what you don't know can hurt you
Showing 1 - 25 of 27 RSS Feed

Files Date: 2020-12-14

Red Hat Security Advisory 2020-5410-01
Posted Dec 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5410-01 - Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project. This release of Red Hat Data Grid 7.3.8 serves as a replacement for Red Hat Data Grid 7.3.7 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum. Issues addressed include XML injection and memory leak vulnerabilities.

tags | advisory, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-25644, CVE-2020-25649
MD5 | c588980e9ca009f602d131c7f03d3ef8
Red Hat Security Advisory 2020-5408-01
Posted Dec 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5408-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include buffer overflow, out of bounds access, and privilege escalation vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-14347, CVE-2020-14360, CVE-2020-25712
MD5 | 5811c5225299e847f82445161e093100
WhatWeb Scanner 0.5.4
Posted Dec 14, 2020
Authored by Andrew Horton | Site morningstarsecurity.com

WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more. WhatWeb supports an aggression level to control the trade off between speed and reliability.

Changes: Minor release with three new plugins and one plugin update.
tags | tool, web, scanner, javascript
systems | unix
MD5 | 2443a2f3728d5300c51ff8fb66a87344
usrsctp HMAC Generation Out-Of-Bounds Access
Posted Dec 14, 2020
Authored by Google Security Research, Felix Wilhelm

usrsctp suffers from insecure HMAC generation that can lead to out-of-bounds access.

tags | exploit
MD5 | 60dae1b024aad137dbbc2e032f8413ac
usrsctp pending_reply_queue Out-Of-Bounds Access
Posted Dec 14, 2020
Authored by Google Security Research, Felix Wilhelm

usrsctp suffers from a usrsctp pending_reply_queue out-of-bounds access vulnerability.

tags | exploit
MD5 | fbfd1f9af88626326bb98128c859b372
Red Hat Security Advisory 2020-5259-01
Posted Dec 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5259-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-8011, CVE-2020-8563, CVE-2020-8564
MD5 | 2f873de5498fe18e3158018fed266a41
Ubuntu Security Notice USN-4660-2
Posted Dec 14, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4660-2 - USN-4660-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with fstrim that could lead to data corruption. This update fixes the problem. It was discovered that a race condition existed in the perf subsystem of the Linux kernel, leading to a use-after-free vulnerability. An attacker with access to the perf subsystem could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-14351, CVE-2020-14390, CVE-2020-25211, CVE-2020-25284, CVE-2020-25285, CVE-2020-25641, CVE-2020-25643, CVE-2020-25645, CVE-2020-28915, CVE-2020-4788
MD5 | 13b59c23735c20b99a07f2be7c796f7e
LibreNMS 1.46 SQL Injection
Posted Dec 14, 2020
Authored by Hodorsec

LibreNMS version 1.46 suffers from an authenticated remote SQL injection vulnerability in the MAC Account Graph. Original discovery of SQL injection in this version is attributed to Punt in May of 2020.

tags | exploit, remote, sql injection
MD5 | f2ded99e14c6ef8d7a6b3197a0529fee
Red Hat Security Advisory 2020-5402-01
Posted Dec 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5402-01 - The libexif packages provide a library for extracting extra information from image files. Issues addressed include integer overflow and out of bounds write vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-0452
MD5 | 8b71cac38f33cc55bfae76daae527270
Red Hat Security Advisory 2020-5260-01
Posted Dec 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5260-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-8563
MD5 | 116330b0a0a764c9d4b5f415aa818387
Macally WIFISD2-2A82 2.000.010 Privilege Escalation
Posted Dec 14, 2020
Authored by Maximilian Barz, Daniel Schwendner

Macally WIFISD2-2A82 version 2.000.010 guest to root privilege escalation exploit.

tags | exploit, root
advisories | CVE-2020-29669
MD5 | 973230f1407ec95befb0262f806bbaef
Ubuntu Security Notice USN-4658-2
Posted Dec 14, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4658-2 - USN-4658-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with fstrim that could lead to data corruption. This update fixes the problem. It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-0423, CVE-2020-10135, CVE-2020-14351, CVE-2020-14390, CVE-2020-25211, CVE-2020-25284, CVE-2020-25643, CVE-2020-25645, CVE-2020-25705, CVE-2020-28915, CVE-2020-4788
MD5 | 66bcfd82be0047a6e48a5c99b2d2bdac
Rumble Mail Server 0.51.3135 Cross Site Scripting
Posted Dec 14, 2020
Authored by Mohammed Alshehri

Rumble Mail Server version 0.51.3135 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 9d38d263a42a201d7615cf60382ae96b
Red Hat Security Advisory 2020-5401-01
Posted Dec 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5401-01 - The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25694, CVE-2020-25696
MD5 | 53757d73338f474ecf146a81a3249b1e
Red Hat Security Advisory 2020-5400-01
Posted Dec 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5400-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.5.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-26970
MD5 | 9985ac15d0ca98dd29640fc9530d1491
System Explorer 7.0.0 Unquoted Service Path
Posted Dec 14, 2020
Authored by Mohammed Alshehri

System Explorer version 7.0.0 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | 70eb40f55615a0dfde6b523a9237909d
Ubuntu Security Notice USN-4659-2
Posted Dec 14, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4659-2 - USN-4659-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with fstrim that could lead to data corruption. This update fixes the problem. It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-0423, CVE-2020-10135, CVE-2020-14351, CVE-2020-25705, CVE-2020-27152, CVE-2020-28915, CVE-2020-4788
MD5 | 6e8f14203b3a4048f0d5c37dc565a8ef
Red Hat Security Advisory 2020-5399-01
Posted Dec 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5399-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.5.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-26970
MD5 | 3b1097d1905d14f2a878adce73827371
MiniWeb HTTP Server 0.8.19 Buffer Overflow
Posted Dec 14, 2020
Authored by securityforeveryone.com

MiniWeb HTTP Server version 0.8.19 buffer overflow proof of concept exploit.

tags | exploit, web, overflow, proof of concept
MD5 | 1c43ae8b9d8816d4006b30d2418d1582
Red Hat Security Advisory 2020-5398-01
Posted Dec 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5398-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.5.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-26970
MD5 | 8526ba7c8cd8812d60cbf95d9a11e042
Red Hat Security Advisory 2020-5394-01
Posted Dec 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5394-01 - The libexif packages provide a library for extracting extra information from image files. Issues addressed include integer overflow and out of bounds write vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-0452
MD5 | b4e4c6fc1b56278c430f32fe89152ce0
Red Hat Security Advisory 2020-5393-01
Posted Dec 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5393-01 - The libexif packages provide a library for extracting extra information from image files. Issues addressed include integer overflow and out of bounds write vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-0452
MD5 | 559efe0b1b21d65df5c305ed43a4f93d
WordPress Total Upkeep 1.14.9 Backup Disclosure
Posted Dec 14, 2020
Authored by Wadeek

WordPress Total Upkeep plugin version 1.14.9 suffers from a backup disclosure vulnerability.

tags | exploit, info disclosure
MD5 | e6b99caa5afc117cd93a02bf8dcd2e78
Red Hat Security Advisory 2020-5395-01
Posted Dec 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5395-01 - The libexif packages provide a library for extracting extra information from image files. Issues addressed include integer overflow and out of bounds write vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-0452
MD5 | b2fd6c54e95dd188c9c1a106bf428df5
Red Hat Security Advisory 2020-5396-01
Posted Dec 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5396-01 - The libexif packages provide a library for extracting extra information from image files. Issues addressed include integer overflow and out of bounds write vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-0452
MD5 | 452fc675c8c56dd526903ad568c8002d
Page 1 of 2
Back12Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close