what you don't know can hurt you
Showing 1 - 22 of 22 RSS Feed

Files Date: 2020-12-01

Ubuntu Security Notice USN-4656-1
Posted Dec 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4656-1 - Jan-Niklas Sohn discovered that the X.Org X Server XKB extension incorrectly handled certain inputs. A local attacker could possibly use this issue to escalate privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2020-14360
MD5 | 93853767d560545b7dd82c968276953f
Ubuntu Security Notice USN-4655-1
Posted Dec 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4655-1 - It was discovered that Werkzeug has insufficient debugger PIN randomness. An attacker could use this issue to access sensitive information. This issue only affected Ubuntu 18.04 LTS. It was discovered that Werkzeug incorrectly handled certain URLs. An attacker could possibly use this issue to cause phishing attacks. This issue only affected Ubuntu 16.04 LTS.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-14806, CVE-2020-28724
MD5 | ce431abe7eb561d35f930c7d3b02aba5
Packet Storm New Exploits For November, 2020
Posted Dec 1, 2020
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 185 exploits added to Packet Storm in November, 2020.

tags | exploit
MD5 | 75e6bcf277f276acd37999eaf3155a86
THC-IPv6 Attack Tool 3.8
Posted Dec 1, 2020
Authored by van Hauser, thc | Site thc.org

THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.

Changes: This release fixes several bugs.
tags | tool, protocol
systems | unix
MD5 | e4defd32df9b9318525772f85cac31ef
SQLMAP - Automatic SQL Injection Tool 1.4.12
Posted Dec 1, 2020
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Bug fixes.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 63f11245bc7cdef373e7b5a811aa3c43
Mandos Encrypted File System Unattended Reboot Utility 1.8.13
Posted Dec 1, 2020
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: Various updates.
tags | tool, remote, root
systems | linux, unix
MD5 | 0c7546acc41ef41a8e39453fd58f4cc9
Red Hat Security Advisory 2020-5314-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5314-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.5.0 ESR. Issues addressed include bypass, cross site scripting, and use-after-free vulnerabilities.

tags | advisory, web, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-16012, CVE-2020-26951, CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26968
MD5 | d6d296f85e26ca8b746e2e4972f08362
Red Hat Security Advisory 2020-5305-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5305-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2020-15366, CVE-2020-7774, CVE-2020-8277
MD5 | 8b5a152876a53907ae1de1b4c9bacf98
Ubuntu Security Notice USN-4654-1
Posted Dec 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4654-1 - It was discovered that PEAR incorrectly sanitized filenames. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-28948
MD5 | 82c82cbd2ddeecdab18d7a3219f64cce
Red Hat Security Advisory 2020-5275-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5275-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer over-read, buffer overflow, code execution, information leakage, null pointer, and out of bounds read vulnerabilities.

tags | advisory, web, overflow, php, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-11045, CVE-2019-11047, CVE-2019-11048, CVE-2019-11050, CVE-2019-19203, CVE-2019-19204, CVE-2019-19246, CVE-2020-7059, CVE-2020-7060, CVE-2020-7062, CVE-2020-7063, CVE-2020-7064, CVE-2020-7065, CVE-2020-7066
MD5 | 15b6e660f7ec10e7b1caf283b0e647fa
Red Hat Security Advisory 2020-5302-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5302-01 - This release of Red Hat build of Quarkus 1.7.5 SP1 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
systems | linux, redhat
advisories | CVE-2020-25638
MD5 | 530ae33c260b949f7141641955a37664
Red Hat Security Advisory 2020-5194-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5194-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15999, CVE-2020-8559
MD5 | 941a9411336dc25888006c334a16eb80
Red Hat Security Advisory 2020-5239-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5239-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.5.0 ESR. Issues addressed include bypass, cross site scripting, and use-after-free vulnerabilities.

tags | advisory, web, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-16012, CVE-2020-26951, CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26968
MD5 | 28fe6d4dcec59e4c99842b526cb5f462
Ubuntu Security Notice USN-4653-1
Posted Dec 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4653-1 - It was discovered that access controls for the shim’s API socket did not restrict access to the abstract unix domain socket in some cases. An attacker could use this vulnerability to run containers with elevated privileges.

tags | advisory
systems | linux, unix, ubuntu
advisories | CVE-2020-15257
MD5 | 8ecc1fa869b3211bbb093ef90ef1a0f9
Ubuntu Security Notice USN-4652-1
Posted Dec 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4652-1 - It was discovered that SniffIt incorrectly handled certain configuration files. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-5439
MD5 | 6a7456d4d7b6165153389916c139259a
Red Hat Security Advisory 2020-5257-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5257-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.5.0 ESR. Issues addressed include bypass, cross site scripting, and use-after-free vulnerabilities.

tags | advisory, web, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-16012, CVE-2020-26951, CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26968
MD5 | b570bdde8e9ffca364df56d26131b6d8
Red Hat Security Advisory 2020-5235-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5235-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.5.0. Issues addressed include bypass, cross site scripting, and use-after-free vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-16012, CVE-2020-26951, CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26968
MD5 | fdabd4c9835e9a48f9c24633ec7cb555
Red Hat Security Advisory 2020-5254-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5254-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, web, sql injection
systems | linux, redhat
advisories | CVE-2020-25638
MD5 | 0ef821bdbfc1a427665366f9f418b4a3
eClass LMS 2.6 Shell Upload
Posted Dec 1, 2020
Authored by Sohel Yousef

eClass LMS version 2.6 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 27ab302a8ee9d1973f951525ce39698f
WordPress EventON Calendar 3.0.5 Cross Site Scripting
Posted Dec 1, 2020
Authored by B3KC4T

WordPress EventON Calendar plugin version 3.0.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-29395
MD5 | 6d781ceb0ce4cc4d3067f1bd5476bef5
SciKit-Learn 0.23.2 Denial Of Service
Posted Dec 1, 2020
Authored by pabloec20

SciKit-Learn version 0.23.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2020-28975
MD5 | 6f9363e5e9c2515c85d4b94828be4c86
TypeSetter 5.1 Cross Site Request Forgery
Posted Dec 1, 2020
Authored by Alperen Ergel

TypeSetter version 5.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | b67e8396e549f39a1f6d2f1fe8eb968a
Page 1 of 1
Back1Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close