what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-12-23

Gentoo Linux Security Advisory 202012-09
Posted Dec 23, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-9 - Multiple vulnerabilities have been found in Cherokee, the worst of which could result in a Denial of Service condition. Versions less than or equal to 1.2.104-r2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2006-1681, CVE-2019-20798, CVE-2019-20799, CVE-2019-20800, CVE-2020-12845
SHA-256 | 404f953b4e4f65b067146dcf3fd8f42043a28bdd0a7637b0908b08709db8f932
Microsoft Windows splWOW64 Privilege Escalation
Posted Dec 23, 2020
Authored by Google Security Research, Maddie Stone

CVE-2020-0986, which was exploited in the wild, was not fixed. The vulnerability still exists, just the exploitation method had to change. A low integrity process can send LPC messages to splwow64.exe (Medium integrity) and gain a write-what-where primitive in splwow64’s memory space. The attacker controls the destination, the contents that are copied, and the number of bytes copied through a memcpy call.

tags | exploit
advisories | CVE-2020-0986, CVE-2021-1648
SHA-256 | 2deda0d9cacd17b84943f485aeea236f1b4dc0389dcdbb9cc34a1cf168d4a259
usrsctp COOKIE-ECHO Use-After-Free
Posted Dec 23, 2020
Authored by Google Security Research, Tim Willis

usrsctp suffers from a use-after-free write when handling a malicious COOKIE-ECHO.

tags | exploit
SHA-256 | f252bba03489bc8f9be449d6b5822e8198fada928b67bb244011cc520b0a698c
Asterisk Project Security Advisory - AST-2020-004
Posted Dec 23, 2020
Authored by Kevin Harwell, Mikhail Ivanov | Site asterisk.org

Asterisk Project Security Advisory - A crash can occur in Asterisk when a SIP 181 response is received that has a Diversion header, which contains a tel-uri.

tags | advisory
SHA-256 | a26dc337f57530d82d427354073f347e972800a041eeb38f8141eeefd479f86b
Sales And Inventory System For Grocery Store 1.0 Cross Site Scripting
Posted Dec 23, 2020
Authored by Vijay Sachdeva

Sales and Inventory System for Grocery Store version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 98c5ae9b0429981b3325616f4e0234af3bd69a9c60236617202b83e68eaf16b5
Asterisk Project Security Advisory - AST-2020-003
Posted Dec 23, 2020
Authored by Kevin Harwell, Torrey Searle | Site asterisk.org

Asterisk Project Security Advisory - A crash can occur in Asterisk when a SIP message is received that has a History-Info header, which contains a tel-uri. Note, the remote client must be authenticated, or Asterisk must be configured for anonymous calling in order for this problem to manifest.

tags | advisory, remote
SHA-256 | 48af91212546e76d006116dba7b12815d843a845495623b78255f9379d3b2484
Object Prototype Pollution Attack
Posted Dec 23, 2020
Authored by SunCSR

Whitepaper called Object Prototype Pollution Attack.

tags | paper
SHA-256 | 0cf71dcc65c57e4d0d55c1d72779900dfcd3e0f7bb0d277277738f83613d8f75
Online Learning Management System 1.0 Cross Site Scripting
Posted Dec 23, 2020
Authored by Aakash Madaan

Online Learning Management System version 1.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 4bf56aad0d98f96c15bdec5d6080b28d2e6740f6f43c13f099402268a28602b0
Online Learning Management System 1.0 SQL Injection
Posted Dec 23, 2020
Authored by Aakash Madaan

Online Learning Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | b4f2626eb55cf30dce5e24cada5945ab5668c14d92899b1bd07b9cabfaf6ed24
Class Scheduling System 1.0 Cross Site Scripting
Posted Dec 23, 2020
Authored by Aakash Madaan

Class Scheduling System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | adbb192a182c5be01024e5377112931a76283874d7ee2370350f93a0aa3d9cd1
Baby Care System 1.0 SQL Injection
Posted Dec 23, 2020
Authored by Vijay Sachdeva

Baby Care System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ac259d2e4f434636c58f29410add7476b9d96d6ec914f3704b0d95819170f896
TerraMaster TOS 4.2.06 Remote Code Execution
Posted Dec 23, 2020
Authored by IHTeam, Ozkan Mustafa Akkus | Site metasploit.com

This Metasploit module exploits an unauthenticated command execution vulnerability in TerraMaster TOS version 4.2.06 leveraging include/makecvs.php.

tags | exploit, php
SHA-256 | 1ca4ee63f6107490fe17d396df7f0153a5c29930a496321ceec2101872db5321
10-Strike Network Inventory Explorer Pro 9.05 Buffer Overflow
Posted Dec 23, 2020
Authored by Florian Gassner

10-Strike Network Inventory Explorer Pro version 9.05 SEH buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 7f5c6380e6a4c035e00bf9a7b7a5fc538c47594ab972e81143955e9d46b6a75f
TerraMaster TOS 4.2.06 Remote Code Execution
Posted Dec 23, 2020
Authored by IHTeam

TerraMaster TOS version 4.2.06 unauthenticated remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 786b3e02ded0b491ccd7dbfa6dd55166637cec7a46e2e67caf487375718fdc42
WordPress Epsilon Framework SSRF / Denial of Service
Posted Dec 23, 2020
Authored by gx1

Multiple themes from the WordPress Epsilon Framework suffer from an unauthenticated function injection vulnerability that allows for server-side request forgery and denial of service attacks.

tags | exploit, denial of service
SHA-256 | 42d834d50e95bb3d58e3d0702beeb435b43360364f98da806946bb570f0d94a1
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close