exploit the possibilities
Showing 101 - 125 of 27,295 RSS Feed

Remote Files

Socomec DIRIS A-40 Password Disclosure
Posted Oct 8, 2019
Authored by Jens Timmerman

Socomec DIRIS A-40 devices versions before 48250501 allow a remote attacker to get full access to a device via the /password.jsn URI.

tags | exploit, remote, info disclosure
advisories | CVE-2019-15859
MD5 | baec89aa472335274e4cf2482d44a22d
OmniCenter 12.1.1 SQL Injection
Posted Oct 8, 2019
Authored by Luis Rios

OmniCenter version 12.1.1 suffers from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
advisories | CVE-2019-17128
MD5 | 28b57fa937c5b2e3827d3c80243edbd5
XNU Data Race Remote Double-Free
Posted Oct 7, 2019
Authored by Jann Horn, Google Security Research

XNU suffers from a remote double-free vulnerability due to a data race in IPComp input path.

tags | exploit, remote
advisories | CVE-2019-8717
MD5 | f107571d24ce915ad24992a19c351dc1
vBulletin 5.5.4 Remote Code Execution
Posted Oct 7, 2019
Authored by EgiX | Site karmainsecurity.com

vBulletin versions 5.5.4 and below suffers from an updateAvatar remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-17132
MD5 | 2bd3e76b0d1ad20fdb921832d6d49f29
vBulletin 5.5.4 SQL Injection
Posted Oct 7, 2019
Authored by EgiX | Site karmainsecurity.com

vBulletin versions 5.5.4 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2019-17271
MD5 | cd33cc4dfeb49e4f86dc27d6697a4e0a
Ubuntu Security Notice USN-4148-1
Posted Oct 7, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4148-1 - It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-12596, CVE-2017-9113, CVE-2018-18444
MD5 | 16733b418df766b5254b97c4b08007b1
Tellion HN-2204AP Router Remote Configuration Disclosure
Posted Oct 7, 2019
Authored by Todor Donev

Tellion HN-2204AP router remote configuration disclosure exploit.

tags | exploit, remote
MD5 | 2b86e240e4fb20ac50061d52fd737d66
freeFTP 1.0.8 Remote Buffer Overflow
Posted Oct 7, 2019
Authored by Chet Manly

freeFTP version 1.0.8 remote buffer overflow exploit.

tags | exploit, remote, overflow
MD5 | 7dfb5716d284763bd7918b63f0a93998
IcedTeaWeb Validation Bypass / Directory Traversal / Code Execution
Posted Oct 7, 2019
Authored by Imre Rad

IcedTeaWeb suffers from multiple vulnerabilities including directory traversal and validation bypass issues that can lead to remote code execution. The affected versions are 1.7.2 and below, 1.8.2 and below. 1.6 is also vulnerable and not patched due to being EOL. Proof of concepts are provided.

tags | exploit, remote, vulnerability, code execution, proof of concept
advisories | CVE-2019-10181, CVE-2019-10182, CVE-2019-10185
MD5 | ea6508180f62fca63a4c9cdbaca675ad
IBM Bigfix Platform 9.5.9.62 Arbitary File Upload / Code Execution
Posted Oct 7, 2019
Authored by Jakub Palaczynski

IBM Bigfix Platform version 9.5.9.62 suffers from an arbitrary file upload vulnerability as root that can achieve remote code execution.

tags | exploit, remote, arbitrary, root, code execution, file upload
advisories | CVE-2019-4013
MD5 | 8ae1f789332dbd08c91e2e0e13536381
Joomla 3.4.6 Remote Code Execution
Posted Oct 7, 2019
Authored by Alessandro Groppo

Joomla versions 3.0.0 through 3.4.6 suffer from a remote code execution vulnerability in configuration.php.

tags | exploit, remote, php, code execution
MD5 | 3dbace36f03416b2067e44c5ab4dfc35
Thailand Union Library Management 6.2 SQL Injection / XSS
Posted Oct 7, 2019
Authored by KingSkrupellos

Thailand Union Library Management version 6.2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 72bf47bf8eaab7c228ce951378e6c581
Debian Security Advisory 4541-1
Posted Oct 6, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4541-1 - Max Kellermann reported a NULL pointer dereference flaw in libapreq2, a generic Apache request library, allowing a remote attacker to cause a denial of service against an application using the library (application crash) if an invalid nested "multipart" body is processed.

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2019-12412
MD5 | 0c6e8369712db46f7c5651015d394e76
CA Network Flow Analysis 9.x / 10.0.x Remote Command Execution
Posted Oct 5, 2019
Authored by Kevin Kotas, Hendrik Van Belleghem | Site www3.ca.com

CA Technologies, a Broadcom Company, is alerting customers to a potential risk with CA Network Flow Analysis. A vulnerability exists that can allow a remote attacker to execute arbitrary commands. CA published a solution to address the vulnerabilities and recommends that all affected customers implement this solution. The vulnerability occurs due to default credentials and a configuration weakness. A malicious actor may use the default credentials and exploit a weakness in the configuration to execute arbitrary commands on the CA Network Flow Analysis server. Versions 9.x and 10.0.x are affected.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2019-13658
MD5 | 8114522ce19045f44906d1e2af524b4f
LabCollector 5.423 SQL Injection
Posted Oct 4, 2019
Authored by Carlos Avila

LabCollector version 5.423 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 9544cc6a3f598df0468c1d7e6829fbda
Ubuntu Security Notice USN-4146-2
Posted Oct 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4146-2 - USN-4146-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that ClamAV incorrectly handled unpacking ZIP files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-12625, CVE-2019-12900
MD5 | c06119b41a97548f941ccf99891243cd
Hisilicon Hi3518 HD Camera Remote Configuration Disclosure
Posted Oct 3, 2019
Authored by Todor Donev

Hisilicon Hi3518 HD camera remote configuration disclosure exploit.

tags | exploit, remote
MD5 | bfcd9951e1db1e9212930f1ac9a13d92
Dongyoung Media DM-AP240T/W Wireless Access Point Remote Configuration Disclosure
Posted Oct 3, 2019
Authored by Todor Donev

Dongyoung Media DM-AP240T/W wireless access point remote configuration disclosure exploit.

tags | exploit, remote
MD5 | 0d57c8105d3612e57d08a7865f1390fa
Tellion TE01-005H HomeHub Router Remote Configuration Disclosure
Posted Oct 2, 2019
Authored by Todor Donev

Tellion TE01-005H HomeHub router remote configuration disclosure exploit.

tags | exploit, remote
MD5 | 9adb7a7f59b731ca830dbc397e0df0c7
Ubuntu Security Notice USN-4146-1
Posted Oct 2, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4146-1 - It was discovered that ClamAV incorrectly handled unpacking ZIP files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. It was discovered that ClamAV incorrectly handled unpacking bzip2 files. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-12625, CVE-2019-12900
MD5 | a9a55b14cbc898f086394a690f0498ea
Detrix EDMS 1.2.3.1505 SQL Injection
Posted Oct 2, 2019
Authored by Burov Konstantin

Detrix EDMS version 1.2.3.1505 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 559c3e337f3b296e25d64d2b9113bd14
Notepad++ Code Execution / Denial Of Service
Posted Oct 2, 2019
Authored by bi7s

Notepad++ (x64) versions prior to 7.7 allow remote code execution or denial of service via a crafted .ml file.

tags | exploit, remote, denial of service, code execution
advisories | CVE-2019-16294
MD5 | f8a4557604cf8293c54fe98904c1a95e
Counter-Strike Global Offensive Code Execution / Denial Of Service
Posted Oct 2, 2019
Authored by bi7s

Counter-Strike Global Offensive (vphysics.dll) versions prior to 1.37.1.1 allow remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, using a crafted map that causes memory corruption.

tags | exploit, remote, denial of service, code execution
advisories | CVE-2019-15943
MD5 | fea64c52d27539e7afc0c1d21a328d3f
LG-ERICSSON LN202-003H HomeHub Router Remote Configuration Disclosure
Posted Oct 1, 2019
Authored by Todor Donev

LG-ERICSSON LN202-003H HomeHub router remote configuration disclosure exploit.

tags | exploit, remote
MD5 | fc594bc6b78ed6b26e191ee2958732fd
Red Hat Security Advisory 2019-2945-01
Posted Oct 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2945-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security fix: If the Wake-up on Wireless LAN functionality is configured in the brcmfmac driver, which only works with Broadcom FullMAC chipsets, a malicious event frame can be constructed to trigger a heap buffer overflow in the brcmf_wowl_nd_results() function. This vulnerability can be exploited by compromised chipsets to compromise the host, or when used in combination with another brcmfmac driver flaw, can be used remotely. This can result in a remote denial of service. Due to the nature of the flaw, a remote privilege escalation cannot be fully ruled out. Issues addressed include buffer overflow and denial of service vulnerabilities.

tags | advisory, remote, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-9500
MD5 | a87b3a5a1e36d60f2f04b5816c45a291
Page 5 of 1,092
Back34567Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    1 Files
  • 17
    Nov 17th
    3 Files
  • 18
    Nov 18th
    22 Files
  • 19
    Nov 19th
    17 Files
  • 20
    Nov 20th
    15 Files
  • 21
    Nov 21st
    13 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close