what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2018-02-12

Red Hat Security Advisory 2018-0296-01
Posted Feb 12, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0296-01 - Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems - such as multiple databases, XML files, and even Hadoop systems - appear as a set of tables in a local database. This release of Red Hat JBoss Data Virtualization 6.4 serves as a replacement for Red Hat JBoss Data Virtualization 6.3.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2016-6343, CVE-2016-7034
SHA-256 | 909456f2be517d3304345be770455bd334dcc4e6a487e1d12447841d1ee55bce
Debian Security Advisory 4111-2
Posted Feb 12, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4111-2 - Mikhail Klementev, Ronnie Goodrich and Andrew Krasichkov discovered that missing restrictions in the implementation of the WEBSERVICE function in LibreOffice could result in the disclosure of arbitrary files readable by the user who opens a malformed document.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2018-6871
SHA-256 | d2adb550f067e2edb76fce3aa20fd6c76d87d59c6385b5ad1948e55508ed501b
Ubuntu Security Notice USN-3568-1
Posted Feb 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3568-1 - Hanno Böck discovered that WavPack incorrectly handled certain WV files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Joonun Jang discovered that WavPack incorrectly handled certain RF64 files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 17.10. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-10169, CVE-2018-6767
SHA-256 | 85a3ebe5c233f84d7efdbe94a831b0b2e8ab84740324ddf683d38e1f8068dc02
HPE Security Bulletin HPESBHF03819 1
Posted Feb 12, 2018
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBHF03819 1 - HPE XP Storage using Hitachi Global Link Manager (HGLM) has a local authenticated information disclosure vulnerability in HGLM version HGLM 6.3.0-00 to 8.5.2-00. Revision 1 of this advisory.

tags | advisory, local, info disclosure
advisories | CVE-2017-8985
SHA-256 | 35412125b1056d70fc173b7471d15999f77adad0b6754e06982fde2be9037cc2
Red Hat Security Advisory 2018-0294-01
Posted Feb 12, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0294-01 - Red Hat JBoss Data Grid is a distributed in-memory data grid, based on Infinispan. This release of Red Hat JBoss Data Grid 7.1.2 serves as a replacement for Red Hat JBoss Data Grid 7.1.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2014-9970, CVE-2017-15089, CVE-2017-7525
SHA-256 | f2c0ba8fb22651464db4fbf62c82d8cd5f89c3ba24bbae2bbea751eb86fcd9ae
Ubuntu Security Notice USN-3567-1
Posted Feb 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3567-1 - It was discovered that Puppet incorrectly handled permissions when unpacking certain tarballs. A local user could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2017-10689
SHA-256 | 9434dc6d9c56d9942b10646124862d1540e85a682ffac1a663d97c167652188b
Ubuntu Security Notice USN-3566-1
Posted Feb 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3566-1 - It was discovered that PHP incorrectly handled the PHAR 404 error page. A remote attacker could possibly use this issue to conduct cross-site scripting attacks. It was discovered that PHP incorrectly handled memory when unserializing certain data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, php, xss
systems | linux, ubuntu
advisories | CVE-2017-12933, CVE-2017-16642, CVE-2018-5712
SHA-256 | 3adcbbffd16eff5d2ca7db2a1a78133bcd14add6d43c9adf00bb524218d2aef4
CloudMe Sync 1.10.9 Remote Buffer Overflow
Posted Feb 12, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

CloudMe Sync versions 1.10.9 and below suffer from an unauthenticated remote buffer overflow vulnerability.

tags | exploit, remote, overflow
advisories | CVE-2018-6892
SHA-256 | 307a174d4e2ca11e05d03cb3342637326e0256f73524c109407bcf4616f06332
LogicalDOC Enterprise 7.7.4 Post-Auth Command Execution
Posted Feb 12, 2018
Authored by LiquidWorm | Site zeroscience.mk

LogicalDOC Enterprise version 7.7.4 suffers from a post-authentication command execution vulnerability via binary path manipulation.

tags | exploit
SHA-256 | 3b03afdfaa77fee2d69c4848111c8815b8b03aee1e29ac73c8fe9f2fda0e9e18
LogicalDOC Enterprise 7.7.4 Username Enumeration Weakness
Posted Feb 12, 2018
Authored by LiquidWorm | Site zeroscience.mk

LogicalDOC Enterprise version 7.7.4 suffers from a username enumeration weakness vulnerability.

tags | exploit
SHA-256 | 3341c6779b81ffecf5473a04978fa7c12903c213c570b25e23f72268fefccb43
LogicalDOC Enterprise 7.7.4 Directory Traversal
Posted Feb 12, 2018
Authored by LiquidWorm | Site zeroscience.mk

LogicalDOC Enterprise version 7.7.4 suffers from directory traversal vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 508c6f5721028eadfaa7ac845fbf4adcff64d55e84ecf6e72abdcf804aeaf570
LogicalDOC Enterprise 7.7.4 Reflected Cross Site Scripting
Posted Feb 12, 2018
Authored by LiquidWorm | Site zeroscience.mk

LogicalDOC Enterprise version 7.7.4 suffers from reflected cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 8bf528995af19cea1bc75484ef4b44a00f1f023281194fde4e256b56cfd94f21
Ubuntu Security Notice USN-3565-1
Posted Feb 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3565-1 - Meh Chang discovered that Exim incorrectly handled memory in certain decoding operations. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-6789
SHA-256 | af6290b7d81b5f37c8718f3ea211ac9f5fe0e3ba2706920599cde51286c5524b
Gentoo Linux Security Advisory 201802-01
Posted Feb 12, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201802-1 - Multiple vulnerabilities have been found in VirtualBox, the worst of which could allow an attacker to take control of VirtualBox. Versions prior to 5.1.32 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2018-2676, CVE-2018-2685, CVE-2018-2686, CVE-2018-2687, CVE-2018-2688, CVE-2018-2689, CVE-2018-2690, CVE-2018-2693, CVE-2018-2694, CVE-2018-2698
SHA-256 | 3eff27ee3cb3fac8ed2fbe42a43b2e137e3f1e761b264492611f01f3ae88462a
TCP Starvation
Posted Feb 12, 2018
Authored by Eplox

Whitepaper called TCP Starvation. It discusses a new variant of a denial of service attack.

tags | paper, denial of service, tcp
SHA-256 | 0353ba67461158e572c7a028373eee036d6bd86a09387a03ac20ae202c31dd03
Ciesto Solutions ERP System SQL Injection
Posted Feb 12, 2018
Authored by Faraday_U_24B6

Ciesto Solutions ERP System suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 46cc8f0a5502245c50fc47f466d15fa69244c93103ee459775af3a90f92ff478
Advantech WebAccess Node 8.3.0 DLL Hijacking
Posted Feb 12, 2018
Authored by Nassim Asrir

Advantech WebAccess Node version 8.3.0 suffers from an AspVBObj.dll code execution dll hijacking vulnerability.

tags | exploit, code execution
systems | windows
advisories | CVE-2018-6911
SHA-256 | f23fb09d3ddbd27b28a36a2345a48287617cdb0794f4b2379069d512284d3b79
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close