what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files Date: 2020-03-19

Oce Colorwave 500 CSRF / XSS / Authentication Bypass
Posted Mar 19, 2020
Authored by Marco Ortisi, redtimmysec, Giuseppe Cali

Oce Colorwave 500 printer suffers from authentication bypass, cross site request forgery, and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, bypass, csrf
advisories | CVE-2020-10667, CVE-2020-10668, CVE-2020-10669, CVE-2020-10670, CVE-2020-10671
SHA-256 | cb5874cc976834228bc185741becb79371ed3b619e098dbdd4244f3a27610bf7
Kernel Live Patch Security Notice LSN-0064-1
Posted Mar 19, 2020
Authored by Benjamin M. Romer

Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested (level 2) guest access the resources of a parent (level 1) guest in certain situations. An attacker could use this to expose sensitive information.

tags | advisory, kernel
systems | linux
advisories | CVE-2020-2732
SHA-256 | 013a0dfba70302c800eab63aa571da076d3bc4a87d14b9f7b138548d27333d78
Gentoo Linux Security Advisory 202003-46
Posted Mar 19, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-46 - Multiple vulnerabilities have been found in ClamAV, the worst of which could result in a Denial of Service condition. Versions less than 0.102.2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2019-15961, CVE-2020-3123
SHA-256 | d03d6a40711d315784f4b357fa9266b1ee2e4a0bd7fcfcd32cb034b8f3f84d1b
Ubuntu Security Notice USN-4308-1
Posted Mar 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4308-1 - it was discovered that Twisted incorrectly validated or sanitized certain URIs or HTTP methods. A remote attacker could use this issue to inject invalid characters and possibly perform header injection attacks. It was discovered that Twisted incorrectly verified XMPP TLS certificates. A remote attacker could possibly use this issue to perform a man-in-the-middle attack and obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2019-12387, CVE-2019-12855, CVE-2019-9515, CVE-2020-10109
SHA-256 | ffdb0ccca94ded3b06bc7f31916de1a632873a8b9417f51bc485880741f8a609
Gentoo Linux Security Advisory 202003-45
Posted Mar 19, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-45 - A flaw in PyYAML might allow attackers to execute arbitrary code. Versions less than 5.1 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2017-18342
SHA-256 | 4efcc389dfc50189d4ba6f539f870ad1989d31bce442ad5128c054de355a3012
Gentoo Linux Security Advisory 202003-44
Posted Mar 19, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-44 - A heap-based buffer overflow in Binary diff might allow remote attackers to execute arbitrary code. Versions less than 4.3-r4 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2014-9862
SHA-256 | b1f1efad1891794dcd5fdf75af24260de0b5f106570e2af61a8d870300c3fc8c
Gentoo Linux Security Advisory 202003-43
Posted Mar 19, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-43 - Multiple vulnerabilities have been found in Apache Tomcat, the worst of which could lead to arbitrary code execution. Versions less than 8.5.51 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2019-0221, CVE-2019-12418, CVE-2019-17563, CVE-2020-1938
SHA-256 | 8f38e640cf6af12b8976936a5caecaa77d1d1f19388a0f0f4bffe837a3412916
Gentoo Linux Security Advisory 202003-42
Posted Mar 19, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-42 - Multiple vulnerabilities have been found in libgit2, the worst of which could result in the arbitrary execution of code. Versions less than 0.28.4 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-1348, CVE-2019-1350, CVE-2019-1387
SHA-256 | 1c3bd381162035dbcc19886c1efc4c4ea90b1c5a936056b831130de02742a3e3
Gentoo Linux Security Advisory 202003-41
Posted Mar 19, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-41 - A heap-based buffer overflow in GNU FriBidi might allow remote attackers to execute arbitrary code. Versions less than 1.0.8 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2019-18397
SHA-256 | 6d5c8083cd0886b43d1bc53ec2ea56a49885be3e93fa9348645a721f2cbe8e1b
Gentoo Linux Security Advisory 202003-40
Posted Mar 19, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-40 - Multiple vulnerabilities have been found in Cacti, the worst of which could lead to the remote execution of arbitrary code. Versions less than 1.2.9 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-16723, CVE-2019-17357, CVE-2019-17358, CVE-2020-7106, CVE-2020-7237
SHA-256 | 18820d432372c5b6516503158ba086e9364adae96c8c9b019f11b9098c36d8e2
Gentoo Linux Security Advisory 202003-39
Posted Mar 19, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-39 - An SQL injection vulnerability in phpMyAdmin may allow attackers to execute arbitrary SQL statements. Versions less than 4.9.2 are affected.

tags | advisory, arbitrary, sql injection
systems | linux, gentoo
advisories | CVE-2019-18622
SHA-256 | 3c6a9e1b09204e07e986eac3b02583cc590bcbc217459967ea92f9acadf398f3
Gentoo Linux Security Advisory 202003-38
Posted Mar 19, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-38 - A vulnerability in Imagick PHP extension might allow an attacker to execute arbitrary code. Versions less than 3.4.4 are affected.

tags | advisory, arbitrary, php
systems | linux, gentoo
advisories | CVE-2019-11037
SHA-256 | b36d6436cdf44626ecd49590cd4adb1cfbe15860e4384e46492341e808062561
TOR Virtual Network Tunneling Tool 0.4.2.7
Posted Mar 19, 2020
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This is the third stable release in the 0.4.2.x series. It backports numerous fixes from later releases, including a fix for TROVE-2020- 002, a major denial-of-service vulnerability that affected all released Tor instances since 0.2.1.5-alpha. Various other issues were also addressed.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2020-10592, CVE-2020-10593
SHA-256 | 06a1d835ddf382f6bca40a62e8fb40b71b2f73d56f0d53523c8bd5caf9b3026d
Red Hat Security Advisory 2020-0905-01
Posted Mar 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0905-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.6.0. Issues addressed include code execution and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-20503, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6811, CVE-2020-6812, CVE-2020-6814
SHA-256 | 9d814414dd9c6b13663bbe6614359cbc520795a259e665930d89dd68e8ae424e
Red Hat Security Advisory 2020-0903-01
Posted Mar 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0903-01 - The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell, but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions, a history mechanism, and more. An issue with insecure dropping of privileges when unsetting PRIVILEGED option was addressed.

tags | advisory, shell
systems | linux, redhat
advisories | CVE-2019-20044
SHA-256 | e63de77da0448e09562af92454bd100bd47909fca41d91cdae749ecdcb83d100
Easy File Sharing Web Server 7.2 Local Buffer Overflow
Posted Mar 19, 2020
Authored by Felipe Winsnes

Easy File Sharing Web Server version 7.2 SMTP Password local SEH buffer overflow exploit.

tags | exploit, web, overflow, local
SHA-256 | b30810468c7f2e22160c990f7e65066879559963c705b799364a364160ceb41a
Red Hat Security Advisory 2020-0902-01
Posted Mar 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0902-01 - The International Components for Unicode library provides robust and full-featured Unicode services. An integer overflow in UnicodeString::doAppend() was addressed.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-10531
SHA-256 | ace90c4b8cc5f626260133ce047776bf5b867abdff29605667324b547847406a
Red Hat Security Advisory 2020-0901-01
Posted Mar 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0901-01 - The International Components for Unicode library provides robust and full-featured Unicode services. An integer overflow in UnicodeString::doAppend() was addressed.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-10531
SHA-256 | ba79abe68ce6fabe6b2a58035299ef811f0d79f9c07555aa5ecfdee9d042e9fb
Red Hat Security Advisory 2020-0899-01
Posted Mar 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0899-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.7.0 serves as an update to Red Hat Decision Manager 7.6.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and information leakage vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-0231, CVE-2019-10086, CVE-2019-14540, CVE-2019-14892, CVE-2019-14893, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-17531, CVE-2019-7611
SHA-256 | 6dc0bee46ae83df24b65f4b121ac28f4c6c27bf61cce900bb24005260e64280f
Red Hat Security Advisory 2020-0897-01
Posted Mar 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0897-01 - The International Components for Unicode library provides robust and full-featured Unicode services. An integer overflow in UnicodeString::doAppend() was addressed.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-10531
SHA-256 | 7bc21a7250b372e7d1ddb30c966499ce8b6edfec66e04763265fb673eb5bcdbb
Red Hat Security Advisory 2020-0896-01
Posted Mar 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0896-01 - The International Components for Unicode library provides robust and full-featured Unicode services. An integer overflow in UnicodeString::doAppend() has been addressed.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-10531
SHA-256 | f8658e7e169fb541dd834318ae1877e83284de6ba23430c93a4891466ecfb980
Red Hat Security Advisory 2020-0898-01
Posted Mar 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0898-01 - The Python Imaging Library adds image processing capabilities to your Python interpreter. This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. An issue where improperly restricted operations on a memory buffer in libImaging/PcxDecode.c were addressed.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2020-5312
SHA-256 | 8d936617976628d20b7f55fc1a0e747df0d5244d6ef1d9c2fb1d00d4a828f7b7
Ubuntu Security Notice USN-4307-1
Posted Mar 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4307-1 - As a security improvement, this update adds TLSv1.3 support to the Apache HTTP Server package in Ubuntu 18.04 LTS. TLSv1.3 is enabled by default, and in certain environments may cause compatibility issues. The SSLProtocol directive may be used to disable TLSv1.3 in these problematic environments.

tags | advisory, web
systems | linux, ubuntu
SHA-256 | 52f9d44ea56b4fae746f8c42e006b41a447b1478ff8e8d67795857d63c05a23d
Red Hat Security Advisory 2020-0895-01
Posted Mar 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0895-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.7.0 serves as an update to Red Hat Process Automation Manager 7.6.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and information leakage vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-0231, CVE-2019-14540, CVE-2019-14892, CVE-2019-14893, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-17531, CVE-2019-7611
SHA-256 | 68365edad4d51d43928f00ea3d007b3bb4188e75ebd143a26aa04d7b9cae4f4c
Broadcom Wi-Fi KR00K Proof Of Concept
Posted Mar 19, 2020
Authored by Maurizio Siddu

Broadcom Wi-Fi device KR00K information disclosure proof of concept exploit. It works on WPA2 AES CCMP with Frequency 2.4GHz WLANs.

tags | exploit, proof of concept, info disclosure
advisories | CVE-2019-15126
SHA-256 | 960032a20045d98e10d5e4957d802b5e4cd4b3b6ce7c9c12e90420567d85daa9
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close