exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2019-11-13

CMS Made Simple 2.2.8 Remote Code Execution
Posted Nov 13, 2019
Authored by Daniele Scanu | Site metasploit.com

An issue was discovered in CMS Made Simple version 2.2.8. In the module DesignManager (in the files action.admin_bulk_css.php and action.admin_bulk_template.php), with an unprivileged user with Designer permission, it is possible to reach an unserialize call with a crafted value in the m1_allparms parameter, and achieve object injection. This Metasploit module has been successfully tested on CMS Made Simple versions 2.2.6, 2.2.7, 2.2.8, 2.2.9 and 2.2.9.1.

tags | exploit, php
advisories | CVE-2019-9055
SHA-256 | 89958144f8e021770610570a9f70bd342705de89876594b1eeaf56a68799f77d
Siemens Desigo PX 6.00 Denial Of Service
Posted Nov 13, 2019
Authored by LiquidWorm | Site zeroscience.mk

Siemens Desigo PX version 6.00 remote denial of service exploit.

tags | exploit, remote, denial of service
advisories | CVE-2019-13927
SHA-256 | 7f494cc9c1a27d4f697b49ba93c7eaabc5b0551cb9eb7e1d4c78be7c37e6fb05
MicroStrategy Library Cross Site Scripting
Posted Nov 13, 2019
Authored by Alphan Yavas

MicroStrategy Library suffers from a cross site scripting vulnerability. Version 11.1.3 has the patch.

tags | advisory, xss
advisories | CVE-2019-18957
SHA-256 | 8092b86568b95c9b394ff20579a70fe8189366b83f6a7d085a2be7b2ec163e66
ScanGuard Antivirus Insecure Permissions
Posted Nov 13, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Scanguard versions through 2019-11-12 on Windows has insecure permissions for the installation directory, leading to privilege escalation via a trojan horse executable file.

tags | exploit, trojan
systems | windows
advisories | CVE-2019-18895
SHA-256 | 12643e28158492899f52e92bbc5e77ba369893a4dd0a17e789ee127277138b91
Kernel Live Patch Security Notice LSN-0059-1
Posted Nov 13, 2019
Authored by Benjamin M. Romer

On November 12, fixes for several high-severity Intel processor CVEs were released into the Ubuntu kernel, accompanied by a related processor microcode update. Due to the high complexity of the fixes and the required microcode update, we are unable to livepatch this set of CVEs. Please plan to reboot into an updated kernel as soon as possible. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135
SHA-256 | fff054687351f5cc49fca94a5fcdb39159f4d22bc5f7c2a6ae86bde91ebf2607
Red Hat Security Advisory 2019-3871-01
Posted Nov 13, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3871-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An arbitrary kernel memory write was addressed.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2019-0155
SHA-256 | 09573029322994d189d64b2bac360ee54a5e090a0db28c46bf36aa31a143acd6
Red Hat Security Advisory 2019-3870-01
Posted Nov 13, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3870-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. An arbitrary kernel memory write was addressed.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2019-0155
SHA-256 | 5cc02634599999cf1a4cbdfb780d875aafb22c7ac385caf2bf9b699d1dbb7196
Ubuntu Security Notice USN-4189-1
Posted Nov 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4189-1 - Jason Wang discovered that DPDK incorrectly handled certain messages. An attacker in a malicious container could possibly use this issue to cause DPDK to leak resources, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-14818
SHA-256 | 4dd2c97b9926713dc242ff1dd2be7ba5699970810075c1851261ec87c8fc606d
Ubuntu Security Notice USN-4186-2
Posted Nov 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4186-2 - USN-4186-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Stephan van Schaik, Alyssa Milburn, Sebastian

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15098, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17666
SHA-256 | 94710aa91a6ba3adbd95a25aeedff5ae45bd7988fba5c2c8b4a4a7314588dd48
Debian Security Advisory 4563-1
Posted Nov 13, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4563-1 - These vulnerabilities have been discovered in the webkit2gtk web engine.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2019-8812, CVE-2019-8814
SHA-256 | 7aa4a37d1e01c63ee6cb3c20cfea3d43af77a2249ee0dcb6b4b1b9b4c6bc03b2
Debian Security Advisory 4567-1
Posted Nov 13, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4567-1 - It was discovered that the vhost PMD in DPDK, a set of libraries for fast packet processing, was affected by memory and file descriptor leaks which could result in denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2019-14818
SHA-256 | bddd49b7817f1c4c15edd86d502a2dea39a1f9ee460b62d25ba7a5337c824b14
Debian Security Advisory 4566-1
Posted Nov 13, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4566-1 - This update for QEMU, a fast processor emulator, backports support to passthrough the pschange-mc-no CPU flag. The virtualised MSR seen by a guest is set to show the bug as fixed, allowing to disable iTLB Multihit mitigations in nested hypervisors (cf. DSA 4564-1).

tags | advisory
systems | linux, debian
SHA-256 | 27fdecefd8a90f8e917955b27b2b22f3c8d8566fb084bbea305fc2d714f3319d
Debian Security Advisory 4565-1
Posted Nov 13, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4565-1 - This update ships updated CPU microcode for some types of Intel CPUs. In particular it provides mitigations for the TAA (TSX Asynchronous Abort) vulnerability. For affected CPUs, to fully mitigate the vulnerability it is also necessary to update the Linux kernel packages as released in DSA 4564-1.

tags | advisory, kernel
systems | linux, debian
advisories | CVE-2019-11135, CVE-2019-11139
SHA-256 | 3a81ef658521dac17d5c54310ca11aa2272cfceedd7d09213169824681b48ded
Ubuntu Security Notice USN-4186-1
Posted Nov 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4186-1 - Stephan van Schaik, Alyssa Milburn, Sebastian

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15098, CVE-2019-16746, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17666, CVE-2019-2215
SHA-256 | 7d27eb8f1a4ec37029860cc69aadb966e41476876ffc59df718356fc39b6616c
Ubuntu Security Notice USN-4188-1
Posted Nov 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4188-1 - Stephan van Schaik, Alyssa Milburn, Sebastian

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-11135
SHA-256 | 169c6acb06ea9b69fcd9e1af6f529cba3fed984c770a8ff4978c0e2c9805fec8
Ubuntu Security Notice USN-4185-2
Posted Nov 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4185-2 - Stephan van Schaik, Alyssa Milburn, Sebastian

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-11135, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056
SHA-256 | 9c95fb66f6929b93af8771484a71f01d17ae663f07ae42d91dfef67ad2033bd9
Ubuntu Security Notice USN-4187-1
Posted Nov 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4187-1 - Stephan van Schaik, Alyssa Milburn, Sebastian

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-11135
SHA-256 | 565f4631a4b71b8b29cd795e4c06d8e7aa50549c72c934351cfe6e3352563824
Ubuntu Security Notice USN-4185-1
Posted Nov 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4185-1 - Stephan van Schaik, Alyssa Milburn, Sebastian

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15098, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17666
SHA-256 | 22566b06cb0f84e84c70bd2f7753938453b11eb1dd6a1c29a71451a1f30f56b0
Ubuntu Security Notice USN-4184-1
Posted Nov 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4184-1 - Stephan van Schaik, Alyssa Milburn, Sebastian

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15098, CVE-2019-15791, CVE-2019-15792, CVE-2019-15793, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17666
SHA-256 | f763ad9fa1bb0569d1a1d43b73964d4d5336d7ffb344ff8b467dbf4ab792b730
Ubuntu Security Notice USN-4183-1
Posted Nov 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4183-1 - Stephan van Schaik, Alyssa Milburn, Sebastian

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15791, CVE-2019-15792, CVE-2019-15793, CVE-2019-16746, CVE-2019-17666
SHA-256 | b0fa29cc4d567833d14869e133418cfc7ee6efd0a109277e3959075ccc278c0d
Ubuntu Security Notice USN-4182-2
Posted Nov 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4182-2 - USN-4182-2 provided updates for Intel Microcode. This update provides the corresponding update for Ubuntu 14.04 ESM. Stephan van Schaik, Alyssa Milburn, Sebastian

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-11135, CVE-2019-11139
SHA-256 | b79550d9297411f2ce3e0f448933b8a681769544f533263e6499a7e7cc2957ee
Ubuntu Security Notice USN-4182-1
Posted Nov 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4182-1 - Stephan van Schaik, Alyssa Milburn, Sebastian

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2019-11135, CVE-2019-11139
SHA-256 | 7621dfa7ac68aa30bd4ac40ed521d6601402022bf55e139aaa83efbc1c2b3d96
gSOAP 2.8 Directory Traversal
Posted Nov 13, 2019
Authored by numan turle

gSOAP version 2.8 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 10e3f480d11820c7ca0b9b68a2bc1ee47cdcfadb6e020a9d09309e174ef9005d
YAML Deserialization Attack In Python
Posted Nov 13, 2019
Authored by Ashish Kukreti, Manmeet Singh

Whitepaper called YAML Deserialization Attack in Python.

tags | paper, python
SHA-256 | 2204b83dc5da1e50696b4bda72cb44723b4f12baa7a7f8e0f25680128ca70c4f
Fastweb Fastgate 0.00.81 Remote Code Execution
Posted Nov 13, 2019
Authored by Riccardo Gasparini

Fastweb Fastgate version 0.00.81 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 557f84216ca9da5834ddd16765c21326f283d51762a21b3b2bf22a1281dfa710
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close