Twenty Year Anniversary
Showing 1 - 25 of 32 RSS Feed

Files Date: 2018-07-11

QNAP Qcenter Virtual Appliance 1.6.x Information Disclosure / Command Injection
Posted Jul 11, 2018
Authored by Core Security Technologies, Ivan Huertas | Site coresecurity.com

QNAP Qcenter Virtual Appliance versions 1.6.1056 (20170825) and 1.6.1075 (20171123) suffer from information disclosure and command injection vulnerabilities.

tags | exploit, vulnerability, info disclosure
advisories | CVE-2018-0706, CVE-2018-0707, CVE-2018-0708, CVE-2018-0709, CVE-2018-0710
MD5 | d0c0ba61b46957bc948ee79547357e3f
Red Hat Security Advisory 2018-2181-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2181-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-12020
MD5 | dff6c5a4c4358378431bd385ba866ec7
Red Hat Security Advisory 2018-2180-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2180-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-12020
MD5 | 7a1bcbb4f44332072fe71fea5303c4da
Red Hat Security Advisory 2018-2179-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2179-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a replay attack.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-10861, CVE-2018-1128, CVE-2018-1129
MD5 | 680f123b307525ab720c8060a21e44bf
Red Hat Security Advisory 2018-2177-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2177-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a replay attack.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-10861, CVE-2018-1128, CVE-2018-1129
MD5 | aeab34bac5f75cc7b67798320789e7d0
Ubuntu Security Notice USN-3713-1
Posted Jul 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3713-1 - It was discovered that CUPS incorrectly handled certain print jobs with invalid usernames. A remote attacker could possibly use this issue to cause CUPS to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 17.10 and Ubuntu 18.04 LTS. Dan Bastone discovered that the CUPS dnssd backend incorrectly handled certain environment variables. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2017-18248, CVE-2018-4180, CVE-2018-4181, CVE-2018-6553
MD5 | d5836de7b647e5a2e0a10dd106e10b64
Red Hat Security Advisory 2018-2175-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2175-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 30.0.0.134. Issues addressed include code execution and information leakage vulnerabilities.

tags | advisory, web, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-5007, CVE-2018-5008
MD5 | d4c3d2729222c79227c2b2b99e7c8768
Ubuntu Security Notice USN-3712-2
Posted Jul 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3712-2 - USN-3712-1 fixed a vulnerability in libpng. This update provides the corresponding update for Ubuntu 12.04 ESM. Patrick Keshishian discovered that libpng incorrectly handled certain PNG files. An attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-10087
MD5 | 76f76ca5b5014c417a22b9e6f7000d52
Red Hat Security Advisory 2018-2171-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2171-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2018-3639
MD5 | 2efc8b268faae164add22d67a8311bbd
Red Hat Security Advisory 2018-2172-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2172-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2017-14106, CVE-2018-3639
MD5 | 4765660be418eac5b035c9196d51d027
Ubuntu Security Notice USN-3712-1
Posted Jul 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3712-1 - Patrick Keshishian discovered that libpng incorrectly handled certain PNG files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Thuan Pham discovered that libpng incorrectly handled certain PNG files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 17.10 and Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-10087, CVE-2018-13785
MD5 | b590ca0f92081a8dac2ec8fb94592772
Debian Security Advisory 4243-1
Posted Jul 11, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4243-1 - Several vulnerabilities were discovered in CUPS, the Common UNIX Printing System.

tags | advisory, vulnerability
systems | linux, unix, debian
advisories | CVE-2017-15400, CVE-2018-4180, CVE-2018-4181, CVE-2018-4182, CVE-2018-4183, CVE-2018-6553
MD5 | 662c30e0c1f0bfe7c7a3d4b17ffa744c
Ubuntu Security Notice USN-3711-1
Posted Jul 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3711-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-12599
MD5 | 9bb0e209828356dbe86e4a8741279e8f
Ubuntu Security Notice USN-3710-1
Posted Jul 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3710-1 - Peter Wu discovered that curl incorrectly handled certain SMTP buffers. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-0500
MD5 | 28725962f56048e64461b4495f54a8cd
ASUS WRT-AC66U 3.x Cross Site Scripting
Posted Jul 11, 2018
Authored by Lawrence Amer | Site vulnerability-lab.com

ASUS WRT-AC66U version 3.x suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | aba480dfcc85355673312758589656c4
AT&T Bizcircle Cross Site Scripting
Posted Jul 11, 2018
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

AT&T Bizcircle suffered from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6af7e51a7e3f193603f050d6f1455865
Intel System CU 14.0 / 14.1 Buffer Overflow
Posted Jul 11, 2018
Authored by S.AbenMassaoud | Site vulnerability-lab.com

Intel System CU versions 14.0 and 14.1 suffer from a buffer overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2018-3661
MD5 | eb846c95a5557b45f2f5ae448248b0cf
Secutech DSL WR RIS 330 Cross Site Scripting
Posted Jul 11, 2018
Authored by Lawrence Amer | Site vulnerability-lab.com

Secutech DSL WR RIS 330 suffers from bypass and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 17790cf345c66be4d62639d40e195a4f
WAGO e!DISPLAY 7300T XSS / File Upload / Code Execution
Posted Jul 11, 2018
Authored by T. Weber | Site sec-consult.com

WAGO e!DISPLAY 7300T WP 4.3 480x272 PIO1 version FW 01 - 01.01.10(01) suffer from code execution, cross site scripting, weak permission, and remote file upload vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, file upload
advisories | CVE-2018-12979, CVE-2018-12980, CVE-2018-12981
MD5 | f12e1bdd6ce0d40862c5cca1957f6a1a
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Jul 11, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix bugs and security issues.

tags | advisory
systems | linux, slackware
MD5 | e27f38a7c6711bf6e3723d74635b9a46
Rikki Don't Lose That Bluetooth Device
Posted Jul 11, 2018
Authored by Matthias Deeg, Gerhard Klostermeier

In this article, the authors want to present an example of exploiting a trust relationship between two technical devices that can put the confidentiality of sensitive data or the integrity of a computer system at risk. This trust relationship they exploit exists between two Bluetooth devices: On the one side a computer system you want to remain secure and you don't want to be compromised, for example your laptop, or your smartphone, and on the other side a Bluetooth device you usually do not consider worth protecting with special diligence as it simply is an output device of a specific kind and does not persistently store any of your valuable data locally, for example headphones.

tags | paper
MD5 | ca29bc7edd73c43f926cb262ce678f74
Instagram Clone Script 2.0 Cross Site Scripting
Posted Jul 11, 2018
Authored by Borna Nematzadeh

Instagram Clone Script version 2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-13849
MD5 | 0c815e52abb806819d20e05d3af573fc
Barracuda ADC 5.x Client-Side Script Insertion
Posted Jul 11, 2018
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Barracuda ADC versions 5.x suffer from a client-side script insertion vulnerability.

tags | exploit
MD5 | 69346ee00813123dcfab7c214226b00d
Red Hat Security Advisory 2018-2167-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2167-01 - .NET Core is a managed software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address several security vulnerabilities are now available. The updated versions are .NET Core 1.0.12, 1.1.9, 2.0.9, and 2.1.2. These versions correspond to the July 2018 security release by .NET Core upstream projects.

tags | advisory, vulnerability
systems | linux, redhat
MD5 | 26be776368f3bffd90d168fa0eca279b
Barracuda ADC 5.x Filter Bypass / Cross Site Scripting
Posted Jul 11, 2018
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Barracuda ADC versions 5.x suffer from filter bypass and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 4922f65cd11623f8f9e1265483337ccd
Page 1 of 2
Back12Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close