what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2019-01-24

CA AWI 12.0 / 12.1 / 12.2 Cross Site Scripting
Posted Jan 24, 2019
Authored by Marc Nimmerrichte | Site sec-consult.com

CA Automic Workload Automation Web Interface versions 12.0, 12.1, and 12.2 suffer from cross site scripting vulnerabilities.

tags | exploit, web, vulnerability, xss
advisories | CVE-2019-6504
SHA-256 | c31a0d7f43b1fc69972bfcf43db6eacf665be4a8ff535f86886fe96b5634cd57
Endian Firewall Community release 3.3.0 Cross Site Scripting
Posted Jan 24, 2019
Authored by Ozer Goker

Endian Firewall Community release version 3.3.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 77efbdae60d700d9006292a6073020971d2b9a1fb71fff2e7ebb7addbe8101d3
CA Automic Workload Automation 12.x Cross Site Scripting
Posted Jan 24, 2019
Authored by Ken Williams, Marc Nimmerrichte | Site www3.ca.com

CA Technologies Support is alerting customers to a potential risk with CA Automic Workload Automation Automic Web Interface (AWI). A vulnerability exists that can allow an attacker to potentially conduct persistent cross site scripting (XSS) attacks. The vulnerability has a medium risk rating and concerns insufficient output sanitization, which can allow an attacker to potentially conduct persistent cross site scripting (XSS) attacks. Versions 12.0, 12.1 and 12.2 are affected.

tags | advisory, web, xss
advisories | CVE-2019-6504
SHA-256 | 2d0f5efc3794a546ccb3a1a16e6a7ffb08045f0e8c7fd8e494d47a2b7001e01d
Red Hat Security Advisory 2019-0160-01
Posted Jan 24, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0160-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.4.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-12405, CVE-2018-17466, CVE-2018-18492, CVE-2018-18493, CVE-2018-18494, CVE-2018-18498
SHA-256 | 0eab7472c7f430ba1c73c0806d5414fccb11a327c2106d82bf61ac2ec3906bbf
Ubuntu Security Notice USN-3868-1
Posted Jan 24, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3868-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same-origin restrictions, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-12389, CVE-2018-12405, CVE-2018-18494
SHA-256 | 85233d2f28c9005d6f996d2675c0d1f4b94b69c26083039521f3cc4a116d3f42
Ubuntu Security Notice USN-3869-1
Posted Jan 24, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3869-1 - Ivan Zhakov discovered that Subversion incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-11803
SHA-256 | 74ce9c4546b2646e8f35d2590f209dd0480300722e89c38524888e895003b6af
Red Hat Security Advisory 2019-0159-01
Posted Jan 24, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0159-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.4.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-12405, CVE-2018-17466, CVE-2018-18492, CVE-2018-18493, CVE-2018-18494, CVE-2018-18498
SHA-256 | 4b293c377b9c126c1f64c864bad6bb138798a4a720559e51bba799a78c547adc
Splunk Enterprise 7.2.3 Command Execution
Posted Jan 24, 2019
Authored by Lee Mazzoleni

Splunk Enterprise version 7.2.3 authenticated remote reverse shell code execution exploit.

tags | exploit, remote, shell, code execution
SHA-256 | b6118470c9d2715eff34c6d16eae7f5de6cc9ad08abf24dee9adf93603da43c9
MySQL User-Defined (Linux) x32 / x86_64 sys_exec Local Privilege Escalation
Posted Jan 24, 2019
Authored by D7X

MySQL user-defined (Linux) x32 / x86_64 sys_execfunction local privilege escalation exploit. Can be leveraged against versions 4.x and 5.x.

tags | exploit, local
systems | linux
SHA-256 | e02a501fdb4102e5f71e848ff9b84f09cf44dd7eb311fd41c2c28f7b0c71ba5b
SirsiDynix e-Library 3.5.x Cross Site Scripting
Posted Jan 24, 2019
Authored by Ozkan Mustafa Akkus

SirsiDynix e-Library version 3.5.x suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-20503
SHA-256 | ff68cc093cad71b3daf1be92223c3d972c0471970400b0371cd0c0dce3e39c4d
Logwatch 7.5.1
Posted Jan 24, 2019
Site sourceforge.net

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | 9d4a00625065f25058f8966e7fb11f9f72db25507b4dd9c05f57e14447c33295
Cisco RV320 Command Injection
Posted Jan 24, 2019
Site redteam-pentesting.de

RedTeam Pentesting discovered a command injection vulnerability in the web-based certificate generator feature of the Cisco RV320 router. Versions 1.4.2.15 through 1.4.2.19 are affected. Fixed in version 1.4.2.20.

tags | exploit, web
systems | cisco
advisories | CVE-2019-1652
SHA-256 | 0ef1e407d0628e9e533465222b68937646fa1649db7cb36d50953a7f19722bfc
Cisco RV320 Unauthenticated Diagnostic Data Retrieval
Posted Jan 24, 2019
Site redteam-pentesting.de

RedTeam Pentesting discovered that the Cisco RV320 router exposes sensitive diagnostic data without authentication through the device's web interface. Versions affected include 1.4.2.15 and 1.4.2.17.

tags | exploit, web
systems | cisco
advisories | CVE-2019-1653
SHA-256 | fdf7195ccf0d6541be985c8d496c6247eb5c5e6f97854845e3c59933dda9393d
Cisco RV320 Unauthenticated Configuration Export
Posted Jan 24, 2019
Site redteam-pentesting.de

RedTeam Pentesting discovered that the configuration of a Cisco RV320 router may be exported without authentication through the device's web interface. Affected versions include 1.4.2.15 and 1.4.2.17.

tags | exploit, web
systems | cisco
advisories | CVE-2019-1653
SHA-256 | 942511fa9b0bd63bd49cf08b8956b08f9864c3d173a12a505da9fb6a9e650162
RVAsec 2019 Call For Papers
Posted Jan 24, 2019
Site rvasec.com

RVAsec is a Richmond, VA based security convention that brings top industry speakers to the Mid-Atlantic region. In its seventh year, RVAsec 2018 attracted over 650 security professionals from across the country. For 2019, the conference is a two day and three track format, with a mixed focus on technical and management/business presentations. It will take place May 22nd through the 23rd, 2019 in Richmond, VA, USA.

tags | paper, conference
SHA-256 | 8974d2d1e248d9eb8b49d845d9b6a320091e9741f834a83e500764e6494e4e41
ImpressCMS 1.3.11 SQL Injection
Posted Jan 24, 2019
Authored by Mehmet Onder Key

ImpressCMS version 1.3.11 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1f92f65e0c60882962f5d6c4b59a7be2a58d708a412519adac5add21a7aa75f5
iOS / macOS task_swap_mach_voucher() Use-After-Free
Posted Jan 24, 2019
Authored by Google Security Research, bazad

task_swap_mach_voucher() on iOS and macOS have an issue where task_swap_mach_voucher() does not respect MIG semantics leading to a use-after-free condition.

tags | exploit
systems | ios
advisories | CVE-2019-6225
SHA-256 | 0257494f6d9310ec9e5e1c1bff8a123fa3b6a565f2650f06da253e0be3adc7d9
Joomla! JHotelReservation 6.0.7 SQL Injection
Posted Jan 24, 2019
Authored by Ihsan Sencan

Joomla! JHotelReservation component version 6.0.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 71bbbd422a50115ccae68970ba8ebbb037ca2c595d01f4140f3fe66d00ab553f
SimplePress CMS 1.0.7 SQL Injection
Posted Jan 24, 2019
Authored by Ihsan Sencan

SimplePress CMS version 1.0.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e91ac0660822282233ba8b9afbf5a76f5e229a4cd923cee40aa9ea396c881780
Joomla! J-CruisePortal 6.0.4 SQL Injection
Posted Jan 24, 2019
Authored by Ihsan Sencan

Joomla! J-CruisePortal component version 6.0.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 934189203d36a345c740a8b0b0b518efbff60aad27bea4d29b6201ca662c00f9
Zyxel NBG-418N V2 Cross Site Request Forgery
Posted Jan 24, 2019
Authored by Ali Can Gonullu

Zyxel NBG-418N V2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2019-6710
SHA-256 | 273ea7ce7048197b7fbc31dcebdd94bb1be4a46fc0191bdaefa68ce14fdfd2fa
Microsoft Remote Desktop 10.2.4(134) Denial Of Service
Posted Jan 24, 2019
Authored by Saeed Hasanzadeh

Microsoft Remote Desktop version 10.2.4(134) suffers from a denial of service vulnerability.

tags | exploit, remote, denial of service
SHA-256 | ac0c640d52dcc258a6aa28bc43a4fe07bbdb15e0060ed37aa64a2dd1e1f34dde
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close