what you don't know can hurt you
Showing 1 - 21 of 21 RSS Feed

Files Date: 2020-05-19

Protection Licensing Toolkit ReadyAPI 3.2.5 Code Execution / Deserialization
Posted May 19, 2020
Authored by Moritz Bechler

Protection Licensing Toolkit ReadyAPI version 3.2.5 suffers from an unsafe deserialization vulnerability that allows for remote code execution.

tags | exploit, remote, code execution
advisories | CVE-2020-12835
MD5 | 04d24a10d080f67a99623c2a47d1d455
Open-Xchange Dovecot 2.3.10 Null Pointer Dereference / Denial Of Service
Posted May 19, 2020
Authored by Philippe Antoine

Open-Xchange Dovecot versions 2.3.0 through 2.3.10 suffer from null pointer dereference and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
advisories | CVE-2020-10957, CVE-2020-10958, CVE-2020-10967
MD5 | 4607a1940a12664e8ead49b330c8f65f
Red Hat Security Advisory 2020-2231-01
Posted May 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2231-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. A hard-coded credential issue was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1716
MD5 | bd71d884ef5af233ab5cf8857d8db4ad
Red Hat Security Advisory 2020-2210-01
Posted May 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2210-01 - KornShell is a Unix shell which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
MD5 | fd8c80347cd4ed97e92d1050f4903caf
Red Hat Security Advisory 2020-2213-01
Posted May 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2213-01 - The ipmitool packages contain a command-line utility for interfacing with devices that support the Intelligent Platform Management Interface specification. IPMI is an open standard for machine health, inventory, and remote power control. Issues addressed include a buffer overflow vulnerability.

tags | advisory, remote, overflow
systems | linux, redhat
advisories | CVE-2020-5208
MD5 | d1efeeeaea3cb2a8aa392d5517fd688e
Red Hat Security Advisory 2020-2214-01
Posted May 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2214-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free, null pointer, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2017-18595, CVE-2019-19768, CVE-2020-10711
MD5 | 76989286c92162d66924a0b1716db57d
Red Hat Security Advisory 2020-2212-01
Posted May 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2212-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and buffer under-read vulnerabilities.

tags | advisory, web, vulnerability, ruby
systems | linux, redhat
advisories | CVE-2017-17742, CVE-2018-8778
MD5 | 2d553879d3f6203c6cc6b183b21ffa4b
Ubuntu Security Notice USN-4366-1
Posted May 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4366-1 - It was discovered that Exim incorrectly handled certain inputs. An remote attacker could possibly use this issue to access sensitive information or authentication bypass.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-12783
MD5 | 9ea6a9371b1e8c0b4e1fe271b5d74364
Falco 0.23.0
Posted May 19, 2020
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Many new major and minor changes as well as a couple of bug fixes. 4 rule updates as well.
tags | tool, intrusion detection
systems | unix
MD5 | a73861c1182fe3e06e8e5c68aff4d3c4
Victor CMS 1.0 Shell Upload
Posted May 19, 2020
Authored by Kishan Lal Choudhary

Victor CMS version 1.0 suffers from an authenticated remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 7f5c0f7f129fcb1e7e08e68329e0210b
nfstream 5.1.2
Posted May 19, 2020
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Improved NULL values handling. Improved pandas dataframe types handling.
tags | tool, python
systems | unix
MD5 | 100cf73d0a51345ea1ef8e82ab2eaa15
Red Hat Security Advisory 2020-2199-01
Posted May 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2199-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-19768, CVE-2020-10711, CVE-2020-11884
MD5 | 880368285866bf500f86dd36404cc148
PHP-Fusion 9.03.50 SQL Injection
Posted May 19, 2020
Authored by SunCSR

PHP-Fusion version 9.03.50 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 0a1a9de287822195e0373a79ec7c6409
Ubuntu Security Notice USN-4365-1
Posted May 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4365-1 - Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service, or possibly use Bind to perform a reflection attack. Tobias Klein discovered that Bind incorrectly handled checking TSIG validity. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly perform other attacks. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | d997e46eed2a4a36615bb449b70ab0cb
NukeViet VMS 4.4.00 Cross Site Request Forgery
Posted May 19, 2020
Authored by JEBARAJ

NukeViet VMS version 4.4.00 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | ea21be0b664e2ac8939d627d51471fd5
Red Hat Security Advisory 2020-2203-01
Posted May 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2203-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include null pointer and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-19768, CVE-2020-10711
MD5 | 5b828468a7819d2abb23e498a8c2dd9e
Submitty 20.04.01 Cross Site Scripting
Posted May 19, 2020
Authored by humblelad

Submitty version 20.04.01 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-12882
MD5 | 363c59f5805dc2e919a044830741d7d0
Ubuntu Security Notice USN-4364-1
Posted May 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4364-1 - It was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service. It was discovered that the vhost net driver in the Linux kernel contained a stack buffer overflow. A local attacker with the ability to perform ioctl calls on /dev/vhost-net could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-19060, CVE-2020-10942, CVE-2020-11494, CVE-2020-11565, CVE-2020-11608, CVE-2020-11609, CVE-2020-11668
MD5 | 06e1ea8cf35c10383a5778a3325e0109
qdPM 9.1 Cross Site Scripting
Posted May 19, 2020
Authored by Kishan Lal Choudhary

qdPM version 9.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 74a2efe54e4741034c5f40bfca3369c6
Victor CMS 1.0 SQL Injection
Posted May 19, 2020
Authored by Kishan Lal Choudhary

Victor CMS version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ef63f4969dde8a1daaa8ced535329dba
Victor CMS 1.0 Cross Site Scripting
Posted May 19, 2020
Authored by Kishan Lal Choudhary

Victor CMS version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3b44bb543ff54d8a956cf1985850fee0
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    29 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close