Proof of concept code for the Microsoft Windows DWM Core library elevation of privilege vulnerability. The researcher shows how they reversed the patch, how the heap overflow is produced, and overall gives a complete walk through of their process.
ae21b7b798fa9141cefb1411db92e94dfef6796823599323e49ec4cfcc3f7c0dStegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
81c5da92bf3f55c9e71cb8923bf2e39a85511e493d5d41a0e6352368125a8969PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
7326092bf804496d146a229be5fb1e57dd952fdab80fa37ee541e9c946c27380Ubuntu Security Notice 6995-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. It was discovered that Thunderbird did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox.
eab68a333f804e9e74b44016fbdb0398f12ab2987a9d060158306b72c60f40ccBy having specific DDL permissions set in Oracle 19c, you can bypass access restrictions normally in place for VPD (virtual private database).
ff60854406414096e014384dc484cf5d2a0ecd59484b16d36d5fb5dd40a2a5f3Debian Linux Security Advisory 5767-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code.
60996d272ed48c920b8f9e946790d7306e140e8aebc151985a38ddad0243b76cPPDB version 2.4-update 6118-1 suffers from a remote blind SQL injection vulnerability.
9d523a1c4c7a1e4958bb28bea2acec5647cfe8b259c7789ee6c3b10177fbb4d5POMS version 1.0 suffers from an ignored default credential vulnerability.
e96b4926531826f22ee72eeb7f339d7761192178a35f69af5d5141abbc8b63c1Pharmacy Management System version version 1.0 suffers from an ignored default credential vulnerability.
6c367c1c4b085e72851f370194180a14f132217419dbc26645d989d1f50bd05cPDF Generator Web Application version 1.0 suffers from an ignored default credential vulnerability.
ea0edf3e01f27c48e18ff7db4471b92d0d058e7c65718cf02003efd67a75fb49Park Ticketing Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
1273e992f54e38d81032650942cf05f0d1f6d8b4728541c4e226b2c694587317Online Travel Agency System version 1.0 suffers from an ignored default credential vulnerability.
33fc5279701fd33248284f756fca51419cb1e797d0158e5bc05d6612e87f5c60Online Tours and Travels Management System version 1.0 suffers from an ignored default credential vulnerability.
4a5b9ca0712889f86abf481cbffe6181dc9758a00fca6adde682fe4a8dea1f53Online Survey System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
0660b2849a4e1a0328a3532eed3666413e8e50508288962d63eca364d91fe25cRed Hat Security Advisory 2024-6428-03 - An update is now available for Red Hat Ansible Automation Platform 2.4. Issues addressed include denial of service, memory exhaustion, remote SQL injection, and traversal vulnerabilities.
e32ebece28e682f0d6e2ba1d7822205327b5a5e583c21260fc3117f4b4668f27Red Hat Security Advisory 2024-6421-03 - An update for bubblewrap and flatpak is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
d73945d71c8a39907a717dca31d7cb395f984fb7e81cc28cb8258a1e68db2149
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed