what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 478 RSS Feed

Files Date: 2020-12-01 to 2020-12-31

EgavilanMedia My To Do List 1.0 Cross Site Scripting
Posted Dec 30, 2020
Authored by Dwiki Kusuma

EgavilanMedia My To Do List version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 17fe110ea5fbb0b1a887fad9ab4dee2c3062b2356a74f94bbfd0a48deb6e5f8c
OATH Toolkit 2.6.5
Posted Dec 29, 2020
Site nongnu.org

OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.

Changes: Various improvements.
tags | tool
systems | unix
SHA-256 | d207120c7e7fdd540142d04ca06d83fb3277c8f2fb794a74535d04b2aa0ec219
HPE Edgeline Infrastructure Manager Improper Authorization
Posted Dec 29, 2020
Authored by Jeremy Brown

HPE Edgeline Infrastructure Manager suffers from multiple broken authorization flows that allow for administrative function access without authenticating and can allow for arbitrary password changes.

tags | exploit, arbitrary
SHA-256 | 87121a708a5d58e0787d22fbc3bc5c2a8bf7f3c2c03fd87d6efdd1247efe1119
Cassandra Web 0.5.0 Remote File Read
Posted Dec 29, 2020
Authored by Jeremy Brown

Cassandra Web is vulnerable to directory traversal due to the disabled Rack::Protection module. Apache Cassandra credentials are passed via the CLI in order for the server to auth to it and provide the web access, so they are also one thing that can be captured via the arbitrary file read. Version 0.5.0 is affected.

tags | exploit, web, arbitrary
SHA-256 | be82376a69ccf9d5d95a794429f042870509dba311154ba5e350b1dd69148aec
SEOPanel 4.6.0 Cross Site Scripting
Posted Dec 28, 2020
Authored by Daniel Bishtawi | Site netsparker.com

SEOPanel version 4.6.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | e273b4ab14648d8de38ebb0305fab1d8255d78d56a50c4f75e08025f1327a487
Debian Security Advisory 4797-2
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4797-2 - The update for webkit2gtk released as 4797-1 introduced a regression with the WebSockets functionality. Updated webkit2gtk packages are now available to correct this issue.

tags | advisory
systems | linux, debian
SHA-256 | 7a1517d65ba8e2f827f2bb170c1e010d905412ee47957cd11a5342fca52825b9
Debian Security Advisory 4801-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4801-1 - A buffer overflow was discovered in Brotli, a generic-purpose lossless compression suite.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2020-8927
SHA-256 | 39c1a3c64fd38b6e1ef3c69ae1ac35abd72be122510a7de941c653244fb91774
Debian Security Advisory 4802-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4802-1 - Chiaki Ishikawa discovered a stack overflow in SMTP server status handling which could potentially result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2020-26970
SHA-256 | 8d5444b9b43c99430450d6298b4adc1770bb19a59fcce6879c1c7a73f432c355
Debian Security Advisory 4803-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4803-1 - Jan-Niklas Sohn discovered that the XKB extension of the Xorg X server performed incomplete input validation, which could result in privilege escalation.

tags | advisory
systems | linux, debian
advisories | CVE-2020-14360, CVE-2020-25712
SHA-256 | f12b898e41b5d7e17f6c9d3352bf8cd7c5100bfd343609a4c34321e42e818563
Debian Security Advisory 4804-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4804-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, privilege escalation or information leaks.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2020-27670, CVE-2020-27671, CVE-2020-27672, CVE-2020-27674, CVE-2020-28368
SHA-256 | b2ab6cee53da1d96769ca16adfe9dfbf808ed31611a93a2497b295ea9aaa2731
Debian Security Advisory 4805-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4805-1 - Two vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2020-17508, CVE-2020-17509
SHA-256 | 33cb8cac8efefd8630541aa85e3167e1088094ad4d96382eca60976d082286c7
Debian Security Advisory 4806-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4806-1 - It was discovered that missing input validation in minidlna, a lightweight DLNA/UPnP-AV server could result in the execution of arbitrary code. In addition minidlna was susceptible to the "CallStranger" UPnP vulnerability.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2020-12695, CVE-2020-28926
SHA-256 | b7b80b0f3734909dfe21dcae6fd31eabfe56df3eb643835d5ebe4c724d7a784f
Debian Security Advisory 4807-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4807-1 - David Benjamin discovered a flaw in the GENERAL_NAME_cmp() function which could cause a NULL dereference, resulting in denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2020-1971
SHA-256 | 301c7963e0154712e1745c9d2397ec887def5b0060c1cc740ed144f687109534
Debian Security Advisory 4808-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4808-1 - It was discovered that missing input validation in the ar/tar implementations of APT, the high level package manager, could cause out-of-bounds reads or infinite loops, resulting in denial of service when processing malformed deb files.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2020-27350
SHA-256 | 72b22af4983e423e88a9104f100d1306c4503588d7516f149b0a6cbd98324d31
Debian Security Advisory 4809-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4809-1 - Various memory and file descriptor leaks were discovered in the Python interface to the APT package management runtime library, which could result in denial of service.

tags | advisory, denial of service, python
systems | linux, debian
advisories | CVE-2020-27351
SHA-256 | 6ddfd77c1455dd7dc47020d1fd9baf4fd93dfee14ce80069ebe7bb8ba2f5dd1b
Debian Security Advisory 4809-2
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4809-2 - The update for python-apt released as DSA 4809-1 introduced a regression when passing a file descriptor to apt_inst.ArFile or apt_inst.DebFile causing a segmentation fault. Updated python-apt packages are now available to correct this issue.

tags | advisory, python
systems | linux, debian
SHA-256 | 5707a06f3825acb81d8ebbee8680d250b2274d281c25fa856c5a681bea7cd152
Debian Security Advisory 4810-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4810-1 - Yaniv Nizry discovered that the clean module of lxml, Python bindings for libxml2 and libxslt could be bypassed.

tags | advisory, python
systems | linux, debian
advisories | CVE-2020-27783
SHA-256 | 9f5243a3261ccdcaa166ebeebb4f930ac0ca824f46f3d25ea35e733245afc09c
Debian Security Advisory 4810-2
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4810-2 - The update for lxml released as 4810-1 introduced a regression when running under Python 2. Updated lxml packages are now available to correct this issue.

tags | advisory, python
systems | linux, debian
SHA-256 | 49c7b12d755a7995c6c7d6c6d871dfa35c4c97d839ec9df478b41aba3eb8e475
Debian Security Advisory 4811-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4811-1 - It was discovered that the default blacklist of XStream, a Java library to serialise objects to XML and back again, was vulnerable to the execution of arbitrary shell commands by manipulating the processed input stream.

tags | advisory, java, arbitrary, shell
systems | linux, debian
advisories | CVE-2020-26217
SHA-256 | acffd9ece540f4f9dd8e304dae118a6e0bebb805b838cb208f08a33a7fc074a7
Debian Security Advisory 4812-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4812-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2020-29479, CVE-2020-29480, CVE-2020-29481, CVE-2020-29482, CVE-2020-29483, CVE-2020-29484, CVE-2020-29485, CVE-2020-29486, CVE-2020-29566, CVE-2020-29570, CVE-2020-29571
SHA-256 | 37919a1fdf97980cfdebe6aa11ee31f4bf0b9ebf838344befc1d3a7c22df1c49
Debian Security Advisory 4813-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4813-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or CSS sanitiser bypass.

tags | advisory, web, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2020-16042, CVE-2020-26971, CVE-2020-26973, CVE-2020-26974, CVE-2020-26978, CVE-2020-35111, CVE-2020-35113
SHA-256 | 7c049e9f2c3d5a2f9bfcba92b367e1a93fb8ae2453346e9edbe11ef5a1674714
Debian Security Advisory 4814-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4814-1 - It was discovered that xerces-c, a validating XML parser library for C++, did not correctly scan DTDs. The use-after-free vulnerability resulting from this issue would allow a remote attacker to leverage a specially crafted XML file in order to crash the application or potentially execute arbitrary code. Please note that the patch fixing this issue comes at the expense of a newly introduced memory leak.

tags | advisory, remote, arbitrary, memory leak
systems | linux, debian
advisories | CVE-2018-1311
SHA-256 | 376080e2c1815c8640dadc1f13237e9f7f7e739ff15c62dbbc28fc3572c445b3
Debian Security Advisory 4815-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4815-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or information leak.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2020-16042, CVE-2020-26971, CVE-2020-26973, CVE-2020-26974, CVE-2020-26978, CVE-2020-35111, CVE-2020-35113
SHA-256 | 2f3172812c238f2f1fb029f212200ab8a63472748c4d507b24ac570b668ebaf9
Debian Security Advisory 4816-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4816-1 - Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting or the disclosure of hidden users.

tags | advisory, xss
systems | linux, debian
advisories | CVE-2020-35475, CVE-2020-35477, CVE-2020-35479, CVE-2020-35480
SHA-256 | 0ae12b07a03ac1cfb062cc46e5e0bd51e3833af59d079937f3c7ebc383862f99
Debian Security Advisory 4817-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4817-1 - Two vulnerabilities were discovered in the PEAR Archive_Tar package for handling tar files in PHP, potentially allowing a remote attacker to execute arbitrary code or overwrite files.

tags | advisory, remote, arbitrary, php, vulnerability
systems | linux, debian
advisories | CVE-2020-28948, CVE-2020-28949
SHA-256 | 55d35347b0095ee7302f943e512c864a3ce5dbf064f74322a52bab2f3e2a85eb
Page 1 of 20
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close