SALTO ProAccess SPACE versions 5.5 and below suffer from path traversal, arbitrary file write, persistent cross site scripting, privilege escalation, and clear text transmission of sensitive data vulnerabilities.
4ca7d9b553568cfa84f8e2a9b3783f36
This archive contains all of the 180 exploits added to Packet Storm in November, 2019.
2182fe04c8b045514aa1f94e9ea39dcb
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
7cb0b7eb7cfd6ba96764d499bded54db
This Metasploit module exploits a command injection in Ajenti version 2.1.31. By injecting a command into the username POST parameter to api/core/auth, a shell can be spawned.
7c4130c9c91b99ff51567ab20d19ea6e
sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
c2cc97b70eead019d4bca860e3b7ce45
Red Hat Security Advisory 2019-4045-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.5 serves as a replacement for Red Hat Single Sign-On 7.2.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and information leakage vulnerabilities.
91e8ff9b945c9105d43b77a28ffab7e1
Red Hat Security Advisory 2019-4042-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.5 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and information leakage vulnerabilities.
ddc26e736967cd56a9fb8f4b91a99f5a
Red Hat Security Advisory 2019-4041-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.5 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and information leakage vulnerabilities.
6a7a4162d8b1756adaccfe83c6f9700b
Red Hat Security Advisory 2019-4040-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.5 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and information leakage vulnerabilities.
7ee83fd001db510d0c3d63edfb7077c5
Red Hat Security Advisory 2019-4037-01 - Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project. This release of Red Hat Data Grid 7.3.2 serves as a replacement for Red Hat Data Grid 7.3.1 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum. Issues addressed include code execution and deserialization vulnerabilities.
f0a4e6733749d33c3f0d9b2d9ff97c12
Red Hat Security Advisory 2019-4024-01 - Simple DirectMedia Layer is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device.
e2afefd669b409269a967ba65c1b1589
Microsoft Visual Studio 2008 Express IDE suffers from an XML external entity injection vulnerability.
789e0a22b8214672e24e1c11ee00b829
Dokuwiki version 2018-04-22b suffers from a username enumeration vulnerability.
e7533fa839fdd496e040a3329ea00401
Anviz CrossChex version 4.3.12 suffers from a buffer overflow vulnerability.
9138f4c491e1f718ef30d6e17993a44d
NSAuditor version 3.1.8.0 suffers from a Key denial of service vulnerability.
35fb3894705a2007f79a99dca4f3eb6f
NSAuditor version 3.1.8.0 suffers from a Name denial of service vulnerability.
126d3caf27d58ab2ad8faba624b6b44f