Lucene search
K
PacketstormnewsRecent

6771 matches found

Packet Storm News
Packet Storm News
added 2025/01/23 12:0 a.m.1 views

Forescout SecureConnector 11.3.07 Privilege Escalation

Forescout SecureConnector versions 11.3.07 and below privilege escalation proof of concept that makes use of an insecure permissions vulnerability...

8.5CVSS7.3AI score0.00302EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2025/01/21 12:0 a.m.34 views

WordPress Email Subscribers by Icegram Express 5.7.14 SQL Injection

The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress and WooCommerce plugin for WordPress is vulnerable to SQL Injection via the run function of the IGESSubscribersQuery class in all versions up to, and including, 5.7.14 due to insufficient escaping on...

9.8CVSS6.9AI score0.80596EPSS
Exploits4
Packet Storm News
Packet Storm News
added 2025/01/17 12:0 a.m.5 views

CISA: Closing the Software Understanding Gap

CISA document to help close the gap and secure infrastructure with a deep, scalable understanding of software-controlled systems, including AI-systems...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/01/16 12:0 a.m.2 views

Ivanti Connect Secure IFT TLS Stack Overflow / Remote Code Execution

This is an Ivanti Connect Secure IFT TLS stack overflow pre-authentication remote code execution proof of concept exploit. It is crippled by default...

9CVSS8.4AI score0.99971EPSS
Exploits13
Packet Storm News
Packet Storm News
added 2025/01/16 12:0 a.m.3 views

CISA: Microsoft Expanded Cloud Logs Implementation Playbook

This playbook provides a detailed overview of the newly introduced logging capabilities in Microsoft Purview Audit Standard. These capabilities enable organizations to conduct forensic and compliance investigations by accessing critical events...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/01/15 12:0 a.m.4 views

Jenkins 2.441 Arbitrary File Read

This proof of concept can be used to exploit CVE-2024-23897 to achieve file-read access on a Jenkins server versions 2.441 and below...

9.8CVSS6.9AI score0.99999EPSS
Exploits46
Packet Storm News
Packet Storm News
added 2025/01/14 12:0 a.m.2 views

CISA: Secure by Demand: Priority Considerations

This is CISA's Secure by Demand: Priority Considerations for Operational Technology Owners and Operators when Selecting Digital Products. This guide is intended to help owners and operators procure Operational Technology OT products, particularly industrial automation and control system products,...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/01/14 12:0 a.m.9 views

Ivanti CVE-2025-0282 Checker

This script allows you to safely scan and test to see if you are vulnerable to CVE-2025-0282, a stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 that allows a...

9CVSS8.5AI score0.99971EPSS
Exploits13
Packet Storm News
Packet Storm News
added 2025/01/14 12:0 a.m.4 views

Report of Special Counsel Smith Volume 1

Special Counsel Jack Smith's January 2025 report concluded that former President Donald Trump engaged in a criminal effort to overturn the 2020 election results, including pressuring officials and inciting the January 6 Capitol riot. Smith asserted that sufficient evidence existed to convict Trum...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/01/14 12:0 a.m.3 views

Paradox Security Systems IPR512 Denial of Service

Paradox Security Systems IPR512 proof of concept denial of service script...

7.5CVSS6.9AI score0.44171EPSS
Exploits9
Packet Storm News
Packet Storm News
added 2025/01/14 12:0 a.m.2 views

CISA: AI Cybersecurity Collaboration Playbook

The AI Cybersecurity Collaboration Playbook provides guidance to organizations across the AI community – including AI providers, developers, and adopters – for sharing AI-related cybersecurity information voluntarily with the Cybersecurity and Infrastructure Security Agency CISA and other partner...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/01/14 12:0 a.m.4 views

CISA: AI Cybersecurity Collaboration Playbook Fact Sheet

This is the fact sheet for CISA's AI Security Collaboration Playbook...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/01/14 12:0 a.m.5 views

Palo-Alto Firewall Denial of Service

Simple proof of concept script that aims to attack the firewall on certain vulnerable versions of Palo Alto's PAN OS via malicious DNS queries. A successful attack will force the firewall to crash and enter maintenance mode...

8.7CVSS6.9AI score0.26636EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2017/01/31 12:0 a.m.4 views

Netgear Router Password Disclosure

Multiple Netgear routers suffers from remote and local password disclosure vulnerabilities...

8.1CVSS7.1AI score0.89294EPSS
Exploits7
Packet Storm News
Packet Storm News
added 2015/10/22 12:0 a.m.2 views

HTML Compiler Remote Code Execution

HTML Compiler remote code execution exploit that downloads a malicious file...

9.3CVSS8.1AI score0.94996EPSS
Exploits39
Packet Storm News
Packet Storm News
added 2014/11/25 12:0 a.m.3 views

PHP 5.x / Bash Shellshock Proof of Concept

This is a proof of concept that demonstrates how the Bash shellshock vulnerability can be used in PHP to bypass disablefunctions, safemode, etc...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2014/06/04 12:0 a.m.4 views

IPSwitch IMail 12.4 Cross Site Scripting

IPSwitch IMail server web client versions 12.3 and 12.4 before 12.4.1.15 suffer from a persistent cross site scripting vulnerability...

4.3CVSS6.4AI score0.03468EPSS
Exploits2
Packet Storm News
Packet Storm News
added 2013/02/08 12:0 a.m.2 views

Cool PDF Reader 3.0.2.256 Buffer Overflow

Cool PDF Reader version 3.0.2.256 buffer overflow exploit...

9.3CVSS7.4AI score0.28391EPSS
Exploits11
Packet Storm News
Packet Storm News
added 2013/01/29 12:0 a.m.5 views

DataLife Engine 9.7 PHP Code Injection

DataLife Engine version 9.7 suffers from a PHP code injection vulnerability in preview.php...

7.5CVSS7.7AI score0.40465EPSS
Exploits9
Packet Storm News
Packet Storm News
added 2011/09/19 12:0 a.m.5 views

Cisco TelePresence Cookie Theft / Impersonation / Code Execution

Cisco TelePresensce Series suffers from client-side code execution, denial of service, cookie theft, loss of confidentiality, and impersonation vulnerabilities...

9CVSS7.2AI score0.12714EPSS
Exploits7
Packet Storm News
Packet Storm News
added 2001/05/17 12:0 a.m.5 views

sa2001_02.txt

NSFOCUS Security Advisory SA2001-02 - The nsfocus team has found a vulnerability in filename processing of CGI program in MS IIS4.0/5.0, as discussed in ms01-026. CGI filename is decoded twice by error. Exploitation of this vulnerability leads to intruders being able to run arbitrary system...

7.2AI score
Exploits0
Total number of security vulnerabilities6771