PS Exploit News

Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
  1. Hewlett Packard TouchSmart Calendar Service 4.1.4245 Privilege Escalation

    Hewlett Packard TouchSmart Calendar Service version 4.1.4245 suffers from a privilege escalation vulnerability.
  2. Boonex Dolphin 7.3 Authentication Bypass

    Boonex Dolphin versions 7.3 and below suffer from an authentication bypass vulnerability.
  3. XNU task_t Privilege Escalation

    task_t should be considered harmful and can lead to many XNU elevations of privilege.
  4. Komfy Switch With Camera DKZ-201S/W Password Disclosure

    Komfy Switch with Camera DKZ-201S/W suffers from a wifi password disclosure vulnerability.
  5. SmallFTPd 1.0.3 mkd Denial Of Service

    SmallFTPd version 1.0.3 suffers from a mkd command denial of service vulnerability.
  6. BigTree CMS 4.2.13 Cross Site Request Forgery

    BigTree CMS version 4.2.13 suffers from a cross site request forgery vulnerability.
  7. Falco 0.4.0

    Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
  8. HP Thin Pro OS Local Privilege Escalation

    HP Thin Pro OS suffers from a local privilege escalation vulnerability.
  9. Mac OS X / iOS IOSurface Use-After-Free

    Mac OS X and iOS kernels suffer from a use-after-free vulnerability in IOSurface.
  10. Mac OS X Kernel IOBluetoothFamily.kext Use-After-Free

    The Mac OS X kernel suffers from a use-after-free vulnerability. in IOBluetoothFamily.kext.
  11. Network Scanner SEH Overflow

    Network Scanner version SEH overflow exploit.
  12. CVSNT 2.0.51d Privilege Escalation

    CVSNT version 2.0.51d suffers from a privilege escalation vulnerability.
  13. WinCvs Build 1 Privilege Escalation

    WinCvs version (Build 1) suffers from a privilege escalation vulnerability.
  14. Adobe Reader 9.3.0 DLL Hijacking

    Adobe Reader version 9.3.0 suffers from a dll hijacking vulnerability.
  15. daloRADIUS 0.9-9 SQL Injection / Code Execution

    daloRADIUS version 0.9-9 suffers from remote SQL injection and code execution vulnerabilities.
  16. Apple macOS 10.12.1 / iOS 10 SecureTransport SSL Handshake MitM / DoS

    Apple macOS version 10.12.1 and iOS version 10 suffer from man-in-the-middle and denial of service issues with SecureTransport SSL handshakes.
  17. Microsoft Windows x86 NDISTAPI Privilege Escalation

    Microsoft Windows x86 NDISTAPI privilege escalation exploit that leverages the vulnerability outlined in MS11-062.
  18. Orange Inventel LiveBox 5.08.3-sp Cross Site Request Forgery

    Orange Inventel LiveBox version 5.08.3-sp suffers from a cross site request forgery vulnerability.
  19. EC-CUBE 2.12.6 Server-Side Request Forgery

    EC-CUBE version 2.12.6 suffers from a server-side request forgery vulnerability.
  20. Zenbership 107 Cross Site Request Forgery / Cross Site Scripting

    Zenbership version 1.07 suffers from cross site request forgery, and cross site scripting vulnerabilities.
  21. GIU Gallery File 1.0.2 SQL Injection

    GIU Gallery File version 1.0.2 suffers from a remote SQL injection vulnerability.
  22. Industrial Secure Routers EDR-810 / EDR-G902 / EDR-G903 Access Bypass

    Industrial Secure Routers versions EDR-G903, EDR-G902, and EDR-G903 allow for unauthenticated administrative access.
  23. Panda Security PSEvents Privilege Escalation

    PSEvents.exe within several Panda Security products runs hourly with SYSTEM privileges. When run, it checks a user writable folder for certain DLL files, and if any are found they are automatically run. Vulnerable products include Panda Global Protection 2016 versions 16.1.2 and below, Panda Antivirus Pro 2016 versions 16.1.2 and below, Panda Small Business Protection versions 16.1.2 and below, and Panda Internet Security 2016 versions 16.1.2 and below.
  24. TrendMicro InterScan Web Security Virtual Appliance Shellshock

    TrendMicro InterScan Web Security Virtual Appliance remote code execution exploit that leverages the shellshock vulnerability to spawn a connect-back shell.
  25. Puppet Enterprise Web Interface User Enumeration

    Puppet Enterprise Web Interface versions prior to 2016.4.0 suffer from a user enumeration vulnerability.
[ Подробнее... ]
18 megabytes