exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 451 RSS Feed

Files Date: 2019-11-01 to 2019-11-30

Slackware Security Advisory - bind Updates
Posted Nov 21, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-6477
SHA-256 | 5d1bb919330bda0c60b52a37060b01aa963fd00e33676e4a5aafb04849603418
Pagekit CMS 1.0.17 Cross Site Request Forgery
Posted Nov 21, 2019
Authored by Christian Bortone

Pagekit CMS version 1.0.17 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2019-19013
SHA-256 | 7987a0501163511d8fe21b7e3dc5bfd9115ca88d9f4d5383cc8eda45e186eb53
GNU Mailutils 3.7 Privilege Escalation
Posted Nov 21, 2019
Authored by Mike Gualtieri

GNU Mailutils versions 2.0 through 3.7 suffer from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2019-18862
SHA-256 | a4693f84e17fab3447aec45a36c8d43ab24093bae654c432da9740e7d9cd34aa
Red Hat Security Advisory 2019-3941-01
Posted Nov 21, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3941-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This is a text-only advisory for the machine-os-content container image, which includes RPM packages for Red Hat Enterprise Linux CoreOS. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-12207, CVE-2019-14287, CVE-2019-15718
SHA-256 | 4e761927f0cc5297cdd4c2315408630ee69d81fb83516060648b9a14bfb71524
Red Hat Security Advisory 2019-3940-01
Posted Nov 21, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3940-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the runC container image for Red Hat OpenShift Container Platform 4.1.24. The runC tool is a lightweight, portable implementation of the Open Container Format that provides a container runtime. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2019-16884
SHA-256 | 045b84ea8814928ca54c94cf63e44cd51a238001881845f9dd7453b6c10dbdb4
TestLink 1.9.19 Cross Site Scripting
Posted Nov 21, 2019
Authored by Milad Khoshdel

TestLink version 1.9.19 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 86e26947c940c9d530ddb67e77336e366e006fb43b1697fad0ed86a2cbec93a6
Clam AntiVirus Toolkit 0.102.1
Posted Nov 21, 2019
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: ClamAV 0.102.1 is a security patch release to address multiple issues including a denial of service vulnerability.
tags | tool, virus
systems | unix
advisories | CVE-2019-15961
SHA-256 | 0dbda8d0d990d068732966f13049d112a26dce62145d234383467c1d877dedd6
Ubuntu Security Notice USN-4195-2
Posted Nov 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4195-2 - USN-4195-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2974 in MariaDB 10.1 and CVE-2019-2938, CVE-2019-2974 for MariaDB 10.3. Ubuntu 18.04 LTS has been updated to MariaDB 10.1.43. Ubuntu 19.04 and 19.10 has been updated to MariaDB 10.3.20. In addition to security fixes, the updated package contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-2938, CVE-2019-2974
SHA-256 | b9b41094a48ae89cbb6576c36a9f537bdd1842e72e0f3a9e8c1387e2c75ae0e3
Jalios JCMS 10 Backdoor Account / Authentication Bypass
Posted Nov 20, 2019
Authored by Ricardo Jose Ruiz Fernandez

Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account using any username and a specific password.

tags | advisory
advisories | CVE-2019-19033
SHA-256 | 4829f8ae23e18fce86bba81501fecaf37b995626d52f739665df9e76cff8be4a
Red Hat Security Advisory 2019-3935-01
Posted Nov 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3935-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-0734, CVE-2018-0737, CVE-2018-17189, CVE-2018-17199, CVE-2018-5407, CVE-2019-0196, CVE-2019-0197, CVE-2019-0217, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2019-9517
SHA-256 | 38d04c60a0844680fb8dbf1f69783df06839251f87cb4f8f1f68b024aae0c58d
Red Hat Security Advisory 2019-3936-01
Posted Nov 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3936-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2018-12207, CVE-2019-11135
SHA-256 | 5dcca15fd5fd30a96f6deb1d092edec1bea4393a730a679a517ca32a9de04164
Red Hat Security Advisory 2019-3932-01
Posted Nov 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3932-01 - This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-0734, CVE-2018-0737, CVE-2018-17189, CVE-2018-17199, CVE-2018-5407, CVE-2019-0196, CVE-2019-0197, CVE-2019-0217, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2019-9517
SHA-256 | f949d1cc276a7bf012b0e797c6862801bf97e2c5aaac95a796e59d77b371fb59
Red Hat Security Advisory 2019-3933-01
Posted Nov 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3933-01 - This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-0734, CVE-2018-0737, CVE-2018-17189, CVE-2018-17199, CVE-2018-5407, CVE-2019-0196, CVE-2019-0197, CVE-2019-0217, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2019-9517
SHA-256 | dac80e1c3458729338d3267cf431efdab4daa1ca2b791a55f1f323f8a84c4bb4
Red Hat Security Advisory 2019-3929-01
Posted Nov 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3929-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.2 serves as a replacement for Red Hat JBoss Web Server 5.1, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, web, xss
systems | linux, redhat
advisories | CVE-2018-5407, CVE-2019-0221, CVE-2019-10072, CVE-2019-1559
SHA-256 | 80f28c1ed396da36a178c6f1d6c7eae27d31ab38180de9357eb6ac5e272131c5
Red Hat Security Advisory 2019-3931-01
Posted Nov 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3931-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Issues addressed include cross site scripting and denial of service vulnerabilities.

tags | advisory, java, web, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2018-5407, CVE-2019-0221, CVE-2019-10072, CVE-2019-1559
SHA-256 | c2a35f03e9c5eeee86dc6f02e3e82b10b06198741a15251e69754785d5ba9c63
Red Hat Security Advisory 2019-3926-01
Posted Nov 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3926-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. A sensitive data leak was addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-14864
SHA-256 | 2d4892946430a94f5060b659fc0369fa6d959a34aed1518e9a5bb10e5b7f35dc
Red Hat Security Advisory 2019-3927-01
Posted Nov 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3927-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. A sensitive data leak was addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-14864
SHA-256 | bf27351ec1ee2c70fc6959b970751f933dc9d7a05d1f93569fd76696081bdce4
Red Hat Security Advisory 2019-3928-01
Posted Nov 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3928-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. A sensitive data leak was addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-14864
SHA-256 | b8b4327a6f96d466f43320dcc6c246ed23be8c0f577d816f453d44a6b0235063
Red Hat Security Advisory 2019-3925-01
Posted Nov 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3925-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. A sensitive data leak was addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-14864
SHA-256 | c6552057631fc6104c82276e818c58ae09b99da56a12c92bbc3f09368a1201d1
Debian Security Advisory 4574-1
Posted Nov 20, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4574-1 - Hoger Just discovered an SQL injection in Redmine, a project management web application. In addition a cross-site scripting issue was found in Textile formatting.

tags | advisory, web, xss, sql injection
systems | linux, debian
advisories | CVE-2019-17427, CVE-2019-18890
SHA-256 | f1645c9f2dabbdc81219cfc176d38ae5e5f0545878192b80541326f30e08efaf
ipPulse 1.92 Denial Of Service
Posted Nov 20, 2019
Authored by Diego Buztamante

ipPulse version 1.92 suffers from an Enter Key denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 57203a95e88ff51589eeebdd54cb1a47a2a90f5e12d63f85c2968fb3b5385dc5
OpenNetAdmin 18.1.1 Remote Code Execution
Posted Nov 20, 2019
Authored by mattpascoe

OpenNetAdmin version 18.1.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | b6c84349b413139f2d4c6f709cbe88a81beabbc0ace50892a391fdb7165f86b3
Red Hat Security Advisory 2019-3916-01
Posted Nov 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3916-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This is a text-only advisory for the machine-os-content container image, which includes RPM packages for Red Hat Enterprise Linux CoreOS. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-12207, CVE-2019-14287
SHA-256 | 978f584f1d431ed8a1d60ccb27bcfaa551cac28f5ceeefe9395f3f27f7a4d33b
Windows Escalate UAC Protection Bypass Via Dot Net Profiler
Posted Nov 19, 2019
Authored by Stefan Kanthak, Casey Smith, bwatters-r7 | Site metasploit.com

Microsoft Windows allows for the automatic loading of a profiling COM object during the launch of a CLR process based on certain environment variables ostensibly to monitor execution. In this case, the authors abuse the profiler by pointing to a payload DLL that will be launched as the profiling thread. This thread will run at the permission level of the calling process, so an auto-elevating process will launch the DLL with elevated permissions. In this case, they use gpedit.msc as the auto-elevated CLR process, but others would work, too.

tags | exploit
systems | windows
SHA-256 | dca3da70d2a2d1b66b1779e541ee7478df88bc4ec265fa33d2fffcb756920230
Debian Security Advisory 4573-1
Posted Nov 19, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4573-1 - Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via unserialization.

tags | advisory, php, vulnerability, code execution
systems | linux, debian
advisories | CVE-2019-18887, CVE-2019-18888, CVE-2019-18889
SHA-256 | 649856298cb28fd4e777cfd64eb702d40e46dbe90be03da023d6599457196f3d
Page 4 of 18
Back23456Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close