what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 29 RSS Feed

Files Date: 2020-10-28

Red Hat Security Advisory 2020-4390-01
Posted Oct 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4390-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Issues addressed include denial of service, memory exhaustion, and remote SQL injection vulnerabilities.

tags | advisory, remote, web, denial of service, vulnerability, sql injection, python
systems | linux, redhat
advisories | CVE-2019-12781, CVE-2019-14232, CVE-2019-14233, CVE-2019-14234, CVE-2019-14235
SHA-256 | 4cebf7d44e31c240a760ae6facd694e9856c3d52ac9e2b2f51d8b4f4f0e24ad7
Red Hat Security Advisory 2020-4391-01
Posted Oct 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4391-01 - OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fiber Channel, iSCSI, and NFS mounts attached to Compute nodes.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2020-10755
SHA-256 | fa5591d87819bf308f377e7976839eb0308369434f2c875830e243f4ee5ae53d
Ubuntu Security Notice USN-4552-3
Posted Oct 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4552-3 - USN-4552-1 and USN-4552-2 fixed a vulnerability in Pam-python. The update introduced a regression which prevented PAM modules written in Python from importing python modules from site-specific directories. Malte Kraus discovered that Pam-python mishandled certain environment variables. A local attacker could potentially use this vulnerability to execute programs as root. Various other issues were also addressed.

tags | advisory, local, root, python
systems | linux, ubuntu
advisories | CVE-2019-16729
SHA-256 | 51483cd9b602df9bae06a2d916daa0499320d343ef1be1b1afd3b143c509400a
FreeType Load_SBit_Png Heap Buffer Overflow
Posted Oct 28, 2020
Authored by Google Security Research, Glazvunov

FreeType suffers from a heap buffer overflow vulnerability due to integer truncation in Load_SBit_Png.

tags | exploit, overflow
advisories | CVE-2020-15999
SHA-256 | 3e74cc76bab0b12102b081d5d5527d7a09ac96232ae08096c3cc4702512988b9
Red Hat Security Advisory 2020-4384-01
Posted Oct 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4384-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 5 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 3 and includes bug fixes and enhancements. Issues addressed include buffer overflow and integer overflow vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-1551, CVE-2019-5435, CVE-2020-11984, CVE-2020-11993
SHA-256 | 467d98d3dc3e453dab213eac2a788f9c54641adf327662b50e225048b78e03a6
Red Hat Security Advisory 2020-4383-01
Posted Oct 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4383-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 5 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 4 and includes bug fixes and enhancements. Issues addressed include buffer overflow and integer overflow vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-1551, CVE-2019-5435, CVE-2020-11984, CVE-2020-11993
SHA-256 | e3fa177914caddbd671a91d6b248da680b85881080ad1c62d8b0d466e506ead0
Red Hat Security Advisory 2020-4283-01
Posted Oct 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4283-01 - OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fiber Channel, iSCSI, and NFS mounts attached to Compute nodes.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2020-10755
SHA-256 | 7a511b396227e7c79c224ab43bb0fc1fd0e7cc0f2eb2ea0a8159a187a4a9ad86
Red Hat Security Advisory 2020-4381-01
Posted Oct 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4381-01 - The openstack-selinux package is a collection of SELinux policies for running OpenStack on Red Hat Enterprise Linux.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1690
SHA-256 | 06319d6e786fcdfe626e9df9c43b5eea6831a23ba224550b10bfbb51d9e1501a
Ubuntu Security Notice USN-4608-1
Posted Oct 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4608-1 - The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.44 version of the Mozilla certificate authority bundle.

tags | advisory
systems | linux, ubuntu
SHA-256 | 9b4019ce3ed6eb8dde275c3fce9d925a189d33c1ad19b15beb797f1ebf82276b
Oracle Business Intelligence Enterprise Edition 5.5.0.0.0 / 12.2.1.3.0 / 12.2.1.4.0 LFI
Posted Oct 28, 2020
Authored by Ivo Palazzolo

Oracle Business Intelligence Enterprise Edition versions 5.5.0.0.0, 12.2.1.3.0, and 12.2.1.4.0 suffer from local file inclusion and directory traversal vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
advisories | CVE-2020-14864
SHA-256 | 1ce61cfa5df4fb1911183bd9133f8dd66643cf0945794e668ec5c2a5cb8333b5
God Kings 0.60.1 Notification Spoofing
Posted Oct 28, 2020
Authored by Julien Ahrens | Site rcesecurity.com

God Kings version 0.60.1 suffers from an improper authorization issue allowing for in-game notification spoofing.

tags | exploit, spoof
advisories | CVE-2020-25204
SHA-256 | 0739b7472a6c8181be50dac6e880dba434850aeb93bca40ab3c19da4c9c1fd8c
Gentoo Linux Security Advisory 202010-08
Posted Oct 28, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202010-8 - Multiple vulnerabilities have been found in Mozilla Firefox and Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 82.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-15683, CVE-2020-15969
SHA-256 | d6f8ee617bc93a30faf7d5fad1b396758ce22538d413ac0e4661c2bb01acfc59
CSE Bookstore 1.0 SQL Injection
Posted Oct 28, 2020
Authored by Alper Basaran

CSE Bookstore version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 22ade0807de506d719e10260a6706f161c23e19eabb44126ae5efb25be5761a3
Ubuntu Security Notice USN-4607-1
Posted Oct 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4607-1 - It was discovered that OpenJDK incorrectly handled deserializing Proxy class objects with many interfaces. A remote attacker could possibly use this issue to cause a denial of service via a specially crafted input. Sergey Ostanin discovered that OpenJDK incorrectly restricted authentication mechanisms. A remote attacker could possibly use this issue to obtain sensitive information over an unencrypted connection. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14798, CVE-2020-14803
SHA-256 | 511d4e10ce236dd52aeb3cf636a58fa4bc77beae290a7b505ccd45dceb05dedb
Nagios XI 5.7.3 Remote Command Injection
Posted Oct 28, 2020
Authored by Chris Lyne, Matthew Aberegg

Nagios XI version 5.7.3 mibs.php remote command injection exploit.

tags | exploit, remote, php
advisories | CVE-2020-5791
SHA-256 | 6855f4caf30f9e7751d6594a73e43b55ca31b7b9ddebeacdfa7108721c29da09
Ubuntu Security Notice USN-4603-1
Posted Oct 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4603-1 - It was discovered that MariaDB didn't properly validate the content of a packet received from a server. A remote attacker could use this vulnerability to sent a specialy crafted file to cause a denial of service. It was discovered that MariaDB has other security issues. An attacker can cause a hang or frequently repeatable crash. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-13249, CVE-2020-2752, CVE-2020-2760, CVE-2020-2812
SHA-256 | 0294356c27b1e6c2fe77a483a9758f2ed654d98df7f671f25e882fac606f9530
Ubuntu Security Notice USN-4600-2
Posted Oct 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4600-2 - USN-4600-1 fixed multiple vunerabilities in Netty 3.9. This update provides the corresponding fixes for CVE-2019-20444, CVE-2019-20445 for Netty. Also it was discovered that Netty allow for unbounded memory allocation. A remote attacker could send a large stream to the Netty server causing it to crash. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2019-20444, CVE-2020-11612
SHA-256 | 2743e423223a69bc2e5a3493c5262e8e506d7718197a2ac2bde20270a2a9ba90
Blueman Local Root / Privilege Escalation
Posted Oct 28, 2020
Authored by Vaisha Bernard

Blueman versions prior to 2.1.4 suffer from a local privilege escalation vulnerability that achieves root.

tags | exploit, local, root
advisories | CVE-2020-15238
SHA-256 | ad12e1f52e4713a386324b965386aa1a9020999aa33360fe64eedb3b1faaaecf
aptdaemon File Existence Disclosure
Posted Oct 28, 2020
Authored by Vaisha Bernard

aptdaemon versions prior to 1.1.1 suffer from a file existence disclosure vulnerability.

tags | exploit
SHA-256 | 6a60467266f33dfd33dccd469d46b9f39048b554f67da424046c527d10d8c317
Ubuntu Security Notice USN-3081-2
Posted Oct 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3081-2 - Dawid Golunski discovered that the Tomcat init script incorrectly handled creating log files. A remote attacker could possibly use this issue to obtain root privileges.

tags | advisory, remote, root
systems | linux, ubuntu
advisories | CVE-2016-1240
SHA-256 | a5c9a3a9bdb78367603007ec8640aaab2dc3486f9c257dae7a0d8cdaa28cc548
PackageKit File Existence Disclosure
Posted Oct 28, 2020
Authored by Vaisha Bernard

PackageKit versions prior to 1.1.13 suffer from a file existence disclosure vulnerability.

tags | exploit
SHA-256 | c2cb1ba823e3746c7e8a7376f0d64634a3e8d0f82cd84d7bcaeca3c7d83f764c
Online Library Management System 1.0 Shell Upload
Posted Oct 28, 2020
Authored by Jyotsna Adhana

Online Library Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 4da20cf09143b14a2750ade91ede9aa9d1031a15696f1cbe0745bd3f38554098
Point Of Sales 1.0 SQL Injection
Posted Oct 28, 2020
Authored by Jyotsna Adhana

Point of Sales version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 14479cfedac75e0485e20fa319e6a41519d81d62f71e316b0d6e690a943c2987
Gym Management System 1.0 SQL Injection
Posted Oct 28, 2020
Authored by Jyotsna Adhana

Gym Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, sql injection
SHA-256 | d9e14fc468e33947658caab1b00ebb95b4485be3fe34d24dce85dc4e303ca61a
Gym Management System 1.0 Cross Site Scripting
Posted Oct 28, 2020
Authored by Jyotsna Adhana

Gym Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b745d5a85f8d66a52474e9b1ce0d16a0ea6438196f210f2ee896be788ef23c20
Page 1 of 2
Back12Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close