what you don't know can hurt you
Showing 1 - 12 of 12 RSS Feed

Files Date: 2020-08-19

PAC Bypass Due To Unprotected Function Pointer Imports
Posted Aug 19, 2020
Authored by saelo, Google Security Research

PAC aims to prevent an attacker with the ability to read and write memory from executing arbitrary code. It does that by cryptographically signing and validating code pointers (as well as some data pointers) at runtime. However, it seems that imports of function pointers from shared libraries in userspace are not properly protected by PAC, allowing an attacker to sign arbitrary pointers and thus bypass PAC.

tags | advisory, arbitrary
advisories | CVE-2020-9870
SHA-256 | 5678bd6488f4650c38c54830ecab44a07b651b61fd1c0a35953bf286d640cfe7
Red Hat Security Advisory 2020-3518-01
Posted Aug 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3518-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-2911, CVE-2019-2914, CVE-2019-2938, CVE-2019-2946, CVE-2019-2957, CVE-2019-2960, CVE-2019-2963, CVE-2019-2966, CVE-2019-2967, CVE-2019-2968, CVE-2019-2974, CVE-2019-2982, CVE-2019-2991, CVE-2019-2993, CVE-2019-2997, CVE-2019-2998, CVE-2019-3004, CVE-2019-3009, CVE-2019-3011, CVE-2019-3018, CVE-2020-14539, CVE-2020-14540, CVE-2020-14547, CVE-2020-14550, CVE-2020-14553, CVE-2020-14559, CVE-2020-14567, CVE-2020-14568
SHA-256 | 02da13c760b214c965c5311d654c352bb1978fb987a05a62f56c4111c97fe37d
Ubuntu Security Notice USN-4466-1
Posted Aug 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4466-1 - Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPT_CONNECT_ONLY option. This could result in data being sent to the wrong destination, possibly exposing sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-8231
SHA-256 | 47be007788d705a459cd99ccf038f03b19371474d3e506d98d242d9a4eb0aa11
Gentoo Linux Security Advisory 202008-08
Posted Aug 19, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202008-8 - NSS has multiple information disclosure vulnerabilities when handling secret key material. Versions less than 3.55 are affected.

tags | advisory, vulnerability, info disclosure
systems | linux, gentoo
advisories | CVE-2020-12400, CVE-2020-12401, CVE-2020-12403
SHA-256 | c5799ff9c9ac4536d22fedf39e8b495ead17a0bbbfaa825deeeba10016f08a9b
Ubuntu Security Notice USN-4465-1
Posted Aug 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4465-1 - It was discovered that the XFS file system implementation in the Linux kernel did not properly validate meta data in some circumstances. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-12655, CVE-2020-12771, CVE-2020-15393
SHA-256 | d61918c79cfb7d2a7c42dc5a881a9fdf1bf9ceb9e554b0b44c7668274b983ab2
Red Hat Security Advisory 2020-3504-01
Posted Aug 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3504-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10753
SHA-256 | 8a44610a43fa68798d324828d2851d69963c6600d9a04c6fcd433359710f8d98
Red Hat Security Advisory 2020-3505-01
Posted Aug 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3505-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10753
SHA-256 | dfec80f97242ea8e76f690cf34eb5c5ec8fc7cf0cec0668f5baa93848d783f59
Red Hat Security Advisory 2020-3501-01
Posted Aug 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3501-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.2 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include XML injection, denial of service, deserialization, and improper authorization vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-10672, CVE-2020-10673, CVE-2020-10683, CVE-2020-10687, CVE-2020-10693, CVE-2020-10714, CVE-2020-10718, CVE-2020-10740, CVE-2020-10758, CVE-2020-11612, CVE-2020-14307, CVE-2020-1710, CVE-2020-1728, CVE-2020-1748
SHA-256 | e390128d6a2fbef2d35e6bbd560115b1a61fac337fcd0f0f08ca070348829b0b
Red Hat Security Advisory 2020-3495-01
Posted Aug 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3495-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.2 security update on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2020-10758, CVE-2020-1728
SHA-256 | 591b54bd310dc5924e3705a12dd19daa0d4f02090774716d7f76c8aad4816a57
Red Hat Security Advisory 2020-3496-01
Posted Aug 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3496-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.2 security update on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2020-10758, CVE-2020-1728
SHA-256 | 1b0865a1b0955e9135ba3734907d15d51f23f6d1b81f5c02047ffb56ab1ee9a1
Red Hat Security Advisory 2020-3497-01
Posted Aug 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3497-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.2 security update on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2020-10758, CVE-2020-1728
SHA-256 | a79759996327f746adefb2f8de3de2a9232434d5d031e012b225759d79ef10a1
Pharmacy Medical Store And Sale Point 1.0 SQL Injection
Posted Aug 19, 2020
Authored by Moaaz Taha

Pharmacy Medical Store and Sale Point version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d8df5eb180d9dcaab230182ad9e625434ab3a3ba779a88bcbea6d924fc7ad7d5
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close