what you don't know can hurt you
Showing 1 - 25 of 27 RSS Feed

Files Date: 2019-02-18

Red Hat Security Advisory 2019-0367-01
Posted Feb 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0367-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.29 Service Pack 1 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.29, and includes bug fixes for CVEs which are linked to in the References section. Issues addressed include bypass, denial of service, null pointer, out of bounds write, traversal, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2017-15710, CVE-2017-15715, CVE-2018-0739, CVE-2018-1000168, CVE-2018-11759, CVE-2018-11763, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-1333
MD5 | 5914e90114ef4f2c7081a8afaed30780
Ubuntu Security Notice USN-3891-1
Posted Feb 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3891-1 - It was discovered that systemd incorrectly handled certain D-Bus messages. A local unprivileged attacker could exploit this in order to crash the init process, resulting in a system denial-of-service.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-6454
MD5 | 347d92e04f1ac6e5d4a305700cc98d16
Ubuntu Security Notice USN-3850-2
Posted Feb 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3850-2 - USN-3850-1 fixed several vulnerabilities in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM. Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. Various other issues were also addressed.

tags | advisory, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-0495, CVE-2018-12384, CVE-2018-12404
MD5 | 550bd66bfce61ba6685d7549da716d49
Red Hat Security Advisory 2019-0365-01
Posted Feb 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0365-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-14642
MD5 | 2be2da09fb2cd06655dee01a002304f6
Red Hat Security Advisory 2019-0361-01
Posted Feb 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0361-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. Issues addressed include stack overflow vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-16864, CVE-2018-16865
MD5 | 523f26d20691fc01d67553236bb8e3eb
Oracle Java Runtime Environment TTF Font Heap Out-Of-Bounds Read
Posted Feb 18, 2019
Authored by Google Security Research, mjurczyk

A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 while fuzz-testing the processing of TrueType fonts rendering in AlternateSubstitutionSubtable::process.

tags | exploit, java
MD5 | b638f363683e27c69a03b4345ce06c4f
Oracle Java Runtime Environment TTF Font Heap Out-Of-Bounds Read
Posted Feb 18, 2019
Authored by Google Security Research, mjurczyk

A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 while fuzz-testing the processing of TrueType fonts rendering in ExtractBitMap_blocClass.

tags | exploit, java
MD5 | 29c31d355f8a1212c89be8f95c56a750
Oracle Java Runtime Environment TTF Font Heap Out-Of-Bounds Read
Posted Feb 18, 2019
Authored by Google Security Research, mjurczyk

A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 while fuzz-testing the processing of TrueType fonts rendering in OpenTypeLayoutEngine::adjustGlyphPositions.

tags | exploit, java
MD5 | 44b1d7a8a3d751b214b9f70aab2957fd
Oracle Java Runtime Environment OpenType Font Heap Out-Of-Bounds Read
Posted Feb 18, 2019
Authored by Google Security Research, mjurczyk

A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 while fuzz-testing the processing of OpenType fonts.

tags | exploit, java
MD5 | 5131a27c80fb2148eac10f4c01318b88
HTMLy 2.7.4 Cross Site Scripting
Posted Feb 18, 2019
Authored by Omar Kurt | Site netsparker.com

HTMLy version 2.7.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-8349
MD5 | 9c2fae1f1a3125e338c33a0c3d901126
Comodo Dome Firewall 2.7.0 Cross Site Scripting
Posted Feb 18, 2019
Authored by Ozer Goker

Comodo Dome Firewall version 2.7.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 5e7745733f4787cab9bbbc7c018c2c42
macOS TCP/4444 Bind Shell Null Free Shellcode
Posted Feb 18, 2019
Authored by Ken Kitahara

123 bytes small macOS TCP/4444 /bin/sh binding null free shellcode.

tags | tcp, shellcode
MD5 | ca55449bd92fb552c8561d69b522630e
Debian Security Advisory 4388-2
Posted Feb 18, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4388-2 - Kushal Kumaran reported that the update for mosquitto issued as DSA 4388-1 causes mosquitto to crash when reloading the persistent database. Updated packages are now available to correct this issue.

tags | advisory
systems | linux, debian
MD5 | ef0a0b730868dfb57d273ff6d6fd0ca5
Master IP CAM 01 3.3.4.2103 Remote Command Execution
Posted Feb 18, 2019
Authored by Raffaele Sabato

Master IP CAM 01 version 3.3.4.2103 suffers from a remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2019-8387
MD5 | c52d6d75b01caff68b1bc84a984583ba
ArangoDB Community Edition 3.4.2-1 Cross Site Scripting
Posted Feb 18, 2019
Authored by Ozer Goker

ArangoDB Community Edition version 3.4.2-1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e7ebd0f7aa89a43efb9130c32cd8d7db
qdPM 9.1 Cross Site Scripting
Posted Feb 18, 2019
Authored by Mehmet Emiroglu

qdPM version 9.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-8390, CVE-2019-8391
MD5 | acfb25312890a6ee46a901dd42e38c61
Apache CouchDB 2.3.0 Cross Site Scripting
Posted Feb 18, 2019
Authored by Ozer Goker

Apache CouchDB version 2.3.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | e96dc647b95c5059349a2262bde12393
CMSsite 1.0 post.php SQL Injection
Posted Feb 18, 2019
Authored by Mr Winst0n

CMSsite version 1.0 suffers from a remote SQL injection vulnerability in post.php. This version of the software has been known to have SQL injection vulnerabilities since 2010.

tags | exploit, remote, php, vulnerability, sql injection
MD5 | 280cf3156e94b30f315f4f61a76a6531
mIRC Remote Command Execution
Posted Feb 18, 2019
Authored by Baptiste Devigne, Benjamin Chetioui

mIRC versions prior to 7.55 suffer from a remote command execution using argument injection through custom URI protocol handlers.

tags | exploit, remote, protocol
advisories | CVE-2019-6453
MD5 | 6b03c17a140390183e555131c0c6565b
Digi TransPort LR54 Restricted Shell Escape
Posted Feb 18, 2019
Authored by Stig Palmquist

Digi TransPort LR54 suffers from a restricted shell bypass vulnerability that gets a root shell.

tags | exploit, shell, root, bypass
advisories | CVE-2018-20162
MD5 | 896322aa0ccd273bc0ef57111661649e
Realterm Serial Termianl 2.0.0.70 Buffer Overflow
Posted Feb 18, 2019
Authored by Alejandra Sanchez

Realterm Serial Terminal version 2.0.0.70 local buffer overflow SEH exploit.

tags | exploit, overflow, local
MD5 | 6ae4e98f66359c8481538edfc7bd863a
Debian Security Advisory 4392-1
Posted Feb 18, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4392-1 - Multiple security issues have been found in the Thunderbird mail client, which could lead to the execution of arbitrary code, denial of service or spoofing of S/MIME signatures.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, debian
advisories | CVE-2018-18356, CVE-2018-18500, CVE-2018-18501, CVE-2018-18505, CVE-2018-18509, CVE-2019-5785
MD5 | 72eb49943de47e780e6bb6cc43b13415
MISP 2.4.97 SQL Injection / Command Injection
Posted Feb 18, 2019
Authored by Tm9jdGlz

MISP version 2.4.97 suffers from SQL command execution via command injection in the STIX module.

tags | exploit, sql injection
advisories | CVE-2018-19908
MD5 | 0349325981ba6a0c0b8cb7c488aa8cae
macOS execve(/bin/sh) Null Free Shellcode
Posted Feb 18, 2019
Authored by Ken Kitahara

31 bytes small macOS execve(/bin/sh) null free shellcode.

tags | shellcode
MD5 | a46c6490609a0e1e5d78f72f035e455c
macOS TCP Port 4444 IPv6 Shellcode
Posted Feb 18, 2019
Authored by Ken Kitahara

129 bytes small macOS TCP/4444 binding IPv6 shellcode.

tags | tcp, shellcode
MD5 | 9481adc70b673589edf48d6d89c0ae4f
Page 1 of 2
Back12Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    10 Files
  • 23
    Apr 23rd
    22 Files
  • 24
    Apr 24th
    4 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close