what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2020-06-22

Student Enrollment 1.0 Remote Code Execution
Posted Jun 22, 2020
Authored by Selim Enes Karaduman

Student Enrollment version 1.0 suffers from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | c80c7f129fa1a17c5a5b57e6c9db7a73d49adee7424f841a2ecf7c91ad9ada1e
Odoo 12.0 Local File Inclusion
Posted Jun 22, 2020
Authored by Emre OVUNC

Odoo version 12.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 8a281d381ff8257aa741b6907320da48bafd8aee565536d62c8a646d1e5b6ea2
WebPort 1.19.1 Cross Site Scripting
Posted Jun 22, 2020
Authored by Emre OVUNC

WebPort version 1.19.1 suffers from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-12460, CVE-2019-12461
SHA-256 | 41cb6485bf5e035d4851be24eb39824dc1a47ab1146412bf9506a4d7447ad66d
FileRun 2019.05.21 Cross Site Scripting
Posted Jun 22, 2020
Authored by Emre OVUNC

FileRun version 2019.05.21 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-12905
SHA-256 | ef7e9efac3811937fddec1ac06b401d037a1744af827130ce2cfc34446054171
Ubuntu Security Notice USN-4401-1
Posted Jun 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4401-1 - It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to enable MITM attacks. It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to proceeds with a connection even if the user rejects an expired intermediate certificate. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-14093, CVE-2020-14154
SHA-256 | 882ace3871b356da4924f891c0b5b096177d1befadf43a61452d5801b0005682
Online Student Enrollment System 1.0 Arbitrary File Upload
Posted Jun 22, 2020
Authored by BKpatron

Online Student Enrollment System version 1.0 suffers from an unauthenticated arbitrary file vulnerability.

tags | exploit, arbitrary, file upload
SHA-256 | 064a9332857173fea7fedcc2737f6d91ed1dfad56d7b15adb5bc5b7a3441673c
Trend Micro Web Security (Virtual Appliance) Remote Code Execution
Posted Jun 22, 2020
Authored by Mehmet Ince | Site metasploit.com

This Metasploit module exploits multiple vulnerabilities together in order to achieve a remote code execution. Unauthenticated users can execute a terminal command under the context of the root user. The specific flaw exists within the LogSettingHandler class of administrator interface software. When parsing the mount_device parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. But authentication is required to exploit this vulnerability. Another specific flaw exist within the proxy service, which listens on port 8080 by default. Unauthenticated users can exploit this vulnerability in order to communicate with internal services in the product. Last but not least a flaw exists within the Apache Solr application, which is installed within the product. When parsing the file parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the IWSS user. Due to combination of these vulnerabilities, unauthenticated users can execute a terminal command under the context of the root user. Version prior to 6.5 SP2 Patch 4 (Build 1901) are affected.

tags | exploit, remote, root, vulnerability, code execution
advisories | CVE-2020-8604, CVE-2020-8605, CVE-2020-8606
SHA-256 | 4aee71179ce97ff14964220e5add145f6a56bc5f34e2d1ffa3729b6a8b812d7c
Ubuntu Security Notice USN-4400-1
Posted Jun 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4400-1 - It was discovered that the nfs-utils package set incorrect permissions on the /var/lib/nfs directory. An attacker could possibly use this issue to escalate privileges.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-3689
SHA-256 | 8debac815390ca92b098aa8e3c85303c062df84c7ae990e004520df7d3dc7970
Red Hat Security Advisory 2020-2646-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2646-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 3 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 2 and includes bug fixes and enhancements. Issues addressed include buffer over-read, denial of service, and memory leak vulnerabilities.

tags | advisory, web, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2018-20843, CVE-2019-0196, CVE-2019-0197, CVE-2019-15903, CVE-2019-19956, CVE-2019-20388, CVE-2020-11080, CVE-2020-1934, CVE-2020-7595
SHA-256 | d1788a8e61cb334acd50091690da62efff82c9e0d9528c9f46c5226408959805
Red Hat Security Advisory 2020-2644-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2644-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 3 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 2 and includes bug fixes and enhancements. Issues addressed include buffer over-read, denial of service, and memory leak vulnerabilities.

tags | advisory, web, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2018-20843, CVE-2019-0196, CVE-2019-0197, CVE-2019-15903, CVE-2019-19956, CVE-2019-20388, CVE-2020-11080, CVE-2020-1934, CVE-2020-7595
SHA-256 | 3c5cb032e0a7a155597c19347749b668adb80897922efd1951e936de20b50b4f
Red Hat Security Advisory 2020-2642-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2642-01 - The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10772
SHA-256 | af0f7cc801ee4b89133e51c786a7814022ac78d0427b2d9138d5ef7fe46f338a
Red Hat Security Advisory 2020-2615-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2615-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.9.0. Issues addressed include information leakage and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-12398, CVE-2020-12405, CVE-2020-12406, CVE-2020-12410
SHA-256 | c922476117829460740b9b3aad6039736614ea3543beb85a8354c734d2d87d24
Red Hat Security Advisory 2020-2643-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2643-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 83.0.4103.106. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2020-6505, CVE-2020-6506, CVE-2020-6507
SHA-256 | da7ff03483093d698fb3c3ac34f16970532a356efcc01f5712b696466bacae54
Red Hat Security Advisory 2020-2640-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2640-01 - The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Multiple denial of service related vulnerabilities were addressed.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-12662, CVE-2020-12663
SHA-256 | e267ec6108807812848e4e010541821f1d5880fa63c5b39723afb536eab5a8de
Red Hat Security Advisory 2020-2641-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2641-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Issues addressed include a server-side request forgery vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-13379
SHA-256 | 564c9610e0b10697551a75e1e31c1760faef3d9c10a7ea4796c1ddb4315bd5b4
Red Hat Security Advisory 2020-2637-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2637-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-13777
SHA-256 | 75e20d2ad7787693194645be75739ed1dbd377aebd8eafabfc4c215110018701
Red Hat Security Advisory 2020-2638-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2638-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-13777
SHA-256 | c23fb9ec6d6c8f98388464967da270f6e08492eaf03d2f00d45bfbb844a79d5c
Red Hat Security Advisory 2020-2639-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2639-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-13777
SHA-256 | 659bc136b339fefd06456f7340bedbfb5561c8e45e51bc36c5c892767f1aa198
Mereo 1.9.4 Denial Of Service
Posted Jun 22, 2020
Authored by Saeed reza Zamanian

Mereo version 1.9.4 suffers from a remote HTTP server denial of service vulnerability.

tags | exploit, remote, web, denial of service
SHA-256 | d6300ac00f278bb859d9e2ce52daca06a011e19464356f45de116353513b9f52
Frigate 2.02 Denial Of Service
Posted Jun 22, 2020
Authored by Paras Bhatia

Frigate version 2.02 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 432174efa739ce6b6f45ef4c99dda1e4a65c0c480bbd3dfb867064651983b1ab
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close