what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files Date: 2020-12-22

Botan C++ Crypto Algorithms Library 2.17.3
Posted Dec 22, 2020
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Changes: Changed base64, base58, base32, and hex encoding and decoding operations to run in constant time. Fixed a build problem on PPC64 building with Clang. Multiple other bug fixes.
tags | library
SHA-256 | 79123b654445a4abba486e09a431788545c708237382a3e765664c9f55b03b88
Red Hat Security Advisory 2020-5656-01
Posted Dec 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5656-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2017-18551, CVE-2018-20836, CVE-2019-19046, CVE-2019-19447, CVE-2019-20636, CVE-2019-9454, CVE-2020-12770
SHA-256 | fd9de184b8fb8360645a07825be57f5ccdb12ae5e54743cf9a51ff3832dcb2f5
Linux TIOCSPGRP Broken Locking
Posted Dec 22, 2020
Authored by Jann Horn, Google Security Research

Linux suffers from broken locking in TIOCSPGRP that can lead to a corrupted refcount.

tags | exploit
systems | linux
advisories | CVE-2020-29661
SHA-256 | 3d16d56ff43c2ab3355f19116f22e1a94fc89347899d1d2c15556ab0e4b4191b
Multi Branch School Management System 3.5 Cross Site Scripting
Posted Dec 22, 2020
Authored by Kislay Kumar

Multi Branch School Management System version 3.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 88acb86130f42b4d55431799e8326c68f51c167b55ba7171dde447f4ae8082b9
Red Hat Security Advisory 2020-5664-01
Posted Dec 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5664-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include buffer overflow, bypass, and improper authorization vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10164, CVE-2019-10208, CVE-2020-14349, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
SHA-256 | 88e26286d5c7b5279e3f33ac70b31ae4e9035b2a9d2caf94e35f8a922f8de32a
Library Management System 3.0 Cross Site Scripting
Posted Dec 22, 2020
Authored by Kislay Kumar

Library Management System version 3.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 5e36b02fe3ab580be463209da49e6de7149a9428da209ddd54a9cc6887266908
Red Hat Security Advisory 2020-5662-01
Posted Dec 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5662-01 - The MariaDB Native Client library is used to connect applications developed in C/C++ to MariaDB and MySQL databases.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-13249, CVE-2020-2574, CVE-2020-2752, CVE-2020-2922
SHA-256 | 546175c141ad4df3852b56c407f681735decae5e3663cffe5d0d152444818734
Webmin 1.962 Remote Command Execution
Posted Dec 22, 2020
Authored by AkkuS | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in Webmin 1.962 and lower versions. Any user authorized to the Package Updates module can execute arbitrary commands with root privileges. It emerged by circumventing the measure taken for CVE-2019-12840.

tags | exploit, arbitrary, root
advisories | CVE-2020-35606
SHA-256 | 0b9d3eed2396c63f8c369c41bb33853aea8748348ce034096856277e638001d6
Red Hat Security Advisory 2020-5665-01
Posted Dec 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5665-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-2938, CVE-2019-2974, CVE-2020-13249, CVE-2020-14765, CVE-2020-14776, CVE-2020-14789, CVE-2020-14812, CVE-2020-15180, CVE-2020-2574, CVE-2020-2752, CVE-2020-2760, CVE-2020-2780, CVE-2020-2812, CVE-2020-2814
SHA-256 | 35488e2ff382b54b2233116cfe79c0cb02412e4c89c107f20083f7f19e77afdf
WordPress W3 Total Cache 0.9.3 File Read / Directory Traversal
Posted Dec 22, 2020
Authored by SunCSR, Hoa Nguyen, VinhJAXT | Site metasploit.com

This Metasploit module exploits an unauthenticated directory traversal vulnerability in WordPress plugin W3 Total Cache version 0.9.2.6 through 0.9.3, allowing arbitrary file read with the web server privileges.

tags | exploit, web, arbitrary
advisories | CVE-2019-6715
SHA-256 | b1fd7066d25604160753e81eec4934df777ae2201da72af60ddf06186600cd4d
Red Hat Security Advisory 2020-5660-01
Posted Dec 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5660-01 - The MariaDB Native Client library is used to connect applications developed in C/C++ to MariaDB and MySQL databases.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-13249, CVE-2020-2574, CVE-2020-2752, CVE-2020-2922
SHA-256 | 01a9e054093ad547cc7b6a1264367014d8df03cf41e9bc10b535f8746402bdc2
CSE Bookstore 1.0 SQL Injection
Posted Dec 22, 2020
Authored by Musyoka Ian

CSE Bookstore version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Alper Basaran in October of 2020.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | fc951b6ccd26f9e3555d4b13f66f6d079b229758376a158cab4a785dac9e81ef
Red Hat Security Advisory 2020-5663-01
Posted Dec 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5663-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-2510, CVE-2019-2537, CVE-2019-2614, CVE-2019-2627, CVE-2019-2628, CVE-2019-2737, CVE-2019-2739, CVE-2019-2740, CVE-2019-2758, CVE-2019-2805, CVE-2019-2938, CVE-2019-2974, CVE-2020-13249, CVE-2020-14765, CVE-2020-14776, CVE-2020-14789, CVE-2020-14812, CVE-2020-15180, CVE-2020-2574, CVE-2020-2752, CVE-2020-2760, CVE-2020-2780, CVE-2020-2812, CVE-2020-2814, CVE-2020-2922
SHA-256 | 325b2193e35e6aeaf2be8317c7a2f29491c2220871301b1c5fa69c0083ade4e0
Android Studio Privilege Escalation
Posted Dec 22, 2020
Authored by houjingyi

Android Studio has an issue where a malicious project can execute a custom cmd.exe allowing for privilege escalation. Google does not believe this is an issue.

tags | exploit
SHA-256 | 46be4037148bbd4dd5a2366f68c681f1a4a3663d8877cd818fdf312172011cdc
Red Hat Security Advisory 2020-5655-01
Posted Dec 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5655-01 - The MariaDB Native Client library is used to connect applications developed in C/C++ to MariaDB and MySQL databases.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-13249, CVE-2020-2574, CVE-2020-2752, CVE-2020-2922
SHA-256 | fad2cf8fcbd4d7c830dba53d6603f92e656109db1015b5f4e2d81e95f0144c78
Artworks Gallery Management System 1.0 SQL Injection
Posted Dec 22, 2020
Authored by Vijay Sachdeva

Artworks Gallery Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | caa73b9397f59e7d80bba6a10f93cd36e44c093347a6acfcf08932ca83af4671
Red Hat Security Advisory 2020-5654-01
Posted Dec 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5654-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-2938, CVE-2019-2974, CVE-2020-13249, CVE-2020-14765, CVE-2020-14776, CVE-2020-14789, CVE-2020-14812, CVE-2020-15180, CVE-2020-2574, CVE-2020-2752, CVE-2020-2760, CVE-2020-2780, CVE-2020-2812, CVE-2020-2814
SHA-256 | aeec0d650d052441b938277009d871bcdf13c0953d23012e89d2bbcf9eb4ae78
SUPREMO 4.1.3.2348 Privilege Escalation
Posted Dec 22, 2020
Authored by Victor Gil, Adan Alvarez

SUPREMO version 4.1.3.2348 suffers from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2020-25106
SHA-256 | 692dd2b65bb1ca8014e4882531d9b3a1667493ce70b79b16343b0b5167f5bd2f
Red Hat Security Advisory 2020-5661-01
Posted Dec 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5661-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10208, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
SHA-256 | 7910e4e45eba1b0185918baeb0404b9488fedca13ff6e2cb70ec5fc3ef2a97de
Red Hat Security Advisory 2020-5649-01
Posted Dec 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5649-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-15586, CVE-2020-16845
SHA-256 | 89945a3b7d153134e6864656e66d944b3f80bf35919632d99f88b8a68d1ab27a
Faculty Evaluation System 1.0 Cross Site Scripting
Posted Dec 22, 2020
Authored by Vijay Sachdeva

Faculty Evaluation System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 37bd90c00493cc7b654cdc8dd27f174fbceecf3df50a96d279551e96b321a04e
Pandora FMS 7.0 NG 750 SQL Injection
Posted Dec 22, 2020
Authored by Matthew Aberegg, Alex Prieto

Pandora FMS version 7.0 NG 750 suffers from a remote authenticated SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 94815c26559505298a1cb1fc0a69e0cedbaea0f40be9da21f98b28c6648ad498
Rocket.Chat Path Traversal
Posted Dec 22, 2020
Authored by Moe Szyslak

Rocket.Chat suffers from a path traversal vulnerability.

tags | advisory, file inclusion
SHA-256 | a823a92ff65ccf73b793d0906e547c53c9b8e1c3527968cc2868bbf6547c16d5
Victor CMS 1.0 Shell Upload
Posted Dec 22, 2020
Authored by mosaaed

Victor CMS version 1.0 suffers from an authenticated remote shell upload vulnerability. A shell upload vulnerability in this version was originally discovered in May of 2020 by Kishan Lal Choudhary.

tags | exploit, remote, shell
SHA-256 | 78d81439c6c905be79bc0ad5292ae2029a5f1396f03e8ad78ae9838806039e96
Sifter 11.2
Posted Dec 22, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Various additions.
tags | tool, remote, local, scanner, vulnerability
systems | unix
SHA-256 | 9a5724bb2f7548b89e084651c26a9ce1a05c65463a57dc8119783f395acab49e
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close