exploit the possibilities
Showing 1 - 17 of 17 RSS Feed

Files Date: 2019-10-17

Red Hat Security Advisory 2019-3140-01
Posted Oct 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3140-01 - Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems - such as multiple databases, XML files, and even Hadoop systems - appear as a set of tables in a local database. This release of Red Hat JBoss Data Virtualization 6.4.8 serves as a replacement for Red Hat JBoss Data Virtualization 6.4.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, deserialization, information leakage, and path sanitization vulnerabilities.

tags | advisory, local, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2016-5397, CVE-2018-11307, CVE-2018-11798, CVE-2018-12022, CVE-2018-12023, CVE-2018-1335, CVE-2018-14718, CVE-2018-14719, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2018-8088, CVE-2019-0201
MD5 | 62ddc64d2da4efc2000f826c874707b3
Ubuntu Security Notice USN-4158-1
Posted Oct 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4158-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-14973
MD5 | 771697daaadd0b0db8683c2c0adb3e84
CA Performance Management Arbitrary Command Execution
Posted Oct 17, 2019
Authored by Kevin Kotas, Hendrik Van Belleghem | Site www3.ca.com

CA Technologies, a Broadcom Company, is alerting customers to a potential risk with CA Performance Management. A vulnerability exists that can allow a remote attacker to execute arbitrary commands. CA published solutions to address the vulnerabilities and recommends that all affected customers implement these solutions. The vulnerability occurs due to default credentials and a configuration weakness. A malicious actor may use the default credentials and exploit a weakness in the configuration to execute arbitrary commands on the Performance Center server. CA Performance Management versions 3.7.x prior to 3.7.4, 3.6.x prior to 3.6.9, and 3.5.x are affected.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2019-13657
MD5 | 40cc0d6d35b9f640fb42753c9f62d043
Red Hat Security Advisory 2019-3136-01
Posted Oct 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3136-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999
MD5 | 9c8c0944306780dddc0c85f785e6606c
Restaurant Management System 1.0 Shell Upload
Posted Oct 17, 2019
Authored by Ibad Shah

Restaurant Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 860b8ef78288e2ef9b65fb26b0908608
VIM 8.1.2135 Use-After-Free
Posted Oct 17, 2019
Authored by Dhiraj Mishra

VIM version 8.1.2135 suffers from a heap use-after-free vulnerability using freed memory with autocmd.

tags | exploit
MD5 | f3d0f14378ae93da6326e33fb2192c33
Ubuntu Security Notice USN-4157-1
Posted Oct 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4157-1 - Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Matt Delco discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform bounds checking when handling coalesced MMIO write operations. A local attacker with write access to /dev/kvm could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14814, CVE-2019-14815, CVE-2019-14816, CVE-2019-14821, CVE-2019-15504, CVE-2019-15505, CVE-2019-15902, CVE-2019-16714, CVE-2019-2181
MD5 | cf8f7834679112d7b1f99a08e16b2bfe
ThinVNC 1.0b1 Authentication Bypass
Posted Oct 17, 2019
Authored by Nikhith Tumamlapalli

ThinVNC version 1.0b1 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2019-17662
MD5 | bde2a87212d4b0d022fce330758a2cd9
Red Hat Security Advisory 2019-3135-01
Posted Oct 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3135-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2977, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999
MD5 | f668a6b0352d54c0fd06419e39df4f6d
WordPress Popup Builder 3.49 Cross Site Scripting
Posted Oct 17, 2019
Authored by Unk9vvN

WordPress Popup Builder plugin version 3.49 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | a45af78799536e074914217ab02411a9
Red Hat Security Advisory 2019-3134-01
Posted Oct 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3134-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999
MD5 | 423e1f434af2dd874050be5ed6bf4e68
VMware VeloCloud 3.3.0 / 3.2.2 Authorization Bypass
Posted Oct 17, 2019
Authored by Silas Baertsch

VMware VeloCloud versions 3.3.0 and 3.2.2 suffer from an authorization bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2019-5533
MD5 | 12195b6551f517aa4bbe3b9c39469f0d
WordPress Soliloquy Lite 2.5.6 Cross Site Scripting
Posted Oct 17, 2019
Authored by Unk9vvN

WordPress Soliloquy Lite plugin version 2.5.6 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | f44eca6b3e589bd8c6db25f9b6f9eb86
WordPress FooGallery 1.8.12 Cross Site Scripting
Posted Oct 17, 2019
Authored by Unk9vvN

WordPress FooGallery plugin version 1.8.12 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 677d436e1c2cb3cfb3dc6f9bbff3eddd
Web Companion 5.1.1035.1047 WCAssistantService Unquoted Service Path
Posted Oct 17, 2019
Authored by Debashis Pal

Web Companion version 5.1.1035.1047 suffers from a WCAssistantService unquoted service path vulnerability.

tags | exploit, web
MD5 | 0fe04845b92aed952d373cedfbeacea0
WorkgroupMail 7.5.1 WorkgroupMail Unquoted Service Path
Posted Oct 17, 2019
Authored by Cakes

WorkgroupMail version 7.5.1 suffers from a WorkgroupMail unquoted service path vulnerability.

tags | exploit
MD5 | a1d3f466391d651f25f2dd3a69ee3302
BlackMoon FTP Server 3.1.2.1731 BMFTP-RELEASE Unquoted Service Path
Posted Oct 17, 2019
Authored by Debashis Pal

BlackMoon FTP Server version 3.1.2.1731 suffers from a BMFTP-RELEASE unquoted service path vulnerability.

tags | exploit
MD5 | 51b1d0904b198c9c9dcbbf871a24a8b0
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close