what you don't know can hurt you
Showing 1 - 22 of 22 RSS Feed

Files Date: 2019-12-04 to 2019-12-05

Wireshark Analyzer 3.0.7
Posted Dec 4, 2019
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Multiple bug fixes have been applied, including one that addresses a security vulnerability.
tags | tool, sniffer, protocol
systems | windows, unix
advisories | CVE-2019-19553
SHA-256 | 3b2b279017753398b8d5deb440db5f98a205eea35f9417e5fa2893947e7992f2
YouPHPTube 7.7 SQL Injection
Posted Dec 4, 2019
Authored by EgiX | Site karmainsecurity.com

YouPHPTube versions 7.7 and below suffer from a remote SQL injection vulnerability in getChat.json.php.

tags | exploit, remote, php, sql injection
advisories | CVE-2019-18662
SHA-256 | 5d71aceec19133413eee8c6f4b44fc22997703a0b913eb7cb5f88539b50f03f1
CarolinaCon 16 Call For Papers
Posted Dec 4, 2019
Site carolinacon.org

The 16th CarolinaCon will be hosted in Charlotte at the Embassy Suites April 10th through the 11th, 2020.

tags | paper, conference
SHA-256 | 0bce466bb9cbf102f2d28af0000b1f76fe3da3a8ce9a030e77c99e94a553af9e
Fronius Solar Inverter Series Insecure Communication / Path Traversal
Posted Dec 4, 2019
Authored by T. Weber | Site sec-consult.com

Fronius Solar Inverter Series with software versions below 3.14.1 (HM 1.12.1) suffer from unencrypted communication and path traversal vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2019-19228, CVE-2019-19229
SHA-256 | 46d07c50a50a38d3e72edbdb05e75639eec82b51138aa67ce7d11c6db7954113
Revive Adserver 4.2 Remote Code Execution
Posted Dec 4, 2019
Authored by crlf

Revive Adserver version 4.2 suffers from a code execution vulnerability.

tags | exploit, code execution
advisories | CVE-2019-5434
SHA-256 | 5082b35d13521aa6d4dbca8ebd925afb960bebff1d7ba5b75f85a2e85c7bc127
WordPress CSS Hero 4.0.3 Cross Site Scripting
Posted Dec 4, 2019
Authored by Cary Hooper

WordPress CSS Hero plugin versions 4.0.3 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-19133
SHA-256 | f5303ca72b46a5c0f3a05bb3e7c8f0016aff5280f91141e959f1e869541394ba
Microsoft Windows Media Center XML Injection
Posted Dec 4, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Windows Media Center suffers from an XML external entity injection vulnerability. This vulnerability was originally released back on December 4, 2016, yet remains unfixed.

tags | exploit
systems | windows
SHA-256 | 71f1d0e6eb8642b53c59fcde6fde7854e016c87218d242fece55f62a8f552da6
BMC Smart Reporting 7.3 20180418 XML Injection
Posted Dec 4, 2019
Authored by David Herrero

BMC Smart Reporting version 7.3 20180418 suffers from an XML external entity injection vulnerability.

tags | exploit
advisories | CVE-2019-11216
SHA-256 | 6536109e0769a8776234090cb04b9f1ec1423d5b3cba0b53476bf8dd5cbe1c28
Microsoft Visual Basic 2010 Express XML Injection
Posted Dec 4, 2019
Authored by ZwX

Microsoft Visual Basic 2010 Express suffers from an XML external entity injection vulnerability.

tags | exploit
SHA-256 | a1f3585dbb4519259aee9111c5d0582260d38950186768ca108075c7944bdb5b
Microsoft Windows BasicRender.sys WARPGPUCMDSYNC NULL Pointer
Posted Dec 4, 2019
Authored by Victor Portal Gonzalez

Microsoft Windows suffers from an issue where a null pointer deference exists in the WARPGPUCMDSYNC function of the BasicRender.sys driver. An unprivileged user can trigger the vulnerability to crash the system and deny the service to the rest of the users.

tags | exploit
systems | windows
SHA-256 | ad5e0d10286db68492ef0e44ae5eb98085608264563e59748eabf6defc0bbd19
Ubuntu Security Notice USN-4213-1
Posted Dec 4, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4213-1 - Jeriko One and Kristoffer Danielsson discovered that Squid incorrectly handled certain URN requests. A remote attacker could possibly use this issue to bypass access checks and access restricted servers. This issue was only addressed in Ubuntu 19.04 and Ubuntu 19.10. Jeriko One discovered that Squid incorrectly handed URN responses. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-12523, CVE-2019-12526, CVE-2019-12854, CVE-2019-18676, CVE-2019-18677, CVE-2019-18678, CVE-2019-18679
SHA-256 | 95608e82aa5bc19b1025fff36128f36c39a6e83721488fe4c6dc58d9f2cfe122
Ubuntu Security Notice USN-4212-1
Posted Dec 4, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4212-1 - Tim D

tags | advisory, web, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-19330
SHA-256 | e716076d47c2974458d52d31fb8ab1e046f2d578e50639df189d4f36da59168d
Red Hat Security Advisory 2019-4082-01
Posted Dec 4, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4082-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory includes ose-cluster-authentication-operator-container, ose-cluster-config-operator-container, and ose-cluster-kube-apiserver-operator-container, which have been updated with the a fix to address a secret disclosure issue.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10213
SHA-256 | 563414c80fc6048a1732d2861ad68304d7131d3a8df3d594fa17915be9216316
Red Hat Security Advisory 2019-4081-01
Posted Dec 4, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4081-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. A secret disclosure issue was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-14854
SHA-256 | 6b7952ff309ebcc67992f4ee628929d88e9300eace6f419ca81de1d070a258a7
Slackware Security Advisory - mozilla-firefox Updates
Posted Dec 4, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-11745, CVE-2019-13722, CVE-2019-17005, CVE-2019-17008, CVE-2019-17009, CVE-2019-17010, CVE-2019-17011, CVE-2019-17012
SHA-256 | 15e55fbcf0e46f52c452659cc5536923f77e0d93866281a4ade6de408cc3a5c4
Ubuntu Security Notice USN-4182-3
Posted Dec 4, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4182-3 - USN-4182-1 provided updated Intel Processor Microcode. A regression was discovered that caused some Skylake processors to hang after a warm reboot. This update reverts the microcode for that specific processor family. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-11135, CVE-2019-11139
SHA-256 | 9873ce0744c7903ed3485e6ed56137adac90e035c3d1321e1445e3b1cb36a2ed
Ubuntu Security Notice USN-4182-4
Posted Dec 4, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4182-4 - USN-4182-2 provided updated Intel Processor Microcode. A regression was discovered that caused some Skylake processors to hang after a warm reboot. This update reverts the microcode for that specific processor family. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-11135, CVE-2019-11139
SHA-256 | 97e13efb5017be1375b480c91abcd9a1c5897daac63a1dd2a24252e7741db982
Red Hat Security Advisory 2019-4075-01
Posted Dec 4, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4075-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the ose-cluster-kube-apiserver-operator-container and ose-cluster-kube-scheduler-operator-container images for Red Hat OpenShift Container Platform 4.2.9. These images have been rebuilt with an updated version of openshift/library-go to address a data sanitization issue.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-14854
SHA-256 | 9e663213cc9ad506fa281f48e31e66c01b3779f099e2b5b9665dac99a925af94
Red Hat Security Advisory 2019-4074-01
Posted Dec 4, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4074-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the runc RPM package for Red Hat OpenShift Container Platform 4.2.9. The runC tool is a lightweight, portable implementation of the Open Container Format that provides a container runtime. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2019-16884
SHA-256 | 66e602ca70f1b784c50eafc915b506699c891d638a3ada3a7fb0fab8921fa3e6
Ubuntu Security Notice USN-4194-2
Posted Dec 4, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4194-2 - USN-4194-1 fixed a vulnerability in postgresql-common. This update provides the corresponding update for Ubuntu 14.04 ESM. Rich Mirch discovered that the postgresql-common pg_ctlcluster script incorrectly handled directory creation. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-3466
SHA-256 | ac5e1cc73bc4af9f7be486a13b218331311753c1ebd481c5bf5f2f384f810a43
Cisco WLC 2504 8.9 Denial Of Service
Posted Dec 4, 2019
Authored by SecuNinja

Cisco WLC 2504 version 8.9 suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | cisco
advisories | CVE-2019-15276
SHA-256 | 692da50c6c7b702b96f528fe1dd64418fb776f151a11cb9154373c976bd4af4b
Online Clinic Management System 2.2 HTML Injection
Posted Dec 4, 2019
Authored by Cemal Cihad CiFTCi

Online Clinic Management System version 2.2 suffers from a html injection vulnerability.

tags | exploit
SHA-256 | d00b794f6af44b3a88eee99c0f6933a6278eabe339b376ce499037b8408bf53d
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close