exploit the possibilities
Showing 1 - 12 of 12 RSS Feed

Files Date: 2020-09-18

Apple Security Advisory 2020-09-16-5
Posted Sep 18, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-09-16-5 - Xcode 12.0 is now available and addresses a code execution vulnerability.

tags | advisory, code execution
systems | apple
advisories | CVE-2020-9992
MD5 | aa20697b990b4cc8e09f4015dfba8ae1
Apple Security Advisory 2020-09-16-4
Posted Sep 18, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-09-16-4 - watchOS 7.0 is now available and addresses cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
systems | apple
advisories | CVE-2020-9946, CVE-2020-9952, CVE-2020-9968, CVE-2020-9976
MD5 | d0cb12546d5aebcf540ac9c015984183
Apple Security Advisory 2020-09-16-3
Posted Sep 18, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-09-16-3 - Safari 14.0 is now available and addresses code execution, cross site scripting, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple
advisories | CVE-2020-9948, CVE-2020-9951, CVE-2020-9952, CVE-2020-9983
MD5 | ae29185c1601a94111093736fc67de83
Apple Security Advisory 2020-09-16-2
Posted Sep 18, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-09-16-2 - tvOS 14.0 is now available and addresses cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
systems | apple
advisories | CVE-2020-9952, CVE-2020-9968, CVE-2020-9976, CVE-2020-9979
MD5 | ef7376338a1a7ad7e72201d43197b146
Ubuntu Security Notice USN-4519-1
Posted Sep 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4519-1 - Ratchanan Srirattanamet discovered that an Ubuntu-specific patch caused PulseAudio to incorrectly handle memory under certain error conditions in the Bluez 5 module. An attacker could use this issue to cause PulseAudio to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-15710
MD5 | 3867733a00e40200e172ae435c7a3215
Apple Security Advisory 2020-09-16-1
Posted Sep 18, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-09-16-1 - iOS 14.0 and iPadOS 14.0 are now available and address code execution, cross site scripting, out of bounds read, and out of bounds write vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple, ios
advisories | CVE-2020-9773, CVE-2020-9946, CVE-2020-9952, CVE-2020-9958, CVE-2020-9959, CVE-2020-9964, CVE-2020-9968, CVE-2020-9973, CVE-2020-9976, CVE-2020-9979, CVE-2020-9992
MD5 | bf2d39afbca775367e4876e819239e81
TP-Link Cloud Cameras NCXXX Bonjour Command Injection
Posted Sep 18, 2020
Authored by Pietro Oliva | Site metasploit.com

TP-Link cloud cameras NCXXX series (NC200, NC210, NC220, NC230, NC250, NC260, NC450) are vulnerable to an authenticated command injection vulnerability. In all devices except NC210, despite a check on the name length in swSystemSetProductAliasCheck, no other checks are in place in order to prevent shell metacharacters from being introduced. The system name would then be used in swBonjourStartHTTP as part of a shell command where arbitrary commands could be injected and executed as root. NC210 devices cannot be exploited directly via /setsysname.cgi due to proper input validation. NC210 devices are still vulnerable since swBonjourStartHTTP did not perform any validation when reading the alias name from the configuration file. The configuration file can be written, and code execution can be achieved by combining this issue with CVE-2020-12110.

tags | exploit, arbitrary, shell, cgi, root, code execution
advisories | CVE-2020-12109
MD5 | 65581bfcfd69f6bd2c8b8917eda921c4
Navy Federal Cross Site Scripting
Posted Sep 18, 2020
Authored by Arthrocyber

The Navy Federal site at navyfederal.org suffered from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 455aedc855366fcbd0be7206169b22fc
Ubuntu Security Notice USN-4517-1
Posted Sep 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4517-1 - It was discovered that Email-Address-List does not properly parse email addresses during email-ingestion. A remote attacker could use this issue to cause an algorithmic complexity attack, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-18898
MD5 | d9bf4f7b847a8dd904e675f42d425349
Mantis Bug Tracker 2.3.0 Remote Code Execution
Posted Sep 18, 2020
Authored by hyp3rlinx, Nikolas Geiselman, permanull

Mantis Bug Tracker version 2.3.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2017-7615, CVE-2019-15715
MD5 | b8224e074922b7417247b27948ca6d30
SpamTitan 7.07 Remote Code Execution
Posted Sep 18, 2020
Authored by Felipe Molina

SpamTitan version 7.07 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-11699, CVE-2020-11700, CVE-2020-11803, CVE-2020-11804
MD5 | ca2b9bc9d086483e304d942fc84321d8
D-Link DGS-1210-28 Denial Of Service
Posted Sep 18, 2020
Authored by Saeed reza Zamanian

D-Link DGS-1210-28 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 1048e9b9027eb0058839c56441a7d3c7
Page 1 of 1
Back1Next

File Archive:

December 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    22 Files
  • 2
    Dec 2nd
    33 Files
  • 3
    Dec 3rd
    16 Files
  • 4
    Dec 4th
    22 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close