exploit the possibilities
Showing 1 - 24 of 24 RSS Feed

Files Date: 2020-01-29

Centreon 19.10.5 Remote Command Execution
Posted Jan 29, 2020
Authored by Fabien Aunay, Omri Baso

Centreon version 19.10.5 suffers from a Pollers remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 824b22c2f352d66d1fac5582a1d6e01a40daed3d2d240e0e289674e34e783629
Cups Easy 1.0 Cross Site Request Forgery
Posted Jan 29, 2020
Authored by J3rryBl4nks

Cups Easy version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2020-8424, CVE-2020-8425
SHA-256 | 6573b5e541b8a5b91dccf2d5f08c2f5b5842f84ea72dc72f552b2d75d2f7922e
Centreon 19.10.5 Remote Command Execution
Posted Jan 29, 2020
Authored by Fabien Aunay, Omri Baso

Centreon version 19.10.5 suffers from a centreontrapd remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 04324f51cee387f1f74eb254c7e283bedc63a9863560d41a110278c3b9393862
XMLBlueprint 16.191112 XML Injection
Posted Jan 29, 2020
Authored by Javier Olmedo

XMLBlueprint version 16.191112 suffers from an XML external entity injection vulnerability.

tags | exploit
advisories | CVE-2019-19032
SHA-256 | 578c695a7bac94cbba188e7993ccad84842dd53c1c84168f5daa5d9ce64b42f6
OpenBSD OpenSMTPD Privilege Escalation / Code Execution
Posted Jan 29, 2020
Authored by Qualys Security Advisory

Qualys discovered a vulnerability in OpenSMTPD, OpenBSD's mail server. This vulnerability is exploitable since May 2018 (commit a8e222352f, "switch smtpd to new grammar") and allows an attacker to execute arbitrary shell commands, as root.

tags | exploit, arbitrary, shell, root
systems | openbsd
advisories | CVE-2020-7247
SHA-256 | 9415f92980a964e9430ed555502126d19de735d2acfd5db27d83bb342e5a8b2c
Red Hat Security Advisory 2020-0279-01
Posted Jan 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0279-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-11135
SHA-256 | e7499558d2de57797ca19af08c3c3f0cae1c51b67d792eb2b26ff82a4722f8e4
Red Hat Security Advisory 2020-0273-01
Posted Jan 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0273-01 - SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. A table corruption detection issue has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-13734
SHA-256 | 688da5fb1b1dbc8c4a4680ffe3c458224c80d31b4d98e3a56074f499c297eef3
Apple Security Advisory 2020-1-28-1
Posted Jan 29, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-1-28-1 - iOS 13.3.1 and iPadOS 13.3.1 are now available and address code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, ios
advisories | CVE-2020-3828, CVE-2020-3829, CVE-2020-3831, CVE-2020-3836, CVE-2020-3837, CVE-2020-3838, CVE-2020-3840, CVE-2020-3841, CVE-2020-3842, CVE-2020-3844, CVE-2020-3853, CVE-2020-3856, CVE-2020-3857, CVE-2020-3858, CVE-2020-3859, CVE-2020-3860, CVE-2020-3869, CVE-2020-3870, CVE-2020-3872, CVE-2020-3873, CVE-2020-3874, CVE-2020-3875, CVE-2020-3878
SHA-256 | 451f9f0db4b53867f6b4613f74a664aaee0fadcb5afed494d424333c909099b5
Red Hat Security Advisory 2020-0274-01
Posted Jan 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0274-01 - OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-6851
SHA-256 | 4ce11b16929a1a9b3767262655cabc8fa00c1cff6728283b65233b33cfed3a8b
Apple Security Advisory 2020-1-28-2
Posted Jan 29, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-1-28-2 - macOS Catalina 10.15.3, Security Update 2020-001 Mojave, and Security Update 2020-001 High Sierra are now available and address buffer overflow, bypass, and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2019-11043, CVE-2019-18634, CVE-2020-3826, CVE-2020-3827, CVE-2020-3829, CVE-2020-3830, CVE-2020-3835, CVE-2020-3836, CVE-2020-3837, CVE-2020-3838, CVE-2020-3839, CVE-2020-3840, CVE-2020-3842, CVE-2020-3843, CVE-2020-3845, CVE-2020-3846, CVE-2020-3847, CVE-2020-3848, CVE-2020-3849, CVE-2020-3850, CVE-2020-3853, CVE-2020-3854, CVE-2020-3855, CVE-2020-3856, CVE-2020-3857, CVE-2020-3866, CVE-2020-3870, CVE-2020-3871
SHA-256 | 6dc59a831c4eeb00f22a91e88c410f4413de1117cf660dac3d76799ab2d9c97d
Apple Security Advisory 2020-1-28-4
Posted Jan 29, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-1-28-4 - tvOS 13.3.1 is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2020-3829, CVE-2020-3836, CVE-2020-3837, CVE-2020-3838, CVE-2020-3840, CVE-2020-3842, CVE-2020-3853, CVE-2020-3856, CVE-2020-3857, CVE-2020-3868, CVE-2020-3870, CVE-2020-3872, CVE-2020-3875, CVE-2020-3878
SHA-256 | 8811822470152c7c5c5739e0be582b4d494845ed881e590aa7e2da5e6d1452fb
Apple Security Advisory 2020-1-28-3
Posted Jan 29, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-1-28-3 - watchOS 6.1.2 is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2020-3829, CVE-2020-3834, CVE-2020-3836, CVE-2020-3837, CVE-2020-3838, CVE-2020-3842, CVE-2020-3853, CVE-2020-3856, CVE-2020-3857, CVE-2020-3860, CVE-2020-3870, CVE-2020-3872, CVE-2020-3875, CVE-2020-3877, CVE-2020-3878
SHA-256 | dbe2c3cb8a3c6e9e7d49c188d63249672b132824e400c3434a381fea33e430a0
Apple Security Advisory 2020-1-28-5
Posted Jan 29, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-1-28-5 - Safari 13.0.5 is now available and addresses address bar spoofing and password disclosure in transit issues.

tags | advisory, spoof
systems | apple
advisories | CVE-2020-3833, CVE-2020-3841
SHA-256 | 1bc6ee3c734c1df22e54ccc3a46190ad2a73832cd3ad87cc91a710439fcb7287
Apple Security Advisory 2020-1-28-6
Posted Jan 29, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-1-28-6 - iTunes for Windows 12.10.4 is now available and addresses a filesystem access issue.

tags | advisory
systems | windows, apple
advisories | CVE-2020-3861
SHA-256 | 9578f139cdb133f6a9e24a38333666affc55bfc2155c102ca3c4d9e19ebcc47c
Red Hat Security Advisory 2020-0271-01
Posted Jan 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0271-01 - The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Issues addressed include a use-after-free vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2019-18408
SHA-256 | a7706802887a9444a32960b79892497c5cbd56e3ba82a2cbd5e8a4dab5d053b9
Ubuntu Security Notice USN-4258-1
Posted Jan 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4258-1 - It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service. It was discovered that a race condition existed in the Virtual Video Test Driver in the Linux kernel. An attacker with write access to /dev/video0 on a system with the vivid module loaded could possibly use this to gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2019-15099, CVE-2019-15291, CVE-2019-18683, CVE-2019-18885, CVE-2019-19050, CVE-2019-19071, CVE-2019-19077, CVE-2019-19078, CVE-2019-19079, CVE-2019-19082, CVE-2019-19227, CVE-2019-19252, CVE-2019-19332, CVE-2019-19767
SHA-256 | 8e7ff66b846fc415e65fe269e0f56cb6c4613b8ab8d143f9d668101d578ef033
Ubuntu Security Notice USN-4254-2
Posted Jan 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4254-2 - USN-4254-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15291, CVE-2019-18683, CVE-2019-18885, CVE-2019-19057, CVE-2019-19062, CVE-2019-19063, CVE-2019-19227, CVE-2019-19332
SHA-256 | e296dfaa3683b35118ef2d19cef396598dc324613fba040510ceba64ae5725b7
Ubuntu Security Notice USN-4255-2
Posted Jan 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4255-2 - USN-4255-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2020-7053
SHA-256 | 08f17962ca37552a9cf17b4fe684bc75f890b133a39ec2d14d811bb61ad0df53
Ubuntu Security Notice USN-4253-2
Posted Jan 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4253-2 - USN-4253-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 19.10 for Ubuntu 18.04 LTS. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615
SHA-256 | 51280fa5e7f72fa9d7a002782de597b12d401ffc969c9fede692619910298360
Ubuntu Security Notice USN-4257-1
Posted Jan 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4257-1 - It was discovered that OpenJDK incorrectly handled exceptions during deserialization in BeanContextSupport. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. It was discovered that OpenJDK incorrectly validated properties of SASL messages included in Kerberos GSSAPI. An unauthenticated remote attacker with network access via Kerberos could possibly use this issue to insert, modify or obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2655, CVE-2020-2659
SHA-256 | 6ff75ec4f2760a95daaed763e796bf97b21dbc327f79938f280f8cf9600b8e58
Kibana 6.6.1 CSV Injection
Posted Jan 29, 2020
Authored by Aamir Rehman

Kibana version 6.6.1 suffers from a CSV injection vulnerability.

tags | exploit
SHA-256 | a79072142212672614328199a639b428a9f3f3037ca68d2e9881ff24fcea8b7d
Liferay CE Portal 6.0.2 Remote Command Execution
Posted Jan 29, 2020
Authored by Berk Dusunur

Liferay CE Portal version 6.0.2 remote command execution exploit.

tags | exploit, remote
SHA-256 | 7e715e5aaa09f0ebc36c4eadd46505fbe50b4b054a71dcc398ae73a92e5439d8
Satellian 1.12 Remote Code Execution
Posted Jan 29, 2020
Authored by Xh4H

Satellian version 1.1.2 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-7980
SHA-256 | 1a239d2ff6e4bd53b95bafc7bdbaf968f2de1f7ec2f2729bd748a4efd4ef3282
Microsoft Windows 10 DLL Search Path
Posted Jan 29, 2020
Authored by Stefan Kanthak

With Windows 10 1607, Microsoft introduced the /DEPENDENTLOADFLAG linker option, a security feature to restrict or limit the search path for DLLs. Two bugs exist with this attempt to limit access.

tags | advisory
systems | windows
SHA-256 | 04f3f470ca90a3089624ef754a9f8aa5c4419a8bfbfe2910545dd4901e3c35cf
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close