what you don't know can hurt you
Showing 1 - 20 of 20 RSS Feed

Files Date: 2020-06-22

Student Enrollment 1.0 Remote Code Execution
Posted Jun 22, 2020
Authored by Selim Enes Karaduman

Student Enrollment version 1.0 suffers from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 25914bdc4a5e8728659d97d33c83b47d
Odoo 12.0 Local File Inclusion
Posted Jun 22, 2020
Authored by Emre OVUNC

Odoo version 12.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | ef259aea09b43ebfc94e8efe879074f2
WebPort 1.19.1 Cross Site Scripting
Posted Jun 22, 2020
Authored by Emre OVUNC

WebPort version 1.19.1 suffers from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-12460, CVE-2019-12461
MD5 | 3ddcb4d1a89cc86696f8b140f3c27559
FileRun 2019.05.21 Cross Site Scripting
Posted Jun 22, 2020
Authored by Emre OVUNC

FileRun version 2019.05.21 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-12905
MD5 | 8ed303ab292cc8e083783ab4e9c1af3d
Ubuntu Security Notice USN-4401-1
Posted Jun 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4401-1 - It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to enable MITM attacks. It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to proceeds with a connection even if the user rejects an expired intermediate certificate. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-14093, CVE-2020-14154
MD5 | 1cf0224012a5ab76303481a81487a564
Online Student Enrollment System 1.0 Arbitrary File Upload
Posted Jun 22, 2020
Authored by BKpatron

Online Student Enrollment System version 1.0 suffers from an unauthenticated arbitrary file vulnerability.

tags | exploit, arbitrary, file upload
MD5 | 82d4e855a4f70039fa7c52673309699c
Trend Micro Web Security (Virtual Appliance) Remote Code Execution
Posted Jun 22, 2020
Authored by Mehmet Ince | Site metasploit.com

This Metasploit module exploits multiple vulnerabilities together in order to achieve a remote code execution. Unauthenticated users can execute a terminal command under the context of the root user. The specific flaw exists within the LogSettingHandler class of administrator interface software. When parsing the mount_device parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. But authentication is required to exploit this vulnerability. Another specific flaw exist within the proxy service, which listens on port 8080 by default. Unauthenticated users can exploit this vulnerability in order to communicate with internal services in the product. Last but not least a flaw exists within the Apache Solr application, which is installed within the product. When parsing the file parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the IWSS user. Due to combination of these vulnerabilities, unauthenticated users can execute a terminal command under the context of the root user. Version prior to 6.5 SP2 Patch 4 (Build 1901) are affected.

tags | exploit, remote, root, vulnerability, code execution
advisories | CVE-2020-8604, CVE-2020-8605, CVE-2020-8606
MD5 | ed456cc0c792c24850deb91201642a41
Ubuntu Security Notice USN-4400-1
Posted Jun 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4400-1 - It was discovered that the nfs-utils package set incorrect permissions on the /var/lib/nfs directory. An attacker could possibly use this issue to escalate privileges.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-3689
MD5 | c4dc39324720975af5d08962b2ee0726
Red Hat Security Advisory 2020-2646-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2646-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 3 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 2 and includes bug fixes and enhancements. Issues addressed include buffer over-read, denial of service, and memory leak vulnerabilities.

tags | advisory, web, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2018-20843, CVE-2019-0196, CVE-2019-0197, CVE-2019-15903, CVE-2019-19956, CVE-2019-20388, CVE-2020-11080, CVE-2020-1934, CVE-2020-7595
MD5 | e83a71b4bc88543a706aad6f12cb4126
Red Hat Security Advisory 2020-2644-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2644-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 3 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 2 and includes bug fixes and enhancements. Issues addressed include buffer over-read, denial of service, and memory leak vulnerabilities.

tags | advisory, web, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2018-20843, CVE-2019-0196, CVE-2019-0197, CVE-2019-15903, CVE-2019-19956, CVE-2019-20388, CVE-2020-11080, CVE-2020-1934, CVE-2020-7595
MD5 | a71fe6af0fb16e3610bd7a75e89e2e1a
Red Hat Security Advisory 2020-2642-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2642-01 - The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10772
MD5 | d8b1fa1bb55daca3cbeb2ee6bb36fe41
Red Hat Security Advisory 2020-2615-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2615-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.9.0. Issues addressed include information leakage and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-12398, CVE-2020-12405, CVE-2020-12406, CVE-2020-12410
MD5 | d7a944e6a14f3594b8e50dc66fb3ea15
Red Hat Security Advisory 2020-2643-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2643-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 83.0.4103.106. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2020-6505, CVE-2020-6506, CVE-2020-6507
MD5 | 4840001b074a35f2ebfe66ed6db2fda4
Red Hat Security Advisory 2020-2640-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2640-01 - The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Multiple denial of service related vulnerabilities were addressed.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-12662, CVE-2020-12663
MD5 | 8f2bfeea9b5081c2acb3925a29234d46
Red Hat Security Advisory 2020-2641-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2641-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Issues addressed include a server-side request forgery vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-13379
MD5 | a4e869e4e603f5b0929e9145a2f319b2
Red Hat Security Advisory 2020-2637-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2637-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-13777
MD5 | 64702929c236da03f6e59871bd9d2c28
Red Hat Security Advisory 2020-2638-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2638-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-13777
MD5 | 3836fee9a2a25a25490720841d73a136
Red Hat Security Advisory 2020-2639-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2639-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-13777
MD5 | 2370c7febc228cf42bfce0606e02e829
Mereo 1.9.4 Denial Of Service
Posted Jun 22, 2020
Authored by Saeed reza Zamanian

Mereo version 1.9.4 suffers from a remote HTTP server denial of service vulnerability.

tags | exploit, remote, web, denial of service
MD5 | 61835931a9f8d5b82c7478435a3bcb73
Frigate 2.02 Denial Of Service
Posted Jun 22, 2020
Authored by Paras Bhatia

Frigate version 2.02 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | e8a1439f03323e4fb6727624a0be0b78
Page 1 of 1
Back1Next

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    32 Files
  • 25
    Nov 25th
    7 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close