exploit the possibilities
Showing 1 - 25 of 113,512 RSS Feed

Files

TDM Digital Signage PC Player 4.1 Insecure File Permissions
Posted Oct 27, 2020
Authored by LiquidWorm | Site zeroscience.mk

TDM Digital Signage Windows Player version 4.1 suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that can change the executable file with a binary of choice.

tags | exploit
systems | windows
MD5 | 9f69935f116659d2b0dbfb1b919205fc
Ubuntu Security Notice USN-4583-2
Posted Oct 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4583-2 - USN-4583-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 20.10. It was discovered that PHP incorrectly handled certain encrypt ciphers. An attacker could possibly use this issue to decrease security or cause incorrect encryption data. Various other issues were also addressed.

tags | advisory, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-7069, CVE-2020-7070
MD5 | 8943172472289400ae6eeaa13c5ed52b
Ubuntu Security Notice USN-4605-1
Posted Oct 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4605-1 - Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2020-15238
MD5 | c8704c3d9669c74ad12984c2c0623dc0
Ubuntu Security Notice USN-4604-1
Posted Oct 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4604-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.22 in Ubuntu 20.04 LTS and Ubuntu 20.10. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.32. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-14775, CVE-2020-14769, CVE-2020-14776, CVE-2020-14789, CVE-2020-14794, CVE-2020-14812, CVE-2020-14828, CVE-2020-14837, CVE-2020-14845, CVE-2020-14853, CVE-2020-14867, CVE-2020-14873, CVE-2020-14893
MD5 | adb8ec498bbe86517a83c89eb92ae6f2
Red Hat Security Advisory 2020-4348-01
Posted Oct 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4348-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include bypass, deserialization, integer overflow, and out of bounds access vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14803
MD5 | 55b7a6d2804f632e1235ed7f65bfb8ca
Red Hat Security Advisory 2020-4350-01
Posted Oct 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4350-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include bypass, deserialization, integer overflow, and out of bounds access vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14803
MD5 | a5eb803d0bcd111c8435205a5e2bec9a
Ubuntu Security Notice USN-4599-2
Posted Oct 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4599-2 - USN-4599-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubuntu 16.04 LTS. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the prompt for opening an external application, obtain sensitive information, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-15254, CVE-2020-15683
MD5 | c081d2b1ee52963fe24e3688dbc9a30f
Red Hat Security Advisory 2020-4352-01
Posted Oct 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4352-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include bypass, deserialization, integer overflow, and out of bounds access vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14803
MD5 | 57021e3008dba7506165a03bc9763cd9
Red Hat Security Advisory 2020-4347-01
Posted Oct 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4347-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include bypass, deserialization, integer overflow, and out of bounds access vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14803
MD5 | ef30c787098e2b3abe1451193324993f
Ubuntu Security Notice USN-4562-2
Posted Oct 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4562-2 - It was discovered that kramdown insecurely handled certain crafted input. An attacker could use this vulnerability to read restricted files or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-14001
MD5 | 116484156b01099e55da4d6afc20feaa
Sentrifugo 3.2 Shell Upload / Restriction Bypass
Posted Oct 27, 2020
Authored by Gurkirat Singh

Sentrifugo version 3.2 suffers from a restriction bypass vulnerability that allows for a remote shell upload.

tags | exploit, remote, shell, bypass
advisories | CVE-2019-15813
MD5 | 981cdb0177e2271690c25d011e5b38c6
Red Hat Security Advisory 2020-4351-01
Posted Oct 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4351-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 86.0.4240.111. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-15999, CVE-2020-16000, CVE-2020-16001, CVE-2020-16002, CVE-2020-16003
MD5 | 196ed8f5f92f2049ae519919731a2e89
Red Hat Security Advisory 2020-4349-01
Posted Oct 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4349-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include bypass, deserialization, integer overflow, and out of bounds access vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14803
MD5 | 9a874a097fadde3d1ecf012a74495f5c
Adtec Digital Products Hardcoded Credentials / Remote Root
Posted Oct 27, 2020
Authored by LiquidWorm | Site zeroscience.mk

Adtec Digital is a leading manufacturer of Broadcast, Cable and IPTV products and solutions. Many of their devices utilize hard-coded and default credentials within its Linux distribution image for Web/Telnet/SSH access. A remote attacker could exploit this vulnerability by logging in using the default credentials for accessing the web interface or gain shell access as root.

tags | exploit, remote, web, shell, root
systems | linux
MD5 | 063154d6c7521ecfedc183b52625d739
Sphider Search Engine 1.3.6 Remote Code Execution
Posted Oct 27, 2020
Authored by Gurkirat Singh

Sphider Search Engine version 1.3.6 remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2014-5194
MD5 | 2379dde6c9c4d4aca8f5e6073444d459
Ubuntu Security Notice USN-4602-1
Posted Oct 26, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4602-1 - ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Hugo van der Sanden and Slaven Rezic discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, perl
systems | linux, ubuntu
advisories | CVE-2020-10543, CVE-2020-10878, CVE-2020-12723
MD5 | 12de9bee88d387efd047ec5aa10983a5
Red Hat Security Advisory 2020-4344-01
Posted Oct 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4344-01 - Open Liberty is a lightweight open framework for building fast and efficient cloud-native Java microservices. This release of Open Liberty 20.0.0.11 serves as a replacement for Open Liberty 20.0.0.10 and includes enhancements as well as a security fix for a vulnerability in Hibernate Validator.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2020-10693
MD5 | ba881c81927ff97aa8bfe28996490c41
PubliXone 2019.045 Account Takeover / XSS / File Download
Posted Oct 26, 2020
Authored by Marius Schwarz | Site sec-consult.com

PubliXone version 2019.045 suffers from cross site scripting, account takeover, missing access control, hardcoded keys, and file download vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2020-27179, CVE-2020-27180, CVE-2020-27181, CVE-2020-27182, CVE-2020-27183
MD5 | 0aa063cd703224c24f2d337eacf82495
Genexis Platinum-4410 Cross Site Scripting
Posted Oct 26, 2020
Authored by Amal Mohandas

The Genexis Platinum-4410 router suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5d147e29e3e030bcabaa031d03bd5deb
Oracle VM VirtualBox Buffer Overflow
Posted Oct 26, 2020
Authored by Ofir Moskovitch

A buffer overflow vulnerability in Oracle VM VirtualBox was privately reported to Oracle on September 22, 2020 and was silently patched in VM VirtualBox version 6.1.16r140961.

tags | advisory, overflow
MD5 | 4bd59d92c0879a582d61a4a2ee2c2b21
Kernel Live Patch Security Notice LSN-0073-1
Posted Oct 26, 2020
Authored by Benjamin M. Romer

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. Andy Nguyen discovered that the Bluetooth HCI event packet parser in the Linux kernel did not properly handle event advertisements of certain sizes, leading to a heap-based buffer overflow.

tags | advisory, overflow, kernel
systems | linux
advisories | CVE-2020-12351, CVE-2020-12352, CVE-2020-24490
MD5 | 1e0505580aae17da92a460e9eaf6f826
Online Health Care System 1.0 Cross Site Scripting
Posted Oct 26, 2020
Authored by Akiner Kisa

Online Health Care System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 384877bf8abdcd6e7b4a4ac726e5c8b7
Red Hat Security Advisory 2020-4320-01
Posted Oct 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4320-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14336
MD5 | 736349bac2956ef20bdb70cf3670ba5b
QSC Q-SYS Core Manager 8.2.1 Directory Traversal
Posted Oct 26, 2020
Authored by Kevin Randall

QSC Q-SYS Core Manager version 8.2.1 suffers from a TFTP related directory traversal vulnerability.

tags | advisory, file inclusion
advisories | CVE-2020-24990
MD5 | b8b44947a96dd18d16e85141c32b16c4
Red Hat Security Advisory 2020-4331-01
Posted Oct 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4331-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-14385, CVE-2020-14386
MD5 | 4153fdb31bfd9534942e71d3c8deaa24
Page 1 of 4,541
Back12345Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    15 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close