exploit the possibilities
Showing 1 - 22 of 22 RSS Feed

Files Date: 2020-11-05

Botan C++ Crypto Algorithms Library 2.17.0
Posted Nov 5, 2020
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Changes: Fixed a bug in ECDSA which could occur when the group size and hash length differ. Fixed a bug in ECDSA verification when the public key was chosen to be a small multiple of the group generator. Various other updates.
tags | library
MD5 | 37d88cda94469e41e8a6eff1e8675937
iDS6 DSSPro Digital Signage System 6.2 Privilege Escalation
Posted Nov 5, 2020
Authored by LiquidWorm | Site zeroscience.mk

iDS6 DSSPro Digital Signage System version 6.2 suffers from a privilege escalation vulnerability. An authenticated user can elevate his/her privileges by calling JS functions from the console or by insecure direct object references to hidden functionalities that can result in creating users, modifying roles and permissions and full takeover of the application.

tags | exploit
MD5 | e3500a490fb570726141f18d28cdea4a
iDS6 DSSPro Digital Signage System 6.2 CAPTCHA Security Bypass
Posted Nov 5, 2020
Authored by LiquidWorm | Site zeroscience.mk

The CAPTCHA function for iDS6 DSSPro Digital Signage System version 6.2 is prone to a security bypass vulnerability that occurs in the CAPTCHA authentication routine. By requesting the autoLoginVerifyCode object an attacker can receive a JSON message code and successfully bypass the CAPTCHA-based authentication challenge and perform brute-force attacks.

tags | exploit, bypass
MD5 | 63ad9696454afc1b19e579a677c06b40
iDS6 DSSPro Digital Signage System 6.2 Cross Site Request Forgery
Posted Nov 5, 2020
Authored by LiquidWorm | Site zeroscience.mk

iDS6 DSSPro Digital Signage System version 6.2 allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.

tags | exploit, web
MD5 | 207d76baf968933618e1083a7fd98079
iDS6 DSSPro Digital Signage System 6.2 Password Disclosure
Posted Nov 5, 2020
Authored by LiquidWorm | Site zeroscience.mk

iDS6 DSSPro Digital Signage System version 6.2 suffers from a cleartext transmission/storage of sensitive information in a cookie when using the Remember (autoSave=true) feature. This allows a remote attacker to intercept the HTTP Cookie authentication credentials via a man-in-the-middle attack.

tags | exploit, remote, web
MD5 | 6e74f91319785d9d2dc39fb672f1d06b
Trend Micro IMSVA CSRF / XML Injection / SSRF / File Disclosure
Posted Nov 5, 2020
Authored by Wolfgang Ettlinger, T. Serafin | Site sec-consult.com

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) versions prior to 9.1.0 Critical Patch Build 2025 suffer from XML injection, over-privileged access, cross site request forgery, file disclosure, server-side request forgery, information leakage, and various other vulnerabilities.

tags | exploit, vulnerability, csrf
advisories | CVE-2020-27016, CVE-2020-27017, CVE-2020-27018, CVE-2020-27019, CVE-2020-27693, CVE-2020-27694
MD5 | dfa15ee9d60763987a67c4ef7525645a
Ubuntu Security Notice USN-4618-1
Posted Nov 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4618-1 - Sergey Nizovtsev discovered that tmux incorrectly handled some inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-27347
MD5 | 707bdda96b60b30ef620ce6d9df783f9
Red Hat Security Advisory 2020-4953-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4953-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include out of bounds access and privilege escalation vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-14345, CVE-2020-14346, CVE-2020-14361, CVE-2020-14362
MD5 | c79c8a9c630ee3a6faad28766ba9814b
Red Hat Security Advisory 2020-4946-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4946-01 - The libX11 packages contain the core X11 protocol client library. Issues addressed include double free and integer overflow vulnerabilities.

tags | advisory, overflow, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2020-14363
MD5 | 109fbef2136275991fa47378e6124780
Red Hat Security Advisory 2020-4947-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4947-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15683, CVE-2020-15969
MD5 | d7d790346170b41be44c906ed602b15a
Red Hat Security Advisory 2020-4945-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4945-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15683, CVE-2020-15969
MD5 | 215676587ff5c53b51f141f57f744815
Red Hat Security Advisory 2020-4951-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4951-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-15999
MD5 | cee88be8d6edca03dfa55897140a80ed
Red Hat Security Advisory 2020-4944-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4944-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15683, CVE-2020-15969
MD5 | ca182862671a18893831aaf2a4344ea2
Red Hat Security Advisory 2020-4948-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4948-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15683, CVE-2020-15969
MD5 | c3c5439770146f4c1cfb999e8bd3eb49
Red Hat Security Advisory 2020-4952-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4952-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-15999
MD5 | e97ac8f2ec6125873914f993463f5d32
Red Hat Security Advisory 2020-4950-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4950-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-15999
MD5 | c99b84ee882b4828b4bc25bc57500709
Red Hat Security Advisory 2020-4949-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4949-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-15999
MD5 | 1ff5a88e64ecfe0831c40f30e744925c
Red Hat Security Advisory 2020-4932-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4932-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.3 security update on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.4.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2020-10776, CVE-2020-14389
MD5 | 8329734a18f2c1e3cf17bbd05f5e8603
Red Hat Security Advisory 2020-4929-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4929-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.3 security update on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.4.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2020-10776, CVE-2020-14389
MD5 | ec3d5c365319b520c12a91fedb93c25c
Red Hat Security Advisory 2020-4930-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4930-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.3 security update on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.4.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2020-10776, CVE-2020-14389
MD5 | 9779d031c03451bbfd6b7f30b2c900b4
Red Hat Security Advisory 2020-4931-01
Posted Nov 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4931-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.3 serves as a replacement for Red Hat Single Sign-On 7.4.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, cross site scripting, denial of service, and man-in-the-middle vulnerabilities.

tags | advisory, web, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-10776, CVE-2020-14299, CVE-2020-14338, CVE-2020-14340, CVE-2020-14389, CVE-2020-1954
MD5 | c8d96572a1451b71d5219cd6f0a6e0d2
Amarok 2.8.0 Denial Of Service
Posted Nov 5, 2020
Authored by FishballAndMeatball

Amarok version 2.8.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2020-13152
MD5 | 3059add37a0a5f4a574ae7326a9a5b32
Page 1 of 1
Back1Next

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    32 Files
  • 25
    Nov 25th
    7 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close