what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 34 RSS Feed

Files Date: 2021-07-05 to 2021-07-06

Gentoo Linux Security Advisory 202107-04
Posted Jul 5, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-4 - Multiple vulnerabilities have been found in Graphviz, the worst of which could result in the arbitrary execution of code. Versions less than 2.47.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-9904, CVE-2020-18032
SHA-256 | e6468bcb9795cedf222ea333831f1335ba1a664bd8a93a73c415fe94699b3f49
Ricon Industrial Cellular Router S9922XL Remote Command Execution
Posted Jul 5, 2021
Authored by LiquidWorm | Site zeroscience.mk

Ricon Industrial Cellular Router S9922XL suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the admin (root) user via the ping_server_ip POST parameter. It is also vulnerable to Heartbleed.

tags | exploit, arbitrary, shell, root
SHA-256 | 6bc26692f58719553d7c44565a9e32b962f1b7a0df1be48e3aa022a96cc9e0b5
Stegano 0.9.9
Posted Jul 5, 2021
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: stegano now uses Pillow 8.3.0.
tags | tool, encryption, steganography, python
systems | unix
SHA-256 | 8839e08b41449dfc8ea4de80db82fa65cd58eb2849bad792c17907cfe7f65b18
Virus.Win32.Shodi.e MVID-2021-0281 Heap Corruption
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Virus.Win32.Shodi.e malware suffers from a heap corruption vulnerability.

tags | exploit, virus
systems | windows
SHA-256 | e5992ed5886d827c3b902f3c357da73a453ca8caafc54ce4c28cd1746fa34680
Ubuntu Security Notice USN-5005-1
Posted Jul 5, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5005-1 - It was discovered that DjVuLibre incorrectly handled certain djvu files. An attacker could possibly use this issue to execute arbitrary code or cause a crash.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3630
SHA-256 | b37d5e748ee349e30288b5084f070dca5d7fbc946fde98cb731ec6b4b1d7e003
SQLMAP - Automatic SQL Injection Tool 1.5.7
Posted Jul 5, 2021
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Minor release with no notes in the changelog.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
SHA-256 | b5d7bd6bfee2fcce2f84b332a9c337d45c37343c53b5793cc4141db77789db70
Simple Client Management System 1.0 SQL Injection / Shell Upload
Posted Jul 5, 2021
Authored by Ishan Saha

Simple Client Management System version 1.0 shell upload exploit that leverages SQL injection.

tags | exploit, shell, sql injection
SHA-256 | 09f4e807c7324034958dedc3be061e3ba0c0b332ee02a73ae4847eee75a58d46
Virus.Win32.Shodi.e MVID-2021-0280 Remote Command Execution
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Virus.Win32.Shodi.e malware suffers from a remote command execution vulnerability.

tags | exploit, remote, virus
systems | windows
SHA-256 | 82303bb0810f803eca29ae68d292dfaaf9fff7857b88fcd0b8886b40b87ac177
Faraday 3.16.1
Posted Jul 5, 2021
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Modified faraday-manage settings. Added a fix to update the minimum version of click dependency.
tags | tool, rootkit
systems | unix
SHA-256 | 32fd0e0451b83dadd98d93893ffb386e0fc7d0c97d1cf0f2cef9d7704b7abb1c
WordPress Backup Guard 1.5.8 Shell Upload
Posted Jul 5, 2021
Authored by Ron Jost

WordPress Backup Guard plugin version 1.5.8 remote shell upload exploit.

tags | exploit, remote, shell
advisories | CVE-2021-24155
SHA-256 | fff7a31cabb9e677c9b7a571b07bc73bd4e7d93cef73bad084608ead38c240bb
Gentoo Linux Security Advisory 202107-03
Posted Jul 5, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-3 - An insecure temporary file usage has been reported in libqb possibly allowing local code execution. Versions less than 1.0.5 are affected.

tags | advisory, local, code execution
systems | linux, gentoo
advisories | CVE-2019-12779
SHA-256 | 92c2ab60bfa89b7b070ed490feabfd2b588d2d38a8a9509a08259c1bf26abddc
Virus.Win32.Shodi.e MVID-2021-0279 Insecure Transit
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Virus.Win32.Shodi.e malware suffers from an insecure transit vulnerability.

tags | exploit, virus
systems | windows
SHA-256 | c56fb5ab3fc0f60539a4e74cf4a1baf8b1adc4f7a076a1ff1bcd1b27a8570021
WordPress WP Learn Manager 1.1.2 Cross Site Scripting
Posted Jul 5, 2021
Authored by Mohammed Adam

WordPress WP Learn Manager plugin version 1.1.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e77e3742ff15e945637eaae256c036ec3a2c55ed8932acec6bb39fb92ba72173
GNU Privacy Guard 2.2.29
Posted Jul 5, 2021
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.

Changes: Fixed regression in 2.2.28 for Yubikey NEO. Changed the default keyserver to keyserver.ubuntu.com. Made configure option --disable-ldap work again. Various other updates.
tags | tool, encryption
SHA-256 | 39d07cdb4524818f9ebce49294931974af504519e6a7476c52e9d38fc0bd0cc9
Backdoor.Win32.WinShell.40 MVID-2021-0278 Authentication Bypass / Command Execution
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.WinShell.40 malware suffers from authentication bypass and command execution vulnerabilities.

tags | exploit, vulnerability
systems | windows
SHA-256 | 9f44e8e45e75a24a1daa0d06915db6cb4a750ea6af41b68dee2541dad1a611fc
Gentoo Linux Security Advisory 202107-02
Posted Jul 5, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-2 - Multiple vulnerabilities have been found in FreeImage, the worst of which could result in a Denial of Service condition. Versions less than 3.18.0-r2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2019-12211, CVE-2019-12213
SHA-256 | 990d02ada3d6a593b27a2eb19ca0644e2e91c3fb759e5573869a70d2a9b71642
OpenEMR 5.0.1.7 Path Traversal
Posted Jul 5, 2021
Authored by Alexandre Zanni

OpenEMR version 5.0.17 path traversal exploit.

tags | exploit, file inclusion
advisories | CVE-2019-14530
SHA-256 | d922d48e6a0bee902e565673aa1c4471cc5327d78c48154ce121df3691d4e7ac
Backdoor.Win32.Zombam.l MVID-2021-0277 Code Execution
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Zombam.l malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
SHA-256 | ee19ce806cc0d4edb708c50fbad6626f75c0b59d26bcfabb94ebdcbb0d03572d
Backdoor.Win32.Zombam.l MVID-2021-0276 Buffer Overflow
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Zombam.l malware suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
SHA-256 | 0fdd4c15f6fd2ae0d21e68a3f6a75d0be6e6207d0cb397091ca71fb6fc8f7c96
Trojan.Win32.Inject.adwas MVID-2021-0275 Insecure Permissions
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Inject.adwas malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | f2f11d60d2f810a8ea265a8370ad3a821968c947c206c5104c92506aad7442ad
Online Voting System 1.0 SQL Injection / Remote Code Execution
Posted Jul 5, 2021
Authored by Geiseric

Online Voting System version 1.0 remote SQL injection to code execution exploit. This is a variant exploit based off of the original discovery by deathflash1411 in July of 2021.

tags | exploit, remote, code execution, sql injection
SHA-256 | 3ff5e07eb42ef2116755a72245e4a865eade38a1b8620e3d8abcc7ea7332aab4
HEUR.Trojan.Win32.Generic MVID-2021-0274 Insecure Permissions
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

HEUR.Trojan.Win32.Generic malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 2cb461bc212c3627824eb30b5b2bbeeefa7e3deca0741fe9648210205112ae12
Trojan-Dropper.Win32.Agent.wxl MVID-2021-0273 Insecure Permissions
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Trojan-Dropper.Win32.Agent.wxl malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 99932ccd1d201b0c25383f79cdeb2aa8dc704fd0e8d6f8af463ddfb507bfddb8
Gentoo Linux Security Advisory 202107-01
Posted Jul 5, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-1 - A vulnerability in corosync could lead to a Denial of Service condition. Versions less than 3.0.4 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2018-1084
SHA-256 | a14e8e1b886d9131762ec3acbeb6481d14ab3b42c70eacd94d9de50be6e83aa8
Trojan.Win32.VB.bcng MVID-2021-0272 Insecure Permissions
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.VB.bcng malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 0bf9d5b2cf7f0fd5e88d71b27932fd09c51a7e41bfae5e2c1a82b0c5c66eaa6d
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close