exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2018-1260

Status Candidate

Overview

Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior to 2.2.2, 2.1 prior to 2.1.2, 2.0 prior to 2.0.15 and older unsupported versions contains a remote code execution vulnerability. A malicious user or attacker can craft an authorization request to the authorization endpoint that can lead to remote code execution when the resource owner is forwarded to the approval endpoint.

Related Files

Red Hat Security Advisory 2024-5094-03
Posted Aug 8, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5094-03 - Red Hat OpenShift Service Mesh Containers for 2.6.0. Issues addressed include bypass, memory exhaustion, and resource exhaustion vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2018-12608
SHA-256 | e5bb04dec33ad5b257c432eefca462162a2d0082917e1499bc82524d4bd1af3b
Red Hat Security Advisory 2020-1180-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1180-01 - ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2017-1000476, CVE-2017-11166, CVE-2017-12805, CVE-2017-12806, CVE-2017-18251, CVE-2017-18252, CVE-2017-18254, CVE-2017-18271, CVE-2017-18273, CVE-2018-10177, CVE-2018-10804, CVE-2018-10805, CVE-2018-11656, CVE-2018-12599, CVE-2018-12600, CVE-2018-13153, CVE-2018-14434, CVE-2018-14435, CVE-2018-14436, CVE-2018-14437, CVE-2018-15607, CVE-2018-16328, CVE-2018-16749, CVE-2018-16750, CVE-2018-18544, CVE-2018-20467
SHA-256 | b9b41fb5da80c275f3298f50268c64518417f60f185e29efe6501fd33accf99e
Ox App Suite 7.8.4 / 7.8.3 XSS / CSRF / Information Disclosure
Posted Jan 7, 2019
Authored by Secator

Ox App Suite versions 7.8.4 and 7.8.3 suffer from cross site scripting, cross site request forgery, and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, file inclusion, info disclosure, csrf
advisories | CVE-2018-12609, CVE-2018-12610, CVE-2018-12611
SHA-256 | ffdbe5e04f303db5e8ad0da091038bf8976a3f72b1e572115af58f427a4f8073
Red Hat Security Advisory 2018-2939-01
Posted Oct 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2939-01 - Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift. Security fix: jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries spring-framework: Address partial fix for CVE-2018-1270 Issues addressed include bypass, code execution, denial of service, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2017-12617, CVE-2018-1260, CVE-2018-1270, CVE-2018-1271, CVE-2018-1275, CVE-2018-1304, CVE-2018-1305, CVE-2018-1336, CVE-2018-7489
SHA-256 | df886e50a83354eaf0614cdf4bb930a04577e8f124f9e750b2d4ca2e9e06e04e
Debian Security Advisory 4245-1
Posted Jul 15, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4245-1 - This update fixes several vulnerabilities in Imagemagick, a graphical software suite. Various memory handling problems or incomplete input sanitising could result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-11251, CVE-2018-12599, CVE-2018-12600, CVE-2018-5248
SHA-256 | 09c1b3f8f249f7d81a4474f0c7bb9f6aa2fb6309774ad033799ef81566339402
GreenCMS 2.3.0603 Information Disclosure
Posted Jun 22, 2018
Authored by vr_system

GreenCMS version 2.3.0603 suffers from a sensitive information disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2018-12604
SHA-256 | 7d6c7ab895eeccc376b61f9eecae36a8cb67d36f6d7dd5c15baf2ee5e36ac928
LFCMS 3.7.0 Cross Site Request Forgery
Posted Jun 21, 2018
Authored by bay0net

LFCMS version 3.7.0 suffers from an add user cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-12602
SHA-256 | 019a98515e52316e1ebaf9556bf4b8652ba3786998863ba5cdf80457643c1520
LFCMS 3.7.0 Cross Site Request Forgery
Posted Jun 21, 2018
Authored by bay0net

LFCMS version 3.7.0 suffers from an add administrator cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-12603
SHA-256 | 4eef414314be16a2167f9c6cdf9b031cbe15fd327d47acab666e4f2d5eb0c19d
Red Hat Security Advisory 2018-1809-01
Posted Jun 7, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1809-01 - Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Spring Boot 1.5.13 serves as a replacement for RHOAR Spring Boot 1.5.12, and includes bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-1257, CVE-2018-1259, CVE-2018-1260
SHA-256 | 184329f58e91f7bb181ed01ae0ec796ff26a4ea085de229b33662310849bde1b
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close