what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-05-28 to 2019-05-29

pfSense 2.4.4-p3 Cross Site Scripting
Posted May 28, 2019
Authored by Chi Tran

pfSense version 2.4.4-p3 with ACMEPackage version 0.5.7_1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-12347
MD5 | 201e068f480561654bc1a9ad85f752da
GNU Privacy Guard 2.2.16
Posted May 28, 2019
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: Multiple bug fixes.
tags | tool, encryption
MD5 | d90e186df1c06845880ea58a318f070b
Packet Fence 9.0.1
Posted May 28, 2019
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Improved display of RADIUS audit log from RADIUS tab. Added -copy to the ID when cloning a configuration resource. Various other additions.
tags | tool, remote
systems | unix
MD5 | 83253583b42a68d6299b95933c81b17d
OpenSSL Toolkit 1.1.1c
Posted May 28, 2019
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Added build tests for C++. Enabled SHA3 pre-hashing for ECDSA and DSA. Various other updates.
tags | tool, encryption, protocol
systems | unix
MD5 | 15e21da6efe8aa0e0768ffd8cd37a5f6
Ubuntu Security Notice USN-3995-1
Posted May 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3995-1 - It was discovered that Keepalived incorrectly handled certain HTTP status response codes. A remote attacker could use this issue to cause Keepalived to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-19115
MD5 | 550c6d41020d3a32449ed4465bcdd2d0
VFront 0.99.5 Persistent Cross Site Scripting
Posted May 28, 2019
Authored by Omer Citak | Site netsparker.com

VFront version 0.99.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-9838
MD5 | 953fa77ff286ba189adce910082b7d49
VFront 0.99.5 Reflective Cross Site Scripting
Posted May 28, 2019
Authored by Omer Citak | Site netsparker.com

VFront version 0.99.5 suffers from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-9839
MD5 | f970efbd5aa94dff43c2c6b31972253c
Ubuntu Security Notice USN-3994-1
Posted May 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3994-1 - It was discovered that gnome-desktop incorrectly confined thumbnailers. If a user were tricked into downloading a malicious image file, a remote attacker could possibly combine this issue with another vulnerability to escape the sandbox and execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-11460
MD5 | 44eafd22ed4edb83b20b9b0fdcf22258
Ubuntu Security Notice USN-3976-3
Posted May 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3976-3 - USN-3976-1 fixed a vulnerability in Samba. The update introduced a regression causing Samba to occasionally crash. This update fixes the problem. Isaac Boukris and Andrew Bartlett discovered that Samba incorrectly checked S4U2Self packets. In certain environments, a remote attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
MD5 | 02b34f200097953b7a90569995779fe4
Phraseanet DAM Cross Site Scripting
Posted May 28, 2019
Authored by Krzysztof Szulski

Phraseanet DAM versions prior to 4.0.7 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2f2edf53bb7455baf29f3ec724547715
Petraware pTransformer ADC SQL Injection
Posted May 28, 2019
Authored by Faudhzan Rahman

Petraware pTransformer ADC versions prior to 2.1.7.22827 suffer from a remote SQL injection vulnerability that allows for login bypass.

tags | exploit, remote, sql injection
advisories | CVE-2019-12372
MD5 | fdacd40b7f995ee16e885b9b75ab2e78
EquityPandit 1.0 Password Disclosure
Posted May 28, 2019
Authored by ManhNho

EquityPandit version 1.0 suffers from a password disclosure vulnerability.

tags | exploit
MD5 | b02f26593dbcac5ed9495a8e3fd0c4b4
Spidermonkey IonMonkey JS_OPTIMIZED_OUT Value Leak
Posted May 28, 2019
Authored by saelo, Google Security Research

Spidermonkey IonMonkey can, during a bailout, leak an internal JS_OPTIMIZED_OUT magic value to the running script. This magic value can then be used to achieve memory corruption.

tags | exploit
advisories | CVE-2019-9792
MD5 | f548194e2e5ce1c18bacbf389f666b48
JavaScript V8 Turbofan Out-Of-Bounds Read
Posted May 28, 2019
Authored by saelo, Google Security Research

JavaScript V8 Turbofan may read a Map pointer out-of-bounds when optimizing Reflect.construct.

tags | advisory, javascript
MD5 | 36998fe03e21e2360e63455dcd1824ed
Spidermonkey IonMonkey Unsafe Code Execution
Posted May 28, 2019
Authored by saelo, Google Security Research

Spidermonkey IonMonkey suffers from an issue where an unexpected ObjectGroup in the ObjectGroupDispatch operation might lead to potentially unsafe code being executed.

tags | advisory
advisories | CVE-2019-9816
MD5 | 9fd40f0341879df02a9860af01e711aa
Page 1 of 1
Back1Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    10 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close