Twenty Year Anniversary
Showing 1 - 25 of 406 RSS Feed

Files Date: 2018-04-01 to 2018-04-30

Debian Security Advisory 4183-1
Posted Apr 29, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4183-1 - It has been discovered that Tor, a connection-based low-latency anonymous communication system, contains a protocol-list handling bug that could be used to remotely crash directory authorities with a null-pointer exception (TROVE-2018-001).

tags | advisory, protocol
systems | linux, debian
advisories | CVE-2018-0490
MD5 | 189421bce99bbe222be894562dae7dfa
Cockpit CMS 0.5.5 Server-Side Request Forgery
Posted Apr 28, 2018
Authored by Jiawang Zhang, Qian Wu, Bo Wang

Cockpit CMS versions 0.4.4 through 0.5.5 suffer from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2017-14611, CVE-2018-9302
MD5 | 2d96d17b2766a1b1bf2e935b6bb58d2f
Debian Security Advisory 4181-1
Posted Apr 28, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4181-1 - Andrea Basile discovered that the 'archive' plugin in roundcube, a skinnable AJAX based webmail solution for IMAP servers, does not properly sanitize a user-controlled parameter, allowing a remote attacker to inject arbitrary IMAP commands and perform malicious actions.

tags | advisory, remote, arbitrary, imap
systems | linux, debian
advisories | CVE-2018-9846
MD5 | 459f02c0a478f815c8a302259ed429ed
Debian Security Advisory 4182-1
Posted Apr 28, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4182-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2018-6056, CVE-2018-6057, CVE-2018-6060, CVE-2018-6061, CVE-2018-6062, CVE-2018-6063, CVE-2018-6064, CVE-2018-6065, CVE-2018-6066, CVE-2018-6067, CVE-2018-6068, CVE-2018-6069, CVE-2018-6070, CVE-2018-6071, CVE-2018-6072, CVE-2018-6073, CVE-2018-6074, CVE-2018-6075, CVE-2018-6076, CVE-2018-6077, CVE-2018-6078, CVE-2018-6079, CVE-2018-6080, CVE-2018-6081, CVE-2018-6082, CVE-2018-6083, CVE-2018-6085, CVE-2018-6086
MD5 | 98a371c8c991350a922b861dabe3051d
Blackboard Learn Open Redirect
Posted Apr 27, 2018
Authored by Ethan Sweet

Blackboard Learn suffers from an open redirection vulnerability.

tags | exploit
advisories | CVE-2017-18262
MD5 | 793b28e5c4f1cdcbb0a285de7e4ace00
Red Hat Security Advisory 2018-1227-01
Posted Apr 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1227-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. This advisory contains RPM packages for this release. Issues addressed include improper path sanitization.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-1102
MD5 | a999d7171bcb58faed6c05473e46226e
Packet Fence 8.0.0
Posted Apr 27, 2018
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Replaced the ISC DHCP server with a new Golang-based DHCP server. Now supporting inline enforcement in active/active clusters. Replaced pfdns with a new Golang-based DNS server. Various other updates.
tags | tool, remote
systems | unix
MD5 | 2bb7f7d86e58111a3c819d11c5e4cd9b
Norton Security For Mac Man-In-The-Middle
Posted Apr 27, 2018
Authored by David Coomber | Site info-sec.ca

Norton Security for Mac versions prior to 7.6 do not validate the SSL certificate it receives when connecting to the server used to download the main installer.

tags | advisory
advisories | CVE-2017-15528
MD5 | 726d633d852943cc853a2a28381f7eec
Hack In The Box GSEC 2018 Singpaore Call For Papers
Posted Apr 27, 2018
Site gsec.hitb.org

Final call for the 2018 Hack In The Box (HITB) GSEC conference in Singapore. HITB GSEC is a 3-day deep knowledge security conference where attendees get to vote on the final agenda of talks and and to meet with the speakers they voted for.

tags | paper, conference
MD5 | 213db60f4f90257921f74bd543bf47f1
Slackware Security Advisory - openvpn Updates
Posted Apr 27, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openvpn packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-9336
MD5 | c7c677e0972bf38f5fee4c7dc9a0ebe7
Red Hat Security Advisory 2018-1253-01
Posted Apr 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1253-01 - The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. Issues addressed include an out-of-bounds array dereference.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2017-12613
MD5 | a1eb5da731e8fe8a8d78ea194a8b93f7
Test Your IQ 1.1 SQL Injection
Posted Apr 27, 2018
Authored by ShanoWeb

Test Your IQ version 1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 39ef4f1fe7185517567932d34df1e147
Frog CMS 0.9.5 Cross Site Scripting
Posted Apr 27, 2018
Authored by Wenming Jiang

Frog CMS version 0.9.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-10321
MD5 | 12b55e239f7f68c79833ccc14795cba9
Navicat Oracle Connection Overflow
Posted Apr 27, 2018
Authored by Kevin McGuigan

Navicat versions prior to 12.0.27 suffer from an oracle connection overflow vulnerability.

tags | exploit, overflow
MD5 | 68d70c7cc0ea9919a6ff96e50358e3ee
TP-Link Technologies TL-WA850RE Wi-Fi Range Extender Unauthorized Remote Reboot
Posted Apr 27, 2018
Authored by Wadeek

TP-Link Technologies TL-WA850RE Wi-Fi Range Extender suffers from an unauthorized remote reboot vulnerability.

tags | exploit, remote
MD5 | 23502cfb730225f75e213d5693e508e8
Drupal Drupalgeddon 2 Forms API Property Injection
Posted Apr 26, 2018
Authored by FireFart, wvu, Nixawk, a2u, Jasper Mattsson | Site metasploit.com

This Metasploit module exploits a Drupal property injection in the Forms API. Drupal versions 6.x, less than 7.58, 8.2.x, less than 8.3.9, less than 8.4.6, and less than 8.5.1 are vulnerable.

tags | exploit
advisories | CVE-2018-7600
MD5 | aff887450f5903c1a65d6723f30ba5b0
GitList 0.6 Remote Code Execution
Posted Apr 26, 2018
Authored by Kacper Szurek

GitList version 0.6 unauthenticated remote code execution exploit.

tags | exploit, remote, code execution
MD5 | 5147c5d3c0bfde4c345eae7b7486b30b
Red Hat Security Advisory 2018-1254-01
Posted Apr 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1254-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql56-mysql. Issues addressed include a ridiculous amount of unspecified vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2018-2755, CVE-2018-2758, CVE-2018-2761, CVE-2018-2766, CVE-2018-2771, CVE-2018-2773, CVE-2018-2781, CVE-2018-2782, CVE-2018-2784, CVE-2018-2787, CVE-2018-2805, CVE-2018-2813, CVE-2018-2817, CVE-2018-2818, CVE-2018-2819
MD5 | 873f8c3c15b55063a75a4c937232f875
Red Hat Security Advisory 2018-1252-01
Posted Apr 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1252-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed relate to speculative execution.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2013-2929, CVE-2017-5715
MD5 | c8a24214b73eb555978b4c9b851b478c
Google Chrome V8 AwaitedPromise Update Bug
Posted Apr 26, 2018
Authored by Google Security Research, lokihardt

Google Chrome V8 Await methods call ResolveNativePromise which calls InternalResolvePromise which can invoke a user JavaScript code through a "then" getter. If the AwaitedPromise is replaced by the user script, the AwaitedPromise will be immediately overwritten after the call to Await, this may lead the generator to an incorrect state.

tags | exploit, javascript
advisories | CVE-2018-6106
MD5 | eb56f2216b0ca1318d166d23fcad7b4c
Debian Security Advisory 4180-1
Posted Apr 26, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4180-1 - A remote code execution vulnerability has been found in Drupal, a fully-featured content management framework.

tags | advisory, remote, code execution
systems | linux, debian
advisories | CVE-2018-7602
MD5 | 9b942c3459bfdadf2032b397cf8289f0
Red Hat Security Advisory 2018-1251-01
Posted Apr 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1251-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and traversal vulnerabilities.

tags | advisory, java, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-1047, CVE-2018-1067, CVE-2018-8088
MD5 | cd166be202069011168f2de1f7e1204c
HRSALE The Ultimate HRM 1.0.2 Cross Site Scripting
Posted Apr 26, 2018
Authored by 8bitsec

HRSALE The Ultimate HRM version 1.0.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-10259
MD5 | 99b5f4f3d0fea051e03aa7c5af9d1642
HRSALE The Ultimate HRM 1.0.2 Local File Inclusion
Posted Apr 26, 2018
Authored by 8bitsec

HRSALE The Ultimate HRM version 1.0.2 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2018-10260
MD5 | e6040929e102625a337987f30072da4c
Oracle Outside In Technology 8.5.3 Use-After-Free
Posted Apr 26, 2018
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research has discovered a vulnerability in Oracle Outside In Technology, which can be exploited by malicious people to compromise a vulnerable system. Version 8.5.3 is affected.

tags | advisory
advisories | CVE-2018-2806
MD5 | 250709650a1a86fcd9c578320fa900bb
Page 1 of 17
Back12345Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    5 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close