what you don't know can hurt you
Showing 1 - 21 of 21 RSS Feed

Files Date: 2020-04-23

WebKit AudioArray::allocate Data Race / Out-Of-Bounds Access
Posted Apr 23, 2020
Authored by Google Security Research, Glazvunov

WebKit has a data race condition in AudioArray::allocate that can lead to out-of-bounds access.

tags | exploit
advisories | CVE-2020-3894
MD5 | c2a83f90664d44d8317ce95d7a23c445
WebRTC Layer Info Out-Of-Bounds Write
Posted Apr 23, 2020
Authored by Google Security Research, natashenka

WebRTC suffers from an out-of-bounds memory write in the method RtpFrameReferenceFinder::UpdateLayerInfoH264. This occurs when updating the layer info with the frame marking extension.

tags | exploit
MD5 | 8491bafa68aebbbeaeec3108e1ccc8fa
Chrome AudioArray::Allocate Data Race / Out-Of-Bounds Access
Posted Apr 23, 2020
Authored by Google Security Research, Glazvunov

Chrome suffers from an issue where a data race in AudioArray::Allocate can lead to out-of-bounds access.

tags | exploit
advisories | CVE-2020-6388
MD5 | 4fdac360982c541290848cba88dc91c7
WebRTC FEC Extension Processing Out-Of-Bounds Write
Posted Apr 23, 2020
Authored by Google Security Research, natashenka

When WebRTC processes a packet using FEC, it does not adequately check bounds when zeroing the video timing extension.

tags | exploit
MD5 | e7646bc10c00f9249d8d1cbc7ec9e677
nfstream 4.0.1
Posted Apr 23, 2020
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Added to_json method. Added enable_guess parameter. Various other updates.
tags | tool, python
systems | unix
MD5 | 19e34369c9f922813f9bf4eefb43edbb
Gentoo Linux Security Advisory 202004-13
Posted Apr 23, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202004-13 - Multiple vulnerabilities have been found in Git which might all allow attackers to access sensitive information. Versions less than 2.26.2 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2020-11008, CVE-2020-5260
MD5 | 488e5df201e3bbb0c687d6d4d54dc1e1
Gentoo Linux Security Advisory 202004-12
Posted Apr 23, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202004-12 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 81.0.4044.122 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-6457, CVE-2020-6458, CVE-2020-6459, CVE-2020-6460
MD5 | fc4905ab1810b42ece399191ea4ab0bd
Red Hat Security Advisory 2020-1561-01
Posted Apr 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1561-01 - Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using Twisted and Python, but fully able to serve static pages too. HTTP request smuggling vulnerabilities were addressed.

tags | advisory, web, vulnerability, python
systems | linux, redhat
advisories | CVE-2020-10108, CVE-2020-10109
MD5 | ba0436b4816583a8a2ff9dfe9e6fcdad
Ubuntu Security Notice USN-4338-1
Posted Apr 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4338-1 - Agostino Sarubbo discovered that re2c incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-11958
MD5 | aaa9570c850d718bf474366f2fe55ce3
Zen Load Balancer 3.10.1 Directory Traversal
Posted Apr 23, 2020
Authored by Dhiraj Mishra, Basim Alabdullah | Site metasploit.com

This Metasploit module exploits an authenticated directory traversal vulnerability in Zen Load Balancer version 3.10.1. The flaw exists in index.cgi not properly handling the filelog= parameter which allows a malicious actor to load arbitrary file path.

tags | exploit, arbitrary, cgi, file inclusion
MD5 | 098e961d63357b612d0c1f8c93294ae0
Gentoo Linux Security Advisory 202004-11
Posted Apr 23, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202004-11 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 68.7.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-6821, CVE-2020-6822, CVE-2020-6823, CVE-2020-6824, CVE-2020-6825, CVE-2020-6826
MD5 | 8a4e0865263bc0a5f8f70bb77dd5d96f
Complaint Management System 4.2 Cross Site Request Forgery
Posted Apr 23, 2020
Authored by Besim Altinok

Complaint Management System version 4.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 5292e9d42254957153a8866da38c5d6e
Complaint Management System 4.2 SQL Injection
Posted Apr 23, 2020
Authored by Besim Altinok

Complaint Management System version 4.2 suffers a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 9c0e28234e7f23ebaa4ce565fb372c61
Gentoo Linux Security Advisory 202004-10
Posted Apr 23, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202004-10 - Multiple vulnerabilities were found in OpenSSL, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 1.1.1g are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2019-1551, CVE-2020-1967
MD5 | d6eec0e6280df7cdc91181ee629005ca
AMD Radeon DirectX 11 Driver 8.17.10.0871 Memory Corruption
Posted Apr 23, 2020
Authored by Marcin Ressel

AMD Radeon DirectX 11 Driver version 8.17.10.0871 suffers from a memory corruption vulnerability.

tags | exploit
MD5 | 1995bb7b4e0a66699c00de7295d52541
Ubuntu Security Notice USN-4337-1
Posted Apr 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4337-1 - It was discovered that OpenJDK incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service while processing a specially crafted regular expression. It was discovered that OpenJDK incorrectly handled class descriptors and catching exceptions during object stream deserialization. An attacker could possibly use this issue to cause a denial of service while processing a specially crafted serialized input. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2020-2754, CVE-2020-2767, CVE-2020-2773, CVE-2020-2778, CVE-2020-2781, CVE-2020-2800, CVE-2020-2816, CVE-2020-2830
MD5 | 99e30063bd5a203f5874cf5a0191793b
Complaint Management System 4.2 Cross Site Scripting
Posted Apr 23, 2020
Authored by Besim Altinok

Complaint Management System version 4.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2c8efa793e1bd7198fcb70540bfcf1d1
User Management System 2.0 SQL Injection
Posted Apr 23, 2020
Authored by Besim Altinok

User Management System version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 742f434df273b4ae21ffff193003416f
Red Hat Security Advisory 2020-1545-01
Posted Apr 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1545-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. An issue was resolved where /etc/passwd was given incorrect privileges.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-19355
MD5 | cbfe482683a20686d67e32aa08dd21c9
Red Hat Security Advisory 2020-1449-01
Posted Apr 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1449-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. A local file overwrite vulnerability was addressed.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2020-10696
MD5 | d9e118fdf71a7cf166e711c61a4bd851
User Management System 2.0 Cross Site Scripting
Posted Apr 23, 2020
Authored by Besim Altinok

User Management System version 2.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 675776db4ed5331c2c2c251388ba1223
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    29 Files
  • 29
    Oct 29th
    13 Files
  • 30
    Oct 30th
    8 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close