what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-01-28

Fifthplay S.A.M.I Cross Site Request Forgery / Cross Site Scripting
Posted Jan 28, 2020
Authored by LiquidWorm | Site zeroscience.mk

Fifthplay S.A.M.I suffers from cross site request forgery and persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 630e06e3c3643cee924b3268054f04cedfdbb2680e72b328374e56840ebc6779
FreeBSD Security Advisory - FreeBSD-SA-20:03.thrmisc
Posted Jan 28, 2020
Authored by Ilja van Sprundel | Site security.freebsd.org

FreeBSD Security Advisory - The kernel can create a core dump file when a process crashes that contains process state, for debugging. Due to incorrect initialization of a stack data structure, up to 20 bytes of kernel data stored previously stored on the stack will be exposed to a crashing user process. Sensitive kernel data may be disclosed.

tags | advisory, kernel
systems | freebsd, bsd
advisories | CVE-2019-15875
SHA-256 | 178d5992a84290ac4a8dc6947197a0096dd8c410a6b2c14c552637e40cf2ff97
Ubuntu Security Notice USN-4236-3
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4236-3 - USN-4236-1 fixed a vulnerability in Libgcrypt. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Libgcrypt was susceptible to a ECDSA timing attack. An attacker could possibly use this attack to recover sensitive information. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-13627
SHA-256 | e5a5a971c4ccea190670a462826fcea0021af44ec2da753a1483e37fe048c695
FreeBSD Security Advisory - FreeBSD-SA-20:02.ipsec
Posted Jan 28, 2020
Authored by Jean-Francois HREN | Site security.freebsd.org

FreeBSD Security Advisory - A missing check means that an attacker can reinject an old packet and it will be accepted and processed by the IPsec endpoint. The impact depends on the higher-level protocols in use over IPsec. For example, an attacker who can capture and inject packets could cause an action that was intentionally performed once to be repeated.

tags | advisory, protocol
systems | freebsd, bsd
advisories | CVE-2019-5613
SHA-256 | e5c1b2cd25568643f6713e1fd53907b388b7c12585108e84595b0c0c2ac91c36
Positive Hack Days 10 Call For Papers
Posted Jan 28, 2020
Site phdays.com

Call For Papers for Positive Hack Days 10 which will take place in Moscow, Russia May 13th through the 14th, 2020.

tags | paper, conference
SHA-256 | b82f2c74df49252e930f233b344c8cbf391936058d57e138380340aca42d5cda
FreeBSD Security Advisory - FreeBSD-SA-20:01.libfetch
Posted Jan 28, 2020
Authored by Duncan Overbruck | Site security.freebsd.org

FreeBSD Security Advisory - A programming error allows an attacker who can specify a URL with a username and/or password components to overflow libfetch(3) buffers. An attacker in control of the URL to be fetched (possibly via HTTP redirect) may cause a heap buffer overflow, resulting in program misbehavior or malicious code execution.

tags | advisory, web, overflow, code execution
systems | freebsd, bsd
advisories | CVE-2020-7450
SHA-256 | 58eb688b18a5f5586d60c4a6d426da578c845550c391c45bbf4d3e093091639e
Red Hat Security Advisory 2020-0262-01
Posted Jan 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0262-01 - OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-6851
SHA-256 | 8a06fc62ecfbfdc6ca1758f63f38d3e79ed9f13c880309d90658302fc228a353
Octeth Oempro 4.8 SQL Injection
Posted Jan 28, 2020
Authored by Bruno de Barros Bulle

Octeth Oempro version 4.8 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2019-19740
SHA-256 | 55a32d43a2708d0a24161b5c962ee9d6c3e283d5d2c1e08792ae49a04fbe3e3b
Ubuntu Security Notice USN-4256-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4256-1 - It was discovered that Cyrus SASL incorrectly handled certain LDAP packets. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-19906
SHA-256 | d9c56d65b12f662885f9fc49f7d98dbf41363ffa02c6e842987ae8977aa02a0e
Centreon 19.10.5 Remote Command Execution
Posted Jan 28, 2020
Authored by Fabien Aunay, Omri Baso

Centreon version 19.10.5 suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 030cbc7db120adeefb9decf4ed1426aeca2c73286c9d115a1f53d790e4e5f8ed
Ubuntu Security Notice USN-4254-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4254-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that a race condition existed in the Virtual Video Test Driver in the Linux kernel. An attacker with write access to /dev/video0 on a system with the vivid module loaded could possibly use this to gain administrative privileges. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15291, CVE-2019-18683, CVE-2019-18885, CVE-2019-19057, CVE-2019-19062, CVE-2019-19063, CVE-2019-19227, CVE-2019-19332
SHA-256 | f6f5e92c04b0527e217e89a54e69e168ec8aae2f1b211bb8b6ef2f0f19b1f107
Ubuntu Security Notice USN-4255-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4255-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that a race condition can lead to a use-after-free while destroying GEM contexts in the i915 driver for the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2020-7053
SHA-256 | eb5e9a04a75fba426ec210e5cca330dbb403af43d69646d9392db8615acbd167
Centreon 19.10.5 Credential Disclosure
Posted Jan 28, 2020
Authored by Fabien Aunay, Omri Baso

Centreon version 19.10.5 suffers from a database credential disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | af96c61510aefc06361e0fc409d2e6716ceaaa9f3a8292aff4fababf2d56ec14
Ubuntu Security Notice USN-4253-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4253-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615
SHA-256 | 48be30a13664a27fc037aefeeb7726526dc3a897e450ee05a82eea46d3552f06
Adive Framework 2.0.8 Cross Site Request Forgery
Posted Jan 28, 2020
Authored by Sarthak Saini

Adive Framework version 2.0.8 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2020-7991
SHA-256 | 8c22a6a1fd1db3e124fbd220c2bea81eab2716215bea0edef67f0a8767ce3ea5
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close