exploit the possibilities
Showing 1 - 25 of 504 RSS Feed

Files Date: 2020-04-01 to 2020-04-30

Ubuntu Security Notice USN-4348-1
Posted Apr 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4348-1 - It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this to issue execute arbitrary scripts or HTML. It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this issue to display arbitrary text on a web page. It was discovered that Mailman incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, web, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-0618, CVE-2018-13796, CVE-2020-12137
MD5 | 6155bbb34dfd212c260c78c45a346eb6
Red Hat Security Advisory 2020-1970-01
Posted Apr 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1970-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 81.0.4044.122. Issues addressed include out of bounds read and use-after-free vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2020-6458, CVE-2020-6459, CVE-2020-6460
MD5 | a810f6d249bb50ce28d58bbd44316ad0
Apache Shiro 1.2.4 Remote Code Execution
Posted Apr 29, 2020
Authored by L | Site metasploit.com

This Metasploit module exploits a vulnerability that allows remote attackers to execute arbitrary code on vulnerable installations of Apache Shiro version 1.2.4.

tags | exploit, remote, arbitrary
advisories | CVE-2016-4437
MD5 | 50bc5cef4f68b32fda9b582ca1462094
Ubuntu Security Notice USN-4341-3
Posted Apr 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4341-3 - USN-4341-1 fixed vulnerabilities in Samba. The updated packages for Ubuntu 16.04 LTS introduced a regression when using LDAP. This update fixes the problem. It was discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could possibly use this issue to cause Samba to consume resources, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-10704
MD5 | 87e404efb185f6aae61c399f2cacb653
Red Hat Security Advisory 2020-1963-01
Posted Apr 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1963-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and buffer under-read vulnerabilities.

tags | advisory, web, vulnerability, ruby
systems | linux, redhat
advisories | CVE-2017-17742, CVE-2018-8778
MD5 | 5ea73ae49b555df6ceffbfb717433758
Ubuntu Security Notice USN-4347-1
Posted Apr 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4347-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2020-3899
MD5 | 380e072a308e347bf34eabb33090812c
Druva inSync Windows Client 6.5.2 Privilege Escalation
Posted Apr 29, 2020
Authored by Chris Lyne

Druva inSync Windows Client version 6.5.2 suffers from a local privilege escalation vulnerability.

tags | exploit, local
systems | windows
advisories | CVE-2019-3999
MD5 | 8f9e26da527f8060a8ddce66165678c8
Red Hat Security Advisory 2020-1962-01
Posted Apr 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1962-01 - Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using Twisted and Python, but fully able to serve static pages too. Issues addressed include an HTTP request smuggling vulnerability.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2020-10108
MD5 | c2e00aa32faea3087d30129529e65208
Ubuntu Security Notice USN-4346-1
Posted Apr 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4346-1 - It was discovered that the QLogic Fibre Channel driver in the Linux kernel did not properly check for error, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service. It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-16233, CVE-2019-16234, CVE-2019-19768, CVE-2020-8648, CVE-2020-9383
MD5 | 4cf518f901d17d9b382167bc917ee090
hits script 1.0 SQL Injection
Posted Apr 29, 2020
Authored by sajjadbnd

hits script version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | cca4702b603ff9b386579c0fbf4238f2
Ubuntu Security Notice USN-4345-1
Posted Apr 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4345-1 - Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-16234, CVE-2019-19768, CVE-2020-10942, CVE-2020-11608, CVE-2020-11609, CVE-2020-11668, CVE-2020-11884, CVE-2020-8648, CVE-2020-9383
MD5 | f860882cf3df80ef98a1f975040f7b2b
Red Hat Security Advisory 2020-1966-01
Posted Apr 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1966-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-19768
MD5 | 205c1421714a2ef658973e3d94ab41b5
Red Hat Security Advisory 2020-1932-01
Posted Apr 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1932-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include a file overwrite vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10696
MD5 | 4319539c02dd8ac3e3761c608623133c
EmEditor 19.8 Insecure File Permissions
Posted Apr 29, 2020
Authored by sajjadbnd

EmEditor version 19.8 suffers from an insecure file permission vulnerability.

tags | exploit
MD5 | 8a9f46d32e2234e70721c4328aad0b1f
Ubuntu Security Notice USN-4344-1
Posted Apr 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4344-1 - It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly use this to cause a denial of service. It was discovered that the Intel WiMAX 2400 driver in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-16234, CVE-2019-19051, CVE-2019-19768, CVE-2020-10942, CVE-2020-8648, CVE-2020-8992, CVE-2020-9383
MD5 | 95f2bfc5a03c043277848adb01fe1838
Gigamon GigaVUE 5.5.01.11 Directory Traversal / File Upload
Posted Apr 29, 2020
Authored by Balazs Hambalko

Gigamon GigaVUE version 5.5.01.11 suffers from directory traversal and file upload with command execution vulnerabilities. Gigamon has chosen to sunset this product and not offer a patch.

tags | exploit, vulnerability, file inclusion, file upload
advisories | CVE-2020-12251, CVE-2020-12252
MD5 | 0fcc796a695117342acf0f72ae2515de
Red Hat Security Advisory 2020-1926-01
Posted Apr 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1926-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include a file overwrite vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10696
MD5 | 1e43ae0c195c7116c69a223b2d422800
NVIDIA Update Service Daemon 1.0.21 Unquoted Service Path
Posted Apr 29, 2020
Authored by Roberto Pina

NVIDIA Update Service Daemon version 1.0.21 suffers from a nvUpdatusService unquoted service path vulnerability.

tags | exploit
MD5 | ed8ac4c7f3c9307495a5ff6fd541b16a
Ubuntu Security Notice USN-4343-1
Posted Apr 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4343-1 - Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-11884
MD5 | 596a66bb956e1237f2dd10b8ca5ce8bc
Ubuntu Security Notice USN-4342-1
Posted Apr 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4342-1 - Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-16234, CVE-2019-19768, CVE-2020-10942, CVE-2020-11884, CVE-2020-8648, CVE-2020-8992, CVE-2020-9383
MD5 | b742c77503e84dfe47b8958c0f0f5f68
Red Hat Security Advisory 2020-1931-01
Posted Apr 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1931-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include a file overwrite vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10696
MD5 | 68e650122e7364dc59e8a7f53baa0a20
Red Hat Security Advisory 2020-1933-01
Posted Apr 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1933-01 - The targetcli package contains an administration shell for configuring Internet Small Computer System Interface, Fibre Channel over Ethernet, and other SCSI targets, using the Target Core Mod/Linux-IO kernel target subsystem. FCoE users also need to install and use the fcoe-utils package. A command execution vulnerability was addressed.

tags | advisory, shell, kernel
systems | linux, redhat
advisories | CVE-2020-10699
MD5 | 88341a0345f7668c4411745c48d226ed
Open-AudIT Professional 3.3.1 Remote Code Execution
Posted Apr 29, 2020
Authored by Askar

Open-AudIT Professional version 3.3.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-12078
MD5 | f1858718f305636a70afa52eb45eee3a
Open-AudIT 3.2.2 Command Injection / SQL Injection
Posted Apr 29, 2020
Authored by Core Security Technologies, Ivan Huertas, Pablo A. Zurro | Site coresecurity.com

Open-AudIT version 3.2.2 suffers from OS command injection, arbitrary file upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, sql injection, file upload
advisories | CVE-2020-11941, CVE-2020-11942, CVE-2020-11943
MD5 | 7ea2efd5fece16f023d6a11fbc170dd9
School ERP Pro 1.0 Arbitrary File Read
Posted Apr 29, 2020
Authored by Besim Altinok

School ERP Pro version 1.0 suffers from an arbitrary file read vulnerability.

tags | exploit, arbitrary
MD5 | 93f34f5f5e0006fb1971c6f138004414
Page 1 of 21
Back12345Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    1 Files
  • 9
    Aug 9th
    2 Files
  • 10
    Aug 10th
    27 Files
  • 11
    Aug 11th
    11 Files
  • 12
    Aug 12th
    11 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close