what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2019-11-08

Chrome Site Isolation Bypass / File Disclosure
Posted Nov 8, 2019
Authored by Google Security Research, Glazvunov

The Chrome Payment Handler API suffers from site isolation bypass and local file disclosure vulnerabilities.

tags | exploit, local, vulnerability
SHA-256 | 5422de00f3ad840d3ddaf47ca01135dd9a83ecda77339b7267b4ed4026c4879c
WebKitGTK+ / WPE WebKit Code Execution / XSS
Posted Nov 8, 2019
Authored by WebKitGTK+ Team

WebKitGTK+ and WPE WebKit suffer from code execution, universal cross site scripting, and memory corruption vulnerabilities. Multiple versions are affected.

tags | advisory, vulnerability, code execution, xss
advisories | CVE-2019-8710, CVE-2019-8743, CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823
SHA-256 | e942f161feb7c2ca30eb995ee4e9dcd5afccf820c672b47f99da8302c18074e6
Nextcloud 17 Cross Site Request Forgery
Posted Nov 8, 2019
Authored by Ozer Goker

Nextcloud 17 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 5d7ad910ebcb331b42c05229483f3f723e71af0993c760c2101684d39ad7a00d
Jira Service Desk Server / Data Center Path Traversal
Posted Nov 8, 2019
Authored by Atlassian

Jira Service Desk Server and Data Center product versions below 3.9.17, 3.10.0 up to 3.16.11, 4.0.0 up to 4.2.6, 4.3.0 up to 4.3.5, 4.4.0 up to 4.4.3, and 4.5.0 up to 4.5.1 are susceptible to a path traversal vulnerability.

tags | advisory, file inclusion
advisories | CVE-2019-15003, CVE-2019-15004
SHA-256 | 7080e92a97a87f926d87df454a396848f9491f786060cbd25b9c83577cc2efa3
Adive Framework 2.0.7 Privilege Escalation
Posted Nov 8, 2019
Authored by Pablo Santiago

Adive Framework version 2.0.7 suffers from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2019-14347
SHA-256 | 0b20e4720adf1f6ea10e606db63013c37e4d431350c204169cb32136beb923e0
Slackware Security Advisory - Slackware 14.2 kernel Updates
Posted Nov 8, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix security issues.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2016-10905, CVE-2016-10906, CVE-2018-20976, CVE-2019-10638, CVE-2019-14814, CVE-2019-14816, CVE-2019-14821, CVE-2019-14835, CVE-2019-15098, CVE-2019-15117, CVE-2019-15118, CVE-2019-15505, CVE-2019-16746, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17075, CVE-2019-17133, CVE-2019-2215, CVE-2019-3900
SHA-256 | bf62eae52a9e8701d96b669a2f1dc34dbcad875c47ff666c8f00d6add34b28a7
Debian Security Advisory 4561-1
Posted Nov 8, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4561-1 - Alex Murray discovered a stack-based buffer overflow vulnerability in fribidi, an implementation of the Unicode Bidirectional Algorithm algorithm, which could result in denial of service or potentially the execution of arbitrary code, when processing a large number of unicode isolate directional characters.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2019-18397
SHA-256 | 5fccf8379646032d9d2350ccc915e6b5645abbc025cac588a1e2a172f9f3b601
Ubuntu Security Notice USN-4179-1
Posted Nov 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4179-1 - Alex Murray discovered a stack-based buffer overflow when handling a large number of unicode isolate directives. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-18397
SHA-256 | a64a3540d6115694264002f126e106dce0143b168f7c9e79d0e8f4245c44fcf5
Gentoo Linux Security Advisory 201911-04
Posted Nov 8, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201911-4 - Multiple information disclosure vulnerabilities in OpenSSL allow attackers to obtain sensitive information. Versions less than 1.0.2t are affected.

tags | advisory, vulnerability, info disclosure
systems | linux, gentoo
advisories | CVE-2019-1547, CVE-2019-1563
SHA-256 | d0d2808bdb7b5e21d54dc5b11536556321445e4a171cd058a9f69980dbaca635
Gentoo Linux Security Advisory 201911-03
Posted Nov 8, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201911-3 - Multiple vulnerabilities have been found in Oniguruma, the worst of which could result in the arbitrary execution of code. Versions less than 6.9.3 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-13224, CVE-2019-13225
SHA-256 | ad8c3a8f3538270fa6278c5d84ad7b774902fd2be0fced00e9669cc6439d6c91
Gentoo Linux Security Advisory 201911-02
Posted Nov 8, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201911-2 - A buffer overflow in pump might allow remote attacker to execute arbitrary code. Versions less than or equal to 0.8.24-r4 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
SHA-256 | e74b397cbbff9d90abe7ca586c18a093151fd1982553545d961f06ea0c2af15d
Gentoo Linux Security Advisory 201911-01
Posted Nov 8, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201911-1 - An integer overflow in OpenSSH might allow an attacker to execute arbitrary code. Versions greater than or equal to 8.0_p1-r2 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2019-16905
SHA-256 | 115ff5b35f7f50020a10f2f6c2b4113e967c92feaf22dc2a4cfb9bbc7a1269b8
Red Hat Security Advisory 2019-3812-01
Posted Nov 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3812-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the cri-o RPM package for Red Hat OpenShift Container Platform 3.9.102. A credential disclosure issue was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10214
SHA-256 | 1877937d9143576c4a341e405f0fd211c15774c574a24986f01ffcd2fd505e55
Red Hat Security Advisory 2019-3813-01
Posted Nov 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3813-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the mediawiki123 RPM package for Red Hat OpenShift Container Platform 3.9.102. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-0503, CVE-2018-0504, CVE-2018-0505
SHA-256 | 947e884a3c1d00dac4f45d6a7e850e417239e1ba98ea54375843401352229ebc
Red Hat Security Advisory 2019-3811-01
Posted Nov 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3811-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the atomic-openshift RPM package for Red Hat OpenShift Container Platform 3.9.102. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2019-10150, CVE-2019-11249, CVE-2019-11251, CVE-2019-11253
SHA-256 | 723c4654df1e079c4d0af35656d5bfe62d7462e1e10ac16066f97a336297f61e
SolarWinds Kiwi Syslog Server 8.3.52 Unquoted Service Path
Posted Nov 8, 2019
Authored by Carlos A Garcia R

SolarWinds Kiwi Syslog Server version 8.3.52 suffers from a Kiwi Syslog Service unquoted service path vulnerability.

tags | exploit
SHA-256 | 999eaddcb4e8329c989ef5af84103f428227682c7a270f26b8316e92f53b8615
Ubuntu Security Notice USN-4178-1
Posted Nov 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4178-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2019-8625
SHA-256 | f2f51e6f6aff61cabe9f4760ca0601530d7ae684208e4d7b7228314e65a945f5
Jenkins Build-Metrics 1.3 Cross Site Scripting
Posted Nov 8, 2019
Authored by vesche

Jenkins Build-Metrics plugin version 1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-10475
SHA-256 | d418e19ba81cb0adbe7e003d7fa890804d64f4a2cbb72d771a4bdb298fb673cb
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close