what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2019-07-29

Redis Unauthenticated Code Execution
Posted Jul 29, 2019
Authored by Green-m | Site metasploit.com

This Metasploit module can be used to leverage the extension functionality added by Redis 4.x and 5.x to execute arbitrary code. To transmit the given extension it makes use of the feature of Redis which called replication between master and slave.

tags | exploit, arbitrary
SHA-256 | 8a25e4a7af0bb0c47237e268c64439b1ccedef5a35d240b4946e5ec04d9df945
WordPress Simple Membership 3.8.4 Cross Site Request Forgery
Posted Jul 29, 2019
Authored by rubyman

WordPress Simple Membership plugin version 3.8.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2019-14328
SHA-256 | 7e996b9a0d5c55ce682f3a72f364856b363009662f11039014a1b488c29f8035
Kernel Live Patch Security Notice LSN-0053-1
Posted Jul 29, 2019
Authored by Benjamin M. Romer

Vasiliy Kulikov discovered that the Bluetooth stack did not correctly check that device name strings were NULL terminated. A local attacker could exploit this to crash the system, leading to a denial of service, or leak contents of kernel stack memory, leading to a loss of privacy. It was discovered that the Linux kernel on ARM processors allowed a tracing process to modify a syscall after a seccomp decision had been made on that syscall. A local attacker could possibly use this to bypass seccomp restrictions. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2011-1079, CVE-2011-11833, CVE-2011-11884, CVE-2019-11815, CVE-2019-2054
SHA-256 | 6816c4785b56430dc635ceb03383ffc424c8c6dc0006c08814cc9b42003fff08
Ubuntu Security Notice USN-4077-1
Posted Jul 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4077-1 - It was discovered that tmpreaper incorrectly handled certain mount operations. A local attacker could possibly use this issue to create arbitrary files, leading to privilege escalation.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-3461
SHA-256 | cbf6d91e29b894c6b5cc0c6e8f47a2f7c3a54e63ef13daca71bdf42ca98607c4
Red Hat Security Advisory 2019-1931-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1931-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A memory corruption issue was addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2017-1000112
SHA-256 | fdfbc64347b16705a845cde3571301a69f3ee1b416feed39d11c6ed5d7f70b5b
Red Hat Security Advisory 2019-1932-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1932-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A memory corruption issue was addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2017-1000112
SHA-256 | fedaf323e38f2e5c6aa9a5e10c0223ec7d9c1a8f85e4e67621b5d2621fcf3148
NSKeyedUnarchiver ObjC Object Use-After-Free
Posted Jul 29, 2019
Authored by saelo, Google Security Research

NSKeyedUnarchiver suffers from a use-after-free vulnerability with ObjC objects when unarchiving OITSUIntDictionary instances even if secureCoding is required.

tags | exploit
advisories | CVE-2019-8662
SHA-256 | 63703796ab8c03a5e2f4d71cdf0827418691b14bf48da00e28c71cabc8224370
Red Hat Security Advisory 2019-1930-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1930-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 75.0.3770.142. Crash and information disclosure vulnerabilities were addressed.

tags | advisory, web, vulnerability, info disclosure
systems | linux, redhat
advisories | CVE-2019-5847, CVE-2019-5848
SHA-256 | 6920bb97d74e60a939e200405578e6a699ee2389a4e178e237695c0d959bd5c0
GigToDo 1.3 Cross Site Scripting
Posted Jul 29, 2019
Authored by m0ze

GigToDo versions 1.3 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 12e787f5c5392e49c6311a9b44f43ad57ccb50a5642eda646cd6107b1814c708
Red Hat Security Advisory 2019-1907-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1907-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. An issue was address where an improper symlink resolution allows access to host files when executing podman cp on running containers.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10152
SHA-256 | c9117765b3cb3a11c50747f160c21a3744ada0139481a68150f58be8c3406ab9
Red Hat Security Advisory 2019-1910-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1910-01 - Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-15664
SHA-256 | 73834faab0673e186046ac81754ab59b84c544183a73161ed31109f08d404ee3
WordPress Real Estate Theme 2.8.9 Cross Site Scripting
Posted Jul 29, 2019
Authored by m0ze

WordPress Real Estate theme version 2.8.9 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8ff267fb390b5d90824ed48ea7bb321959b47eb88d718c974b7723ccf7f65c7b
JSC ValueProfiles JSValue Use-After-Free
Posted Jul 29, 2019
Authored by saelo, Google Security Research

JavaScriptCore suffers from an issue where there's a JSValue use-after-free vulnerability in ValueProfiles.

tags | advisory
advisories | CVE-2019-8672
SHA-256 | a9501df8f786600223589a22ac96f06da65cf505b543b54f2ef6219f16639ac6
Red Hat Security Advisory 2019-1880-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1880-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. An NTLM password overflow via integer overflow issue was addressed.

tags | advisory, web, overflow, protocol
systems | linux, redhat
advisories | CVE-2018-14618
SHA-256 | 7ff194be1ef6e345bac33f6db0c2870bd8420e769ad1819a796d665aa8b116e1
Red Hat Security Advisory 2019-1896-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1896-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2019-3883
SHA-256 | bb5ad1aa01b4589eb20ae556b1b2ac0e9ed71c64f242fa71239066f03fc2ffbf
Red Hat Security Advisory 2019-1881-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1881-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2018-20815
SHA-256 | a03ef37470dc15211500f0866b53ebcc85d2fb5c9459ac27fa6c430f8c03dd6c
Red Hat Security Advisory 2019-1873-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1873-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-16871, CVE-2018-16884, CVE-2019-11085, CVE-2019-11811
SHA-256 | aa0bd47155cf6b507668fab83b4a70fa93bb961b894f3579323af79f460d220e
Red Hat Security Advisory 2019-1883-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1883-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2019-6778
SHA-256 | 6223a60a0fb394d6cc6ef8e3047e8d8b79646063a73ba0baf27648ff941c1b4f
Red Hat Security Advisory 2019-1891-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1891-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-16871, CVE-2018-16884, CVE-2019-11085, CVE-2019-11811
SHA-256 | 70aeeda7c35cb660759a0b6815f6b2d4bc56940402a6b8fa81ca60d3a19d665c
Red Hat Security Advisory 2019-1898-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1898-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A weak Digest auth nonce generation in mod_auth_digest was addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2018-1312
SHA-256 | 082615faa950b3a11b6c45b0fee421295525295f5d9fc68aacb1a000f68ab0f3
JSC DFG LICM Object Property Access Unguarded
Posted Jul 29, 2019
Authored by saelo, Google Security Research

JavaScriptCore DFG loop-invariant code motion (LICM) has an issue where it leaves object property access unguarded.

tags | advisory
advisories | CVE-2019-8671
SHA-256 | 8fd7bdc27408729bccdf334f804fe0fb27728920396e0444c1671aec6b62ab56
Red Hat Security Advisory 2019-1884-01
Posted Jul 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1884-01 - The libssh2 packages provide a library that implements the SSH2 protocol. An out-of-bounds memory comparison was addressed.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2019-3862
SHA-256 | 5cfb9fcc8f02e9d6047eb20d6cf69ad487c72dbced12cb72c9e1a5579ed42721
Ubuntu Security Notice USN-3990-2
Posted Jul 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3990-2 - USN-3990-1 fixed a vulnerability in urllib3. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2019-11236
SHA-256 | 5ae6d63bf7d972970ecd6d190a19d2ce58c0e9185fc6ecd9c4ff29714220bea2
Linux/x86 NOT +SHIFT-N+ XOR-N Encoded /bin/sh Shellcode
Posted Jul 29, 2019
Authored by Pedro Cabral

168 bytes small Linux/x86 NOT +SHIFT-N+ XOR-N encoded /bin/sh shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 0535e81b0ede463cd0f475670e1e4a07b636b91c018625cd31f6d3df4b1a1c98
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close