what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2020-07-22

ZenTao Pro 8.8.2 Remote Code Execution
Posted Jul 22, 2020
Authored by Daniel Monzon, Erik Wynter, Melvin Boers | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in ZenTao Pro 8.8.2 and earlier versions in order to execute arbitrary commands with SYSTEM privileges. Valid credentials for a ZenTao admin account are required. This module has been successfully tested against ZenTao 8.8.1 and 8.8.2 running on Windows 10 (XAMPP server).

tags | exploit, arbitrary
systems | windows
advisories | CVE-2020-7361
SHA-256 | 191b945627084957824fcc0caf7eb0edfafb74b14433e38de0cb21c995667b52
Logwatch 7.5.4
Posted Jul 22, 2020
Site sourceforge.net

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | 5f5a9f1cf455dc9369af7b42313fd241102069bb05c6b6945c34add878dbbf07
Ubuntu Security Notice USN-4428-1
Posted Jul 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4428-1 - It was discovered that Python documentation had a misleading information. A security issue could be possibly caused by wrong assumptions of this information. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Python incorrectly handled certain TAR archives. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, python
systems | linux, ubuntu
advisories | CVE-2019-17514, CVE-2019-20907, CVE-2019-9674, CVE-2020-14422
SHA-256 | bd0ca3aa125b7eb221c2efb45192de20cbb57e4b69e622b348f061fab6792867
Ubuntu Security Notice USN-4430-1
Posted Jul 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4430-1 - It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted image file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-10177
SHA-256 | 76de1c4dcb2f8ddf02ae8ea197de16bb0ea36cad146fbaca49df39b4e7d2cf26
Ubuntu Security Notice USN-4429-1
Posted Jul 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4429-1 - It was discovered that Evolution Data Server incorrectly handled STARTTLS when using SMTP and POP3. A remote attacker could possibly use this issue to perform a response injection attack.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-14928
SHA-256 | f6956b1c90a287224c0c82eff6fa6dee8aa4fe8193cff2ffcedd3f924d51822d
Red Hat Security Advisory 2020-3098-01
Posted Jul 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3098-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a bypass vulnerability.

tags | advisory, java, bypass
systems | linux, redhat
advisories | CVE-2020-14556, CVE-2020-14562, CVE-2020-14573, CVE-2020-14577, CVE-2020-14583, CVE-2020-14593, CVE-2020-14621
SHA-256 | 43e23faf9d5348bde32808009acef8127f1adfcaa463fafc9de98336cf79bd42
Red Hat Security Advisory 2020-3105-01
Posted Jul 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3105-01 - The OpenStack Identity service authenticates and authorizes OpenStack users by keeping track of users and their permitted activities. The Identity service supports multiple forms of authentication, including user name and password credentials, token-based systems, and AWS-style logins.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-12689, CVE-2020-12690, CVE-2020-12691
SHA-256 | ea16728bd70ae96da557f40f2a3facaf6511f0047b35f572739853d05a0d34a1
Red Hat Security Advisory 2020-3102-01
Posted Jul 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3102-01 - The OpenStack Identity service authenticates and authorizes OpenStack users by keeping track of users and their permitted activities. The Identity service supports multiple forms of authentication, including user name and password credentials, token-based systems, and AWS-style logins.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-12689, CVE-2020-12690, CVE-2020-12691, CVE-2020-12692
SHA-256 | eb68cfba73e80a957610c1c1754ee02b04c2c11dd863a4626362fde0e05f7479
Red Hat Security Advisory 2020-3099-01
Posted Jul 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3099-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a bypass vulnerability.

tags | advisory, java, bypass
systems | linux, redhat
advisories | CVE-2020-14556, CVE-2020-14562, CVE-2020-14573, CVE-2020-14577, CVE-2020-14583, CVE-2020-14593, CVE-2020-14621
SHA-256 | af1168d38a072f5da0c15712b298d780e245ddddd505734083ac93fa6a8783f0
Red Hat Security Advisory 2020-3100-01
Posted Jul 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3100-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a bypass vulnerability.

tags | advisory, java, bypass
systems | linux, redhat
advisories | CVE-2020-14556, CVE-2020-14577, CVE-2020-14578, CVE-2020-14579, CVE-2020-14583, CVE-2020-14593, CVE-2020-14621
SHA-256 | 5dfe4f41bb301d732a531db9705ccd026e69b3bb4479a6fea66a3a0c7399303c
Red Hat Security Advisory 2020-3101-01
Posted Jul 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3101-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a bypass vulnerability.

tags | advisory, java, bypass
systems | linux, redhat
advisories | CVE-2020-14556, CVE-2020-14577, CVE-2020-14578, CVE-2020-14579, CVE-2020-14583, CVE-2020-14593, CVE-2020-14621
SHA-256 | 6c4a228e650ebf6d8f38ae2ad3f8952591d667abb324a86df9576e398ae56cf9
Docsify.js 4.11.4 Cross Site Scripting
Posted Jul 22, 2020
Authored by Amin Sharifi

Docsify.js version 4.11.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-7680
SHA-256 | 0bcd9963527e80734359f08f4fb7fbea017a71d3c6f4262918bd2b9112da1c80
Red Hat Security Advisory 2020-3096-01
Posted Jul 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3096-01 - The OpenStack Identity service authenticates and authorizes OpenStack users by keeping track of users and their permitted activities. The Identity service supports multiple forms of authentication, including user name and password credentials, token-based systems, and AWS-style logins.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-12689, CVE-2020-12691
SHA-256 | fa7e5d6396dfe8a770ab86f5a8a8e1e106b6d53b52ddb895efc680513c0e2540
Red Hat Security Advisory 2020-3090-01
Posted Jul 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3090-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15104
SHA-256 | 885e23f7d18e0ac7c553dc780e8db1574740985ebc651183992d17da0a8d1add
Red Hat Security Advisory 2020-3087-01
Posted Jul 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3087-01 - Red Hat OpenShift Jaeger is Red Hat's distribution of the Jaeger project, tailored for installation into an on-premise OpenShift Container Platform installation.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-12049, CVE-2020-14040
SHA-256 | beb36d6fde9d9b16b89f5ae7ac29137d7e53b66ff31cf855503a76f0b99bc58a
WordPress NexosReal Estate Theme 1.7 Cross Site Scripting / SQL Injection
Posted Jul 22, 2020
Authored by Vlad Vector

WordPress NexosReal Estate Theme version 1.7 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2020-15363, CVE-2020-15364
SHA-256 | df44eb3bb3bda424cb66f50cc08e0b9335df8fe6832a5f67fa979e8d464c6eb7
Ubuntu Security Notice USN-4425-1
Posted Jul 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4425-1 - It was discovered that the network block device implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service. It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly check return values in some situations. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-16089, CVE-2019-19462, CVE-2020-11935, CVE-2020-15780
SHA-256 | cf4699147e9a8170a6b01cfad73d27e74fd7559a378c683fa8339ccc82663df9
Ubuntu Security Notice USN-4427-1
Posted Jul 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4427-1 - It was discovered that the Kvaser CAN/USB driver in the Linux kernel did not properly initialize memory in certain situations. A local attacker could possibly use this to expose sensitive information. Chuhong Yuan discovered that go7007 USB audio device driver in the Linux kernel did not properly deallocate memory in some failure conditions. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-12380, CVE-2019-19947, CVE-2019-20810, CVE-2019-20908, CVE-2020-10732, CVE-2020-10766, CVE-2020-10767, CVE-2020-10768, CVE-2020-11935, CVE-2020-13974
SHA-256 | b977bb1eef5006f04c02310b64f67dfc0df0cf66bdb9c9980f831579b1b67812
Ubuntu Security Notice USN-4426-1
Posted Jul 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4426-1 - Jason A. Donenfeld discovered that the ACPI implementation in the Linux kernel did not properly restrict loading SSDT code from an EFI variable. A privileged attacker could use this to bypass Secure Boot lockdown restrictions and execute arbitrary code in the kernel. Fan Yang discovered that the mremap implementation in the Linux kernel did not properly handle DAX Huge Pages. A local attacker with access to DAX storage could use this to gain administrative privileges. Various other issues were also addressed.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-20908, CVE-2020-10757, CVE-2020-11935, CVE-2020-15780
SHA-256 | c08d99828ab0121536e6f7fbfa804274851e82d4f947dc4c837c3f5da9f63b08
Red Hat Security Advisory 2020-3084-01
Posted Jul 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3084-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and integer overflow vulnerabilities.

tags | advisory, denial of service, overflow, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2020-10531, CVE-2020-11080, CVE-2020-7598, CVE-2020-8174
SHA-256 | 7a4caa69e6c2b55ec9e17b1435e419c0e4f4298a4da2e39e480c2298868fd2f7
Sophos VPN Web Panel 2020 Denial Of Service
Posted Jul 22, 2020
Authored by Berk Kiras

Sophos VPN Web Panel 2020 denial of service proof of concept exploit.

tags | exploit, web, denial of service, proof of concept
SHA-256 | fed56a4e0c61feafa1c63267efd2d4a90437797c3dc2ac6df64387ab03184a6e
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close