what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2020-04-23

WebKit AudioArray::allocate Data Race / Out-Of-Bounds Access
Posted Apr 23, 2020
Authored by Google Security Research, Glazvunov

WebKit has a data race condition in AudioArray::allocate that can lead to out-of-bounds access.

tags | exploit
advisories | CVE-2020-3894
SHA-256 | 36dd2c73b178e99d96c08d9a812df124956a7cdf27caa906595ed62ecb80f1e9
WebRTC Layer Info Out-Of-Bounds Write
Posted Apr 23, 2020
Authored by Google Security Research, natashenka

WebRTC suffers from an out-of-bounds memory write in the method RtpFrameReferenceFinder::UpdateLayerInfoH264. This occurs when updating the layer info with the frame marking extension.

tags | exploit
SHA-256 | 06971daf4e8e1b40696e457b7e355f90460b37a0e0308f2559ba4a2fa0af726f
Chrome AudioArray::Allocate Data Race / Out-Of-Bounds Access
Posted Apr 23, 2020
Authored by Google Security Research, Glazvunov

Chrome suffers from an issue where a data race in AudioArray::Allocate can lead to out-of-bounds access.

tags | exploit
advisories | CVE-2020-6388
SHA-256 | 40c89fb5d3f2f33337160274195305f3cd381ef1ff99e9b1b31576dd9241fd40
WebRTC FEC Extension Processing Out-Of-Bounds Write
Posted Apr 23, 2020
Authored by Google Security Research, natashenka

When WebRTC processes a packet using FEC, it does not adequately check bounds when zeroing the video timing extension.

tags | exploit
SHA-256 | 157cd64dc55515807088f940f00ae62c6d3ee089d4b0fc465f7fca79aaf47e9a
nfstream 4.0.1
Posted Apr 23, 2020
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Added to_json method. Added enable_guess parameter. Various other updates.
tags | tool, python
systems | unix
SHA-256 | 05697456dfaef68143af4f1d66d223ceaa4291f23be158ca69c675be3e925e08
Gentoo Linux Security Advisory 202004-13
Posted Apr 23, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202004-13 - Multiple vulnerabilities have been found in Git which might all allow attackers to access sensitive information. Versions less than 2.26.2 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2020-11008, CVE-2020-5260
SHA-256 | 862a28af41503547a97dcc01c1875ab49c70676db9948955cb81cca3132e5fb9
Gentoo Linux Security Advisory 202004-12
Posted Apr 23, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202004-12 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 81.0.4044.122 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-6457, CVE-2020-6458, CVE-2020-6459, CVE-2020-6460
SHA-256 | d21b43ec81a16c450013b7d29092d8fd7b97ed4ed4f8f25974618d9386f438ed
Red Hat Security Advisory 2020-1561-01
Posted Apr 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1561-01 - Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using Twisted and Python, but fully able to serve static pages too. HTTP request smuggling vulnerabilities were addressed.

tags | advisory, web, vulnerability, python
systems | linux, redhat
advisories | CVE-2020-10108, CVE-2020-10109
SHA-256 | 321382f48e82e5efce5f3aebe58bc72acf3ace69b733bfef5687079a8919a53d
Ubuntu Security Notice USN-4338-1
Posted Apr 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4338-1 - Agostino Sarubbo discovered that re2c incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-11958
SHA-256 | 366ab724729685674243f15f24754dc0fe18543a9c548d97aeb2a0145ddd4524
Zen Load Balancer 3.10.1 Directory Traversal
Posted Apr 23, 2020
Authored by Dhiraj Mishra, Basim Alabdullah | Site metasploit.com

This Metasploit module exploits an authenticated directory traversal vulnerability in Zen Load Balancer version 3.10.1. The flaw exists in index.cgi not properly handling the filelog= parameter which allows a malicious actor to load arbitrary file path.

tags | exploit, arbitrary, cgi, file inclusion
SHA-256 | 235cfaea63888533e4913051ad738896e2564cdbfb458391c3f2c2d2c0432e38
Gentoo Linux Security Advisory 202004-11
Posted Apr 23, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202004-11 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 68.7.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-6821, CVE-2020-6822, CVE-2020-6823, CVE-2020-6824, CVE-2020-6825, CVE-2020-6826
SHA-256 | 56769140d3745c7fa75b078705e9f9388804f80045f7d7e2f2e6319e05b03d5f
Complaint Management System 4.2 Cross Site Request Forgery
Posted Apr 23, 2020
Authored by Besim Altinok

Complaint Management System version 4.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 564e5e716ea200928cd5a5fdeb5952c179b2801fa03c8a82f871cf97dd0deb3f
Complaint Management System 4.2 SQL Injection
Posted Apr 23, 2020
Authored by Besim Altinok

Complaint Management System version 4.2 suffers a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | e8e6f7105defc4efa97b7a2f1b0ed3e556f7592a0a7a14e09ca2fad57e5f5970
Gentoo Linux Security Advisory 202004-10
Posted Apr 23, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202004-10 - Multiple vulnerabilities were found in OpenSSL, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 1.1.1g are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2019-1551, CVE-2020-1967
SHA-256 | cfc7883a72f8c1a583810a4b13173d4ababf1b9c76a9e8e974ff8e85bc52af2e
AMD Radeon DirectX 11 Driver 8.17.10.0871 Memory Corruption
Posted Apr 23, 2020
Authored by Marcin Ressel

AMD Radeon DirectX 11 Driver version 8.17.10.0871 suffers from a memory corruption vulnerability.

tags | exploit
SHA-256 | 0de14ea2d6e635df7244593dd7f398331162c4971243f548ce644e988a64bdf7
Ubuntu Security Notice USN-4337-1
Posted Apr 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4337-1 - It was discovered that OpenJDK incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service while processing a specially crafted regular expression. It was discovered that OpenJDK incorrectly handled class descriptors and catching exceptions during object stream deserialization. An attacker could possibly use this issue to cause a denial of service while processing a specially crafted serialized input. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2020-2754, CVE-2020-2767, CVE-2020-2773, CVE-2020-2778, CVE-2020-2781, CVE-2020-2800, CVE-2020-2816, CVE-2020-2830
SHA-256 | 012f3d986c12a3ea3be5b18918122d523fa812f720b057164de376abbf9fd1a1
Complaint Management System 4.2 Cross Site Scripting
Posted Apr 23, 2020
Authored by Besim Altinok

Complaint Management System version 4.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 11a2acb324d92bb8f5fbcd969c42247542b44687c74ea334d95df11ea44fd8dc
User Management System 2.0 SQL Injection
Posted Apr 23, 2020
Authored by Besim Altinok

User Management System version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | a50a661cf085bc9fa8e3e516658b8bea5e7e60f39233e20cbce96d6cddfa1d4d
Red Hat Security Advisory 2020-1545-01
Posted Apr 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1545-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. An issue was resolved where /etc/passwd was given incorrect privileges.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-19355
SHA-256 | 872a47f8349f6890ebb28e1e3af1534542d1e0a335f49a9faafbd7b193f5b0f1
Red Hat Security Advisory 2020-1449-01
Posted Apr 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1449-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. A local file overwrite vulnerability was addressed.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2020-10696
SHA-256 | 6961288947125aa8f7b8a69421233d0e7810c47719260ee3a537fe1a1cda8671
User Management System 2.0 Cross Site Scripting
Posted Apr 23, 2020
Authored by Besim Altinok

User Management System version 2.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f51d19d1447f0566a48f9c13d1dd3b32e124bd3d1497ca12929cf00aaa1a8f32
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close