Twenty Year Anniversary
Showing 1 - 25 of 27,265 RSS Feed

Vulnerability Files

Responsive FileManager 9.13.4 XSS / File Manipulation / Traversal
Posted Dec 14, 2018
Authored by farisv

Responsive FileManager version 9.13.4 suffers from bypass, cross site scripting, remote file read, remote file write, and traversal vulnerabilities.

tags | exploit, remote, vulnerability, xss, file inclusion
MD5 | 2ef45cffaee6d5b284e83ae3327d46c7
Cisco RV110W Password Disclosure / Command Execution
Posted Dec 14, 2018
Authored by RySh

Cisco RV110W suffers from password disclosure and command execution vulnerabilities.

tags | exploit, vulnerability, info disclosure
systems | cisco
advisories | CVE-2014-0683, CVE-2015-6396
MD5 | eed52ea76fb024c920ddc2cbd7084851
WebKitGTK+ / WPE WebKit Memory Corruption / Code Execution
Posted Dec 13, 2018
Authored by WebKitGTK+ Team

WebKitGTK+ and WPE WebKit suffer from multiple memory corruption vulnerabilities that can lead to code execution.

tags | advisory, vulnerability, code execution
advisories | CVE-2018-4437, CVE-2018-4438, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464
MD5 | 86a36b1af77b318cca7a3d8fd9bf22e7
Micro Focus Security Bulletin MFSBGN03835 1
Posted Dec 13, 2018
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03835 1 - The SSC REST API contains Insecure Direct Object Reference (IDOR) vulnerabilities that allow authenticated users access to arbitrary details of the Local and LDAP users via POST method and to arbitrary details of other user's Fortify projects via GET method. Revision 1 of this advisory.

tags | advisory, arbitrary, local, vulnerability
advisories | CVE-2018-7690, CVE-2018-7691
MD5 | a82397b74c12246840801aa85de6924c
Micro Focus Security Bulletin MFSBGN03837 1
Posted Dec 13, 2018
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03837 1 - A vulnerabilities in Apache Tomcat was addressed by Micro Focus Network Node Manager i. The vulnerability could be exploited Remote Cross-Site Scripting (XSS) and Remote Disclosure of Information. Revision 1 of this advisory.

tags | advisory, remote, vulnerability, xss
advisories | CVE-2016-6816, CVE-2017-5664
MD5 | b78255fa627420eca82d0a77ad0d256d
Tourism Website Blog Code Execution / SQL Injection
Posted Dec 12, 2018
Authored by Ihsan Sencan

Tourism Website version Blog suffers from code execution and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, code execution, sql injection
MD5 | 03cfe8568af6f82ac7fcd8e738612593
Alumni Tracer SMS Notification Cross Site Request Forgery / SQL Injection
Posted Dec 12, 2018
Authored by Ihsan Sencan

Alumni Tracer SMS version Notification suffers from cross site request forgery and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
MD5 | ea5cd9d5a70eee5746568396cf910032
Dynamic Loader Oriented Programming - Wiederganger Proof Of Concept
Posted Dec 12, 2018
Authored by Marcin Kozlowski

This paper and proof of concept describes the Wiederganger-Attack, a new attack vector that reliably allows to escalate unbounded array access vulnerabilities occurring in specifically allocated memory regions to full code execution on programs running on i386/x86_64 Linux. Wiederganger-attacks abuse determinism in Linux ASLR implementation combined with the fact that (even with protection mechanisms such as relro and glibc's pointer mangling enabled) there exist easy-to-hijack, writable (function) pointers in application memory.

tags | exploit, vulnerability, code execution, proof of concept
systems | linux
MD5 | 9450ff4b4e1f182c2f3845ea9c3bdb86
Ubuntu Security Notice USN-3837-2
Posted Dec 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3837-2 - USN-3837-1 fixed vulnerabilities in poppler. A regression was reported regarding the previous update. This update fixes the problem. It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-16646, CVE-2018-19149
MD5 | 377baed8b82a680a84a9c85cdc9060d2
Google Chrome 70.0.3538.77 Cross Site Scripting / Man-In-The-Middle
Posted Dec 11, 2018
Authored by Jann Horn, Google Security Research

Google Chrome version 70.0.3538.77 stable suffers from cross site scripting and man-in-the-middle vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 983c9bbc501d7d7ca4d8d631173677e7
ZTE Home Gateway ZXHN H168N 2.2 Access Control Bypass
Posted Dec 11, 2018
Authored by Usman Saeed

ZTE Home Gateway ZXHN H168N suffers from multiple access bypass and information disclosure vulnerabilities.

tags | exploit, vulnerability, bypass, info disclosure
advisories | CVE-2018-7357, CVE-2018-7358
MD5 | 835798e5ebba5abb019adf55717b5e7d
Red Hat Security Advisory 2018-3803-01
Posted Dec 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3803-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 71.0.3578.80. Issues addressed include buffer overflow and out of bounds write vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-17480, CVE-2018-17481, CVE-2018-18335, CVE-2018-18336, CVE-2018-18337, CVE-2018-18338, CVE-2018-18339, CVE-2018-18340, CVE-2018-18341, CVE-2018-18342, CVE-2018-18343, CVE-2018-18344, CVE-2018-18345, CVE-2018-18346, CVE-2018-18347, CVE-2018-18348, CVE-2018-18349, CVE-2018-18350, CVE-2018-18351, CVE-2018-18352, CVE-2018-18353, CVE-2018-18354, CVE-2018-18355, CVE-2018-18356, CVE-2018-18357, CVE-2018-18358
MD5 | e510bdf95aba2e4d56e14cce8631390c
Debian Security Advisory 4352-1
Posted Dec 11, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4352-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2018-17480, CVE-2018-17481, CVE-2018-18335, CVE-2018-18336, CVE-2018-18337, CVE-2018-18338, CVE-2018-18339, CVE-2018-18340, CVE-2018-18341, CVE-2018-18342, CVE-2018-18343, CVE-2018-18344, CVE-2018-18345, CVE-2018-18346, CVE-2018-18347, CVE-2018-18348, CVE-2018-18349, CVE-2018-18350, CVE-2018-18351, CVE-2018-18352, CVE-2018-18353, CVE-2018-18354, CVE-2018-18355, CVE-2018-18356, CVE-2018-18357, CVE-2018-18358
MD5 | 4cdb441fbb96629a60581147817832f7
WordPress CodeCanyon-5293356-Ajax-Store-Locator-Wordpress 1.2.0 Disclosure
Posted Dec 11, 2018
Authored by KingSkrupellos

WordPress CodeCanyon-5293356-Ajax-Store-Locator-Wordpress plugin version 1.2.0 suffers from file disclosure and database disclosure vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 0e905f17d334ee3dab53921421008a83
TRENDnet Command Injection / Buffer Overflow / Cross Site Scripting
Posted Dec 9, 2018
Authored by Mathias Payer, Hamed Okhravi, Prashast Srivastava, Howard Shrobe

TRENDnet devices suffer from buffer overflow, code execution, and cross site scripting vulnerabilities.

tags | advisory, overflow, vulnerability, code execution, xss
advisories | CVE-2018-19239, CVE-2018-19240, CVE-2018-19241, CVE-2018-19242
MD5 | 515ae13889d41a0f5bf739405ef16b9b
VistaPortal SE 5.1 Cross Site Scripting
Posted Dec 7, 2018
Authored by Rafael Pedrero

VistaPortal SE version 5.1 build 51029 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2018-19649, CVE-2018-19765, CVE-2018-19766, CVE-2018-19767, CVE-2018-19768, CVE-2018-19769, CVE-2018-19770, CVE-2018-19771, CVE-2018-19772, CVE-2018-19773, CVE-2018-19774, CVE-2018-19775, CVE-2018-19809, CVE-2018-19810, CVE-2018-19811, CVE-2018-19812, CVE-2018-19813, CVE-2018-19814, CVE-2018-19815, CVE-2018-19816, CVE-2018-19817, CVE-2018-19818, CVE-2018-19819, CVE-2018-19820, CVE-2018-19821, CVE-2018-19822
MD5 | 6edb126f7aa16dacfe59cfa661c90adb
MiniShare 1.4.1 HEAD / POST Buffer Overflow
Posted Dec 7, 2018
Authored by Rafael Pedrero

MiniShare version 1.4.1 suffers from multiple buffer overflow vulnerabilities.

tags | exploit, overflow, vulnerability
advisories | CVE-2004-2271, CVE-2018-19861, CVE-2018-19862
MD5 | 597a47d5ba041592c6980bf8d2f57017
SQLMAP - Automatic SQL Injection Tool 1.2.12
Posted Dec 7, 2018
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Various updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 431249d7af567a0c9086f93e62aa44fa
Apple Security Advisory 2018-12-06-1
Posted Dec 7, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-12-06-1 - watchOS 5.1.2 is now available and addresses code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple
advisories | CVE-2018-4303, CVE-2018-4429, CVE-2018-4431, CVE-2018-4435, CVE-2018-4436, CVE-2018-4437, CVE-2018-4438, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4447, CVE-2018-4460, CVE-2018-4461, CVE-2018-4464, CVE-2018-4465
MD5 | b0d98ec66ebb93dbb6524584ecfdaccf
Ubuntu Security Notice USN-3831-2
Posted Dec 7, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3831-2 - USN-3831-1 fixed vulnerabilities in Ghostscript. Ghostscript 9.26 introduced a regression when used with certain options. This update fixes the problem. It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
MD5 | 90e4e6902a9545090e0ab2f68dbb0ec5
Apple Security Advisory 2018-12-05-5
Posted Dec 6, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-12-05-5 - iTunes 12.9.2 for Windows is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | windows, apple
advisories | CVE-2018-4437, CVE-2018-4438, CVE-2018-4439, CVE-2018-4440, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464
MD5 | 6166dd4109fd647d403cb0ded9565f5c
Apple Security Advisory 2018-12-05-6
Posted Dec 6, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-12-05-6 - iCloud for Windows 7.9 is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | windows, apple, 7
advisories | CVE-2018-4437, CVE-2018-4438, CVE-2018-4439, CVE-2018-4440, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464
MD5 | a97a5246cafb55557410d99f44605616
Apple Security Advisory 2018-12-05-3
Posted Dec 6, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-12-05-3 - tvOS 12.1.1 is now available and addresses code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple
advisories | CVE-2018-4303, CVE-2018-4431, CVE-2018-4435, CVE-2018-4436, CVE-2018-4437, CVE-2018-4438, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4447, CVE-2018-4460, CVE-2018-4461, CVE-2018-4464, CVE-2018-4465
MD5 | 40f7476d0968aeca58f85deaeec436b9
Apple Security Advisory 2018-12-05-4
Posted Dec 6, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-12-05-4 - Safari 12.0.2 is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2018-4437, CVE-2018-4438, CVE-2018-4439, CVE-2018-4440, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4445, CVE-2018-4464
MD5 | 21b690190a4e34b4a98bb696dca1871e
Apple Security Advisory 2018-12-05-1
Posted Dec 6, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-12-05-1 - iOS 12.1.1 is now available and addresses code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple, ios
advisories | CVE-2018-4303, CVE-2018-4429, CVE-2018-4430, CVE-2018-4431, CVE-2018-4435, CVE-2018-4436, CVE-2018-4437, CVE-2018-4438, CVE-2018-4439, CVE-2018-4440, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4445, CVE-2018-4446, CVE-2018-4447, CVE-2018-4460, CVE-2018-4461, CVE-2018-4464, CVE-2018-4465
MD5 | ae3f3361ecd5d12e5c03e58bb98cb19e
Page 1 of 1,091
Back12345Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    15 Files
  • 11
    Dec 11th
    30 Files
  • 12
    Dec 12th
    25 Files
  • 13
    Dec 13th
    15 Files
  • 14
    Dec 14th
    14 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close