exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2021-01-07

ECSIMAGING PACS 6.21.5 Remote Code Execution
Posted Jan 7, 2021
Authored by shoxxdj

ECSIMAGING PACS version 6.21.5 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | b2cc9890b72511e54bdc2287292f503d
Rocket.Chat 3.7.1 Email Address Enumeration
Posted Jan 7, 2021
Authored by Stefan Pietsch, Trovent Security, Nick Decker | Site trovent.io

Rocket.Chat versions 3.7.1 and below suffers from an email address enumeration vulnerability.

tags | exploit
advisories | CVE-2020-28208
MD5 | bc01b3651990cf22054b8d0175e1705c
Lynis Auditing Tool 3.0.3
Posted Jan 7, 2021
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: A couple additions including an OS detection of Parrot GNU/Linux along with three changes.
tags | tool, scanner
systems | unix
MD5 | 44b26983029929912d5bab53a083f776
Dovecot 2.3.11.3 Access Bypass
Posted Jan 7, 2021
Authored by Aki Tuomi

Dovecot versions 2.2.26 through 2.3.11.3 suffer from a bypass issue. When imap hibernation is active, an attacker can cause Dovecot to discover file system directory structure and access other users' emails using a specially crafted command. The attacker must have valid credentials to access the mail server.

tags | advisory, imap, bypass
advisories | CVE-2020-24386
MD5 | 5f6ec291becfdbef0390d40207572b2b
Dovecot 2.3.11.3 Denial Of Service
Posted Jan 7, 2021
Authored by Innokentii Sennovskiy, Aki Tuomi

Dovecot versions 2.3.11 through 2.3.11.3 suffer from a denial of service condition related to MIME parsing.

tags | advisory, denial of service
advisories | CVE-2020-25275
MD5 | 3013935c3e953195b4dad8ab78d9d3ce
Ubuntu Security Notice USN-4684-1
Posted Jan 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4684-1 - Laszlo Ersek discovered that EDK II incorrectly validated certain signed images. An attacker could possibly use this issue with a specially crafted image to cause EDK II to hang, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that EDK II incorrectly parsed signed PKCS #7 data. An attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-14562, CVE-2019-14584
MD5 | 1751a770e1cc64cf0203b6e4506c808e
Ubuntu Security Notice USN-4685-1
Posted Jan 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4685-1 - It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-15389, CVE-2020-27841
MD5 | 441106d86f85ccadec1d3c14e6567734
Ubuntu Security Notice USN-4686-1
Posted Jan 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4686-1 - It was discovered that Ghostscript incorrectly handled certain image files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-5727, CVE-2020-27842, CVE-2020-8112
MD5 | 4cd68750ef2abd5f6b9640ef33177e4f
Red Hat Security Advisory 2020-5388-01
Posted Jan 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5388-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.2.11 serves as a replacement for Red Hat support for Spring Boot 2.2.10, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2020-11996, CVE-2020-25638
MD5 | b3bdc25df3f101e501f013f1465ac1d3
Ubuntu Security Notice USN-4683-1
Posted Jan 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4683-1 - Minh Yuan discovered that the framebuffer console driver in the Linux kernel did not properly handle fonts in some conditions. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-28974
MD5 | 7fbd2df16ee169fac1041dc6ef729402
Sonatype Nexus 3.21.1 Remote Code Execution
Posted Jan 7, 2021
Authored by 1F98D

Sonatype Nexus version 3.21.1 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-10199
MD5 | 0b962451f81cbc4bf034f6bb2fa9acee
H2 Database 1.4.199 JNI Code Execution
Posted Jan 7, 2021
Authored by Markus Wulftange, 1F98D

H2 Database version 1.4.199 JNI code execution exploit. This exploit utilizes the Java Native Interface to load a a Java class without needing to use the Java Compiler.

tags | exploit, java, code execution
MD5 | 7ea784920011613c761867cc57ddb434
Gitea 1.7.5 Remote Code Execution
Posted Jan 7, 2021
Authored by 1F98D

Gitea version 1.7.5 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-11229
MD5 | 6c9b0d3fdae6e3de5cf84344b28d7350
NVIDIA Driver Information Disclosure / Code Execution
Posted Jan 7, 2021
Authored by Ofir Moskovitch

The NVIDIA graphics driver suffers from information disclosure and code execution vulnerabilities. Affected builds include 460.79, 460.89, 457.71, 457.30, 457.09, and 456.71.

tags | advisory, vulnerability, code execution, info disclosure
MD5 | 8740170952bbbe2a3eb445c421cda3cd
PaperStream IP (TWAIN) 1.42.0.5685 Local Privilege Escalation
Posted Jan 7, 2021
Authored by 1F98D

PaperStream IP (TWAIN) version 1.42.0.5685 suffers from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2018-16156
MD5 | 19cfe2a0cf7404b967d5ed60b8a7f072
Page 1 of 1
Back1Next

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    15 Files
  • 14
    Apr 14th
    27 Files
  • 15
    Apr 15th
    19 Files
  • 16
    Apr 16th
    7 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close