exploit the possibilities
Showing 1 - 25 of 32 RSS Feed

Files Date: 2018-07-11

QNAP Qcenter Virtual Appliance 1.6.x Information Disclosure / Command Injection
Posted Jul 11, 2018
Authored by Core Security Technologies, Ivan Huertas | Site coresecurity.com

QNAP Qcenter Virtual Appliance versions 1.6.1056 (20170825) and 1.6.1075 (20171123) suffer from information disclosure and command injection vulnerabilities.

tags | exploit, vulnerability, info disclosure
advisories | CVE-2018-0706, CVE-2018-0707, CVE-2018-0708, CVE-2018-0709, CVE-2018-0710
SHA-256 | d468f350b0e3bb3d4bd9bf10b3b49470163d611522cabc435f5fd39081341998
Red Hat Security Advisory 2018-2181-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2181-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-12020
SHA-256 | 52028cf1f6db5944f1b973c2d1be9658dbc142764c48fc8560d6d3b5e94951da
Red Hat Security Advisory 2018-2180-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2180-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-12020
SHA-256 | 2f2fc656a581e7a0b0a806028dac8470629fd42649f68fd5af9f7580518b6aeb
Red Hat Security Advisory 2018-2179-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2179-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a replay attack.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-10861, CVE-2018-1128, CVE-2018-1129
SHA-256 | dcc4b3046d8cff4c77cd181b7bb36d7967e583f5ca3b5fab4427296c02f4669b
Red Hat Security Advisory 2018-2177-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2177-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a replay attack.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-10861, CVE-2018-1128, CVE-2018-1129
SHA-256 | f66ca56100c49f8187579e719075112a6d84ba932d8fee2c646889b4646415fe
Ubuntu Security Notice USN-3713-1
Posted Jul 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3713-1 - It was discovered that CUPS incorrectly handled certain print jobs with invalid usernames. A remote attacker could possibly use this issue to cause CUPS to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 17.10 and Ubuntu 18.04 LTS. Dan Bastone discovered that the CUPS dnssd backend incorrectly handled certain environment variables. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2017-18248, CVE-2018-4180, CVE-2018-4181, CVE-2018-6553
SHA-256 | 696d3fdbcef1b01d52dff2f4565355074090de06c6cc24cb37ef6444f2ca5109
Red Hat Security Advisory 2018-2175-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2175-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 30.0.0.134. Issues addressed include code execution and information leakage vulnerabilities.

tags | advisory, web, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-5007, CVE-2018-5008
SHA-256 | 7e822f19628fcf55de77c9289e9debc357295bd640fcd81c9cff8956a2130b22
Ubuntu Security Notice USN-3712-2
Posted Jul 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3712-2 - USN-3712-1 fixed a vulnerability in libpng. This update provides the corresponding update for Ubuntu 12.04 ESM. Patrick Keshishian discovered that libpng incorrectly handled certain PNG files. An attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-10087
SHA-256 | 150dd69707b25b37b367c9d9b2ee47ad70d22c63637146c4e616f1234c6b6eb3
Red Hat Security Advisory 2018-2171-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2171-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2018-3639
SHA-256 | de0f56c6c7b249012a387ea4fcf7ab085c6f818aa0791e0e2cb6f63d42a0a112
Red Hat Security Advisory 2018-2172-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2172-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2017-14106, CVE-2018-3639
SHA-256 | 120618865f27d7b90f6c963f7b6c5b96f23495fb6c517ea21fe91d7d65b37acb
Ubuntu Security Notice USN-3712-1
Posted Jul 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3712-1 - Patrick Keshishian discovered that libpng incorrectly handled certain PNG files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Thuan Pham discovered that libpng incorrectly handled certain PNG files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 17.10 and Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-10087, CVE-2018-13785
SHA-256 | 1572d5cb56753915b7a92ced20be9c8bc8ddb3cb195cffb7589ec0bd3721f7be
Debian Security Advisory 4243-1
Posted Jul 11, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4243-1 - Several vulnerabilities were discovered in CUPS, the Common UNIX Printing System.

tags | advisory, vulnerability
systems | linux, unix, debian
advisories | CVE-2017-15400, CVE-2018-4180, CVE-2018-4181, CVE-2018-4182, CVE-2018-4183, CVE-2018-6553
SHA-256 | aca1858973f34db6367f75c04838d3899ca1dfc9eb689872c60d225aabc1afd1
Ubuntu Security Notice USN-3711-1
Posted Jul 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3711-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-12599
SHA-256 | 43499196ea3a89189959663742163f66dab74023ab72de3a6654c126bbeef0fe
Ubuntu Security Notice USN-3710-1
Posted Jul 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3710-1 - Peter Wu discovered that curl incorrectly handled certain SMTP buffers. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-0500
SHA-256 | 80a2b90af8e17bbed5256e4745e44fc313b6f24d80e3fba89089ca8b34392848
ASUS WRT-AC66U 3.x Cross Site Scripting
Posted Jul 11, 2018
Authored by Vulnerability Laboratory, Lawrence Amer | Site vulnerability-lab.com

ASUS WRT-AC66U version 3.x suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 25f38421dce8448e1973b878362b6084ab7cef4bc97261b008c67a51d03ebb73
AT&T Bizcircle Cross Site Scripting
Posted Jul 11, 2018
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

AT&T Bizcircle suffered from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 67231592a84f928b34d59cd3017e9fc590b60931772a091e74e87da4fcc51f44
Intel System CU 14.0 / 14.1 Buffer Overflow
Posted Jul 11, 2018
Authored by Vulnerability Laboratory, S.AbenMassaoud | Site vulnerability-lab.com

Intel System CU versions 14.0 and 14.1 suffer from a buffer overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2018-3661
SHA-256 | b08a71520ac93d53b65797c8f313d51e383ee856103ba5c0015950cea6f27843
Secutech DSL WR RIS 330 Cross Site Scripting
Posted Jul 11, 2018
Authored by Vulnerability Laboratory, Lawrence Amer | Site vulnerability-lab.com

Secutech DSL WR RIS 330 suffers from bypass and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 604b5febb245493ac9cec131d55afb3daf720560081f73acda841f8fbd023cd7
WAGO e!DISPLAY 7300T XSS / File Upload / Code Execution
Posted Jul 11, 2018
Authored by T. Weber | Site sec-consult.com

WAGO e!DISPLAY 7300T WP 4.3 480x272 PIO1 version FW 01 - 01.01.10(01) suffer from code execution, cross site scripting, weak permission, and remote file upload vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, file upload
advisories | CVE-2018-12979, CVE-2018-12980, CVE-2018-12981
SHA-256 | 4ddfd7e4aeded2b9a09503c3772f049b2865f8a9549663d294404fbb6dff2c0a
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Jul 11, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix bugs and security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 0d2cbd27f7b56b47c03db4cb6dddb5af5a4867844c88c7b8aaf3cbd41e1518d1
Rikki Don't Lose That Bluetooth Device
Posted Jul 11, 2018
Authored by Matthias Deeg, Gerhard Klostermeier

In this article, the authors want to present an example of exploiting a trust relationship between two technical devices that can put the confidentiality of sensitive data or the integrity of a computer system at risk. This trust relationship they exploit exists between two Bluetooth devices: On the one side a computer system you want to remain secure and you don't want to be compromised, for example your laptop, or your smartphone, and on the other side a Bluetooth device you usually do not consider worth protecting with special diligence as it simply is an output device of a specific kind and does not persistently store any of your valuable data locally, for example headphones.

tags | paper
SHA-256 | b73346666342349f472c954f5a015752063415c14b1cc1ea74d10fb17608bf4a
Instagram Clone Script 2.0 Cross Site Scripting
Posted Jul 11, 2018
Authored by Borna Nematzadeh

Instagram Clone Script version 2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-13849
SHA-256 | d4bb14032c5930eee2cbe4af21e14f3b5fbc79578874f4495a10ef8a06c83db8
Barracuda ADC 5.x Client-Side Script Insertion
Posted Jul 11, 2018
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Barracuda ADC versions 5.x suffer from a client-side script insertion vulnerability.

tags | exploit
SHA-256 | 3ed5aa932b59a3840c5030e45858cf115c1a1549e2350b780c701c93d2a32aa0
Red Hat Security Advisory 2018-2167-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2167-01 - .NET Core is a managed software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address several security vulnerabilities are now available. The updated versions are .NET Core 1.0.12, 1.1.9, 2.0.9, and 2.1.2. These versions correspond to the July 2018 security release by .NET Core upstream projects.

tags | advisory, vulnerability
systems | linux, redhat
SHA-256 | c646ace6ae9258cf3d77fb0dc1589f7fb9e6159e4c489fcec2b891f919e17fe5
Barracuda ADC 5.x Filter Bypass / Cross Site Scripting
Posted Jul 11, 2018
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Barracuda ADC versions 5.x suffer from filter bypass and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | a772d36d518a6c3906a380f6f5015a6140643398577eea8d157e748cc0e6a212
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close