what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files Date: 2021-01-07

ECSIMAGING PACS 6.21.5 Remote Code Execution
Posted Jan 7, 2021
Authored by shoxxdj

ECSIMAGING PACS version 6.21.5 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | a74ee77c3a8b2d9ab83e77f615b3071a6cc144c023da9a75623333ac3f51c030
Rocket.Chat 3.7.1 Email Address Enumeration
Posted Jan 7, 2021
Authored by Stefan Pietsch, Trovent Security, Nick Decker | Site trovent.io

Rocket.Chat versions 3.7.1 and below suffers from an email address enumeration vulnerability.

tags | exploit
advisories | CVE-2020-28208
SHA-256 | 023ad89f274a1ee4b96e849967a0021876dca5479963125bc3acb45d9a8cf6fa
Lynis Auditing Tool 3.0.3
Posted Jan 7, 2021
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: A couple additions including an OS detection of Parrot GNU/Linux along with three changes.
tags | tool, scanner
systems | unix
SHA-256 | d2893751e2d78e0c1ab253cef0e982bb84703c8edf2b11be60617894e299e2d1
Dovecot 2.3.11.3 Access Bypass
Posted Jan 7, 2021
Authored by Aki Tuomi

Dovecot versions 2.2.26 through 2.3.11.3 suffer from a bypass issue. When imap hibernation is active, an attacker can cause Dovecot to discover file system directory structure and access other users' emails using a specially crafted command. The attacker must have valid credentials to access the mail server.

tags | advisory, imap, bypass
advisories | CVE-2020-24386
SHA-256 | 5e5468067fc35516788b52ac2a4e75207c4c6d4b1f0ea93176e970b293daf7d6
Dovecot 2.3.11.3 Denial Of Service
Posted Jan 7, 2021
Authored by Innokentii Sennovskiy, Aki Tuomi

Dovecot versions 2.3.11 through 2.3.11.3 suffer from a denial of service condition related to MIME parsing.

tags | advisory, denial of service
advisories | CVE-2020-25275
SHA-256 | 3eac47b5a5d3ef5ce3b165410088b1db4617e678b8f7dc67fe4f1fd3152672a4
Ubuntu Security Notice USN-4684-1
Posted Jan 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4684-1 - Laszlo Ersek discovered that EDK II incorrectly validated certain signed images. An attacker could possibly use this issue with a specially crafted image to cause EDK II to hang, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that EDK II incorrectly parsed signed PKCS #7 data. An attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-14562, CVE-2019-14584
SHA-256 | 5af732fb2ce6f70ae324866684e4024144404b6a5a8dcb452f1c2ceab674d105
Ubuntu Security Notice USN-4685-1
Posted Jan 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4685-1 - It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-15389, CVE-2020-27841
SHA-256 | 00690d662f63cb5df2b3e3f8052cb8a550665941724b83e5d503321321d59e59
Ubuntu Security Notice USN-4686-1
Posted Jan 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4686-1 - It was discovered that Ghostscript incorrectly handled certain image files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-5727, CVE-2020-27842, CVE-2020-8112
SHA-256 | 0eedf8f4170c8aae566341941ab434d40397be650853f9ac4dc11e8f311c705a
Red Hat Security Advisory 2020-5388-01
Posted Jan 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5388-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.2.11 serves as a replacement for Red Hat support for Spring Boot 2.2.10, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2020-11996, CVE-2020-25638
SHA-256 | 5a8af553d669a8f417b0e9bf9c65d2e5f4d24d7c4328c679427e9e19869aca54
Ubuntu Security Notice USN-4683-1
Posted Jan 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4683-1 - Minh Yuan discovered that the framebuffer console driver in the Linux kernel did not properly handle fonts in some conditions. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-28974
SHA-256 | d62f7b2d95fb6d98ce5816e61996fe9b14cfa59e2f45979a141c8296b5ad26ae
Sonatype Nexus 3.21.1 Remote Code Execution
Posted Jan 7, 2021
Authored by 1F98D

Sonatype Nexus version 3.21.1 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-10199
SHA-256 | d8b1ad15495ef283352b6263e8b025b0ccf7349179f8c4e37eb756adbe9fb845
H2 Database 1.4.199 JNI Code Execution
Posted Jan 7, 2021
Authored by Markus Wulftange, 1F98D

H2 Database version 1.4.199 JNI code execution exploit. This exploit utilizes the Java Native Interface to load a a Java class without needing to use the Java Compiler.

tags | exploit, java, code execution
SHA-256 | 8c32746a6cf9be833e68c6b86a98feaea801217d883850845670c99360385e63
Gitea 1.7.5 Remote Code Execution
Posted Jan 7, 2021
Authored by 1F98D

Gitea version 1.7.5 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-11229
SHA-256 | 1544539ce83b000103667a0a303a81c41b8f6cf76dba3ecfa900b7f4f6a20f7f
PaperStream IP (TWAIN) 1.42.0.5685 Local Privilege Escalation
Posted Jan 7, 2021
Authored by 1F98D

PaperStream IP (TWAIN) version 1.42.0.5685 suffers from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2018-16156
SHA-256 | 28348cc78dc388c9a87f5713f56eec3911b65f88876efe3212b98acd43384138
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close