what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 26 RSS Feed

Files Date: 2019-08-12

Debian Security Advisory 4499-1
Posted Aug 12, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4499-1 - Netanel reported that the .buildfont1 procedure in Ghostscript, the GPL PostScript/PDF interpreter, does not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox.

tags | advisory
systems | linux, debian
advisories | CVE-2019-10216
SHA-256 | dce42f1c15de7b1def39503e6664bd55afc37a0c207e79ef301442185c7d0bb2
Red Hat Security Advisory 2019-2465-01
Posted Aug 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2465-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10216
SHA-256 | 1bfa744090c4523f663fd8c77c22c8f1d1ea49d480980ee8930a1e66ceb824a7
Red Hat Security Advisory 2019-2462-01
Posted Aug 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2462-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10216
SHA-256 | 8fb3139310ca7b2b448c0db586a1c8e5d28f55954af52057544a284caf6d8e78
Ubuntu Security Notice USN-4092-1
Posted Aug 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4092-1 - Netanel Fisher discovered that the font handler in Ghostscript did not properly restrict privileged calls when '-dSAFER' restrictions were in effect. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-10216
SHA-256 | 045ac04ad356601247612be2e749f35a0449a3404a1e8cfb4ce8f03d6b8d64f0
WebKit Universal Cross Site Scripting
Posted Aug 12, 2019
Authored by Google Security Research, Glazvunov

WebKit suffers from a universal cross site scripting vulnerability via XSLT and nested document replacements.

tags | exploit, xss
advisories | CVE-2019-8690
SHA-256 | abc82a98542f87bc9b86b25a54fdb246cadf7b93e9bfa89e200caa30e3415461
ManageEngine Application Manager 14.2 Privilege Escalation / Remote Command Execution
Posted Aug 12, 2019
Authored by Ozkan Mustafa Akkus | Site metasploit.com

This Metasploit module exploits SQL injection and command injection vulnerabilities in the ManageEngine Application Manager versions 14.2 and below.

tags | exploit, vulnerability, sql injection
SHA-256 | e517b45142b3447dbab8ec2a891e10876f6c09291a138de7f5a84363ffe2c8c1
Joomla JS Support Ticket 1.1.6 SQL Injection
Posted Aug 12, 2019
Authored by qw3rTyTy

Joomla JS Support Ticket component version 1.1.6 suffers from a remote SQL injection vulnerability in ticketreply.php.

tags | exploit, remote, php, sql injection
SHA-256 | 213a017be91f4b2105974e537a709ecfaac01e0035d2ac7a0770e99035de9811
BSI Advance Hotel Booking System 2.0 Cross Site Scripting
Posted Aug 12, 2019
Authored by Angelo Ruwantha

BSI Advance Hotel Booking System version 2.0 suffers from a persistent cross site scripting vulnerability in booking_details.php.

tags | exploit, php, xss
advisories | CVE-2014-4035
SHA-256 | 49c2147b939ccb27aedc41a4220c7bb4bf089ba4d835ba734eb893216bbf0d60
ManageEngine OpManager 12.4x Privilege Escalation / Remote Command Execution
Posted Aug 12, 2019
Authored by Ozkan Mustafa Akkus | Site metasploit.com

This Metasploit module exploits SQL injection and command injection vulnerability in the OpManager versions 12.4.034 and below.

tags | exploit, sql injection
SHA-256 | fc57c3cfc093c3e5df0726909ea0618e1444102b4b8d154f2216ed157bc46225
VxWorks 6.8 Integer Underflow
Posted Aug 12, 2019
Authored by Zhou Yu

VxWorks version 6.8 suffers from an integer underflow vulnerability.

tags | exploit
advisories | CVE-2019-12255
SHA-256 | 1f311cc4d1a16d238fc837c326c95ed3d599ea7c826e3ecb1485e5e7136216e4
ManageEngine OpManager 12.4x Remote Command Execution
Posted Aug 12, 2019
Authored by Ozkan Mustafa Akkus | Site metasploit.com

This Metasploit module bypasses the user password requirement in the OpManager versions 12.4.034 and below. It performs authentication bypass and executes commands on the server.

tags | exploit
SHA-256 | 0b10df1665aeb6bf150dfd60da9fbbcaa339ab52f578cd7f8af7b97ef10ca2a8
Webmin 1.920 Remote Code Execution
Posted Aug 12, 2019
Authored by Ozkan Mustafa Akkus | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in Webmin versions 1.920 and below. If the password change module is turned on, the unauthenticated user can execute arbitrary commands with root privileges.

tags | exploit, arbitrary, root
SHA-256 | ec772fb6a45fb88e2351faaab0600ee20a86b66126a1ccf91608cd56b9347361
Joomla JS Support Ticket 1.1.6 Arbitrary File Deletion
Posted Aug 12, 2019
Authored by qw3rTyTy

Joomla JS Support Ticket component version 1.1.6 suffers from an arbitrary file deletion vulnerability in ticket.php.

tags | exploit, arbitrary, php
SHA-256 | 94e89c0d5467b5113ad4752d8b9da422373f83bd3bae56e8e65bb7406649eb1f
UNA 10.0.0 RC1 Cross Site Scripting
Posted Aug 12, 2019
Authored by Greg Priest

UNA version 10.0.0 RC1 suffers from a persistent cross site scripting vulnerability in polyglot.php.

tags | exploit, php, xss
advisories | CVE-2019-14804
SHA-256 | e5256b578b274aaf68a41ee33a072fae920639e4f32a32ad3e061c9f3af6ca4b
Cisco Adaptive Security Appliance Path Traversal
Posted Aug 12, 2019
Authored by Angelo Ruwantha, Yassine Aboukir | Site metasploit.com

This Metasploit module exploits a security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without authentication by using directory traversal techniques.

tags | exploit, file inclusion
systems | cisco
advisories | CVE-2018-0296
SHA-256 | ccf085e5a044cb918fae95c5556ebbf021851f7abfb9c7fab3ef667e68647642
Joomla JS Jobs 1.2.5 SQL Injection
Posted Aug 12, 2019
Authored by qw3rTyTy

Joomla JS Jobs component version 1.2.5 suffers from a remote SQL injection vulnerability in cities.php.

tags | exploit, remote, php, sql injection
SHA-256 | c7ddd9531942beee708545b44d1c7185102db12d2f392709e7f60afad09b689d
Ghidra (Linux) 9.0.4 Arbitrary Code Execution
Posted Aug 12, 2019
Authored by Etienne Lacoche

Ghidra (Linux) version 9.0.4 suffers from a .gar related arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
systems | linux
advisories | CVE-2019-13623
SHA-256 | d8d7c325d350b463017b38852324eca682609da29b6f5b3ea847494efb0bee38
Debian Security Advisory 4498-1
Posted Aug 12, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4498-1 - Several vulnerabilities were discovered in python-django, a web development framework. They could lead to remote denial-of-service or SQL injection,

tags | advisory, remote, web, vulnerability, sql injection, python
systems | linux, debian
advisories | CVE-2019-14232, CVE-2019-14233, CVE-2019-14234, CVE-2019-14235
SHA-256 | 8950007ecfea59b7cbbc514a74b09f7c96ccbc00236501de400b0532a6846a64
Debian Security Advisory 4496-1
Posted Aug 12, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4496-1 - Benno Fuenfstueck discovered that Pango, a library for layout and rendering of text with an emphasis on internationalization, is prone to a heap-based buffer overflow flaw in the pango_log2vis_get_embedding_levels function. An attacker can take advantage of this flaw for denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2019-1010238
SHA-256 | 08873062b1ae654980aee26f9f341f243ba2372412e9e64efa7a44e4eea86c3e
Debian Security Advisory 4495-1
Posted Aug 12, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4495-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2018-20836, CVE-2019-10207, CVE-2019-10638, CVE-2019-1125, CVE-2019-12817, CVE-2019-12984, CVE-2019-13233, CVE-2019-13631, CVE-2019-13648, CVE-2019-14283, CVE-2019-14284, CVE-2019-1999
SHA-256 | c9cffe5ad30be525cc930f197d8f2f4324ebd95c48fa3bbf6a68ef2df2511752
Debian Security Advisory 4494-1
Posted Aug 12, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4494-1 - Dominik Penner discovered that KConfig, the KDE configuration settings framework, supported a feature to define shell command execution in .desktop files. If a user is provided with a malformed .desktop file (e.g. if it's embedded into a downloaded archive and it gets opened in a file browser) arbitrary commands could get executed. This update removes this feature.

tags | advisory, arbitrary, shell
systems | linux, debian
advisories | CVE-2019-14744
SHA-256 | cffdf8b2f8be70b1d490457cf9c87e48056edad5fc1ecd56c620082e3c680957
Ubuntu Security Notice USN-4091-1
Posted Aug 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4091-1 - It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-14494
SHA-256 | 4be4b969f0389306674006b80826f192f2a7f5a957941f2ec8bd81c4b89f3cdd
Red Hat Security Advisory 2019-2439-01
Posted Aug 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2439-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. Integer overflow, leaked credential, and padding oracle vulnerabilities were addressed.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-16881, CVE-2019-1559, CVE-2019-3888
SHA-256 | cbac1f94d13e509c3c566a15a3b675f1a4bc70820c5f49e848ebabf61c32bc7b
Red Hat Security Advisory 2019-2437-01
Posted Aug 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2437-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2018-16838, CVE-2018-16881, CVE-2019-0161, CVE-2019-10139, CVE-2019-10160, CVE-2019-1559
SHA-256 | f40cbaf735073c48fac04cf4f3c79efaa6a492f90523a8288de1eab0cd4f7637
Red Hat Security Advisory 2019-2433-01
Posted Aug 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2433-01 - Cockpit is a Linux system administration tool with a web UI, easy setup, and minimal system footprint at runtime. When installed on hosts in Red Hat Virtualization, it provides monitoring and management functions beyond those available in the Administration Portal. Cockpit is installed by default on Red Hat Virtualization Host. A plain text password issue was addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-10139
SHA-256 | 45671cf4ad620e5859d293af3b9c6295ae722c5b762aab7e8a78d3ca404672da
Page 1 of 2
Back12Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close