what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

Files Date: 2018-11-20

VMware Security Advisory 2018-0029
Posted Nov 20, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0029 - vSphere Data Protection (VDP) updates address multiple security issues.

tags | advisory
advisories | CVE-2018-11066, CVE-2018-11067, CVE-2018-11076, CVE-2018-11077
MD5 | a13b05da406af20fd576764026e2c0d7
CarolinaCon 15 Call For Papers
Posted Nov 20, 2018
Site carolinacon.org

The 15th CarolinaCon will be hosted in Charlotte at the Renaissance Charlotte Suites April 26th through the 28th in 2019.

tags | paper, conference
MD5 | d9eff78eb0616cc4e51fbbf1ade39942
Richfaces 3.x Remote Code Execution
Posted Nov 20, 2018
Authored by Joao F M Figueiredo

Richfaces version 3.x suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-14667
MD5 | 4427edfb92d2e0dd973927a4785c6b81
Debian Security Advisory 4341-1
Posted Nov 20, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4341-1 - Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.1.37.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2017-10268, CVE-2017-10378, CVE-2017-15365, CVE-2018-2562, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2665, CVE-2018-2668, CVE-2018-2755, CVE-2018-2761, CVE-2018-2766, CVE-2018-2767, CVE-2018-2771, CVE-2018-2781, CVE-2018-2782, CVE-2018-2784, CVE-2018-2787, CVE-2018-2813, CVE-2018-2817, CVE-2018-2819, CVE-2018-3058, CVE-2018-3063, CVE-2018-3064, CVE-2018-3066, CVE-2018-3081, CVE-2018-3143, CVE-2018-3156
MD5 | fc306a198a645996743e5878aaf89086
Red Hat Security Advisory 2018-2908-01
Posted Nov 20, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2908-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.9.51. Issues addressed include a crash vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-14632
MD5 | b5a76f504049616fb49229cd330ad427
ACM CCS 2019 Call For Papers
Posted Nov 20, 2018
Site ccs2019.sigsac.org

The 26th ACM Conference on Computer and Communications Security will take place in London, UK, November 11th through the 15th, 2019. The Conference on Computer and Communications Security (CCS) seeks submissions presenting novel contributions related to all real-world aspects of computer security and privacy. Theoretical papers must make a convincing case for the relevance of their results to practice. Authors are encouraged to write the abstract and introduction of their paper in a way that makes the results accessible and compelling to a general computer-security researcher. In particular, authors should bear in mind that anyone on the program committee may be asked to give an opinion about any paper.

tags | paper, conference
MD5 | a24c626f168ab9d55ba065750ed9dbce
Zoho ManageEngine OpManager 12.3 Cross Site Scripting
Posted Nov 20, 2018
Authored by Murat Aydemir

Zoho ManageEngine OpManager versions 12.3 before build 123223 have a cross site scripting vulnerability via the updateWidget API.

tags | advisory, xss
advisories | CVE-2018-19288
MD5 | 5bc1cd2ea752443b86b3347aff7824ff
Debian Security Advisory 4340-1
Posted Nov 20, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4340-1 - An out-of-bounds bounds memory access issue was discovered in chromium's v8 javascript library by cloudfuzzer.

tags | advisory, javascript
systems | linux, debian
advisories | CVE-2018-17478
MD5 | bfd24298c65684c48f7dfd5a9793a54e
ELBA5 Electronic Banking Remote Code Execution
Posted Nov 20, 2018
Authored by Florian Bogner

ELBA5 Network Installation versions prior to 5.8.1 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | ba7788fdf0fa27e278488d4097dc9a62
Microsoft Windows Unnamed Kernel Object Privilege Escalation
Posted Nov 20, 2018
Authored by James Forshaw, Google Security Research

Microsoft Windows 10 1803 and 1809 have an issue with unnamed kernel object creation. It's possible to default the security descriptor owner or mandatory label to the value from an Identification level impersonation token leading to elevation of privilege.

tags | exploit, kernel
systems | windows
MD5 | ef10a4d238e0690bde490f41457b96fe
Microsoft Windows DfMarshal Unsafe Unmarshaling Privilege Escalation
Posted Nov 20, 2018
Authored by James Forshaw, Google Security Research

Microsoft Windows 10 1803 suffers from a DfMarshal unsafe unmarshaling elevation of privilege vulnerability.

tags | exploit
systems | windows
advisories | CVE-2018-8550
MD5 | 09ad3ab8d6e51e9b91013505bdb58986
macOS 10.13 workq_kernreturn Denial Of Service
Posted Nov 20, 2018
Authored by Fabiano Anemone

macOS version 10.13 workq_kernreturn denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | f4f5e8b2df78998f0e595a8f21d1072e
ImageMagick Memory Leak
Posted Nov 20, 2018
Authored by barracud4

ImageMagick versions prior to 7.0.8-9 suffers from a memory leak vulnerability.

tags | exploit, memory leak, info disclosure
advisories | CVE-2018-16323
MD5 | 482e9c431cd68a68cdd9e40a6053a6a8
Ticketly 1.0 Cross Site Request Forgery
Posted Nov 20, 2018
Authored by Javier Olmedo

Ticketly version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | ac5f9df402a3aad1f61107be9ccd6ebc
Ubuntu Security Notice USN-3816-2
Posted Nov 20, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3816-2 - USN-3816-1 fixed several vulnerabilities in systemd. However, the fix for CVE-2018-6954 was not sufficient. This update provides the remaining fixes. Jann Horn discovered that unit_deserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. Jann Horn discovered a race condition in chown_one. A local attacker could potentially exploit this by setting arbitrary permissions on certain files to obtain root privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. It was discovered that systemd-tmpfiles mishandled symlinks in non-terminal path components. A local attacker could potentially exploit this by gaining ownership of certain files to obtain root privileges. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, arbitrary, local, root, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-15686, CVE-2018-15687, CVE-2018-6954
MD5 | 90d52b61ecc5f6f5a4a47d93591f9c28
Ricoh myPrint Hardcoded Credentials / Information Disclosure
Posted Nov 20, 2018
Authored by Hodorsec

Ricoh myPrint suffers from hardcoded application credential and information disclosure vulnerabilities. The myPrint windows client version 2.9.2.4 and myPrint android client version 2.2.7 are both affected.

tags | exploit, vulnerability, info disclosure
systems | windows
advisories | CVE-2018-18006
MD5 | 4d051bae92eaadb5058aaec46aca59d2
Page 1 of 1
Back1Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    1 Files
  • 17
    Nov 17th
    3 Files
  • 18
    Nov 18th
    22 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close