what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2020-07-15

Ubuntu Security Notice USN-4424-1
Posted Jul 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4424-1 - It was discovered that cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices ran on every boot without restrictions. A physical attacker could exploit this to craft cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. It was discovered that snapctl user-open allowed altering the XDG_DATA_DIRS environment variable when calling the system xdg-open. A malicious snap could exploit this to bypass intended access restrictions to control how the host system xdg-open script opens the URL. This issue did not affect Ubuntu Core systems. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-11933, CVE-2020-11934
SHA-256 | 9216c175c43df93130d75a74937c91173a1f19c7fed3f2bba81214d648ceb5b3
Ubuntu Security Notice USN-4199-2
Posted Jul 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4199-2 - USN-4199-1 fixed several vulnerabilities in libvpx. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that libvpx did not properly handle certain malformed WebM media files. If an application using libvpx opened a specially crafted WebM file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-13194
SHA-256 | c7fbba9b4e9adcce96291c4e6c49d22b55b03a9761c3a68b1f518cd2421858b6
Red Hat Security Advisory 2020-2954-01
Posted Jul 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2954-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.106 and .NET Core Runtime 3.1.6. .NET Core: XML source markup processing remote code execution. Issues addressed include a code execution vulnerability.

tags | advisory, remote, code execution
systems | linux, redhat
advisories | CVE-2020-1147
SHA-256 | dfcfd4fa10032b163a2c9f7ed100e4b7ccd0fb0970832b62cb72deeed1b3e772
Oracle Solaris 11 Device Driver Utility 1.3.1 Race Condition
Posted Jul 15, 2020
Authored by Larry W. Cashdollar

Oracle Solaris 11 Device Driver Utility version 1.3.1 suffers from an insecure use of /tmp that can allow for a race condition which leads to privilege escalation. Included exploit provides a root shell.

tags | exploit, shell, root
systems | solaris
advisories | CVE-2020-14724
SHA-256 | ab9f7d499e25ee29f512a1665d6b70ae126fc6bd0318afb737ac4598bbd67bee
SecZetta NEProfile 3.3.11 Remote Code Execution
Posted Jul 15, 2020
Authored by Josh Sheppard

SecZetta NEProfile version 3.3.11 suffers from a remote code execution vulnerability.

tags | advisory, remote, code execution
advisories | CVE-2020-12854
SHA-256 | c17834ab0af938d459e36953e4a5fc2db414f94e0c2191ccfd31b65b0bd81f4b
Red Hat Security Advisory 2020-2939-01
Posted Jul 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2939-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.106 and .NET Core Runtime 3.1.6. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-1147
SHA-256 | 88c0a6d1f9c0e138d8e8b2cb012f0ebe9ac193addd8895b6a0533ed41777a9cc
Red Hat Security Advisory 2020-2938-01
Posted Jul 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2938-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. A new version of .NET Core that addresses a security vulnerability is now available. The updated version is .NET Core Runtime 2.1.20 and SDK 2.1.516. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-1147
SHA-256 | 8ed16ebf3196f85729f00c0d3feac26351d9977787701fd26013ca52f39ad3eb
Red Hat Security Advisory 2020-2937-01
Posted Jul 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2937-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated version is .NET Core Runtime 2.1.20 and SDK 2.1.516. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-1147
SHA-256 | 63cedc95d6cfd8980ba53188d6ce9228290f5d970c464598cbf1ea9613ad4288
Red Hat Security Advisory 2020-2933-01
Posted Jul 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2933-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An information exposure issue has been addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-18660
SHA-256 | ee0f7cb7c4bae47ec886c948a5af197f791e86a3445667472faa92c84b5c7fec
Ubuntu Security Notice USN-4423-1
Posted Jul 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4423-1 - It was discovered that X-Frame-Options could be bypassed in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct clickjacking attacks.

tags | advisory
systems | linux, ubuntu
SHA-256 | cb686e4c34200e61d75bd472186503eb68597c70a32558f5ca5e5b74b3e6b85e
Zyxel Armor X1 WAP6806 Directory Traversal
Posted Jul 15, 2020
Authored by Rajivarnan R

Zyxel Armor X1 WAP6806 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2020-14461
SHA-256 | f1e1d0fd46f9df6b57371ee28f0b276b858aa8e66240731911e05e1c29808ae4
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close