what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-06-03

Node.js Hostname Verification Bypass
Posted Jun 3, 2020
Authored by Google Security Research, Felix Wilhelm

Insecure TLS session reuse can lead to a hostname verification bypass in Node.js.

tags | exploit
SHA-256 | b404dcfa6d845cbd272f8eca0446855bd9671e0f4684dcd3a059efe2b423226d
Apache Tomcat CVE-2020-9484 Proof Of Concept
Posted Jun 3, 2020
Authored by redtimmysec, masahiro331

Apache Tomcat is affected by a Java deserialization vulnerability if the PersistentManager is configured as session manager. Successful exploitation requires the attacker to be able to upload an arbitrary file to the server. This archive includes a write up and proof of concept code from multiple researchers.

tags | exploit, java, arbitrary, proof of concept
advisories | CVE-2020-9484
SHA-256 | 5db34fe7e7adcdfc030cf05662a1514025c97b95bc660d4698e532b08ba58604
Sabberworm PHP CSS Code Injection
Posted Jun 3, 2020
Authored by Eldar Marcussen

Sabberworm PHP CSS parser suffers from a code injection vulnerability. Many versions are affected.

tags | exploit, php
advisories | CVE-2020-13756
SHA-256 | cbff4c11162bd6a8c86cb798bce9beeaaea906f988d1e1211fcc87823ed3acb5
JSC JIT Out-Of-Bounds Access
Posted Jun 3, 2020
Authored by saelo, Google Security Research

The DFG and FTL JIT compilers incorrectly replace Checked with Unchecked ArithNegate operations (and vice versa) during Common Subexpression Elimination. This can then be exploited to cause out-of-bounds accesses and potentially other memory safety violations.

tags | exploit
advisories | CVE-2020-9802
SHA-256 | c63474f7958ed7b94d4d7df571792f778fb9ea8a94dac6a55e849f3c5a09d7e2
Bluetooth Impersonation Attack (BIAS) Proof Of Concept
Posted Jun 3, 2020
Authored by Marcin Kozlowski, francozappa

This archive holds Bluetooth Impersonation Attack (BIAS) CVE-2020-10135 proof of concept and reproduction research from multiple researchers.

tags | exploit, proof of concept
advisories | CVE-2020-10135
SHA-256 | 41004a9e2b60df9ce140f6ce8134c8d2d77630719d6ee1ae883f9de82e4b456b
Red Hat Security Advisory 2020-2383-01
Posted Jun 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2383-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. An issue was addressed where BIND does not sufficiently limit the number of fetches performed when processing referrals as well as an issue where a logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
SHA-256 | fe10f4f1ba40599a3ec6cfcfc4f4743f42397b4f5d36f372d59f945a76c2b6f0
Red Hat Security Advisory 2020-2382-01
Posted Jun 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2382-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.9.0 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-12405, CVE-2020-12406, CVE-2020-12410
SHA-256 | 916ab0f23a51a4ed61acd3e1d103cb826b43ac71c1b612caf36c1a2535cbf7b9
Ubuntu Security Notice USN-4381-1
Posted Jun 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4381-1 - Dan Palmer discovered that Django incorrectly validated memcached cache keys. A remote attacker could possibly use this issue to cause a denial of service and obtain sensitive information. Jon Dufresne discovered that Django incorrectly encoded query parameters for the admin ForeignKeyRawIdWidget. A remote attacker could possibly use this issue to perform XSS attacks.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-13254, CVE-2020-13596
SHA-256 | 5a47aadeb9474c5fc5acffb3a2a672de3641279c011265116c9249b2d5b00fc1
Red Hat Security Advisory 2020-2378-01
Posted Jun 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2378-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.9.0 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-12405, CVE-2020-12406, CVE-2020-12410
SHA-256 | d11e15e896d512099c9118ccbb9250d64607d675cbc5c8493240508dbcfedf6d
Red Hat Security Advisory 2020-2305-01
Posted Jun 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2305-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1706
SHA-256 | 6ed1e4b28e646045a58440a3c2ddb04980bf1e36d7c1c81299e50fbf59e71dc3
Red Hat Security Advisory 2020-2306-01
Posted Jun 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2306-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include denial of service and memory exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-8552
SHA-256 | 317a1dc682bbe949d5e60d15397da39bf34d12a9ff1d55e3996850f081b14b9a
Red Hat Security Advisory 2020-2380-01
Posted Jun 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2380-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.9.0 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-12405, CVE-2020-12406, CVE-2020-12410
SHA-256 | 58228fc9b28df7c52b73a180280cbcf058674b590af5d9b896fc69fc2ebdb7c7
Red Hat Security Advisory 2020-2379-01
Posted Jun 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2379-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.9.0 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-12405, CVE-2020-12406, CVE-2020-12410
SHA-256 | 2eb373fdc58a94b36487d68b8bb039414bbd0788b16ce3e35d6a00c9f88d5534
Apple Security Advisory 2020-06-01-4
Posted Jun 3, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-06-01-4 - watchOS 6.2.6 is now available and addresses a code execution vulnerability.

tags | advisory, code execution
systems | apple
advisories | CVE-2020-9859
SHA-256 | 3cf22c9449097702cd3afcf096f5f7de2925208f95ae011a2dcaa034730f4061
OpenCart 3.0.3.2 Cross Site Scripting
Posted Jun 3, 2020
Authored by Kailash Bohara

OpenCart version 3.0.3.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-10596
SHA-256 | 5e60117743888d1a91b9c87549d73e2d83cca8c8f22f0ee072e4ff971c29ab2b
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close