exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2020-11-10

Rapid7 Metasploit Framework msfvenom APK Template Command Injection
Posted Nov 10, 2020
Authored by Justin Steven | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in Metasploit Framework's msfvenom payload generator when using a crafted APK file as an Android payload template. Affected includes Metasploit Framework versions 6.0.11 and below and Metasploit Pro versions 4.18.0 and below.

tags | exploit
advisories | CVE-2020-7384
SHA-256 | 47170fa2c6f60c3fc00bcf7d141f9846d5a4832fd8d4f861bb23346abf01ef02
WordPress File Manager 6.8 Remote Code Execution
Posted Nov 10, 2020
Authored by Imran E. Dawoodjee, Alex Souza | Site metasploit.com

The WordPress File Manager (wp-file-manager) plugin versions 6.0 through 6.8 allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, for example, allows attackers to run the elFinder upload (or mkfile and put) command to write PHP code into the wp-content/plugins/wp-file-manager/lib/files/ directory.

tags | exploit, remote, arbitrary, php
advisories | CVE-2020-25213
SHA-256 | cb75a4b68804743f507bff751860e4857ae4e6e2dc885932118f534da8b0dce9
Falco 0.26.2
Posted Nov 10, 2020
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: DRIVERS_REPO updated.
tags | tool, intrusion detection
systems | unix
SHA-256 | f28d766475ba7b1c153f28df3622935d15c8fc93026e2465daa9a950156628aa
Red Hat Security Advisory 2020-5054-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5054-01 - The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14040
SHA-256 | f92551824b5d626a1e18cfcdbb044ba22c3711db05bb35dddb1a37d9fa41ce0f
Red Hat Security Advisory 2020-5056-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5056-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14040, CVE-2020-14370
SHA-256 | 665ed5d98c9957e15d97945672e8f8f56a65b8382a21f1d0f5f7eee78d24bcb6
Red Hat Security Advisory 2020-5055-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5055-01 - The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14040
SHA-256 | 2a8eee492b4b82b510d75ca3fea6d2035132dc887c1b2ae216ff3335fa1c26f8
Ubuntu Security Notice USN-4624-1
Posted Nov 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4624-1 - It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause unexpected behaviours, or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-0452
SHA-256 | bbdedad92c5f49abf4ec712372a7579c609942a31ff4253159b2e40d800c11b9
Red Hat Security Advisory 2020-5010-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5010-01 - Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, python
systems | linux, redhat
advisories | CVE-2019-20907, CVE-2020-14422
SHA-256 | f350f73aae4e8c70ebc1718230bfcf9f7db05549fc27b6302c1ca74b3bbaa786
Anuko Time Tracker 1.19.23.5325 CSV Injection
Posted Nov 10, 2020
Authored by Mufaddal Masalawala

Anuko Time Tracker version 1.19.23.5325 suffers from a CSV formula injection vulnerability.

tags | exploit
advisories | CVE-2020-15255
SHA-256 | 105e68c3d2a19035a692811e21172ba5e0ebdeec62831e1ee2d05accada9ad58
Red Hat Security Advisory 2020-5012-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5012-01 - The librepo library provides a C and Python API to download repository metadata. Issues addressed include a traversal vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2020-14352
SHA-256 | 85ff30fb487a0a6d9b0d6405bfe606b3694384cb3fd24b2e4d6d0cf405acb87c
Red Hat Security Advisory 2020-5004-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5004-01 - The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability environment. Issues addressed include a crlf injection vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-11078
SHA-256 | 453fcb09a5f16da256701b2dda3589e540b018eb409e7ce78c39b210542b206a
Red Hat Security Advisory 2020-5003-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5003-01 - The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Issues addressed include a crlf injection vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2020-11078
SHA-256 | 3a82297fdf138055633b735dafe4562ca8ced8cea32bb001465a4ae5dd9fc377
Red Hat Security Advisory 2020-5050-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5050-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-14385
SHA-256 | 623c6e812db6e3332f8bb6b53494465e0817a3212578d85d6da7baf00a7cd4a8
Red Hat Security Advisory 2020-5023-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5023-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-20811, CVE-2020-14331
SHA-256 | 19732bba2fcf4903aa3358bb1d0e9b5ccff9c94d14037fb0bb5daf1aae803c57
Red Hat Security Advisory 2020-5040-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5040-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include a double free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25637
SHA-256 | 092f943a786403ecdd500537ccfa76a673d08d087081069996a71e0da3f031fc
Red Hat Security Advisory 2020-5021-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5021-01 - The qt packages contain a software toolkit that simplifies the task of writing and maintaining Graphical User Interface applications for the X Window System. Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Issues addressed include a buffer over-read vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-17507
SHA-256 | d6335f524240749d77e4a2a8f198ad08e90d464e1ec9627f73e52e4e195b3914
Red Hat Security Advisory 2020-5026-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5026-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-20811, CVE-2020-14331
SHA-256 | 6b053ed4d04629c659e026273dffab5521a8cdbad0b4b8e7cdf9c89d4bdd8c2f
ShoreTel Conferencing 19.46.1802.0 Cross Site Scripting
Posted Nov 10, 2020
Authored by Joe Helle

ShoreTel Conferencing version 19.46.1802.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-28351
SHA-256 | df622ff6658508f23c86cc7c02cc486c8f440ad740ecd4af686fba474a2981ea
Red Hat Security Advisory 2020-5002-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5002-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2020-8177
SHA-256 | 15cbbb287106b726201c238c50fb000d4965ed0789c4f1f77edd3a6c0aa95f80
Red Hat Security Advisory 2020-5011-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5011-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8622, CVE-2020-8623, CVE-2020-8624
SHA-256 | aaf648a3da7817299ff297522b94b3967620cc6d46bede90ffb091bef1c78a17
Red Hat Security Advisory 2020-5020-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5020-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2020-1935
SHA-256 | 7ec0216636921bc74503b64c483f37f3b81462c1fea8530c0042df557b9fbe89
Red Hat Security Advisory 2020-5009-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5009-01 - Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2019-20907
SHA-256 | 82e2d38d84579540e95319c3672421ee2c2fb4cc1cc9eaaab013aa93b3236ac2
Red Hat Security Advisory 2020-4999-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4999-01 - The unixODBC packages contain a framework that supports accessing databases through the ODBC protocol. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, protocol
systems | linux, redhat
advisories | CVE-2018-7409, CVE-2018-7485
SHA-256 | 5b9c4c2c96b588f72a4367b7338f9123b293546c7f814eaf7123d3c767e12aaf
Red Hat Security Advisory 2020-4992-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4992-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8622, CVE-2020-8623
SHA-256 | 427c349502093041505d7cf083ba266acd7af71b03733c28a2e759898ef1f7b2
Red Hat Security Advisory 2020-4991-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4991-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12352
SHA-256 | 36e5f3eaac42575f4136edc475d74185d6e90f76555788b825efb4cd93ae1876
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close