exploit the possibilities
Showing 1 - 17 of 17 RSS Feed

Files Date: 2019-10-17

Red Hat Security Advisory 2019-3140-01
Posted Oct 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3140-01 - Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems - such as multiple databases, XML files, and even Hadoop systems - appear as a set of tables in a local database. This release of Red Hat JBoss Data Virtualization 6.4.8 serves as a replacement for Red Hat JBoss Data Virtualization 6.4.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, deserialization, information leakage, and path sanitization vulnerabilities.

tags | advisory, local, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2016-5397, CVE-2018-11307, CVE-2018-11798, CVE-2018-12022, CVE-2018-12023, CVE-2018-1335, CVE-2018-14718, CVE-2018-14719, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2018-8088, CVE-2019-0201
SHA-256 | cb03b8a3107017eb58904d224acf26d8a49abf7981da23786dece9f70750672b
Ubuntu Security Notice USN-4158-1
Posted Oct 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4158-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-14973
SHA-256 | 373a963e3025d30c5f7fd26f001b10fe713c91bd5bbf43d4b28e38964814e3c6
CA Performance Management Arbitrary Command Execution
Posted Oct 17, 2019
Authored by Kevin Kotas, Hendrik Van Belleghem | Site www3.ca.com

CA Technologies, a Broadcom Company, is alerting customers to a potential risk with CA Performance Management. A vulnerability exists that can allow a remote attacker to execute arbitrary commands. CA published solutions to address the vulnerabilities and recommends that all affected customers implement these solutions. The vulnerability occurs due to default credentials and a configuration weakness. A malicious actor may use the default credentials and exploit a weakness in the configuration to execute arbitrary commands on the Performance Center server. CA Performance Management versions 3.7.x prior to 3.7.4, 3.6.x prior to 3.6.9, and 3.5.x are affected.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2019-13657
SHA-256 | ae8d8b44256d64ee5630fb610497bd1bcc5284b37b70d83e537a7ef5dc4ec846
Red Hat Security Advisory 2019-3136-01
Posted Oct 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3136-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999
SHA-256 | fa137af05ab1eed2d55106b7ddfdd5d6f9f043f2af6fada5624bd6ea0acd33cd
Restaurant Management System 1.0 Shell Upload
Posted Oct 17, 2019
Authored by Ibad Shah

Restaurant Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | ebc3ed20a1fb1123fc0d9d9fb683bbc4c6bba54a05778e2a048ca891a3f73c14
VIM 8.1.2135 Use-After-Free
Posted Oct 17, 2019
Authored by Dhiraj Mishra

VIM version 8.1.2135 suffers from a heap use-after-free vulnerability using freed memory with autocmd.

tags | exploit
SHA-256 | 4c96c1b707150c62f170d081c709f5113fd68839f8775298501fd594a3ebb4d2
Ubuntu Security Notice USN-4157-1
Posted Oct 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4157-1 - Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Matt Delco discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform bounds checking when handling coalesced MMIO write operations. A local attacker with write access to /dev/kvm could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14814, CVE-2019-14815, CVE-2019-14816, CVE-2019-14821, CVE-2019-15504, CVE-2019-15505, CVE-2019-15902, CVE-2019-16714, CVE-2019-2181
SHA-256 | 3bb471aa2b029f966f4c1dda5ba7ffad57b217ce222f63fa935088ed71560d7d
ThinVNC 1.0b1 Authentication Bypass
Posted Oct 17, 2019
Authored by Nikhith Tumamlapalli

ThinVNC version 1.0b1 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2019-17662
SHA-256 | fbcbacfabc4114ff32f183f057e90e6b3f4412e90eb0e8b25527c27c54299bf1
Red Hat Security Advisory 2019-3135-01
Posted Oct 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3135-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2977, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999
SHA-256 | 46e1c6f46d190bdbb44fd7fcb87b8ac2b92161a07119db2a326bd9ccc20ac4df
WordPress Popup Builder 3.49 Cross Site Scripting
Posted Oct 17, 2019
Authored by Unk9vvN

WordPress Popup Builder plugin version 3.49 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6756baea90d6d7aad4c5de15f68c396fe99b350adb62b7f583ed2303038adcac
Red Hat Security Advisory 2019-3134-01
Posted Oct 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3134-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999
SHA-256 | c2a52cfd591d9a4a07d5da7bdc673a37b9ac484ad87a4225e8f9ee5c37ee212d
VMware VeloCloud 3.3.0 / 3.2.2 Authorization Bypass
Posted Oct 17, 2019
Authored by Silas Baertsch

VMware VeloCloud versions 3.3.0 and 3.2.2 suffer from an authorization bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2019-5533
SHA-256 | b178e025418fdce965c1ba9495e327d80d7c6b0fdcc3bc3ee020af4593bbb6b4
WordPress Soliloquy Lite 2.5.6 Cross Site Scripting
Posted Oct 17, 2019
Authored by Unk9vvN

WordPress Soliloquy Lite plugin version 2.5.6 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 021c8406bb3037837d2ccde7bb8064f938157fdf28be7a31fa5a1436feea183c
WordPress FooGallery 1.8.12 Cross Site Scripting
Posted Oct 17, 2019
Authored by Unk9vvN

WordPress FooGallery plugin version 1.8.12 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1fc7c3c6ca9d706f8091a45e1de3250066e957a8c05bad7134cf75780b73ad68
Web Companion 5.1.1035.1047 WCAssistantService Unquoted Service Path
Posted Oct 17, 2019
Authored by Debashis Pal

Web Companion version 5.1.1035.1047 suffers from a WCAssistantService unquoted service path vulnerability.

tags | exploit, web
SHA-256 | dac13bee5194b4ad3fe44d73a304d94c762cd2a9aba81df6dc9855e64cef2de4
WorkgroupMail 7.5.1 WorkgroupMail Unquoted Service Path
Posted Oct 17, 2019
Authored by Cakes

WorkgroupMail version 7.5.1 suffers from a WorkgroupMail unquoted service path vulnerability.

tags | exploit
SHA-256 | 8afe61f8c8bf23b700c5b018852d6100e2383c2e4f479d2180b8875dae77a482
BlackMoon FTP Server 3.1.2.1731 BMFTP-RELEASE Unquoted Service Path
Posted Oct 17, 2019
Authored by Debashis Pal

BlackMoon FTP Server version 3.1.2.1731 suffers from a BMFTP-RELEASE unquoted service path vulnerability.

tags | exploit
SHA-256 | 9961f3525fbf2ca11e8616ff4889d940fd5f940bc2f430b4d0df525801591902
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close