what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 353 RSS Feed

Files Date: 2019-10-01 to 2019-10-31

Ubuntu Security Notice USN-4162-1
Posted Oct 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4162-1 - It was discovered that the RSI 91x Wi-Fi driver in the Linux kernel did not did not handle detach operations correctly, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-21008, CVE-2019-14815, CVE-2019-14816, CVE-2019-14821, CVE-2019-15117, CVE-2019-15118, CVE-2019-15505, CVE-2019-15902, CVE-2019-15918
SHA-256 | 766eafebbf6fe9684e9d928dab508e66e29f9dd506c5d9b1141a9c677708de5f
Ubuntu Security Notice USN-4157-2
Posted Oct 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4157-2 - USN-4157-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 19.04 for Ubuntu 18.04 LTS. Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14814, CVE-2019-14815, CVE-2019-14816, CVE-2019-14821, CVE-2019-15504, CVE-2019-15505, CVE-2019-15902, CVE-2019-16714, CVE-2019-2181
SHA-256 | 98e81da43ab7657c0515f3a777eb64a810ffffaa72274cb03f12408a3c619c36
Linux/x86 execve(/bin/sh) Socket Reuse Shellcode
Posted Oct 22, 2019
Authored by WangYihang

42 bytes small Linux/x86 execve(/bin/sh) socket reuse shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 06940cd962d0fb34cda215179e7f8392804cd9243f8253e5bd126a6f374b2d79
Total.js CMS 12 Widget JavaScript Code Injection
Posted Oct 21, 2019
Authored by sinn3r, Riccardo Krauter | Site metasploit.com

This Metasploit module exploits a vulnerability in Total.js CMS. The issue is that a user with admin permission can embed a malicious JavaScript payload in a widget, which is evaluated server side, and gain remote code execution.

tags | exploit, remote, javascript, code execution
advisories | CVE-2019-15954
SHA-256 | 994055352fee2d951e405c99aeadd99178b2c65c81e77f2f5498366d48a48c14
Ubuntu Security Notice USN-4160-1
Posted Oct 21, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4160-1 - It was discovered that UW IMAP incorrectly handled inputs. A remote attacker could possibly use this issue to execute arbitrary OS commands.

tags | advisory, remote, arbitrary, imap
systems | linux, ubuntu
advisories | CVE-2018-19518
SHA-256 | f9b592cd57c66a41cc2572df5f2ffeecfd664269e7de497697149a9115f866a9
Ubuntu Security Notice USN-4161-1
Posted Oct 21, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4161-1 - It was discovered that the IPv6 routing implementation in the Linux kernel contained a reference counting error leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-18198
SHA-256 | 7f05d7a2372c61a56be48149f14923a9ec6644cf190738c69eb8ef764a49a3cf
Debian Security Advisory 4548-1
Posted Oct 21, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4548-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in cross-site scripting, denial of service, information disclosure or Kerberos user impersonation.

tags | advisory, java, denial of service, vulnerability, xss, info disclosure
systems | linux, debian
advisories | CVE-2019-2894, CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999
SHA-256 | b8bcde877f6272bcd32a05a018a9cdc9bc6dcdb15213d3642b3e1c40a0a17efb
Debian Security Advisory 4547-1
Posted Oct 21, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4547-1 - Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service or, potentially, execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-10103, CVE-2018-10105, CVE-2018-14461, CVE-2018-14462, CVE-2018-14463, CVE-2018-14464, CVE-2018-14465, CVE-2018-14466, CVE-2018-14467, CVE-2018-14468, CVE-2018-14469, CVE-2018-14470, CVE-2018-14879, CVE-2018-14880, CVE-2018-14881, CVE-2018-14882, CVE-2018-16227, CVE-2018-16228, CVE-2018-16229, CVE-2018-16230, CVE-2018-16300, CVE-2018-16451, CVE-2018-16452, CVE-2019-15166
SHA-256 | 8eca2c70ce1a22814627f3af89215e63d98f8014fab472c71fd77b3a35eeeab9
Debian Security Advisory 4546-1
Posted Oct 21, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4546-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in cross-site scripting, denial of service, information disclosure or Kerberos user impersonation.

tags | advisory, java, denial of service, vulnerability, xss, info disclosure
systems | linux, debian
advisories | CVE-2019-2894, CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2977, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999
SHA-256 | 352af449337abb2eb16df71059490cdac5644dd446be50a1aa162a6f50f5bb77
Red Hat Security Advisory 2019-3157-01
Posted Oct 21, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3157-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999
SHA-256 | 580ca48ccbfadcc5ae46aa7626a2e1e35aa149c3a88c47c63b7636aaf7712e2b
Debian Security Advisory 4545-1
Posted Oct 21, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4545-1 - It was discovered that the Special:Redirect functionality of MediaWiki, a website engine for collaborative work, could expose suppressed user names, resulting in an information leak.

tags | advisory
systems | linux, debian
advisories | CVE-2019-16738
SHA-256 | b4ba914edfd14bd7587407b445b8b32238ef64f5ea3238b74b3606e22f0d77db
Slackware Security Advisory - python Updates
Posted Oct 21, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New python packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory, python
systems | linux, slackware
advisories | CVE-2019-15903, CVE-2019-9740, CVE-2019-9948
SHA-256 | 6e16f3aa88276b6f120411e834953cbd8b1d1e3547deb2d4e80297d7c49b6eb3
Ubuntu Security Notice USN-4159-1
Posted Oct 21, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4159-1 - It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-17402
SHA-256 | d58fa7442982f864e3c110e92b8302aef180b78860e19a04d1b1e38dea5b5cc9
Ubuntu Security Notice USN-4155-2
Posted Oct 21, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4155-2 - USN-4155-1 fixed a vulnerability in Aspell. This update provides the corresponding update for Ubuntu 19.10. It was discovered that Aspell incorrectly handled certain inputs. An attacker could potentially access sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-17544
SHA-256 | fe185c7a18f8648750c42f0589dba893c4342e42b79d3e3665bd95c51639b493
Red Hat Security Advisory 2019-3158-01
Posted Oct 21, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3158-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999
SHA-256 | 626e0c8ce1feb4d26f15b7e661d30b9fafd9f8a87bf7af2dbb288cb1b0b91e54
Trend Micro Anti-Threat Toolkit (ATTK) 1.62.0.1218 Remote Code Execution
Posted Oct 20, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-9491
SHA-256 | 038bb3d0ceff9e12031ec2a31746a5ecf155f068a1c05d9fed3e640cb91241c8
WinRAR 5.80 Memory Corruption
Posted Oct 20, 2019
Authored by albalawi-s

WinRAR version 5.80 suffers from a memory corruption vulnerability that allows for denial of service.

tags | exploit, denial of service
SHA-256 | 52f90a62ce54f13ae494dd6c27b1f01a8cd0a44815f923600fd7c2e20af925b3
NASA NODIS Cross Site Scripting
Posted Oct 20, 2019
Authored by Binit Ghimire

The NASA Online Directives Information System suffers from a cross site scripting vulnerability that can be leveraged via the User-Agent header. The researcher has notified NASA and has not received a response.

tags | exploit, xss
SHA-256 | d0a0449c42ab23e74a3dcd9aa3ce275ada8abcc4d4e97886c32874bc2606f1f4
Red Hat Security Advisory 2019-3149-01
Posted Oct 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3149-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains an update for jackson-databind in the logging-elasticsearch5 container image for Red Hat OpenShift Container Platform 3.11.153. Issues addressed include code execution, denial of service, and deserialization vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2017-15095, CVE-2017-17485, CVE-2017-7525, CVE-2018-10237, CVE-2018-11307, CVE-2018-12022, CVE-2018-12023, CVE-2018-14718, CVE-2018-14719, CVE-2018-14720, CVE-2018-14721, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2018-5968, CVE-2018-7489, CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379
SHA-256 | 5b5749c71d52c3690eb137ec23b207f4283a94baacb4c994ead4402f6eddba76
Sangoma SBC 2.3.23-119-GA Authentication Bypass
Posted Oct 18, 2019
Authored by Appsecco Security Team | Site appsecco.com

A remotely exploitable vulnerability exists in the 2.3.23-119-GA version of Sangoma SBC that would allow an unauthenticated user to bypass authentication and login as a non-existent user but with complete access to the dashboard including additional privileged user creation capabilities.

tags | exploit, bypass
advisories | CVE-2019-12148
SHA-256 | c1a3913d4d49d918d2edfe442e39cf4c9f77f13de1fcfde2bc856b1c6f69200d
Sangoma SBC 2.3.23-119-GA Unauthenticated User Creation
Posted Oct 18, 2019
Authored by Appsecco Security Team | Site appsecco.com

A remotely exploitable vulnerability exists in the 2.3.23-119-GA version of Sangoma SBC that would allow an unauthenticated user to create a privileged user on the system using the web application login interface.

tags | exploit, web, bypass
advisories | CVE-2019-12147
SHA-256 | 7e1eb8784b9d8c0dcef3b52b414558e0863dd0159c0dddd2ff205e7efaa513f9
WiKID Systems 2FA Enterprise Server 4.2.0-b2032 SQL Injection / XSS / CSRF
Posted Oct 18, 2019
Authored by Aaron Bishop

WiKID Systems 2FA Enterprise Server version 4.2.0-b2032 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
advisories | CVE-2019-16917, CVE-2019-17114, CVE-2019-17115, CVE-2019-17116, CVE-2019-17117, CVE-2019-17118, CVE-2019-17119, CVE-2019-17120
SHA-256 | 16f7edc4af940d18ad1ea3af320f681ee3a9432185f93f6bbc0ce222543bcacf
Red Hat Security Advisory 2019-3144-01
Posted Oct 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3144-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by CRON. This advisory contains the updated jenkins RPM package for Red Hat OpenShift Container Platform 3.11. Issues addressed include a cross site request forgery vulnerability.

tags | advisory, csrf
systems | linux, redhat
advisories | CVE-2019-10383, CVE-2019-10384
SHA-256 | 3884936d40d62626ae2afd0fd378d13ff22c620e26e53620b6b1411cd943ba22
Red Hat Security Advisory 2019-3143-01
Posted Oct 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3143-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the atomic-openshift RPM package for Red Hat OpenShift Container Platform 3.11.153.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10150
SHA-256 | 07edec415d78727f721458f0f3be8b5612ba23b317cd11412bd0a3cf2a02fd99
Red Hat Security Advisory 2019-3142-01
Posted Oct 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3142-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains an updated mediawiki RPM package for Red Hat OpenShift Container Platform 3.11. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-0503, CVE-2018-0505
SHA-256 | e5e031b07640213b46f65b0f99cb1a6d22ed61d12b0afcd8993027a51e1b032c
Page 5 of 15
Back34567Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close