what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2018-11-20

VMware Security Advisory 2018-0029
Posted Nov 20, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0029 - vSphere Data Protection (VDP) updates address multiple security issues.

tags | advisory
advisories | CVE-2018-11066, CVE-2018-11067, CVE-2018-11076, CVE-2018-11077
SHA-256 | aacb4dd9106cc15bfa2907b119b7dd2200b2ee1142ba0840d5ada8a616b19fea
CarolinaCon 15 Call For Papers
Posted Nov 20, 2018
Site carolinacon.org

The 15th CarolinaCon will be hosted in Charlotte at the Renaissance Charlotte Suites April 26th through the 28th in 2019.

tags | paper, conference
SHA-256 | e03558c7fde29e8024e19e5ad9431825afdf3cb6342d6760a24a89515bbf78cb
Richfaces 3.x Remote Code Execution
Posted Nov 20, 2018
Authored by Joao F M Figueiredo

Richfaces version 3.x suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-14667
SHA-256 | 5dfbb32d43674a8fbcf00a8b17109c6edc2aa21bc7c6922d64c36ba5c89fcce7
Debian Security Advisory 4341-1
Posted Nov 20, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4341-1 - Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.1.37.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2017-10268, CVE-2017-10378, CVE-2017-15365, CVE-2018-2562, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2665, CVE-2018-2668, CVE-2018-2755, CVE-2018-2761, CVE-2018-2766, CVE-2018-2767, CVE-2018-2771, CVE-2018-2781, CVE-2018-2782, CVE-2018-2784, CVE-2018-2787, CVE-2018-2813, CVE-2018-2817, CVE-2018-2819, CVE-2018-3058, CVE-2018-3063, CVE-2018-3064, CVE-2018-3066, CVE-2018-3081, CVE-2018-3143, CVE-2018-3156
SHA-256 | 6012d6608a8e39d63c4780f2f51b5e411e53300f77e36d5d48c2b03f21fd8505
Red Hat Security Advisory 2018-2908-01
Posted Nov 20, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2908-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.9.51. Issues addressed include a crash vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-14632
SHA-256 | 25b280602b240ceeef62c7dae530b2f48bab0276848c0915c3be3852168acec8
ACM CCS 2019 Call For Papers
Posted Nov 20, 2018
Site ccs2019.sigsac.org

The 26th ACM Conference on Computer and Communications Security will take place in London, UK, November 11th through the 15th, 2019. The Conference on Computer and Communications Security (CCS) seeks submissions presenting novel contributions related to all real-world aspects of computer security and privacy. Theoretical papers must make a convincing case for the relevance of their results to practice. Authors are encouraged to write the abstract and introduction of their paper in a way that makes the results accessible and compelling to a general computer-security researcher. In particular, authors should bear in mind that anyone on the program committee may be asked to give an opinion about any paper.

tags | paper, conference
SHA-256 | 93cbddcc9c0541fe52d6729e094adee59128be4ab071d1d3bae6c3ae9887ad3b
Zoho ManageEngine OpManager 12.3 Cross Site Scripting
Posted Nov 20, 2018
Authored by Murat Aydemir

Zoho ManageEngine OpManager versions 12.3 before build 123223 have a cross site scripting vulnerability via the updateWidget API.

tags | advisory, xss
advisories | CVE-2018-19288
SHA-256 | 4f3c08804393e70f710c96815caa8549c3dc5e71017eeb4012d2c44a6bb278d1
Debian Security Advisory 4340-1
Posted Nov 20, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4340-1 - An out-of-bounds bounds memory access issue was discovered in chromium's v8 javascript library by cloudfuzzer.

tags | advisory, javascript
systems | linux, debian
advisories | CVE-2018-17478
SHA-256 | 3ead61ae2113a5574f5818ccb7a00c49dbd911e5317b2b6ffca4c438cd77e3c1
ELBA5 Electronic Banking Remote Code Execution
Posted Nov 20, 2018
Authored by Florian Bogner

ELBA5 Network Installation versions prior to 5.8.1 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 2f87672da6e269f7bb6d0be7c8df2890794563b177a0b3ec39152e33c0cfe1e7
Microsoft Windows Unnamed Kernel Object Privilege Escalation
Posted Nov 20, 2018
Authored by James Forshaw, Google Security Research

Microsoft Windows 10 1803 and 1809 have an issue with unnamed kernel object creation. It's possible to default the security descriptor owner or mandatory label to the value from an Identification level impersonation token leading to elevation of privilege.

tags | exploit, kernel
systems | windows
SHA-256 | fb9584f4d9fbcd0538fdc2a5adb39ca01034b95d7ea2db9584cbde35e0f112ae
Microsoft Windows DfMarshal Unsafe Unmarshaling Privilege Escalation
Posted Nov 20, 2018
Authored by James Forshaw, Google Security Research

Microsoft Windows 10 1803 suffers from a DfMarshal unsafe unmarshaling elevation of privilege vulnerability.

tags | exploit
systems | windows
advisories | CVE-2018-8550
SHA-256 | f3d8b80ceebd239ef1a439cec5530651178de5ea0d7a4a0abe71c74e48185b64
macOS 10.13 workq_kernreturn Denial Of Service
Posted Nov 20, 2018
Authored by Fabiano Anemone

macOS version 10.13 workq_kernreturn denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | c0d719627a62bd9c9a802343bdd5548be3f38127a565a13b3f7be80e85fae7ca
ImageMagick Memory Leak
Posted Nov 20, 2018
Authored by barracud4

ImageMagick versions prior to 7.0.8-9 suffers from a memory leak vulnerability.

tags | exploit, memory leak, info disclosure
advisories | CVE-2018-16323
SHA-256 | 0c129a7d0e1c74e1dec309a8b8bd9775dfd645ba0275f583fdec9c5ac60f5392
Ticketly 1.0 Cross Site Request Forgery
Posted Nov 20, 2018
Authored by Javier Olmedo

Ticketly version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 735484e28b65b8a20cedc6bbdcd7daaeb7b21e1f2b3e42deede05f8211ad32b9
Ubuntu Security Notice USN-3816-2
Posted Nov 20, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3816-2 - USN-3816-1 fixed several vulnerabilities in systemd. However, the fix for CVE-2018-6954 was not sufficient. This update provides the remaining fixes. Jann Horn discovered that unit_deserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. Jann Horn discovered a race condition in chown_one. A local attacker could potentially exploit this by setting arbitrary permissions on certain files to obtain root privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. It was discovered that systemd-tmpfiles mishandled symlinks in non-terminal path components. A local attacker could potentially exploit this by gaining ownership of certain files to obtain root privileges. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, arbitrary, local, root, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-15686, CVE-2018-15687, CVE-2018-6954
SHA-256 | eb71de28a7d0a6a7812f411191e7266a1699b349c54bd396dd6e5120e7f392c4
Ricoh myPrint Hardcoded Credentials / Information Disclosure
Posted Nov 20, 2018
Authored by Hodorsec

Ricoh myPrint suffers from hardcoded application credential and information disclosure vulnerabilities. The myPrint windows client version 2.9.2.4 and myPrint android client version 2.2.7 are both affected.

tags | exploit, vulnerability, info disclosure
systems | windows
advisories | CVE-2018-18006
SHA-256 | ecf580b9a434a73107f0ba5a72c008e086a0dd48d9c43c99626d47b2773c9b0d
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close