exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2020-12-01

Ubuntu Security Notice USN-4656-1
Posted Dec 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4656-1 - Jan-Niklas Sohn discovered that the X.Org X Server XKB extension incorrectly handled certain inputs. A local attacker could possibly use this issue to escalate privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2020-14360
SHA-256 | 82f2428e9fbc552419e92a5893d379e62c8ac3ab594194b67ac5a457342f3817
Ubuntu Security Notice USN-4655-1
Posted Dec 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4655-1 - It was discovered that Werkzeug has insufficient debugger PIN randomness. An attacker could use this issue to access sensitive information. This issue only affected Ubuntu 18.04 LTS. It was discovered that Werkzeug incorrectly handled certain URLs. An attacker could possibly use this issue to cause phishing attacks. This issue only affected Ubuntu 16.04 LTS.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-14806, CVE-2020-28724
SHA-256 | f963003ef70151c4a9f12cf38a0eec8d7635ae2186a53f0a5acf8f9c12171fca
Packet Storm New Exploits For November, 2020
Posted Dec 1, 2020
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 185 exploits added to Packet Storm in November, 2020.

tags | exploit
SHA-256 | 0a3f6f6217e08edc2471af5425fde885ebfe8dc01d793154acc327626c4a46f6
THC-IPv6 Attack Tool 3.8
Posted Dec 1, 2020
Authored by van Hauser, thc | Site thc.org

THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.

Changes: This release fixes several bugs.
tags | tool, protocol
systems | unix
SHA-256 | b60be61a8b0a944a66e3b719704b4c03c1bc2c22f32d5d21e99e434c82a9d769
SQLMAP - Automatic SQL Injection Tool 1.4.12
Posted Dec 1, 2020
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Bug fixes.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
SHA-256 | d149722cb33202678fb64642ea315d0dea3fcb2d54403efb78b9819464dbd3e5
Mandos Encrypted File System Unattended Reboot Utility 1.8.13
Posted Dec 1, 2020
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: Various updates.
tags | tool, remote, root
systems | linux, unix
SHA-256 | 7e6d9cfdccadf636afd68a1af4fa937c8314ca49afc625712ab6e94446f1d508
Red Hat Security Advisory 2020-5314-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5314-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.5.0 ESR. Issues addressed include bypass, cross site scripting, and use-after-free vulnerabilities.

tags | advisory, web, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-16012, CVE-2020-26951, CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26968
SHA-256 | d3e64b5f34c545825cf7a28e0eb05fd6fa84fdefbaa3bcadd91c24bd7a984d3c
Red Hat Security Advisory 2020-5305-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5305-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2020-15366, CVE-2020-7774, CVE-2020-8277
SHA-256 | c0fbb78cfa0a31bf66fcb5280c5543c7173545dc23a46bd554da1fb5ac7098ab
Ubuntu Security Notice USN-4654-1
Posted Dec 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4654-1 - It was discovered that PEAR incorrectly sanitized filenames. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-28948
SHA-256 | c191745316361b22d4ac1126abb9845238652476d22cd79c87fe915ac89dea9b
Red Hat Security Advisory 2020-5275-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5275-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer over-read, buffer overflow, code execution, information leakage, null pointer, and out of bounds read vulnerabilities.

tags | advisory, web, overflow, php, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-11045, CVE-2019-11047, CVE-2019-11048, CVE-2019-11050, CVE-2019-19203, CVE-2019-19204, CVE-2019-19246, CVE-2020-7059, CVE-2020-7060, CVE-2020-7062, CVE-2020-7063, CVE-2020-7064, CVE-2020-7065, CVE-2020-7066
SHA-256 | ddd426c8ef5f7f421be7fd6c30c9b19468026fea7ae82304ca8d9ab327159ac2
Red Hat Security Advisory 2020-5302-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5302-01 - This release of Red Hat build of Quarkus 1.7.5 SP1 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
systems | linux, redhat
advisories | CVE-2020-25638
SHA-256 | f990e12777887ddeb80da5f4820355619ec2c5c4bcb873f4644e55dd82cd1722
Red Hat Security Advisory 2020-5194-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5194-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15999, CVE-2020-8559
SHA-256 | f1c1f013aeed720cb17bef75cda00d25ece26553485af7b1e813e1b1e9734855
Red Hat Security Advisory 2020-5239-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5239-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.5.0 ESR. Issues addressed include bypass, cross site scripting, and use-after-free vulnerabilities.

tags | advisory, web, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-16012, CVE-2020-26951, CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26968
SHA-256 | 5784174223d043548cde7c7f5a4b37e4646b75881f00e6410680152bfee3347d
Ubuntu Security Notice USN-4653-1
Posted Dec 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4653-1 - It was discovered that access controls for the shim’s API socket did not restrict access to the abstract unix domain socket in some cases. An attacker could use this vulnerability to run containers with elevated privileges.

tags | advisory
systems | linux, unix, ubuntu
advisories | CVE-2020-15257
SHA-256 | 4a2bc41ae485150abd3573d1dae6f74a8e578dbc67939eb1473b47262a286acf
Ubuntu Security Notice USN-4652-1
Posted Dec 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4652-1 - It was discovered that SniffIt incorrectly handled certain configuration files. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-5439
SHA-256 | 4e3be3e8378557975f5e023637c27d628602a0c1470529c99d972c7ae4f99a97
Red Hat Security Advisory 2020-5257-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5257-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.5.0 ESR. Issues addressed include bypass, cross site scripting, and use-after-free vulnerabilities.

tags | advisory, web, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-16012, CVE-2020-26951, CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26968
SHA-256 | 2e77a30b9dc5798836c85340ef1a8785489383393433e2bb2a3d2e6907e5600a
Red Hat Security Advisory 2020-5235-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5235-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.5.0. Issues addressed include bypass, cross site scripting, and use-after-free vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-16012, CVE-2020-26951, CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26968
SHA-256 | e9d221e9d272aab62b3d9b00e1bede4810a563dcb5e1ab1cbffc11e86d80195e
Red Hat Security Advisory 2020-5254-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5254-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, web, sql injection
systems | linux, redhat
advisories | CVE-2020-25638
SHA-256 | 1f1824342beae059c3a79c6156fcf5ae44155e9b67a2c669a42edb685ad5a28b
eClass LMS 2.6 Shell Upload
Posted Dec 1, 2020
Authored by Sohel Yousef

eClass LMS version 2.6 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 821f038a5aea7535d29976f21a3178c0ea90e27337c64e36e72aa2b0fe9737ae
WordPress EventON Calendar 3.0.5 Cross Site Scripting
Posted Dec 1, 2020
Authored by B3KC4T

WordPress EventON Calendar plugin version 3.0.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-29395
SHA-256 | 4af51aa0bdaa4ea63ed2964de737d436288bb34b1b8fa463aa103c6073904e71
SciKit-Learn 0.23.2 Denial Of Service
Posted Dec 1, 2020
Authored by pabloec20

SciKit-Learn version 0.23.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2020-28975
SHA-256 | 74ea2f94eb65fd45d7836e15053b43ffc105e3fdc927679198505c47d640629d
TypeSetter 5.1 Cross Site Request Forgery
Posted Dec 1, 2020
Authored by Alperen Ergel

TypeSetter version 5.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 5eebee0a2d27b3d6d6606580e0c8fb57dda257504e64cb43d745169458bbba67
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close