Home / Exploit
black-hat-logo

Exploit

EXPLOIT DATABASE

PACKETSTORM DATABASE

  • 18 October 2018: Red Hat Security Advisory 2018-2949-01 - Files ≈ Packet Storm
    Red Hat Security Advisory 2018-2949-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include out-of-bounds write vulnerability.
  • 18 October 2018: Red Hat Security Advisory 2018-2946-01 - Files ≈ Packet Storm
    Red Hat Security Advisory 2018-2946-01 - Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. The RHOAR Eclipse Vert.x 3.5.4 release serves as a replacement for RHOAR Eclipse Vert.x 3.5.3, and includes bug fixes and enhancements. For a detailed list of issues resolved in the community Eclipse Vert.x 3.5.4 release, see the release notes in the References section. Issues addressed include an API validation flaw and a problem where the WebSocket HTTP upgrade implementation holds the entire http request in memory before the handshake.
  • 18 October 2018: Red Hat Security Advisory 2018-2944-01 - Files ≈ Packet Storm
    Red Hat Security Advisory 2018-2944-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include an out-of-bounds write vulnerability.
  • 18 October 2018: Red Hat Security Advisory 2018-2945-01 - Files ≈ Packet Storm
    Red Hat Security Advisory 2018-2945-01 - Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Spring Boot 1.5.16 serves as a replacement for RHOAR Spring Boot 1.5.15, and includes bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Issues addressed include a denial of service vulnerability.
  • 18 October 2018: Ghostscript 1Policy Dangerous Access To Operator - Files ≈ Packet Storm
    Ghostscript has an issues where callers of a procedure are not forced to be properly marked as executeonly or pseudo-operators, allowing for the ability to take complete control of it.
  • 18 October 2018: Linux BPF Verifier Failed Truncation - Files ≈ Packet Storm
    The Linux BPF verifier has an issue where 32-bit RSH verification does not truncate input before the ALU op.
  • 18 October 2018: Linux Semi-Arbitrary Task Stack Read On ARM64 / x86 - Files ≈ Packet Storm
    Linux suffers from a semi-arbitrary task stack read on ARM64 (and x86) via /proc/$pid/stack.
  • 18 October 2018: Chrome Mojo DataPipe*Dispatcher Deserialization Lacking Validation - Files ≈ Packet Storm
    Chrome has missing validation in the deserialization routines for both DataPipeConsumerDispatcher and DataPipeProducerDispatcher, which take from the incoming message a read_offset/write_offset respectively into shared memory. Providing an offset outside the bounds of the allocated memory will then result in an out-of-bounds read/write when the pipe is used.
  • 18 October 2018: OwnTicket 1.0 SQL Injection - Files ≈ Packet Storm
    OwnTicket version 1.0 suffers from a remote SQL injection vulnerability.
  • 18 October 2018: PHP-SHOP Master 1.0 Cross Site Request Forgery - Files ≈ Packet Storm
    PHP-SHOP Master version 1.0 suffers from a cross site request forgery vulnerability.
  • 18 October 2018: Learning With Texts 1.6.2 SQL Injection - Files ≈ Packet Storm
    Learning with Texts version 1.6.2 suffers from a remote SQL injection vulnerability.
  • 18 October 2018: Time And Expense Management System 3.0 SQL Injection - Files ≈ Packet Storm
    Time and Expense Management System version 3.0 suffers from a remote SQL injection vulnerability.
  • 18 October 2018: Microsoft Security Bulletin CVE Revision Increment For October, 2018 - Files ≈ Packet Storm
    This Microsoft bulletin summary lists a CVE that has undergone a major revision increment.
  • 18 October 2018: Zenar Content Management System 8.3 Cross Site Request Forgery - Files ≈ Packet Storm
    Zenar Content Management System version 8.3 suffers from a cross site request forgery vulnerability.
  • 18 October 2018: User Management 1.1 Cross Site Scripting - Files ≈ Packet Storm
    User Management version 1.1 suffers from a cross site scripting vulnerability.

CERT VULNERABILITY DATABASE

SECURITYFOCUS DATABASE