what you don't know can hurt you
Showing 1 - 25 of 27 RSS Feed

Files Date: 2020-11-10

Rapid7 Metasploit Framework msfvenom APK Template Command Injection
Posted Nov 10, 2020
Authored by Justin Steven | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in Metasploit Framework's msfvenom payload generator when using a crafted APK file as an Android payload template. Affected includes Metasploit Framework versions 6.0.11 and below and Metasploit Pro versions 4.18.0 and below.

tags | exploit
advisories | CVE-2020-7384
MD5 | 695d70bbd2e49f70ab302feba13c9124
WordPress File Manager 6.8 Remote Code Execution
Posted Nov 10, 2020
Authored by Imran E. Dawoodjee, Alex Souza | Site metasploit.com

The WordPress File Manager (wp-file-manager) plugin versions 6.0 through 6.8 allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, for example, allows attackers to run the elFinder upload (or mkfile and put) command to write PHP code into the wp-content/plugins/wp-file-manager/lib/files/ directory.

tags | exploit, remote, arbitrary, php
advisories | CVE-2020-25213
MD5 | 33be7d7b4c3915b9705e403be54c86a0
Falco 0.26.2
Posted Nov 10, 2020
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: DRIVERS_REPO updated.
tags | tool, intrusion detection
systems | unix
MD5 | 675a73dd8b5cb2da098fc07e8c914807
Red Hat Security Advisory 2020-5054-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5054-01 - The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14040
MD5 | 3665bf80fb80e17580d7ed2a669f1e07
Red Hat Security Advisory 2020-5056-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5056-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14040, CVE-2020-14370
MD5 | 40bf1e4803c1827dc705ed0538142fbd
Red Hat Security Advisory 2020-5055-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5055-01 - The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14040
MD5 | 39fead1e54f0fec7b34134ca5cd89ee4
Ubuntu Security Notice USN-4624-1
Posted Nov 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4624-1 - It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause unexpected behaviours, or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-0452
MD5 | 7a05bea2012947c33ca0fa3a8095b12d
Red Hat Security Advisory 2020-5010-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5010-01 - Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, python
systems | linux, redhat
advisories | CVE-2019-20907, CVE-2020-14422
MD5 | e953addcfd874b13f34ef55c38b1ca22
Anuko Time Tracker 1.19.23.5325 CSV Injection
Posted Nov 10, 2020
Authored by Mufaddal Masalawala

Anuko Time Tracker version 1.19.23.5325 suffers from a CSV formula injection vulnerability.

tags | exploit
advisories | CVE-2020-15255
MD5 | f59fe007bbbbb7aec58f8530c3cfdfe2
Red Hat Security Advisory 2020-5012-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5012-01 - The librepo library provides a C and Python API to download repository metadata. Issues addressed include a traversal vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2020-14352
MD5 | a97c42936c9f31c824f1ef68cea19591
Red Hat Security Advisory 2020-5004-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5004-01 - The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability environment. Issues addressed include a crlf injection vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-11078
MD5 | 1cfa53c1fc8e17ab910a60a2b8d66fe0
Red Hat Security Advisory 2020-5003-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5003-01 - The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Issues addressed include a crlf injection vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2020-11078
MD5 | 1b750ae82ad48851db83e79877680db3
Red Hat Security Advisory 2020-5050-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5050-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-14385
MD5 | 663899c6a9b85140897d8374828af83c
Red Hat Security Advisory 2020-5023-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5023-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-20811, CVE-2020-14331
MD5 | 8b4efb51252161618854f934a97ca5d2
Red Hat Security Advisory 2020-5040-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5040-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include a double free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25637
MD5 | dda07a5a85d1d8c7a6701cbfe495ec92
Red Hat Security Advisory 2020-5021-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5021-01 - The qt packages contain a software toolkit that simplifies the task of writing and maintaining Graphical User Interface applications for the X Window System. Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Issues addressed include a buffer over-read vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-17507
MD5 | 60151d5bc8af3d27f7966d17c2ca1ad3
Red Hat Security Advisory 2020-5026-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5026-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-20811, CVE-2020-14331
MD5 | c6f577d9ccebc2e88f6eb360d806dac6
ShoreTel Conferencing 19.46.1802.0 Cross Site Scripting
Posted Nov 10, 2020
Authored by Joe Helle

ShoreTel Conferencing version 19.46.1802.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-28351
MD5 | 2f5b884078ccb6aa0728f24e32a5bea8
Red Hat Security Advisory 2020-5002-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5002-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2020-8177
MD5 | e3c9b04c7505494aa3a26599542a0fe1
Red Hat Security Advisory 2020-5011-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5011-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8622, CVE-2020-8623, CVE-2020-8624
MD5 | 20e0e91ba5953fd52a4ace31425e52a8
Red Hat Security Advisory 2020-5020-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5020-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2020-1935
MD5 | 099a329060aa5f5330f19f1769829972
Red Hat Security Advisory 2020-5009-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5009-01 - Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2019-20907
MD5 | 206ae095f52d2b15264505721e94caf8
Red Hat Security Advisory 2020-4999-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4999-01 - The unixODBC packages contain a framework that supports accessing databases through the ODBC protocol. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, protocol
systems | linux, redhat
advisories | CVE-2018-7409, CVE-2018-7485
MD5 | de7e8ca6255adb8f20983c5d0b02b466
Red Hat Security Advisory 2020-4992-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4992-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8622, CVE-2020-8623
MD5 | 2df526743f6f442491b3a751b481f962
Red Hat Security Advisory 2020-4991-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4991-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12352
MD5 | a490fdbf04f8b760a08c543e6916c39f
Page 1 of 2
Back12Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    10 Files
  • 22
    Jan 22nd
    16 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close