what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-11-27

Visual Paradigm Server 10.0 Cross Site Scripting
Posted Nov 27, 2015
Authored by Manuel Mancera

Visual Paradigm Server version 10.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e73763c29114d3906a45e2af827e569b
Red Hat Security Advisory 2015-2517-01
Posted Nov 27, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2517-01 - Apache Commons Collections is a library built upon Java JDK classes by providing new interfaces, implementations and utilities. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-7501
MD5 | 8ca7828726ccafd0284b76ef659e15a6
Red Hat Security Advisory 2015-2516-01
Posted Nov 27, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2516-01 - Apache Commons Collections is a library built upon Java JDK classes by providing new interfaces, implementations and utilities. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-7501
MD5 | 2ff98908481157b3d767128b7c16d04c
Red Hat Security Advisory 2015-2515-01
Posted Nov 27, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2515-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. A flaw was found in the way the git-remote-ext helper processed certain URLs. If a user had Git configured to automatically clone submodules from untrusted repositories, an attacker could inject commands into the URL of a submodule, allowing them to execute arbitrary code on the user's system.

tags | advisory, remote, arbitrary
systems | linux, redhat
MD5 | 92603867f8ae71c2b9527a995b6b7afb
Debian Security Advisory 3404-1
Posted Nov 27, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3404-1 - Ryan Butterfield discovered a vulnerability in the date template filter in python-django, a high-level Python web development framework. A remote attacker can take advantage of this flaw to obtain any secret in the application's settings.

tags | advisory, remote, web, python
systems | linux, debian
advisories | CVE-2015-8213
MD5 | d88fd71d3211ddd5a510c9013e926ccc
Ubuntu Security Notice USN-2818-1
Posted Nov 27, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2818-1 - It was discovered that rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed. Am attacker could use this to expose sensitive information or possibly execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-4871
MD5 | 5e228cb67945fe786a60acb4b8570d7d
HP Security Bulletin HPSBGN03523 1
Posted Nov 27, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03523 1 - A potential security vulnerability has been identified in HP Loadrunner Virtual Table Server that could be exploited remotely resulting in the execution of code. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2015-6857
MD5 | d5bbe9a4bd5b08c5740bcfbbf6008c4a
Ubuntu Security Notice USN-2820-1
Posted Nov 27, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2820-1 - Hanno Boeck discovered that the dpkg-deb tool incorrectly handled certain old style Debian binary packages. If a user or an automated system were tricked into unpacking a specially crafted binary package, a remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, debian, ubuntu
advisories | CVE-2015-0860
MD5 | 3e9cf1eb8dd0479116658a68800e106c
Debian Security Advisory 3407-1
Posted Nov 27, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3407-1 - Hanno Boeck discovered a stack-based buffer overflow in the dpkg-deb component of dpkg, the Debian package management system. This flaw could potentially lead to arbitrary code execution if a user or an automated system were tricked into processing a specially crafted Debian binary package (.deb) in the old style Debian binary package format.

tags | advisory, overflow, arbitrary, code execution
systems | linux, debian
advisories | CVE-2015-0860
MD5 | f2a27348b5f9a4e0ddd79dd6b67a2aae
Red Hat Security Advisory 2015-2519-01
Posted Nov 27, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2519-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A same-origin policy bypass flaw was found in the way Thunderbird handled certain cross-origin resource sharing requests. A web page containing malicious content could cause Thunderbird to disclose sensitive information.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2015-4513, CVE-2015-7189, CVE-2015-7193, CVE-2015-7197, CVE-2015-7198, CVE-2015-7199, CVE-2015-7200
MD5 | 6bc1046a15b99db8952c14b22fa84adb
Red Hat Security Advisory 2015-2520-01
Posted Nov 27, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2520-01 - The Network Time Protocol is used to synchronize a computer's time with a referenced time source. It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. A remote attacker could use this flaw to send a crafted Kiss-of-Death packet to an ntpd client that would increase the client's polling interval value, and effectively disable synchronization with the server.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2015-7704
MD5 | 2901ee3079f000fc7b23d245cdee413c
Debian Security Advisory 3405-1
Posted Nov 27, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3405-1 - Tero Marttila discovered that the Debian packaging for smokeping installed it in such a way that the CGI implementation of Apache httpd (mod_cgi) passed additional arguments to the smokeping_cgi program, potentially leading to arbitrary code execution in response to crafted HTTP requests.

tags | advisory, web, arbitrary, cgi, code execution
systems | linux, debian
advisories | CVE-2015-0859
MD5 | 5f22316348f6b9f7f665784709b9c550
Debian Security Advisory 3406-1
Posted Nov 27, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3406-1 - It was discovered that incorrect memory allocation in the NetScape Portable Runtime library might result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2015-7183
MD5 | 1caa2e1f4d34bccd8ca969134160f476
Red Hat Security Advisory 2015-2518-01
Posted Nov 27, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2518-01 - IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-4805, CVE-2015-4806, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4872, CVE-2015-4883, CVE-2015-4902, CVE-2015-4903
MD5 | 3b3d7230ab72682f45f88bdaf566deca
ProFTPd 1.3.5a Heap Overflow
Posted Nov 27, 2015
Authored by Nicholas Lemonias

ProFTPd version 1.3.5a suffers from heap overflow vulnerabilities.

tags | advisory, overflow, vulnerability
MD5 | ebb546df9609d5827f90fdfe2f5d1c6b
Page 1 of 1
Back1Next

File Archive:

March 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    19 Files
  • 2
    Mar 2nd
    15 Files
  • 3
    Mar 3rd
    30 Files
  • 4
    Mar 4th
    13 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close