what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

Files Date: 2018-11-14

Atlassian Jira Authenticated Upload Code Execution
Posted Nov 14, 2018
Authored by Alexander Gonzalez | Site metasploit.com

This Metasploit module can be used to execute a payload on Atlassian Jira via the Universal Plugin Manager(UPM). The module requires valid login credentials to an account that has access to the plugin manager. The payload is uploaded as a JAR archive containing a servlet using a POST request against the UPM component. The check command will test the validity of user supplied credentials and test for access to the plugin manager.

tags | exploit
SHA-256 | fb47812af6f170c72f706227c7635ea0efcb1f492374881294375137a6d0c137
Ubuntu Security Notice USN-3817-1
Posted Nov 14, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3817-1 - It was discovered that Python incorrectly handled large amounts of data. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. It was discovered that Python incorrectly handled running external commands in the shutil module. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2018-1000030, CVE-2018-1000802, CVE-2018-14647
SHA-256 | 03b91d747808db6662227ba32df53ee769cca67a7c8ef16b220c02b136f095e6
SwitchVPN For MacOS / Windows 2.1012.03 Man-In-The-Middle
Posted Nov 14, 2018
Authored by Bernd Leitner

SwitchVPN for MacOS and Windows version 2.1012.03 suffers from a man-in-the-middle vulnerability.

tags | exploit
systems | windows
SHA-256 | bb38df2916279a67eae167360690706c54013599fd3e8810b088263a9fa9d6b4
Microsoft Security Advisory Update CVE Addition
Posted Nov 14, 2018
Site microsoft.com

This Microsoft bulletin summary lists a new CVE that has been added to the November advisory.

tags | advisory
advisories | CVE-2018-8529
SHA-256 | 1570340541d2bb99e7c9e8a3f6917674ae600f0d2ca7397ba6d668922875f28c
Red Hat Security Advisory 2018-3601-01
Posted Nov 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3601-01 - OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fiber Channel, iSCSI, and NFS mounts attached to Compute nodes. Issues addressed include a failure to delete data.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2017-15139
SHA-256 | 306deee33c560015c34a6495bac43afbd182746787a850ea8fe89368dbc97f92
OCS Inventory NG ocsreports Shell Upload
Posted Nov 14, 2018
Authored by Simon Uvarov

OCS Inventory NG suffers from an ocsreports authenticated remote code execution vulnerability via a shell upload.

tags | exploit, remote, shell, code execution
advisories | CVE-2018-15537
SHA-256 | 24d22f114a3cf7d6004bf89c7745ac2a396b3daec40452cab1bc1b32f0c94835
Red Hat Security Advisory 2018-3600-01
Posted Nov 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3600-01 - The python-cryptography packages contain a Python Cryptographic Authority's cryptography library, which provides cryptographic primitives and recipes to Python developers. Issues addressed include a tag forgery vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2018-10903
SHA-256 | e06ef5a025c2fb21dd05ef7409e10e5310b636ef92cda32eddfb5efc0c1b4870
Alive Parish 2.0.4 File Upload / SQL Injection
Posted Nov 14, 2018
Authored by Ihsan Sencan

Alive Parish version 2.0.4 suffers from remote file upload and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, file upload
SHA-256 | 13e52b63ee03ace99467ba4a684173a599e0af52a1f92ea2ec58619487f54c24
Maitra Mail Tracking System 1.7.2 SQL Injection / Database File Download
Posted Nov 14, 2018
Authored by Ihsan Sencan

Maitra Mail Tracking System version 1.7.2 suffers from remote SQL injection and database file download vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | d0058ad01d7cee1f55923aafeb38114a18d4b21914dd662ce46c678fbe5222c7
Microsoft Security Update Summary For November 13, 2018
Posted Nov 14, 2018
Site microsoft.com

This Microsoft summary lists Microsoft security updates released for November 13, 2018.

tags | advisory
SHA-256 | 42d64d15f9bd050b8cafe4f3d736f8896e665a5146ec17b3b4da024bded44863
Microsoft Security Advisory Updates For November 13, 2018
Posted Nov 14, 2018
Site microsoft.com

This Microsoft advisory notification includes advisories released or updated on November 13, 2018.

tags | advisory
SHA-256 | 2fb5736b3191a695873e77b11348a0e56e6c6a60ec1000bc3660d211e37a5eaa
SIPve 0.0.2-R19 SQL Injection
Posted Nov 14, 2018
Authored by Ihsan Sencan

SIPve version 0.0.2-R19 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1e205bf5d38f212cb56a15b6edfc2b6a152682cb1d57a7ed5ea4df8701fc7c93
SwitchVPN For MacOS 2.1012.03 Privilege Escalation
Posted Nov 14, 2018
Authored by Bernd Leitner

SwitchVPN for MacOS version 2.1012.03 suffers from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2018-18860
SHA-256 | 0d318968cae2b90169b2552a12c8ab32488a546badc48ecfe4e8001449fc3c0c
Red Hat Security Advisory 2018-3595-01
Posted Nov 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3595-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.5 serves as a replacement for Red Hat Single Sign-On 7.2.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2018-10894, CVE-2018-14627, CVE-2018-14655, CVE-2018-14657, CVE-2018-14658
SHA-256 | 61d48207c326fdf7bcf8d805b68679a276363d1bd9f0c68cd0d3f85ce4894584
Red Hat Security Advisory 2018-3593-01
Posted Nov 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3593-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.5 serves as a replacement for Red Hat Single Sign-On 7.2.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2018-10894, CVE-2018-14655, CVE-2018-14657, CVE-2018-14658
SHA-256 | ae6d24611b65a597b874c13e22b715668b7bf792cc29ac0ba1baa739af4d210f
Webiness Inventory 2.3 SQL Injection
Posted Nov 14, 2018
Authored by Ihsan Sencan

Webiness Inventory version 2.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 25f09879c0db287dad2fc64ac71621a7e9b49d26fea899646879a6d6d7b9127e
Webiness Inventory 2.3 Cross Site Request Forgery / Shell Upload
Posted Nov 14, 2018
Authored by Ihsan Sencan

Webiness Inventory version 2.3 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
SHA-256 | 683ffb2a25365218ef07730178c4da2bb2d28d090c9924b039f5e7c3daac34a9
Red Hat Security Advisory 2018-3592-01
Posted Nov 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3592-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.5 serves as a replacement for Red Hat Single Sign-On 7.2.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2018-10894, CVE-2018-14655, CVE-2018-14657, CVE-2018-14658
SHA-256 | 989a9b57ce6034bde23ac0385f6ebd053dbc969de4b8dc96b28c2d01cd0ddb56
Red Hat Security Advisory 2018-3591-01
Posted Nov 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3591-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2017-18344, CVE-2018-14634
SHA-256 | ccf8060e03ef67ab708802c8654d1b6d77da8af66f7e306750e5d6334f9a4f25
ClipperCMS 1.3.3 Cross Site Request Forgery
Posted Nov 14, 2018
Authored by Ameer Pornillos

ClipperCMS version 1.3.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-19135
SHA-256 | d09486642ab60b675d0329207cb0cacb806e94fc94714a2fa51660ade3ebe27c
Red Hat Security Advisory 2018-3590-01
Posted Nov 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3590-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2017-18344, CVE-2018-10675, CVE-2018-14634, CVE-2018-5391
SHA-256 | e1f32d161373ab4335bdb583d19868b2299507b80221f4b698d47f09a7185dc2
Red Hat Security Advisory 2018-3540-01
Posted Nov 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3540-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2017-18344, CVE-2018-10675, CVE-2018-14634, CVE-2018-5391
SHA-256 | 633aabe29b1e0f5d6bf768e3c3ce4393d827ebe23a55fe636f36ccbc25c9b3d7
Silurus Classifieds Script 2.0 SQL Injection
Posted Nov 14, 2018
Authored by Ihsan Sencan

Silurus Classifieds Script version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bac6493c536e26987265ce53ec7f7d1f7282ec77a11020fd997ed9d315bdd100
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    0 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close