exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-07-09 to 2019-07-10

Ubuntu Security Notice USN-4051-2
Posted Jul 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4051-2 - USN-4051-1 fixed a vulnerability in apport. This update provides the corresponding update for Ubuntu 14.04 ESM. Kevin Backhouse discovered a race-condition when reading the user's local Apport configuration. This could be used by a local attacker to cause Apport to include arbitrary files in a resulting crash report. Various other issues were also addressed.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-7307
MD5 | 733b6aa2acd3d9fb477fc75c12b7e718
Microsoft Font Subsetting DLL MergeFonts Out Of Bounds Read
Posted Jul 9, 2019
Authored by Google Security Research, mjurczyk

An issue has been discovered where the Microsoft Font Subsetting DLL (fontsub.dll) suffers from a heap-based out-of-bounds read vulnerability in MergeFonts.

tags | exploit
MD5 | dd39b9fd5450a1793c602b5c46899104
Spidermonkey Uninitialized Memory Access
Posted Jul 9, 2019
Authored by saelo, Google Security Research

In Spidermonkey, definite properties are incorrectly computed in some cases, leading to uninitialized memory access when unboxed objects are enabled.

tags | advisory
MD5 | 79fc5823bfa08cae2fcfd2ee4bbcd32c
Red Hat Security Advisory 2019-1712-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1712-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 7 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, java, web, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-0739, CVE-2019-0232
MD5 | b873acd280d331eebb5b9a89a00a2f19
Red Hat Security Advisory 2019-1711-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1711-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 7 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, java, web, denial of service
systems | linux, redhat
advisories | CVE-2018-0739
MD5 | 2a275448735516008619b561fd01c504
Ubuntu Security Notice USN-4053-1
Posted Jul 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4053-1 - It was discovered that GVfs incorrectly handled the admin backend. Files created or moved by the admin backend could end up with the wrong ownership information, contrary to expectations. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. It was discovered that GVfs incorrectly handled authentication on its private D-Bus socket. A local attacker could possibly connect to this socket and issue D-Bus calls. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-12447, CVE-2019-12449, CVE-2019-12795
MD5 | 7299d5d25ade3a7cb44bb496e5b0fbc5
Red Hat Security Advisory 2019-1707-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1707-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-10156
MD5 | 3c3b82256b1a6a3a1bc79ff64d8a7ec2
Red Hat Security Advisory 2019-1708-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1708-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-10156
MD5 | a125bcefadc690a6bf55abfe64f5810b
Red Hat Security Advisory 2019-1706-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1706-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-10156
MD5 | bc6ff6198a69065da89a99d9d3ba8607
Red Hat Security Advisory 2019-1705-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1705-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-10156
MD5 | d4817c8754d0c0874ea2b127ce8d25f2
Ubuntu Security Notice USN-4051-1
Posted Jul 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4051-1 - Kevin Backhouse discovered a race-condition when reading the user's local Apport configuration. This could be used by a local attacker to cause Apport to include arbitrary files in a resulting crash report.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-7307
MD5 | 23144505a813252b7919bf5f1a86185f
Ubuntu Security Notice USN-4052-1
Posted Jul 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4052-1 - Kevin Backhouse discovered Whoopsie incorrectly handled very large crash reports. A local attacker could possibly use this issue to cause a denial of service or expose sensitive information.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2019-11476
MD5 | 676f56ff3a2471481b6312ae1fb3db60
Firefox 67.0.4 Denial Of Service
Posted Jul 9, 2019
Authored by Tejas Ajay Naik

Firefox version 67.0.4 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 6428d159c5f24ca3c60a544bdba585ec
Karenderia CMS 5.3 Cross Site Scripting
Posted Jul 9, 2019
Authored by Sisyshell

Karenderia CMS version 5.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 85eadd81ead8297ad6186db828f55c09
Razer Chroma SDK Private Key Disclosure
Posted Jul 9, 2019

The Razer Chroma SDK installs with a root certificate that also includes its private key. This flaw impacts Razer Synapse 3 versions 1.0.103.136 build 3.4.0415.04181, and may impact older versions.

tags | advisory, root, info disclosure
MD5 | 87e97b329881cde3f9618ebfb8e669ba
Page 1 of 1
Back1Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    7 Files
  • 19
    Oct 19th
    1 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close