Twenty Year Anniversary
Showing 1 - 23 of 23 RSS Feed

Files Date: 2018-11-14

Atlassian Jira Authenticated Upload Code Execution
Posted Nov 14, 2018
Authored by Alexander Gonzalez | Site metasploit.com

This Metasploit module can be used to execute a payload on Atlassian Jira via the Universal Plugin Manager(UPM). The module requires valid login credentials to an account that has access to the plugin manager. The payload is uploaded as a JAR archive containing a servlet using a POST request against the UPM component. The check command will test the validity of user supplied credentials and test for access to the plugin manager.

tags | exploit
MD5 | cf80c47ca31e937db6c99f242138638c
Ubuntu Security Notice USN-3817-1
Posted Nov 14, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3817-1 - It was discovered that Python incorrectly handled large amounts of data. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. It was discovered that Python incorrectly handled running external commands in the shutil module. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2018-1000030, CVE-2018-1000802, CVE-2018-14647
MD5 | bda0cfe521f33d1b63239f522962f9bd
SwitchVPN For MacOS / Windows 2.1012.03 Man-In-The-Middle
Posted Nov 14, 2018
Authored by Bernd Leitner

SwitchVPN for MacOS and Windows version 2.1012.03 suffers from a man-in-the-middle vulnerability.

tags | exploit
systems | windows
MD5 | 153eca5a67151dfcc54cf29537fdf8d8
Microsoft Security Advisory Update CVE Addition
Posted Nov 14, 2018
Site microsoft.com

This Microsoft bulletin summary lists a new CVE that has been added to the November advisory.

tags | advisory
advisories | CVE-2018-8529
MD5 | 028ffe1734d1def1f3922da99ade75ba
Red Hat Security Advisory 2018-3601-01
Posted Nov 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3601-01 - OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fiber Channel, iSCSI, and NFS mounts attached to Compute nodes. Issues addressed include a failure to delete data.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2017-15139
MD5 | f5ed118fdc0a9adac8fd4edb6a26fd32
OCS Inventory NG ocsreports Shell Upload
Posted Nov 14, 2018
Authored by Simon Uvarov

OCS Inventory NG suffers from an ocsreports authenticated remote code execution vulnerability via a shell upload.

tags | exploit, remote, shell, code execution
advisories | CVE-2018-15537
MD5 | cdb899f87fd086c3c20bd02fe32b2495
Red Hat Security Advisory 2018-3600-01
Posted Nov 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3600-01 - The python-cryptography packages contain a Python Cryptographic Authority's cryptography library, which provides cryptographic primitives and recipes to Python developers. Issues addressed include a tag forgery vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2018-10903
MD5 | a79c131ad67e1fec236a2fb4689f7047
Alive Parish 2.0.4 File Upload / SQL Injection
Posted Nov 14, 2018
Authored by Ihsan Sencan

Alive Parish version 2.0.4 suffers from remote file upload and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, file upload
MD5 | d2b89a0fba49d3310072b02564c19b23
Maitra Mail Tracking System 1.7.2 SQL Injection / Database File Download
Posted Nov 14, 2018
Authored by Ihsan Sencan

Maitra Mail Tracking System version 1.7.2 suffers from remote SQL injection and database file download vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 86aba8317aa0330247caef28b3a1085e
Microsoft Security Update Summary For November 13, 2018
Posted Nov 14, 2018
Site microsoft.com

This Microsoft summary lists Microsoft security updates released for November 13, 2018.

tags | advisory
MD5 | 3c58076581e35e0c6653b47e13026c27
Microsoft Security Advisory Updates For November 13, 2018
Posted Nov 14, 2018
Site microsoft.com

This Microsoft advisory notification includes advisories released or updated on November 13, 2018.

tags | advisory
MD5 | ab2b6a3b5c94db84e6fb92d37be5fbd1
SIPve 0.0.2-R19 SQL Injection
Posted Nov 14, 2018
Authored by Ihsan Sencan

SIPve version 0.0.2-R19 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a352d2c6c1b7eb37ff5d978338811fe6
SwitchVPN For MacOS 2.1012.03 Privilege Escalation
Posted Nov 14, 2018
Authored by Bernd Leitner

SwitchVPN for MacOS version 2.1012.03 suffers from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2018-18860
MD5 | abf8d902b4bccd24f7ea7aa7bce8f63f
Red Hat Security Advisory 2018-3595-01
Posted Nov 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3595-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.5 serves as a replacement for Red Hat Single Sign-On 7.2.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2018-10894, CVE-2018-14627, CVE-2018-14655, CVE-2018-14657, CVE-2018-14658
MD5 | 1d178bee341c8c03fa56f7cd938f4018
Red Hat Security Advisory 2018-3593-01
Posted Nov 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3593-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.5 serves as a replacement for Red Hat Single Sign-On 7.2.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2018-10894, CVE-2018-14655, CVE-2018-14657, CVE-2018-14658
MD5 | 617d012a808e6fe3e69075e07de7a4a3
Webiness Inventory 2.3 SQL Injection
Posted Nov 14, 2018
Authored by Ihsan Sencan

Webiness Inventory version 2.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5175ce0c9b2c4dfb32446cd6821ad960
Webiness Inventory 2.3 Cross Site Request Forgery / Shell Upload
Posted Nov 14, 2018
Authored by Ihsan Sencan

Webiness Inventory version 2.3 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
MD5 | bd7157f05c3f52197726bb5053d678ba
Red Hat Security Advisory 2018-3592-01
Posted Nov 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3592-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.5 serves as a replacement for Red Hat Single Sign-On 7.2.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2018-10894, CVE-2018-14655, CVE-2018-14657, CVE-2018-14658
MD5 | 8419f7c3a8d5aba61247e3a80fd41d78
Red Hat Security Advisory 2018-3591-01
Posted Nov 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3591-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2017-18344, CVE-2018-14634
MD5 | 4cf33ed3b32c329de89d3cc482fad8e0
ClipperCMS 1.3.3 Cross Site Request Forgery
Posted Nov 14, 2018
Authored by Ameer Pornillos

ClipperCMS version 1.3.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-19135
MD5 | aa617eb5bcbb64caea4901d06901238e
Red Hat Security Advisory 2018-3590-01
Posted Nov 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3590-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2017-18344, CVE-2018-10675, CVE-2018-14634, CVE-2018-5391
MD5 | f3b2f4a7bc4090c24c90b794c9286d0b
Red Hat Security Advisory 2018-3540-01
Posted Nov 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3540-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2017-18344, CVE-2018-10675, CVE-2018-14634, CVE-2018-5391
MD5 | b12ec851a6d66d3ef00ce2d0b853d7bf
Silurus Classifieds Script 2.0 SQL Injection
Posted Nov 14, 2018
Authored by Ihsan Sencan

Silurus Classifieds Script version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1d09ba734a8e3ba85a509437e70c7e25
Page 1 of 1
Back1Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    11 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close