exploit the possibilities

Recent Files

Files RSS Feed
Red Hat Security Advisory 2019-3140-01
Posted Oct 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3140-01 - Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems - such as multiple databases, XML files, and even Hadoop systems - appear as a set of tables in a local database. This release of Red Hat JBoss Data Virtualization 6.4.8 serves as a replacement for Red Hat JBoss Data Virtualization 6.4.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, deserialization, information leakage, and path sanitization vulnerabilities.

tags | advisory, local, vulnerability, code execution
systems | linux, redhat
Ubuntu Security Notice USN-4158-1
Posted Oct 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4158-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
CA Performance Management Arbitary Command Execution
Posted Oct 17, 2019
Authored by Kevin Kotas, Hendrik Van Belleghem | Site www3.ca.com

CA Technologies, a Broadcom Company, is alerting customers to a potential risk with CA Performance Management. A vulnerability exists that can allow a remote attacker to execute arbitrary commands. CA published solutions to address the vulnerabilities and recommends that all affected customers implement these solutions. The vulnerability occurs due to default credentials and a configuration weakness. A malicious actor may use the default credentials and exploit a weakness in the configuration to execute arbitrary commands on the Performance Center server. CA Performance Management versions 3.7.x prior to 3.7.4, 3.6.x prior to 3.6.9, and 3.5.x are affected.

tags | advisory, remote, arbitrary, vulnerability
Red Hat Security Advisory 2019-3136-01
Posted Oct 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3136-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
Restaurant Management System 1.0 Shell Upload
Posted Oct 17, 2019
Authored by Ibad Shah

Restaurant Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
VIM 8.1.2135 Use-After-Free
Posted Oct 17, 2019
Authored by Mishra Dhiraj

VIM version 8.1.2135 suffers from a heap use-after-free vulnerability using freed memory with autocmd.

tags | exploit
Ubuntu Security Notice USN-4157-1
Posted Oct 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4157-1 - Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Matt Delco discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform bounds checking when handling coalesced MMIO write operations. A local attacker with write access to /dev/kvm could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
ThinVNC 1.0b1 Authentication Bypass
Posted Oct 17, 2019
Authored by Nikhith Tumamlapalli

ThinVNC version 1.0b1 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
Red Hat Security Advisory 2019-3135-01
Posted Oct 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3135-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
WordPress Popup Builder 3.49 Cross Site Scripting
Posted Oct 17, 2019
Authored by Unk9vvN

WordPress Popup Builder plugin version 3.49 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
Red Hat Security Advisory 2019-3134-01
Posted Oct 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3134-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
VMware VeloCloud 3.3.0 / 3.2.2 Authorization Bypass
Posted Oct 17, 2019
Authored by Silas Baertsch

VMware VeloCloud versions 3.3.0 and 3.2.2 suffer from an authorization bypass vulnerability.

tags | exploit, bypass
WordPress Soliloquy Lite 2.5.6 Cross Site Scripting
Posted Oct 17, 2019
Authored by Unk9vvN

WordPress Soliloquy Lite plugin version 2.5.6 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
WordPress FooGallery 1.8.12 Cross Site Scripting
Posted Oct 17, 2019
Authored by Unk9vvN

WordPress FooGallery plugin version 1.8.12 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
WorkgroupMail 7.5.1 WorkgroupMail Unquoted Service Path
Posted Oct 17, 2019
Authored by Cakes

WorkgroupMail version 7.5.1 suffers from a WorkgroupMail unquoted service path vulnerability.

tags | exploit
Web Companion 5.1.1035.1047 WCAssistantService Unquoted Service Path
Posted Oct 17, 2019
Authored by Debashis Pal

Web Companion version 5.1.1035.1047 suffers from a WCAssistantService unquoted service path vulnerability.

tags | exploit, web
BlackMoon FTP Server 3.1.2.1731 BMFTP-RELEASE Unquoted Service Path
Posted Oct 17, 2019
Authored by Debashis Pal

BlackMoon FTP Server version 3.1.2.1731 suffers from a BMFTP-RELEASE unquoted service path vulnerability.

tags | exploit
Red Hat Security Advisory 2019-3007-01
Posted Oct 16, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3007-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the openshift-enterprise-builder container image for Red Hat OpenShift Container Platform 4.1.20.

tags | advisory
systems | linux, redhat
Red Hat Security Advisory 2019-3131-01
Posted Oct 16, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3131-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the cri-o, cri-tools, faq, ignition, openshift-external-storage and pivot RPM packages, which have been rebuilt with an updated version of golang for Red Hat OpenShift Container Platform 4.1.20.

tags | advisory
systems | linux, redhat
Red Hat Security Advisory 2019-3132-01
Posted Oct 16, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3132-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the openshift RPM package for Red Hat OpenShift Container Platform 4.1.20. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
Ubuntu Security Notice USN-4156-2
Posted Oct 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4156-2 - USN-4156-1 fixed several vulnerabilities in SDL. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that SDL incorrectly handled certain images. If a user were tricked into opening a crafted image file, a remote attacker could use this issue to cause SDL to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
Red Hat Security Advisory 2019-3127-01
Posted Oct 16, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3127-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
Suricata IDPE 5.0.0
Posted Oct 16, 2019
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Many bug fixes and updates.
tags | tool, intrusion detection
systems | unix
Adobe Acrobat Reader DC For Windows JP2 Stream Buffer Overflow
Posted Oct 16, 2019
Authored by Google Security Research, mjurczyk

Adobe Acrobat Reader DC for Windows suffers from a heap-based buffer overflow vulnerability that can be leveraged via malformed JP2 streams.

tags | exploit, overflow
systems | windows
Debian Security Advisory 4544-1
Posted Oct 16, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4544-1 - X41 D-Sec discovered that unbound, a validating, recursive, and caching DNS resolver, did not correctly process some NOTIFY queries. This could lead to remote denial-of-service by application crash.

tags | advisory, remote
systems | linux, debian
View Older Files →

Recent News

News RSS Feed
Sextortion Botnet Spreads 30,000 Emails An Hour
Posted Oct 16, 2019

tags | headline, email, cybercrime, botnet, fraud
US Claims Cyber Strike On Iran After Attack On Saudi Oil Facility
Posted Oct 16, 2019

tags | headline, government, usa, cyberwar, iran, saudi arabia
Fraud Bazaar Selling Stolen Payment Cards Heisted For 26 Million Cards
Posted Oct 16, 2019

tags | headline, hacker, bank, cybercrime, data loss, fraud
Pentagon Hack The Proxy Program Uncovers 31 Vulnerabilities
Posted Oct 16, 2019

tags | headline, hacker, government, usa, flaw, cyberwar, military
1 In 5 IT Security Professionals Fear Their Toilets Will Be Hacked
Posted Oct 15, 2019

tags | headline, hacker, privacy
Security Researcher Arrested After Tweeting About Gov't Hack
Posted Oct 15, 2019

tags | headline, hacker, government, data loss, argentina
Malware That Spits Cash Out Of ATMs Has Spread Across The World
Posted Oct 15, 2019

tags | headline, malware, bank, cybercrime, fraud
Without Encryption We Will Lose All Privacy. This Is Our New Battleground.
Posted Oct 15, 2019

tags | headline, government, privacy, usa, spyware, nsa, cryptography
These Are The 29 Countries Vulnerable To SIM Jacker Attacks
Posted Oct 14, 2019

tags | headline, hacker, phone, cybercrime, fraud, password, identity theft
China's Study The Great Nation App Enables Spying Via Back Door
Posted Oct 14, 2019

tags | headline, government, privacy, phone, china, spyware
View More News →

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close