exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2020-11-05

Botan C++ Crypto Algorithms Library 2.17.0
Posted Nov 5, 2020
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Changes: Fixed a bug in ECDSA which could occur when the group size and hash length differ. Fixed a bug in ECDSA verification when the public key was chosen to be a small multiple of the group generator. Various other updates.
tags | library
SHA-256 | b97044b312aa718349af7851331b064bc7bd5352400d5f80793bace427d01343
iDS6 DSSPro Digital Signage System 6.2 Privilege Escalation
Posted Nov 5, 2020
Authored by LiquidWorm | Site zeroscience.mk

iDS6 DSSPro Digital Signage System version 6.2 suffers from a privilege escalation vulnerability. An authenticated user can elevate his/her privileges by calling JS functions from the console or by insecure direct object references to hidden functionalities that can result in creating users, modifying roles and permissions and full takeover of the application.

tags | exploit
SHA-256 | 8007a5f219e032013e1e72ef98a61a127ff6f0b3d6ed018dc856261d55f65f8c
iDS6 DSSPro Digital Signage System 6.2 CAPTCHA Security Bypass
Posted Nov 5, 2020
Authored by LiquidWorm | Site zeroscience.mk

The CAPTCHA function for iDS6 DSSPro Digital Signage System version 6.2 is prone to a security bypass vulnerability that occurs in the CAPTCHA authentication routine. By requesting the autoLoginVerifyCode object an attacker can receive a JSON message code and successfully bypass the CAPTCHA-based authentication challenge and perform brute-force attacks.

tags | exploit, bypass
SHA-256 | d27b5814b4f42ac16a8bbe64624c3e1ed65fa742a3666758ddc2046e3aaf3e7e
iDS6 DSSPro Digital Signage System 6.2 Cross Site Request Forgery
Posted Nov 5, 2020
Authored by LiquidWorm | Site zeroscience.mk

iDS6 DSSPro Digital Signage System version 6.2 allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.

tags | exploit, web
SHA-256 | 1a26a10673d6b783da8e252d6d326ea5a7706080e34d2507828aab2671cdd3ca
iDS6 DSSPro Digital Signage System 6.2 Password Disclosure
Posted Nov 5, 2020
Authored by LiquidWorm | Site zeroscience.mk

iDS6 DSSPro Digital Signage System version 6.2 suffers from a cleartext transmission/storage of sensitive information in a cookie when using the Remember (autoSave=true) feature. This allows a remote attacker to intercept the HTTP Cookie authentication credentials via a man-in-the-middle attack.

tags | exploit, remote, web
SHA-256 | 877e94d38aecf3b2d0163b51920a838107622f27e092b47090c6cd17ae27cf90
Trend Micro IMSVA CSRF / XML Injection / SSRF / File Disclosure
Posted Nov 5, 2020
Authored by Wolfgang Ettlinger, T. Serafin | Site sec-consult.com

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) versions prior to 9.1.0 Critical Patch Build 2025 suffer from XML injection, over-privileged access, cross site request forgery, file disclosure, server-side request forgery, information leakage, and various other vulnerabilities.

tags | exploit, vulnerability, csrf
advisories | CVE-2020-27016, CVE-2020-27017, CVE-2020-27018, CVE-2020-27019, CVE-2020-27693, CVE-2020-27694
SHA-256 | c7d236bdf962dfa9de93321b3fab630caa7f7676cb4839021d3b0a10b7122b7b
Ubuntu Security Notice USN-4618-1
Posted Nov 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4618-1 - Sergey Nizovtsev discovered that tmux incorrectly handled some inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-27347
SHA-256 | 4d013c3ab340ab643bf10a57df87941d8a90a0ef174a6c4436c2652d40ae5886
Red Hat Security Advisory 2020-4953-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4953-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include out of bounds access and privilege escalation vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-14345, CVE-2020-14346, CVE-2020-14361, CVE-2020-14362
SHA-256 | b887a9aca316a1bac18d59938b9cc80c6bdbfdc1ed45efed99383dda49fb1b0e
Red Hat Security Advisory 2020-4946-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4946-01 - The libX11 packages contain the core X11 protocol client library. Issues addressed include double free and integer overflow vulnerabilities.

tags | advisory, overflow, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2020-14363
SHA-256 | fbfe013d99430ab77450101b23efc39c5a7e7a0d9d1d6026efaf055f9ecc8fd5
Red Hat Security Advisory 2020-4947-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4947-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15683, CVE-2020-15969
SHA-256 | 7e19bc0d5be5e7b76efff1fa9c9d07c2a5b398120bcaed8fe06b472033f30ace
Red Hat Security Advisory 2020-4945-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4945-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15683, CVE-2020-15969
SHA-256 | e1311ca70124c3d2677e5e2f0c21cd8b0de250869787c9bdcf1970dd5b366360
Red Hat Security Advisory 2020-4951-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4951-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-15999
SHA-256 | af448da32a7f41f645f0c195bc336a4773e9f1c90023df288c072f368e67ec6e
Red Hat Security Advisory 2020-4944-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4944-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15683, CVE-2020-15969
SHA-256 | 0e09e8649da32eaf38199841872f2af2ce36789fbfe13a7b15c3152dd22b7f1a
Red Hat Security Advisory 2020-4948-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4948-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15683, CVE-2020-15969
SHA-256 | 0f89699d2e03b32c30b23cf13e3213078246d3f7cf2693285a44be51de0f26a0
Red Hat Security Advisory 2020-4952-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4952-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-15999
SHA-256 | 43c3c1db580d97f4509dbbdc681ee34bc176057bcba3d4d7e8169fdc701d28a2
Red Hat Security Advisory 2020-4950-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4950-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-15999
SHA-256 | 539a253bfe37679e365795f675286ef3b3dd76d04c82f67072a2b71107aa045d
Red Hat Security Advisory 2020-4949-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4949-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-15999
SHA-256 | cbdb03ba697bed4df4f5afb22be60147a224a325d4d1be3088e4ba353728ab29
Red Hat Security Advisory 2020-4932-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4932-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.3 security update on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.4.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2020-10776, CVE-2020-14389
SHA-256 | 10b8288a98ea38157a941b3a042c2f9688d0140cb95317031189dfaa2901f545
Red Hat Security Advisory 2020-4929-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4929-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.3 security update on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.4.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2020-10776, CVE-2020-14389
SHA-256 | 93d0fc696cfe97ea70332d763e4d17f3ab8a0866c3f3a1f03acfeed536d6a8b5
Red Hat Security Advisory 2020-4930-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4930-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.3 security update on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.4.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2020-10776, CVE-2020-14389
SHA-256 | 1bde2cc8d0837e5e3bc8a3d9f978ddad384f63ba2d496389d856dcc1b0a082dc
Red Hat Security Advisory 2020-4931-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4931-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.3 serves as a replacement for Red Hat Single Sign-On 7.4.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, cross site scripting, denial of service, and man-in-the-middle vulnerabilities.

tags | advisory, web, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-10776, CVE-2020-14299, CVE-2020-14338, CVE-2020-14340, CVE-2020-14389, CVE-2020-1954
SHA-256 | 5ccbb9cfdf1b00de7aefb64f50b1b1594b3b1b13b8f0d9df7790c851be386bad
Amarok 2.8.0 Denial Of Service
Posted Nov 5, 2020
Authored by FishballAndMeatball

Amarok version 2.8.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2020-13152
SHA-256 | 3b4331be069b40ab14039ed0642b93d07d6c2909e898c9b42c264378b055a535
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close