what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 410 RSS Feed

Files Date: 2020-03-01 to 2020-03-31

Debian Security Advisory 4643-1
Posted Mar 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4643-1 - It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when strip=False and 'math' or 'svg' tags and one or more of the RCDATA tags were whitelisted.

tags | advisory, python
systems | linux, debian
advisories | CVE-2020-6816
SHA-256 | fa8f325702803b534ade8e4bb05e7285c5a513fdb43b133a6fd6e756e4f8ee39
Debian Security Advisory 4644-1
Posted Mar 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4644-1 - A denial of service vulnerability (by triggering high CPU consumption) was found in Tor, a connection-based low-latency anonymous communication system.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2020-10592
SHA-256 | 84fb8a09b6586841538937d668832c5199d47fb8242b51999110cb3df3451d6e
Debian Security Advisory 4645-1
Posted Mar 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4645-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2019-20503, CVE-2020-6422, CVE-2020-6424, CVE-2020-6425, CVE-2020-6426, CVE-2020-6427, CVE-2020-6428, CVE-2020-6429, CVE-2020-6449
SHA-256 | 676b203db61a609b382f0d4e9fda48541b9a2242d686f4a3cf49e546b04a2d51
Debian Security Advisory 4646-1
Posted Mar 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4646-1 - Andre Bargull discovered an integer overflow in the International Components for Unicode (ICU) library which could result in denial of service and potentially the execution of arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2020-10531
SHA-256 | 1f7b4ca1efd04fe7858eabb3bec876beced539192d487b14f50cee2ed3179315
Debian Security Advisory 4647-1
Posted Mar 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4647-1 - It was reported that the BlueZ's HID and HOGP profile implementations don't specifically require bonding between the device and the host. Malicious devices can take advantage of this flaw to connect to a target host and impersonate an existing HID device without security or to cause an SDP or GATT service discovery to take place which would allow HID reports to be injected to the input subsystem from a non-bonded source.

tags | advisory
systems | linux, debian
advisories | CVE-2020-0556
SHA-256 | 162dbfbf7a51afb140e41ea95ef8bda9cb2caf97846e78d132ef4a2915d79a3c
Debian Security Advisory 4648-1
Posted Mar 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4648-1 - Russ Allbery discovered a buffer overflow in the PAM module for MIT Kerberos, which could result in denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2020-10595
SHA-256 | c5eae23da915c5e658fb96e20fa877eb3a12e3585e54b30300f65c17b3b80b42
Micro Focus Vibe 4.0.6 Cross Site Scripting
Posted Mar 28, 2020
Authored by Dr. Vladimir Bostanov | Site syss.de

Micro Focus Vibe version 4.0.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-9250
SHA-256 | b704ace34d0c7e6b2d7922015fd9228515f6cebf2302a5f752c27dee84dfa06d
Micro Focus Vibe 4.0.6 HTML Injection
Posted Mar 28, 2020
Authored by Dr. Vladimir Bostanov | Site syss.de

Micro Focus Vibe version 4.0.6 suffers from an html injection vulnerability.

tags | exploit
SHA-256 | 5f9ffbfad0ad714375f7ca82a8f6f5eb5dd45f8670aa28158fa82ea9bff0d765
IBM Cognos TM1 / IBM Planning Analytics Server Configuration Overwrite / Code Execution
Posted Mar 28, 2020
Authored by Pedro Ribeiro, Gareth Batchelor

IBM Cognos TM1 Server / Planning Analytics Server (TM1) suffers from a configuration overwrite vulnerability that can be leveraged to achieve code execution as SYSTEM via TM1 scripting. Extensive research is included in this advisory as well as the Metasploit module.

tags | exploit, code execution
advisories | CVE-2019-4716
SHA-256 | 7adaef0a254ef114813a1fd3002f76240f5426ebf3ada7a99fac67252f614370
DLINK DWL-2600 Authenticated Remote Command Injection
Posted Mar 28, 2020
Authored by Raki Ben Hamouda, Nick Starke | Site metasploit.com

This Metasploit module exploits some DLINK Access Points that are vulnerable to an authenticated OS command injection. Default credentials for the web interface are admin/admin.

tags | exploit, web
advisories | CVE-2019-20499
SHA-256 | a2f0e8cf76051e688f4ad0f0c6c2006837b156b7ef27c777a6a73c0c8435e559
codeBeamer 9.5 Cross Site Scripting
Posted Mar 28, 2020
Authored by Georg Ph E Heise

codeBeamer versions 9.5 and below suffer from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-19912, CVE-2019-19913
SHA-256 | ad369fec0c3f1233771579bb12bfb9e9b346a7907407bfb4a1a7b305585f8c55
rConfig 3.9.4 searchField Remote Code Execution
Posted Mar 28, 2020
Authored by vikingfr

rConfig version 3.9.4 searchField unauthenticated remote root code execution exploit.

tags | exploit, remote, root, code execution
advisories | CVE-2019-19509, CVE-2019-19585, CVE-2020-10220
SHA-256 | 286d169b9325c701681f3ca01b90d56974a51fe70471f6d1ba94a2d175b1f7a8
FreeCommander XE 2020 Pathname Buffer Overflow
Posted Mar 28, 2020
Authored by Hodorsec

FreeCommander XE 2020 Build 810a 32-bit suffers from a pathname buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 60d82e33f0c7f4253ddc265c3479423769c54f1a48cc6ae26922cfd73df607d2
Apple Security Advisory 2020-03-25-2
Posted Mar 28, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-03-25-2 - iCloud for Windows 7.18 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.

tags | advisory, overflow, vulnerability, code execution, xss
systems | windows, apple
advisories | CVE-2020-3885, CVE-2020-3887, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-3909, CVE-2020-3910, CVE-2020-3911, CVE-2020-9783
SHA-256 | 96ab81fe377fcfec5e673df49ba97fc74d44e1974d38e9711f12e9456a8da14b
Apple Security Advisory 2020-03-25-1
Posted Mar 28, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-03-25-1 - iCloud for Windows 10.9.3 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.

tags | advisory, overflow, vulnerability, code execution, xss
systems | windows, apple
advisories | CVE-2020-3885, CVE-2020-3887, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-3909, CVE-2020-3910, CVE-2020-3911, CVE-2020-9783
SHA-256 | acea9f0b0cce60f1793d0187de42beed290b55978ebb0659695bb8aa50a3f1b7
Hyperion Runtime Encrypter 2.3.1
Posted Mar 28, 2020
Authored by belial | Site nullsecurity.net

Hyperion is a runtime encrypter for 32-bit and 64-bit portable executables. It is a reference implementation and bases on the paper "Hyperion: Implementation of a PE-Crypter".

Changes: A bugfix in .net file detection.
tags | tool, encryption
SHA-256 | 546bba6c21a8e53a0ebd1b8665fdb96452b6cab6ffbd9956b7c34f8bdab5e518
Webexcels Ecommerce CMS 2.x SQL Injection / Cross Site Scripting
Posted Mar 28, 2020
Authored by thelastvvv

Webexcels Ecommerce CMS version 2.x suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | f1a0150ad98e19ccd148216e1b64e6e01d5ff4f6ed52d98077cbc41e152cfd9e
Red Hat Security Advisory 2020-0984-01
Posted Mar 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0984-01 - The ipmitool packages contain a command-line utility for interfacing with devices that support the Intelligent Platform Management Interface specification. IPMI is an open standard for machine health, inventory, and remote power control. Issues addressed include a buffer overflow vulnerability.

tags | advisory, remote, overflow
systems | linux, redhat
advisories | CVE-2020-5208
SHA-256 | 2d8fd208426906e151532813be56a161b7cf7cc7cf2a850bd1eae7622538bb9d
Gentoo Linux Security Advisory 202003-61
Posted Mar 27, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-61 - A vulnerability in Adobe Flash Player might allow remote attackers to execute arbitrary code. Versions less than 32.0.0.330 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2020-3757
SHA-256 | 3fc7bad8d96a7f49b4cf0ec3da7c69085affa7e32f8998c53679fc3ff3299df4
Gentoo Linux Security Advisory 202003-60
Posted Mar 27, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-60 - Multiple vulnerabilities have been found in QtCore, the worst of which could result in the execution of arbitrary code. Versions less than 5.13.2-r2 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-18281, CVE-2020-0569, CVE-2020-0570
SHA-256 | 650572164c36484157791521eb3ea332bfef2a71601585cb4d9893c4409adfbc
Red Hat Security Advisory 2020-0983-01
Posted Mar 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0983-01 - This release of Red Hat Fuse 7.6.0 serves as a replacement for Red Hat Fuse 7.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and information leakage vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2015-9251, CVE-2017-16012, CVE-2017-5929, CVE-2018-11771, CVE-2018-15756, CVE-2019-10174, CVE-2019-10184, CVE-2019-11272, CVE-2019-12384, CVE-2019-12422, CVE-2019-12814, CVE-2019-14379, CVE-2019-14439, CVE-2019-17570, CVE-2019-3802, CVE-2019-3888, CVE-2019-5427, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518
SHA-256 | c2b2bece438c10e903155ade04dc8eb70bbee2e9169a4e812ce54e8f4eebf85a
ECK Hotel 1.0 Cross Site Request Forgery
Posted Mar 27, 2020
Authored by Mustafa Emre Gul

ECK Hotel version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 73b0a2baf1aadb4634e5d536bc7971dd31bccd2af7ff063bb87cdec4581c95e4
Gentoo Linux Security Advisory 202003-59
Posted Mar 27, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-59 - Multiple vulnerabilities have been found in libvpx, the worst of which could result in the execution of arbitrary code. Versions less than 1.8.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-9232, CVE-2019-9325, CVE-2019-9371, CVE-2019-9433
SHA-256 | 503ec47e35e8e03981d4671be2eb3497dab2a55f6fd08ee006835e3c3bcc3f2b
Red Hat Security Advisory 2020-0981-01
Posted Mar 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0981-01 - The ipmitool packages contain a command-line utility for interfacing with devices that support the Intelligent Platform Management Interface specification. IPMI is an open standard for machine health, inventory, and remote power control. Issues addressed include a buffer overflow vulnerability.

tags | advisory, remote, overflow
systems | linux, redhat
advisories | CVE-2020-5208
SHA-256 | ca35dc444d79793c1d0c0f18d0e9312c06b6ad4fddd368824ac4dbbd2d922d89
Everest 5.50.2100 Denial Of Service
Posted Mar 27, 2020
Authored by Ivan Marmolejo

Everest version 5.50.2100 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 36a23f95e671ec254ef8be53b1fd8254508a51304b2e73a386a969ca04e36b72
Page 2 of 17
Back12345Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    48 Files
  • 20
    Sep 20th
    36 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    38 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close