what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-09-04

Ubuntu Security Notice USN-4122-1
Posted Sep 4, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4122-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to obtain sensitive information, bypass Content Security Policy protections, bypass same-origin restrictions, conduct cross-site scripting attacks, cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2019-11734, CVE-2019-11735, CVE-2019-11737, CVE-2019-11740, CVE-2019-11741, CVE-2019-11742, CVE-2019-11743, CVE-2019-11744, CVE-2019-11747, CVE-2019-11748, CVE-2019-11749, CVE-2019-9812
MD5 | 65b4aaaa7f9a51d593da58f90b5f720e
Debian Security Advisory 4515-1
Posted Sep 4, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4515-1 - Several vulnerabilities have been discovered in the webkit2gtk web engine.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671, CVE-2019-8672, CVE-2019-8673, CVE-2019-8676, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683, CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689, CVE-2019-8690
MD5 | 9119a9800e5cedcc0bda42558c08dbb2
AwindInc SNMP Service Command Injection
Posted Sep 4, 2019
Authored by Quentin Kaiser | Site metasploit.com

This Metasploit module exploits a vulnerability found in AwindInc and OEM'ed products where untrusted inputs are fed to ftpfw.sh system command, leading to command injection. A valid SNMP read-write community is required to exploit this vulnerability.

tags | exploit
advisories | CVE-2017-16709
MD5 | 94829d03a77b5dc73a93c44541b6a8a3
Red Hat Security Advisory 2019-2663-01
Posted Sep 4, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2663-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.1.0 ESR. Issues addressed include bypass, cross site scripting, and use-after-free vulnerabilities.

tags | advisory, web, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11735, CVE-2019-11738, CVE-2019-11740, CVE-2019-11742, CVE-2019-11743, CVE-2019-11744, CVE-2019-11746, CVE-2019-11747, CVE-2019-11748, CVE-2019-11749, CVE-2019-11750, CVE-2019-11752, CVE-2019-9812
MD5 | 324ea1b4637f0d156b318bee866507b6
Cisco Device Hardcoded Credentials / GNU glibc / BusyBox
Posted Sep 4, 2019
Authored by T. Weber | Site sec-consult.com

Many Cisco devices such as Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, and Cisco 160W suffer from having hard-coded credentials, known GNU glibc, known BusyBox, and IoT Inspector identified vulnerabilities.

tags | exploit, vulnerability
systems | cisco
advisories | CVE-2014-4043, CVE-2014-9402, CVE-2014-9761, CVE-2014-9984, CVE-2015-1472, CVE-2015-5277, CVE-2015-7547, CVE-2015-8778, CVE-2015-8779, CVE-2015-9261, CVE-2016-2147, CVE-2016-2148, CVE-2016-6301, CVE-2017-1000366, CVE-2017-16544, CVE-2018-20679, CVE-2019-5747
MD5 | c446ad84eeb90a116264677ada159562
WordPress Spryng Payments WooCommerce 1.6.7 Cross Site Scripting
Posted Sep 4, 2019
Authored by Ricardo Sanchez

WordPress Spryng Payments WooCommerce plugin version 1.6.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8f22fb3fa01aeb9ff354e99195e0c3a2
Cisco Email Security Virtual Appliance C380 IronPort Header Injection
Posted Sep 4, 2019
Authored by Todor Donev

Cisco Email Security Virtual Appliance C380 IronPort remote host header injection exploit.

tags | exploit, remote
systems | cisco
MD5 | 59fdeb6b686e0eb34a78c58ed8e75d61
Cisco Email Security Virtual Appliance C300V IronPort Header Injection
Posted Sep 4, 2019
Authored by Todor Donev

Cisco Email Security Virtual Appliance C300V IronPort remote host header injection exploit.

tags | exploit, remote
systems | cisco
MD5 | 58c6e4353b033250b2b8241c3f4cd6e3
Cisco Content Security Management Virtual Appliance M600V IronPort Header Injection
Posted Sep 4, 2019
Authored by Todor Donev

Cisco Content Security Management Virtual Appliance M600V IronPort remote host header injection exploit.

tags | exploit, remote
systems | cisco
MD5 | 229be091f2335df90cbf4ec41f426693
Debian Security Advisory 4514-1
Posted Sep 4, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4514-1 - Alf-Andre Walla discovered a remotely triggerable assert in the Varnish web accelerator; sending a malformed HTTP request could result in denial of service.

tags | advisory, web, denial of service
systems | linux, debian
advisories | CVE-2019-15892
MD5 | 1576da3cba8da150a7db29baa79bf4cb
Debian Security Advisory 4513-1
Posted Sep 4, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4513-1 - Stefan Metzmacher discovered a flaw in Samba, a SMB/CIFS file, print, and login server for Unix. Specific combinations of parameters and permissions can allow user to escape from the share path definition and see the complete '/' filesystem. Unix permission checks in the kernel are still enforced.

tags | advisory, kernel
systems | linux, unix, debian
advisories | CVE-2019-10197
MD5 | beda54cee72e44e2c0265f28ba385662
Red Hat Security Advisory 2019-2652-01
Posted Sep 4, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2652-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. Issues addressed include an exception leak.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-14433
MD5 | 3fc7c5bcc041c01090905c854f037916
Red Hat Security Advisory 2019-2651-01
Posted Sep 4, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2651-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2019-10355, CVE-2019-10356, CVE-2019-10357
MD5 | 129eb76be97ff2899af9fb49402658a7
DASAN Zhone ZNID GPON 2426A EU Cross Site Scripting
Posted Sep 4, 2019
Authored by Adam Ziaja

DASAN Zhone ZNID GPON 2426A EU versions S3.1.285 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-10677
MD5 | 6d52de97c5b07a7fd040eee129a2b002
WordPress Download Manager 2.9.93 Cross Site Scripting
Posted Sep 4, 2019
Authored by ThuraMoeMyint

Wordpress Download Manager plugin version 2.9.93 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-15889
MD5 | af5c5a1b2e2fb0a1b5baad7e5701341a
Page 1 of 1
Back1Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    3 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close