what you don't know can hurt you
Showing 1 - 24 of 24 RSS Feed

Files Date: 2020-01-29

Centreon 19.10.5 Remote Command Execution
Posted Jan 29, 2020
Authored by Fabien Aunay, Omri Baso

Centreon version 19.10.5 suffers from a Pollers remote command execution vulnerability.

tags | exploit, remote
MD5 | 74b4928a515161688d46037ed3182142
Cups Easy 1.0 Cross Site Request Forgery
Posted Jan 29, 2020
Authored by J3rryBl4nks

Cups Easy version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2020-8424, CVE-2020-8425
MD5 | cafc75de89af6e63e57122e223d909bb
Centreon 19.10.5 Remote Command Execution
Posted Jan 29, 2020
Authored by Fabien Aunay, Omri Baso

Centreon version 19.10.5 suffers from a centreontrapd remote command execution vulnerability.

tags | exploit, remote
MD5 | e4cd583822c0120dac35bdb7b26bf32b
XMLBlueprint 16.191112 XML Injection
Posted Jan 29, 2020
Authored by Javier Olmedo

XMLBlueprint version 16.191112 suffers from an XML external entity injection vulnerability.

tags | exploit
advisories | CVE-2019-19032
MD5 | 6fc60d30c5cfdc3911a73e4c53bcd2ff
OpenBSD OpenSMTPD Privilege Escalation / Code Execution
Posted Jan 29, 2020
Authored by Qualys Security Advisory

Qualys discovered a vulnerability in OpenSMTPD, OpenBSD's mail server. This vulnerability is exploitable since May 2018 (commit a8e222352f, "switch smtpd to new grammar") and allows an attacker to execute arbitrary shell commands, as root.

tags | exploit, arbitrary, shell, root
systems | openbsd
advisories | CVE-2020-7247
MD5 | a167abd4844564a180e18a022a305764
Red Hat Security Advisory 2020-0279-01
Posted Jan 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0279-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-11135
MD5 | a35faedb60d9b229d34cee2c8e9a9df2
Red Hat Security Advisory 2020-0273-01
Posted Jan 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0273-01 - SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. A table corruption detection issue has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-13734
MD5 | 1fefecbd6b38401c49c79054c3f3fa1a
Apple Security Advisory 2020-1-28-1
Posted Jan 29, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-1-28-1 - iOS 13.3.1 and iPadOS 13.3.1 are now available and address code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, ios
advisories | CVE-2020-3828, CVE-2020-3829, CVE-2020-3831, CVE-2020-3836, CVE-2020-3837, CVE-2020-3838, CVE-2020-3840, CVE-2020-3841, CVE-2020-3842, CVE-2020-3844, CVE-2020-3853, CVE-2020-3856, CVE-2020-3857, CVE-2020-3858, CVE-2020-3859, CVE-2020-3860, CVE-2020-3869, CVE-2020-3870, CVE-2020-3872, CVE-2020-3873, CVE-2020-3874, CVE-2020-3875, CVE-2020-3878
MD5 | 042ab5708dadd3cc5287c8b9d0a0e80b
Red Hat Security Advisory 2020-0274-01
Posted Jan 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0274-01 - OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-6851
MD5 | 597a0f9d8945d1a1f17869c484bd2673
Apple Security Advisory 2020-1-28-2
Posted Jan 29, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-1-28-2 - macOS Catalina 10.15.3, Security Update 2020-001 Mojave, and Security Update 2020-001 High Sierra are now available and address buffer overflow, bypass, and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2019-11043, CVE-2019-18634, CVE-2020-3826, CVE-2020-3827, CVE-2020-3829, CVE-2020-3830, CVE-2020-3835, CVE-2020-3836, CVE-2020-3837, CVE-2020-3838, CVE-2020-3839, CVE-2020-3840, CVE-2020-3842, CVE-2020-3843, CVE-2020-3845, CVE-2020-3846, CVE-2020-3847, CVE-2020-3848, CVE-2020-3849, CVE-2020-3850, CVE-2020-3853, CVE-2020-3854, CVE-2020-3855, CVE-2020-3856, CVE-2020-3857, CVE-2020-3866, CVE-2020-3870, CVE-2020-3871
MD5 | b7ed3a864bedd652761c597b31e522a1
Apple Security Advisory 2020-1-28-4
Posted Jan 29, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-1-28-4 - tvOS 13.3.1 is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2020-3829, CVE-2020-3836, CVE-2020-3837, CVE-2020-3838, CVE-2020-3840, CVE-2020-3842, CVE-2020-3853, CVE-2020-3856, CVE-2020-3857, CVE-2020-3868, CVE-2020-3870, CVE-2020-3872, CVE-2020-3875, CVE-2020-3878
MD5 | 95b45494ccda4c16df5e53cfc353126b
Apple Security Advisory 2020-1-28-3
Posted Jan 29, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-1-28-3 - watchOS 6.1.2 is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2020-3829, CVE-2020-3834, CVE-2020-3836, CVE-2020-3837, CVE-2020-3838, CVE-2020-3842, CVE-2020-3853, CVE-2020-3856, CVE-2020-3857, CVE-2020-3860, CVE-2020-3870, CVE-2020-3872, CVE-2020-3875, CVE-2020-3877, CVE-2020-3878
MD5 | c38e935039863f6cbad4d423d4df2768
Apple Security Advisory 2020-1-28-5
Posted Jan 29, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-1-28-5 - Safari 13.0.5 is now available and addresses address bar spoofing and password disclosure in transit issues.

tags | advisory, spoof
systems | apple
advisories | CVE-2020-3833, CVE-2020-3841
MD5 | cf62237f168cf7deb01854b6eb594a7d
Apple Security Advisory 2020-1-28-6
Posted Jan 29, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-1-28-6 - iTunes for Windows 12.10.4 is now available and addresses a filesystem access issue.

tags | advisory
systems | windows, apple
advisories | CVE-2020-3861
MD5 | ccc99699f6f84687fbc1fe9f7eb7aef3
Red Hat Security Advisory 2020-0271-01
Posted Jan 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0271-01 - The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Issues addressed include a use-after-free vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2019-18408
MD5 | 3673002aa435e4cc389b91d1b5cc53e9
Ubuntu Security Notice USN-4258-1
Posted Jan 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4258-1 - It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service. It was discovered that a race condition existed in the Virtual Video Test Driver in the Linux kernel. An attacker with write access to /dev/video0 on a system with the vivid module loaded could possibly use this to gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2019-15099, CVE-2019-15291, CVE-2019-18683, CVE-2019-18885, CVE-2019-19050, CVE-2019-19071, CVE-2019-19077, CVE-2019-19078, CVE-2019-19079, CVE-2019-19082, CVE-2019-19227, CVE-2019-19252, CVE-2019-19332, CVE-2019-19767
MD5 | b2460429c5f9a9e13c8c12be8bff0e7b
Ubuntu Security Notice USN-4254-2
Posted Jan 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4254-2 - USN-4254-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15291, CVE-2019-18683, CVE-2019-18885, CVE-2019-19057, CVE-2019-19062, CVE-2019-19063, CVE-2019-19227, CVE-2019-19332
MD5 | ca9cbda325bd02d5a599580c428cfad6
Ubuntu Security Notice USN-4255-2
Posted Jan 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4255-2 - USN-4255-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2020-7053
MD5 | 0eccdea34c52d8ecc3bb2dac5b1c9330
Ubuntu Security Notice USN-4253-2
Posted Jan 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4253-2 - USN-4253-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 19.10 for Ubuntu 18.04 LTS. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615
MD5 | 0c72b2293c4c2b0d61b5955e9d5033bc
Ubuntu Security Notice USN-4257-1
Posted Jan 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4257-1 - It was discovered that OpenJDK incorrectly handled exceptions during deserialization in BeanContextSupport. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. It was discovered that OpenJDK incorrectly validated properties of SASL messages included in Kerberos GSSAPI. An unauthenticated remote attacker with network access via Kerberos could possibly use this issue to insert, modify or obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2655, CVE-2020-2659
MD5 | e3e0f6612822b994852fa89d37c95de8
Kibana 6.6.1 CSV Injection
Posted Jan 29, 2020
Authored by Aamir Rehman

Kibana version 6.6.1 suffers from a CSV injection vulnerability.

tags | exploit
MD5 | f8bb513078766e65b1a38b9540b070d4
Liferay CE Portal 6.0.2 Remote Command Execution
Posted Jan 29, 2020
Authored by Berk Dusunur

Liferay CE Portal version 6.0.2 remote command execution exploit.

tags | exploit, remote
MD5 | 2e97967f982bad0875dc061a64b26b80
Satellian 1.12 Remote Code Execution
Posted Jan 29, 2020
Authored by Xh4H

Satellian version 1.1.2 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-7980
MD5 | 90b23d985f921aca674273a9e9779b92
Microsoft Windows 10 DLL Search Path
Posted Jan 29, 2020
Authored by Stefan Kanthak

With Windows 10 1607, Microsoft introduced the /DEPENDENTLOADFLAG linker option, a security feature to restrict or limit the search path for DLLs. Two bugs exist with this attempt to limit access.

tags | advisory
systems | windows
MD5 | 034c82cd71feb5860f49d94f59b9b7f2
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close