what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-01-28

Fifthplay S.A.M.I Cross Site Request Forgery / Cross Site Scripting
Posted Jan 28, 2020
Authored by LiquidWorm | Site zeroscience.mk

Fifthplay S.A.M.I suffers from cross site request forgery and persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 630e06e3c3643cee924b3268054f04cedfdbb2680e72b328374e56840ebc6779
FreeBSD Security Advisory - FreeBSD-SA-20:03.thrmisc
Posted Jan 28, 2020
Authored by Ilja van Sprundel | Site security.freebsd.org

FreeBSD Security Advisory - The kernel can create a core dump file when a process crashes that contains process state, for debugging. Due to incorrect initialization of a stack data structure, up to 20 bytes of kernel data stored previously stored on the stack will be exposed to a crashing user process. Sensitive kernel data may be disclosed.

tags | advisory, kernel
systems | freebsd, bsd
advisories | CVE-2019-15875
SHA-256 | 178d5992a84290ac4a8dc6947197a0096dd8c410a6b2c14c552637e40cf2ff97
Ubuntu Security Notice USN-4236-3
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4236-3 - USN-4236-1 fixed a vulnerability in Libgcrypt. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Libgcrypt was susceptible to a ECDSA timing attack. An attacker could possibly use this attack to recover sensitive information. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-13627
SHA-256 | e5a5a971c4ccea190670a462826fcea0021af44ec2da753a1483e37fe048c695
FreeBSD Security Advisory - FreeBSD-SA-20:02.ipsec
Posted Jan 28, 2020
Authored by Jean-Francois HREN | Site security.freebsd.org

FreeBSD Security Advisory - A missing check means that an attacker can reinject an old packet and it will be accepted and processed by the IPsec endpoint. The impact depends on the higher-level protocols in use over IPsec. For example, an attacker who can capture and inject packets could cause an action that was intentionally performed once to be repeated.

tags | advisory, protocol
systems | freebsd, bsd
advisories | CVE-2019-5613
SHA-256 | e5c1b2cd25568643f6713e1fd53907b388b7c12585108e84595b0c0c2ac91c36
Positive Hack Days 10 Call For Papers
Posted Jan 28, 2020
Site phdays.com

Call For Papers for Positive Hack Days 10 which will take place in Moscow, Russia May 13th through the 14th, 2020.

tags | paper, conference
SHA-256 | b82f2c74df49252e930f233b344c8cbf391936058d57e138380340aca42d5cda
FreeBSD Security Advisory - FreeBSD-SA-20:01.libfetch
Posted Jan 28, 2020
Authored by Duncan Overbruck | Site security.freebsd.org

FreeBSD Security Advisory - A programming error allows an attacker who can specify a URL with a username and/or password components to overflow libfetch(3) buffers. An attacker in control of the URL to be fetched (possibly via HTTP redirect) may cause a heap buffer overflow, resulting in program misbehavior or malicious code execution.

tags | advisory, web, overflow, code execution
systems | freebsd, bsd
advisories | CVE-2020-7450
SHA-256 | 58eb688b18a5f5586d60c4a6d426da578c845550c391c45bbf4d3e093091639e
Red Hat Security Advisory 2020-0262-01
Posted Jan 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0262-01 - OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-6851
SHA-256 | 8a06fc62ecfbfdc6ca1758f63f38d3e79ed9f13c880309d90658302fc228a353
Octeth Oempro 4.8 SQL Injection
Posted Jan 28, 2020
Authored by Bruno de Barros Bulle

Octeth Oempro version 4.8 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2019-19740
SHA-256 | 55a32d43a2708d0a24161b5c962ee9d6c3e283d5d2c1e08792ae49a04fbe3e3b
Ubuntu Security Notice USN-4256-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4256-1 - It was discovered that Cyrus SASL incorrectly handled certain LDAP packets. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-19906
SHA-256 | d9c56d65b12f662885f9fc49f7d98dbf41363ffa02c6e842987ae8977aa02a0e
Centreon 19.10.5 Remote Command Execution
Posted Jan 28, 2020
Authored by Fabien Aunay, Omri Baso

Centreon version 19.10.5 suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 030cbc7db120adeefb9decf4ed1426aeca2c73286c9d115a1f53d790e4e5f8ed
Ubuntu Security Notice USN-4254-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4254-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that a race condition existed in the Virtual Video Test Driver in the Linux kernel. An attacker with write access to /dev/video0 on a system with the vivid module loaded could possibly use this to gain administrative privileges. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15291, CVE-2019-18683, CVE-2019-18885, CVE-2019-19057, CVE-2019-19062, CVE-2019-19063, CVE-2019-19227, CVE-2019-19332
SHA-256 | f6f5e92c04b0527e217e89a54e69e168ec8aae2f1b211bb8b6ef2f0f19b1f107
Ubuntu Security Notice USN-4255-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4255-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that a race condition can lead to a use-after-free while destroying GEM contexts in the i915 driver for the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2020-7053
SHA-256 | eb5e9a04a75fba426ec210e5cca330dbb403af43d69646d9392db8615acbd167
Centreon 19.10.5 Credential Disclosure
Posted Jan 28, 2020
Authored by Fabien Aunay, Omri Baso

Centreon version 19.10.5 suffers from a database credential disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | af96c61510aefc06361e0fc409d2e6716ceaaa9f3a8292aff4fababf2d56ec14
Ubuntu Security Notice USN-4253-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4253-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615
SHA-256 | 48be30a13664a27fc037aefeeb7726526dc3a897e450ee05a82eea46d3552f06
Adive Framework 2.0.8 Cross Site Request Forgery
Posted Jan 28, 2020
Authored by Sarthak Saini

Adive Framework version 2.0.8 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2020-7991
SHA-256 | 8c22a6a1fd1db3e124fbd220c2bea81eab2716215bea0edef67f0a8767ce3ea5
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    14 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close