exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-11-03

Processwire CMS 2.4.0 Local File Inclusion
Posted Nov 3, 2020
Authored by Y1LD1R1M

Processwire CMS version 2.4.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | a16eb58aefe5f14c1f9c09c294a49bed
Joomla Publisher 3.0.19 Cross Site Scripting
Posted Nov 3, 2020
Authored by Vincent666 ibn Winnie

Joomla Publisher component version 3.0.19 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1b6efea2c58fb67fd87db5a5b5015b9f
Ubuntu Security Notice USN-4615-1
Posted Nov 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4615-1 - It was discovered that Yerase's TNEF had null pointer dereferences, infinite loop, buffer overflow, out of bounds reads, directory traversal issues and other vulnerabilities. An attacker could use those issues to cause a crash and consequently a denial of service.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-6298, CVE-2017-6300, CVE-2017-6301, CVE-2017-6302, CVE-2017-6305, CVE-2017-6306
MD5 | e4ec9e3a279ada39aa02f6955b8c9ce5
Joomla JomSocial 4.7.6 Cross Site Scripting
Posted Nov 3, 2020
Authored by Vincent666 ibn Winnie

Joomla JomSocial component version 4.7.6 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2c365505ab2344e7d3fa996ef07d2317
Ubuntu Security Notice USN-4613-1
Posted Nov 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4613-1 - Hubert Kario discovered that python-cryptography incorrectly handled certain decryption. An attacker could possibly use this issue to expose sensitive information.

tags | advisory, python
systems | linux, ubuntu
advisories | CVE-2020-25659
MD5 | f58620abad4842bf57a4df18084b6b7d
Ubuntu Security Notice USN-4616-1
Posted Nov 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4616-1 - Kevin Backhouse discovered that AccountsService incorrectly dropped privileges. A local user could possibly use this issue to cause AccountsService to crash or hang, resulting in a denial of service. Kevin Backhouse discovered that AccountsService incorrectly handled reading .pam_environment files. A local user could possibly use this issue to cause AccountsService to crash or hang, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2018-14036, CVE-2020-16126, CVE-2020-16127
MD5 | 459484efda1c6062d667f1c0c7fe58a1
Ubuntu Security Notice USN-4614-1
Posted Nov 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4614-1 - Kevin Backhouse discovered that GDM incorrectly launched the initial setup tool when the accountsservice daemon was not reachable. A local attacker able to cause accountsservice to crash or stop responding could trick GDM into launching the initial setup tool and create a privileged user.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2020-16125
MD5 | 39b3740000f421ed649cff459f6228fa
Ubuntu Security Notice USN-4605-2
Posted Nov 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4605-2 - Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service. While a previous security update fixed the issue, this update provides additional improvements by enabling PolicyKit authentication for privileged commands. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2020-15238
MD5 | a1e9ea67ece2df45ff33e037fb695ef5
Gentoo Linux Security Advisory 202011-05
Posted Nov 3, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202011-5 - A vulnerability in libssh could lead to a Denial of Service condition. Versions less than 0.9.5 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2020-16135
MD5 | 4c6c9827f564d9e00492bb1679fa9f6a
Gentoo Linux Security Advisory 202011-04
Posted Nov 3, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202011-4 - Multiple vulnerabilities have been found in Fossil, the worst of which could result in the arbitrary execution of code. Versions less than 2.12.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-24614
MD5 | 39b65f5b1f35317c4b0168fd8518bdc7
Gentoo Linux Security Advisory 202011-03
Posted Nov 3, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202011-3 - A vulnerability in kpmcore could result in privilege escalation. Versions less than 4.2.0 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2020-27187
MD5 | 874f119e12b8e21b8a566a44fff15b51
Gentoo Linux Security Advisory 202011-02
Posted Nov 3, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202011-2 - A heap-based buffer overflow in OpenDMARC might allow remote attackers to execute arbitrary code. Versions less than 1.3.3 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2020-12460
MD5 | d8290c83c925b52376188a71a5f862e1
Gentoo Linux Security Advisory 202011-01
Posted Nov 3, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202011-1 - A vulnerability in BlueZ might allow remote attackers to execute arbitrary code. Versions less than 5.55 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2020-27153
MD5 | 5a9d8310ebb27e40b867bdfccee66e54
GitHub Widespread Injection
Posted Nov 3, 2020
Authored by Google Security Research, Felix Wilhelm

Github Actions supports a feature called workflow commands that is susceptible to widespread code injection vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2020-15228
MD5 | ed0cc8399b9664318e4cac10f05729b5
Complaints Report Management System 1.0 SQL Injection / Remote Code Execution
Posted Nov 3, 2020
Authored by mosaaed

Complaints Report Management System version 1.0 suffers from a remote SQL injection vulnerability that can allow for remote code execution.

tags | exploit, remote, code execution, sql injection
MD5 | 34a90af2fd41a3b86d73ac2e42ef8ce0
Page 1 of 1
Back1Next

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    32 Files
  • 25
    Nov 25th
    7 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close