was discovered that LibOFX did not properly check for errors in certain situations, leading to a NULL pointer dereference. A remote attacker could use this issue to cause a denial of service attack.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-9656
MD5 | a23b7d22d1b3ff45fcb73f73dbb1c7ba
Seat Reservation System 1.0 Shell Upload
Posted Sep 21, 2020
Authored by Rahul Ramkumar

Seat Reservation System version 1.0 suffers from an unauthenticated file upload vulnerability that allows for remote code execution.

tags | exploit, remote, code execution, file upload
advisories | CVE-2020-25763
MD5 | f3302d01404a38c2cf0a759d35184237
Page 1 of 1,122
Back12345Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    8 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    4 Files
  • 26
    Sep 26th
    1 Files
  • 27
    Sep 27th
    1 Files
  • 28
    Sep 28th
    20 Files
  • 29
    Sep 29th
    11 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close