what you don't know can hurt you
Showing 1 - 18 of 18 RSS Feed

Files Date: 2019-11-08 to 2019-11-09

Chrome Site Isolation Bypass / File Disclosure
Posted Nov 8, 2019
Authored by Google Security Research, Glazvunov

The Chrome Payment Handler API suffers from site isolation bypass and local file disclosure vulnerabilities.

tags | exploit, local, vulnerability
MD5 | a0e44b48eda93d22f89c1bb42d02f804
WebKitGTK+ / WPE WebKit Code Execution / XSS
Posted Nov 8, 2019
Authored by WebKitGTK+ Team

WebKitGTK+ and WPE WebKit suffer from code execution, universal cross site scripting, and memory corruption vulnerabilities. Multiple versions are affected.

tags | advisory, vulnerability, code execution, xss
advisories | CVE-2019-8710, CVE-2019-8743, CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823
MD5 | 0bf496eb9a2459aaeda0b426f3ef0edb
Nextcloud 17 Cross Site Request Forgery
Posted Nov 8, 2019
Authored by Ozer Goker

Nextcloud 17 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | b613cc280057db8886536325e5bf276d
Jira Service Desk Server / Data Center Path Traversal
Posted Nov 8, 2019
Authored by Atlassian

Jira Service Desk Server and Data Center product versions below 3.9.17, 3.10.0 up to 3.16.11, 4.0.0 up to 4.2.6, 4.3.0 up to 4.3.5, 4.4.0 up to 4.4.3, and 4.5.0 up to 4.5.1 are susceptible to a path traversal vulnerability.

tags | advisory, file inclusion
advisories | CVE-2019-15003, CVE-2019-15004
MD5 | 0b5fcfe5c5e79daa7fc9013b16f45ff0
Adive Framework 2.0.7 Privilege Escalation
Posted Nov 8, 2019
Authored by Pablo Santiago

Adive Framework version 2.0.7 suffers from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2019-14347
MD5 | fabbbf5ca28fd0f0d55a57bb29f69d80
Slackware Security Advisory - Slackware 14.2 kernel Updates
Posted Nov 8, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix security issues.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2016-10905, CVE-2016-10906, CVE-2018-20976, CVE-2019-10638, CVE-2019-14814, CVE-2019-14816, CVE-2019-14821, CVE-2019-14835, CVE-2019-15098, CVE-2019-15117, CVE-2019-15118, CVE-2019-15505, CVE-2019-16746, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17075, CVE-2019-17133, CVE-2019-2215, CVE-2019-3900
MD5 | 89355d12b17a57544c4036152b14969e
Debian Security Advisory 4561-1
Posted Nov 8, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4561-1 - Alex Murray discovered a stack-based buffer overflow vulnerability in fribidi, an implementation of the Unicode Bidirectional Algorithm algorithm, which could result in denial of service or potentially the execution of arbitrary code, when processing a large number of unicode isolate directional characters.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2019-18397
MD5 | ce1d8a43a11a6aafc4ddd0b0df7d4d8f
Ubuntu Security Notice USN-4179-1
Posted Nov 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4179-1 - Alex Murray discovered a stack-based buffer overflow when handling a large number of unicode isolate directives. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-18397
MD5 | 5d57502952a2f3da4372071a72fa562b
Gentoo Linux Security Advisory 201911-04
Posted Nov 8, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201911-4 - Multiple information disclosure vulnerabilities in OpenSSL allow attackers to obtain sensitive information. Versions less than 1.0.2t are affected.

tags | advisory, vulnerability, info disclosure
systems | linux, gentoo
advisories | CVE-2019-1547, CVE-2019-1563
MD5 | a0cdca0c47e2c6186ebd1d8dcdd89f58
Gentoo Linux Security Advisory 201911-03
Posted Nov 8, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201911-3 - Multiple vulnerabilities have been found in Oniguruma, the worst of which could result in the arbitrary execution of code. Versions less than 6.9.3 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-13224, CVE-2019-13225
MD5 | 0cbaa38bdff1e489f6ec05bd3f81708d
Gentoo Linux Security Advisory 201911-02
Posted Nov 8, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201911-2 - A buffer overflow in pump might allow remote attacker to execute arbitrary code. Versions less than or equal to 0.8.24-r4 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
MD5 | d91702648d485cc610d4856d5824b29d
Gentoo Linux Security Advisory 201911-01
Posted Nov 8, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201911-1 - An integer overflow in OpenSSH might allow an attacker to execute arbitrary code. Versions greater than or equal to 8.0_p1-r2 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2019-16905
MD5 | daf63a09def969f6686ddc0012bedee9
Red Hat Security Advisory 2019-3812-01
Posted Nov 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3812-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the cri-o RPM package for Red Hat OpenShift Container Platform 3.9.102. A credential disclosure issue was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10214
MD5 | 0f6cbcb743d07cddea22dce4b0f197e9
Red Hat Security Advisory 2019-3813-01
Posted Nov 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3813-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the mediawiki123 RPM package for Red Hat OpenShift Container Platform 3.9.102. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-0503, CVE-2018-0504, CVE-2018-0505
MD5 | 351c4ffbb69115adfc4b2cf0217bdc84
Red Hat Security Advisory 2019-3811-01
Posted Nov 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3811-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the atomic-openshift RPM package for Red Hat OpenShift Container Platform 3.9.102. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2019-10150, CVE-2019-11249, CVE-2019-11251, CVE-2019-11253
MD5 | 73c3ece4cc44b7606f4bec76a3205cec
SolarWinds Kiwi Syslog Server 8.3.52 Unquoted Service Path
Posted Nov 8, 2019
Authored by Carlos A Garcia R

SolarWinds Kiwi Syslog Server version 8.3.52 suffers from a Kiwi Syslog Service unquoted service path vulnerability.

tags | exploit
MD5 | 8d7bc2683cb6f64137f2da91f394f308
Ubuntu Security Notice USN-4178-1
Posted Nov 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4178-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2019-8625
MD5 | 306c8955c2f273afb8b953e5c146c877
Jenkins Build-Metrics 1.3 Cross Site Scripting
Posted Nov 8, 2019
Authored by vesche

Jenkins Build-Metrics plugin version 1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-10475
MD5 | 2c5ebf0addb47107e060f7e5c07dad3e
Page 1 of 1
Back1Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close