what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-05-28

pfSense 2.4.4-p3 Cross Site Scripting
Posted May 28, 2019
Authored by Chi Tran

pfSense version 2.4.4-p3 with ACMEPackage version 0.5.7_1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-12347
SHA-256 | 2cd8d35a1df97b628a3715b79cd50b0ba64578d7266d3a4f9fa2b30053971fa7
GNU Privacy Guard 2.2.16
Posted May 28, 2019
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: Multiple bug fixes.
tags | tool, encryption
SHA-256 | 6cbe8d454bf5dc204621eed3016d721b66298fa95363395bb8eeceb1d2fd14cb
Packet Fence 9.0.1
Posted May 28, 2019
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Improved display of RADIUS audit log from RADIUS tab. Added -copy to the ID when cloning a configuration resource. Various other additions.
tags | tool, remote
systems | unix
SHA-256 | a2cc1e393db460c66f6b0df1d5ec8d1078b860cdc1c3397b61edea338fd1be47
OpenSSL Toolkit 1.1.1c
Posted May 28, 2019
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Added build tests for C++. Enabled SHA3 pre-hashing for ECDSA and DSA. Various other updates.
tags | tool, encryption, protocol
systems | unix
SHA-256 | f6fb3079ad15076154eda9413fed42877d668e7069d9b87396d0804fdb3f4c90
Ubuntu Security Notice USN-3995-1
Posted May 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3995-1 - It was discovered that Keepalived incorrectly handled certain HTTP status response codes. A remote attacker could use this issue to cause Keepalived to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-19115
SHA-256 | c0dc9161b56ac48d55fb115a08e9b77ff54c8e156710a2d28f705f1b9214d473
VFront 0.99.5 Persistent Cross Site Scripting
Posted May 28, 2019
Authored by Omer Citak | Site netsparker.com

VFront version 0.99.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-9838
SHA-256 | 19ea0e081b2e83830a6b066096c11d04dcc0acec966ec97d6377681e36ca6c9b
VFront 0.99.5 Reflective Cross Site Scripting
Posted May 28, 2019
Authored by Omer Citak | Site netsparker.com

VFront version 0.99.5 suffers from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-9839
SHA-256 | 0d216805ffd29114e6cd997888f40343e29ba2dc8cd90edfb1e67454e391efa7
Ubuntu Security Notice USN-3994-1
Posted May 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3994-1 - It was discovered that gnome-desktop incorrectly confined thumbnailers. If a user were tricked into downloading a malicious image file, a remote attacker could possibly combine this issue with another vulnerability to escape the sandbox and execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-11460
SHA-256 | 1018f3ae838baa4f9ba594a0b9922da811a898b5eaaf8c3eec81bdfd8ba76ec9
Ubuntu Security Notice USN-3976-3
Posted May 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3976-3 - USN-3976-1 fixed a vulnerability in Samba. The update introduced a regression causing Samba to occasionally crash. This update fixes the problem. Isaac Boukris and Andrew Bartlett discovered that Samba incorrectly checked S4U2Self packets. In certain environments, a remote attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
SHA-256 | 2a6abbec95c2938afeecb24ee0db16ac0d47ad6913da4ca13ae8d7aedadaaf4a
Phraseanet DAM Cross Site Scripting
Posted May 28, 2019
Authored by Krzysztof Szulski

Phraseanet DAM versions prior to 4.0.7 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 166ef462121e291f4d59faf8c6bdd8b7ee79a5052d276c5dcd95b72688d80a88
Petraware pTransformer ADC SQL Injection
Posted May 28, 2019
Authored by Faudhzan Rahman

Petraware pTransformer ADC versions prior to 2.1.7.22827 suffer from a remote SQL injection vulnerability that allows for login bypass.

tags | exploit, remote, sql injection
advisories | CVE-2019-12372
SHA-256 | be5cf0e4686ee81291a49394c74a1db3d5f2794df10cc646e837e51258c6be83
EquityPandit 1.0 Password Disclosure
Posted May 28, 2019
Authored by ManhNho

EquityPandit version 1.0 suffers from a password disclosure vulnerability.

tags | exploit
SHA-256 | 649dff8b67659a326f609de4bbb014349e6ad8991c8d9fb2adbe102234e64654
Spidermonkey IonMonkey JS_OPTIMIZED_OUT Value Leak
Posted May 28, 2019
Authored by saelo, Google Security Research

Spidermonkey IonMonkey can, during a bailout, leak an internal JS_OPTIMIZED_OUT magic value to the running script. This magic value can then be used to achieve memory corruption.

tags | exploit
advisories | CVE-2019-9792
SHA-256 | 21e617fce84dfd81b604a208a22a2b6eddb28a37714ca8e794f2f450afc722a0
JavaScript V8 Turbofan Out-Of-Bounds Read
Posted May 28, 2019
Authored by saelo, Google Security Research

JavaScript V8 Turbofan may read a Map pointer out-of-bounds when optimizing Reflect.construct.

tags | advisory, javascript
SHA-256 | d311bfc7e073e0c75b323b15851c846fd853b8cc1624285339ab7bbf990ab06e
Spidermonkey IonMonkey Unsafe Code Execution
Posted May 28, 2019
Authored by saelo, Google Security Research

Spidermonkey IonMonkey suffers from an issue where an unexpected ObjectGroup in the ObjectGroupDispatch operation might lead to potentially unsafe code being executed.

tags | advisory
advisories | CVE-2019-9816
SHA-256 | 76e43c0e0e984a9dd1a8f86e7060af365211daca525ccf24f7d75bf8f970279c
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close