what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2019-04-17

LibreOffice Macro Code Execution
Posted Apr 17, 2019
Authored by Alex Infuhr, Shelby Pace | Site metasploit.com

This Metasploit module generates an ODT file with a mouse over event that when triggered, will execute arbitrary code.

tags | exploit, arbitrary
advisories | CVE-2018-16858
SHA-256 | 1dbac9bc01a0968e5bd4defcfd3239c6f9cf90dfee38c29c3ff6560e99041d79
Gentoo Linux Security Advisory 201904-19
Posted Apr 17, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201904-19 - Multiple vulnerabilities have been found in Dovecot, the worst of which could result in root privilege escalation. Versions less than 2.3.5.1 are affected.

tags | advisory, root, vulnerability
systems | linux, gentoo
advisories | CVE-2019-3814, CVE-2019-7524
SHA-256 | ce3244367b87fcc80f3c1b30e2cd4f8e11bb766839c1f9b30ca32d7fdfb24186
Red Hat Security Advisory 2019-0782-01
Posted Apr 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0782-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Issues addressed include code execution and deserialization vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-11307, CVE-2018-12022, CVE-2018-12023, CVE-2018-14718, CVE-2018-14719, CVE-2018-14720, CVE-2018-14721, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362
SHA-256 | 112695995622cdf7982b5f45e341346c6fb131743373fd9b1ae6014aa1e901cf
Gentoo Linux Security Advisory 201904-18
Posted Apr 17, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201904-18 - A vulnerability in libseccomp allows for privilege escalation. Versions less than 2.4.0 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2019-9893
SHA-256 | 64c1326aba6403a74d274fc18185006fe5f5afbae867aee8378ac38680d7a2d1
Ubuntu Security Notice USN-3914-2
Posted Apr 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3914-2 - USN-3914-1 fixed vulnerabilities in NTFS-3G. As an additional hardening measure, this update removes the setuid bit from the ntfs-3g binary. A heap buffer overflow was discovered in NTFS-3G when executing it with a relative mount point path that is too long. A local attacker could potentially exploit this to execute arbitrary code as the administrator. Various other issues were also addressed.

tags | advisory, overflow, arbitrary, local, vulnerability
systems | linux, ubuntu
SHA-256 | 208c409ec12a3be377bfbf3abfb46eedd2b6704c6b56af1b820f340b4d82ca5c
Gentoo Linux Security Advisory 201904-17
Posted Apr 17, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201904-17 - Multiple vulnerabilities have been found in Patch, the worst of which could result in the execution of arbitrary code. Versions less than 2.7.6-r3 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-1000156, CVE-2018-6951, CVE-2018-6952
SHA-256 | f611d1465ff71c629377f0a946b29349fec276e2a4cc800e95134e1952531f7a
Oracle Java Runtime Environment GlyphIterator::setCurrGlyphID Heap Corruption
Posted Apr 17, 2019
Authored by Google Security Research, mjurczyk

A heap corruption was observed in Oracle Java Runtime Environment version 8u202 (latest at the time of this writing) while fuzz-testing the processing of TrueType fonts.

tags | exploit, java
advisories | CVE-2019-2698
SHA-256 | 3c3d35dfc5426eaa61ae91b3e754f6e09c909445eb2f9484504d724fdedd1db5
Oracle Java Runtime Environment sc_FindExtrema4 Heap Corruption
Posted Apr 17, 2019
Authored by Google Security Research, mjurczyk

A heap corruption was observed in Oracle Java Runtime Environment version 8u202 (latest at the time of this writing) while fuzz-testing the processing of TrueType, implemented in a proprietary t2k library.

tags | exploit, java
advisories | CVE-2019-2697
SHA-256 | cc1fdb072ca05f2a5b04c3cb9301fdc0fce66245b901c57e61aba6f76f5054ec
OAMbuster Multi-Threaded CVE-2018-2879 Scanner
Posted Apr 17, 2019
Authored by redtimmysec | Site github.com

OAMbuster is a multi-threaded exploit for CVE-2018-2879.

tags | exploit
advisories | CVE-2018-2879
SHA-256 | b68302c74939716ec55aa081bbd6419f01985352ca4eb583f4c9417195876784
Red Hat Security Advisory 2019-0778-01
Posted Apr 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0778-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a slow conversion of BigDecimal to long.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-2602, CVE-2019-2684
SHA-256 | 5396f45bea3eb627c49258ab5c0f3243ea17dadc19e1cff73a3d79b2fa5fafbe
Red Hat Security Advisory 2019-0775-01
Posted Apr 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0775-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an out of bounds access vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-2602, CVE-2019-2684, CVE-2019-2698
SHA-256 | df87c0ca20994cd8b674294e7f0975316462269c1e290da4858ed6b852bad9ee
Red Hat Security Advisory 2019-0774-01
Posted Apr 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0774-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an out of bounds access vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-2602, CVE-2019-2684, CVE-2019-2698
SHA-256 | 05356c5064fc4c8320d6377262fbc8e7390666bc1448496fc0e517de3bdc1ade
Debian Security Advisory 4433-1
Posted Apr 17, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4433-1 - Several vulnerabilities have been discovered in the Rubygems included in the interpreter for the Ruby language, which may result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability, ruby
systems | linux, debian
advisories | CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325
SHA-256 | e3199047134c8bcfe7382ed803154e3f50c1ae57b7e6b37aef6f86cfedc00a6d
Debian Security Advisory 4432-1
Posted Apr 17, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4432-1 - Cedric Buissart discovered two vulnerabilities in Ghostscript, the GPL PostScript/PDF interpreter, which could result in bypass of file system restrictions of the dSAFER sandbox.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2019-3835, CVE-2019-3838
SHA-256 | 51784f8be1c1e386af3b69b6266e3d0c02983e49cdfd148d34f4341856f0003c
Ubuntu Security Notice USN-3918-4
Posted Apr 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3918-4 - USN-3918-1 fixed vulnerabilities in Firefox. The update caused web compatibility and performance issues with some websites. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, denial of service via successive FTP authorization prompts or modal alerts, trick the user with confusing permission request prompts, obtain sensitive information, conduct social engineering attacks, or execute arbitrary code. A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disabled. If a user were tricked in to opening a specially crafted website with Spectre mitigations disabled, an attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. It was discovered that Upgrade-Insecure-Requests was incorrectly enforced for same-origin navigation. An attacker could potentially exploit this to conduct man-in-the-middle attacks. Various other issues were also addressed.

tags | advisory, web, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-9791, CVE-2019-9793, CVE-2019-9799, CVE-2019-9803, CVE-2019-9808
SHA-256 | 5b4f9b2b76b002e143884e0796cad669d48126daf811297c19395adffd7ed1c4
DHCP Server 2.5.2 Denial Of Service
Posted Apr 17, 2019
Authored by Victor Mondragon

DHCP Server version 2.5.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 60761f6a7cd8f8932e61462c57456faaef43add0623b17e39ba208e5aac27e5a
ASUS HG100 Denial Of Service
Posted Apr 17, 2019
Authored by Yint Wang

ASUS HG100 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2018-11492
SHA-256 | 118b077cce2f6f305f8ed7084fa284e217f384e8566233b52b812c3044df38bf
WordPress Download Manager 2.9.93 Cross Site Scripting
Posted Apr 17, 2019
Authored by ThuraMoeMyint

WordPress Download Manager plugin version 2.9.93 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 58e68c5aaf1ba7d33419334c5f36d1609261c0030b7568b509908ebe57ea2a83
2 Plan Team 1.0.4 Cross Site Scripting
Posted Apr 17, 2019
Authored by indoushka

2 Plan Team version 1.0.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 63b3003eb85af737cdd929e522c0be77dc9128f2cd9afe32efc316e4b8e52599
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close