exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2020-08-17

Ubuntu Security Notice USN-4457-2
Posted Aug 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4457-2 - USN-4457-1 fixed a vulnerability in Software. This update provides the corresponding update for Ubuntu 14.04 ESM. Jason A. Donenfeld discovered that Software Properties incorrectly filtered certain escape sequences when displaying PPA descriptions. If a user were tricked into adding an arbitrary PPA, a remote attacker could possibly manipulate the screen. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-15709
MD5 | 9b4d94e36e68614a576fb7adcba68cc3
Red Hat Security Advisory 2020-3463-01
Posted Aug 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3463-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, denial of service, deserialization, improper authorization, and remote SQL injection vulnerabilities.

tags | advisory, java, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2019-14900, CVE-2020-10672, CVE-2020-10673, CVE-2020-10683, CVE-2020-10687, CVE-2020-10693, CVE-2020-10714, CVE-2020-10718, CVE-2020-10740, CVE-2020-14297, CVE-2020-1710, CVE-2020-1748
MD5 | 9ead7bd77b2dc129431666b801d469df
Ubuntu Security Notice USN-4456-2
Posted Aug 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4456-2 - USN-4456-1 fixed several vulnerabilities in Dovecot. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Dovecot incorrectly handled deeply nested MIME parts. A remote attacker could possibly use this issue to cause Dovecot to consume resources, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-12100, CVE-2020-12673, CVE-2020-12674
MD5 | 37e3fb4660496bc29f37e884ad2c76db
Red Hat Security Advisory 2020-3462-01
Posted Aug 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3462-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, denial of service, deserialization, improper authorization, and remote SQL injection vulnerabilities.

tags | advisory, java, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2019-14900, CVE-2020-10672, CVE-2020-10673, CVE-2020-10683, CVE-2020-10687, CVE-2020-10693, CVE-2020-10714, CVE-2020-10718, CVE-2020-10740, CVE-2020-14297, CVE-2020-1710, CVE-2020-1748
MD5 | c26343ede91ae3e60cab90f2bddbc971
Geutebruck testaction.cgi Remote Command Execution
Posted Aug 17, 2020
Authored by Davy Douhine | Site metasploit.com

This Metasploit module exploits an authenticated arbitrary command execution vulnerability within the 'server' GET parameter of the /uapi-cgi/testaction.cgi page of Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions <= 1.12.0.25 as well as firmware versions 1.12.13.2 and 1.12.14.5 when the 'type' GET parameter is set to 'ntp'. Successful exploitation results in remote code execution as the root user.

tags | exploit, remote, arbitrary, cgi, root, code execution
advisories | CVE-2020-16205
MD5 | 1808f8c08c4e0f56746b33c5880b103d
Apache OFBiz XML-RPC Java Deserialization
Posted Aug 17, 2020
Authored by Alvaro Munoz, wvu | Site metasploit.com

This Metasploit module exploits a Java deserialization vulnerability in Apache OFBiz's unauthenticated XML-RPC endpoint /webtools/control/xmlrpc for versions prior to 17.12.04.

tags | exploit, java
advisories | CVE-2020-9496
MD5 | 10edb9ed941935f4a87845caa769a7b6
Samsung Android Skia Qmage Image Codec Heap Buffer Overflow
Posted Aug 17, 2020
Authored by Google Security Research, mjurczyk

Samsung Android suffers from a heap buffer overflow vulnerability and other issues in the Skia Qmage image codec.

tags | exploit, overflow
MD5 | 95361e7360e3cb6d869c21f91cad170e
WordPress Fancybox Lightbox 1.0.1 Cross Site Scripting
Posted Aug 17, 2020
Authored by Melbin K Mathew

WordPress Fancybox Lightbox plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0175425b91b0e94d64578fc53a8f5ad6
Red Hat Security Advisory 2020-3461-01
Posted Aug 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3461-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, denial of service, deserialization, improper authorization, and remote SQL injection vulnerabilities.

tags | advisory, java, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2019-14900, CVE-2020-10672, CVE-2020-10673, CVE-2020-10683, CVE-2020-10687, CVE-2020-10693, CVE-2020-10714, CVE-2020-10718, CVE-2020-10740, CVE-2020-14297, CVE-2020-1710, CVE-2020-1748
MD5 | e8c0000fcef767ca1fe4e51c080ed134
XenForo 2.1.10 Patch 2 Cross Site Scripting
Posted Aug 17, 2020
Authored by Vincent666 ibn Winnie

XenForo version 2.1.0 Patch 2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 665ea776f6c0faec943025f48fc68b75
WordPress Colorbox Lightbox 1.1.2 Cross Site Scripting
Posted Aug 17, 2020
Authored by Melbin K Mathew

WordPress Colorbox Lightbox plugin version 1.1.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 251cdb4a3e987dce8905a2073d8c43fe
Red Hat Security Advisory 2020-3464-01
Posted Aug 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3464-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, denial of service, deserialization, improper authorization, and remote SQL injection vulnerabilities.

tags | advisory, java, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2019-14900, CVE-2020-10672, CVE-2020-10673, CVE-2020-10683, CVE-2020-10687, CVE-2020-10693, CVE-2020-10714, CVE-2020-10718, CVE-2020-10740, CVE-2020-14297, CVE-2020-14307, CVE-2020-1710, CVE-2020-1748
MD5 | 0f78f2c759322a21645f5e2cd7f1b6fc
Red Hat Security Advisory 2020-3456-01
Posted Aug 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3456-01 - LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2017-18922
MD5 | 3ac3c9e7ef0077bdcc6c1864bff3b33d
WordPress Responsive Lightbox2 1.0.2 Cross Site Scripting
Posted Aug 17, 2020
Authored by Melbin K Mathew

WordPress Responsive Lightbox2 plugin version 1.0.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | a7d768d94a4ed5f49207d6f0b0f4679e
Microsoft SharePoint Server 2019 Remote Code Execution
Posted Aug 17, 2020
Authored by West Shepherd

Microsoft SharePoint Server 2019 remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2020-1147
MD5 | 43a96db1ad4268459beaa3fcfac715dd
Bludit 3.9.2 Authentication Bruteforce Mitigation Bypass
Posted Aug 17, 2020
Authored by Alexandre Zanni

Bludit version 3.9.2 suffer from an authentication bruteforce mitigation bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2019-17240
MD5 | c6dff6690c6c86eb156fab0297f9c1c1
Page 1 of 1
Back1Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close