exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 478 RSS Feed

Files Date: 2020-12-01 to 2020-12-31

Debian Security Advisory 4818-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4818-1 - Several vulnerabilities were discovered in Sympa, a mailing list manager, which could result in local privilege escalation, denial of service or unauthorized access via the SOAP API.

tags | advisory, denial of service, local, vulnerability
systems | linux, debian
advisories | CVE-2020-10936, CVE-2020-26932, CVE-2020-29668, CVE-2020-9369
SHA-256 | b5e2af845768d3755cb9be263eef29650e1f5a4b75aef651239c12da54242c22
Debian Security Advisory 4819-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4819-1 - Stephane Chauveau discovered that the graphics protocol implementation in Kitty, a GPU-based terminal emulator, did not sanitise a filename when returning an error message, which could result in the execution of arbitrary shell commands when displaying a file with cat.

tags | advisory, arbitrary, shell, protocol
systems | linux, debian
advisories | CVE-2020-35605
SHA-256 | f6317a49d2923fe8f53b7672c8fb7c1f2edf2679a5c2d33218c92950955b63e6
Debian Security Advisory 4820-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4820-1 - Pritam Singh discovered an open redirect in the workflow forms of OpenStack Horizon.

tags | advisory
systems | linux, debian
advisories | CVE-2020-29565
SHA-256 | aa4dcfbb55beed6cfd5dd0c5473f61da086f94bac322f0b535a9d8136898b814
Debian Security Advisory 4821-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4821-1 - Alex Birnberg discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to a cross-site scripting vulnerability in handling HTML or Plain text messages with malicious content.

tags | advisory, imap, xss
systems | linux, debian
advisories | CVE-2020-35730
SHA-256 | 767561724a53319077d3cdf5d57e9f5904fcd9eb4ae9dc5d7a3475c8e8af11f2
CHMSC Elearning System 1.0 SQL Injection
Posted Dec 27, 2020
Authored by Ferhat Cil

CHMSC Elearning System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c338dee624e0a3c1188d6eb7b4dbe8289b2c065fd59b716a7e067cbcb688516b
URVE Software Build 24.03.2020 Information Disclosure
Posted Dec 27, 2020
Authored by Erik Steltzner | Site syss.de

URVE Software build version 24.03.2020 suffers from an information disclosure vulnerability that leaks passwords.

tags | exploit, info disclosure
advisories | CVE-2020-29550
SHA-256 | 6199f87d0e51f1396cb792820464ba5845e147f83c62285034cbbc37df02dd05
URVE Software Build 24.03.2020 Missing Authorization
Posted Dec 26, 2020
Authored by Erik Steltzner | Site syss.de

URVE Software build version 24.03.2020 suffers from a missing authorization vulnerability.

tags | exploit
advisories | CVE-2020-29551
SHA-256 | 5b50fb6ac4e7f08d9e0044e8d698f81756c260f1010c2d75ae42018e91683f6b
Philips Hue Denial Of Service
Posted Dec 26, 2020
Authored by Ilia Shnaidman

Philips Hue hubs suffer from a denial of service vulnerability via simple SYN floods.

tags | exploit, denial of service
advisories | CVE-2018-7580
SHA-256 | fc85db25adb7477517ef4a218498ebec0f8321832ade36ad5607d01441c1225f
URVE Software Build 24.03.2020 Authentication Bypass / Remote Code Execution
Posted Dec 25, 2020
Authored by Erik Steltzner | Site syss.de

URVE Software build version 24.03.2020 suffers from an authentication bypass that allows for remote code execution.

tags | exploit, remote, code execution
advisories | CVE-2020-29552
SHA-256 | 160a33a05aadafb26e1ae403a476e993a77dcee0164cdffda083878ccc7c5f82
CarolinaCon 16 Call For Papers
Posted Dec 25, 2020
Site carolinacon.org

The 16th CarolinaCon was postponed in 2020 due to the pandemic but the conference will be hosted online in 2021. A new CFP has been announced.

tags | paper, conference
SHA-256 | 3804a85c253ad128b9833739ebb61c517b3febf43c4d9df81e89580873313d29
Apache Struts 2 Forced Multi OGNL Evaluation
Posted Dec 24, 2020
Authored by Matthias Kaiser, Spencer McIntyre, Alvaro Munoz, ka1n4t | Site metasploit.com

The Apache Struts framework, when forced, performs double evaluation of attribute values assigned to certain tags attributes such as id. It is therefore possible to pass in a value to Struts that will be evaluated again when a tag's attributes are rendered. With a carefully crafted request, this can lead to remote code execution. This vulnerability is application dependant. A server side template must make an affected use of request data to render an HTML tag attribute.

tags | exploit, remote, code execution
advisories | CVE-2019-0230, CVE-2020-17530
SHA-256 | 3cfe28296a3b91c815100d9996280537326adc728304ac8036ea7dcb8ca37586
Lynis Auditing Tool 3.0.2
Posted Dec 24, 2020
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Added OS detection of Flatcar, IPFire, Mageia, NixOS, ROSA Linux, SLES (extended), Void Linux, Zorin OS. Support for Solaris svcs added. Many other additions and changes.
tags | tool, scanner
systems | unix
SHA-256 | 5b2ce3b602df2a59934f79f07f2702df574f8d840ead2e435a3dcf706d054bb0
Faraday 3.14.0
Posted Dec 24, 2020
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Added RESTless filter to multiples views, improving search. Added import vulnerability templates command to faraday-manage. Added a create_date field to comments. Various other additions and fixes.
tags | tool, rootkit
systems | unix
SHA-256 | 9b0f71182955d9cc7a6fa1108245ef50055a51415551661c14fa41d80ac4112f
Arteco Web Client DVR/NVR Session Hijacking
Posted Dec 24, 2020
Authored by LiquidWorm | Site zeroscience.mk

The session identifier used by Arteco Web Client DVR/NVR is of an insufficient length and can be brute forced, allowing a remote attacker to obtain a valid session, bypass authentication, and disclose the live camera stream.

tags | exploit, remote, web
SHA-256 | 8e36cd6e0e9d8313fa5d69ac8a251f028f0917623224801c73dabef67e8e781f
Gentoo Linux Security Advisory 202012-24
Posted Dec 24, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-24 - Multiple vulnerabilities have been found in Samba, the worst of which could result in a Denial of Service condition. Versions less than 4.12.9 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2020-14318, CVE-2020-14323, CVE-2020-14383, CVE-2020-1472
SHA-256 | 09eede95a802e9406ba2349f3ea9a0665ce582d50fcd93512059a1e324ed54bc
Gentoo Linux Security Advisory 202012-23
Posted Dec 24, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-23 - A vulnerability has been discovered in Apache Tomcat that allows for the disclosure of sensitive information. Versions less than 8.5.60:8.5 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2020-17527
SHA-256 | 036a4bffafc60bce4ec6c29a38cd364c18195202e9a4ef44898269e4f2646a77
Gentoo Linux Security Advisory 202012-22
Posted Dec 24, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-22 - A buffer overflow in HAProxy might allow an attacker to execute arbitrary code. Versions less than 2.1.4 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2020-11100
SHA-256 | deb543fefe04671e624c9a3a397ff0e90ad643398dd6eafbd995bb2736cc5a14
Gentoo Linux Security Advisory 202012-21
Posted Dec 24, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-21 - A vulnerability in NSS might allow remote attackers to cause a Denial of Service condition. Versions less than 3.58 are affected.

tags | advisory, remote, denial of service
systems | linux, gentoo
advisories | CVE-2020-25648
SHA-256 | a282dc641d5de5587d78c29558f4f0c0c8488867d67a5bc5ea418c671b625ce8
Gentoo Linux Security Advisory 202012-20
Posted Dec 24, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-20 - Multiple vulnerabilities have been found in Mozilla Firefox and Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 84.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-16042, CVE-2020-26971, CVE-2020-26973, CVE-2020-26974, CVE-2020-26978, CVE-2020-35111, CVE-2020-35113
SHA-256 | de30a1e21e5b7ada6ec4bcbb46cceddbefafa75528b46c501c1e55964f1b231f
Gentoo Linux Security Advisory 202012-19
Posted Dec 24, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-19 - A vulnerability in PowerDNS Recursor could lead to a Denial of Service condition. Versions less than 4.3.5 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2020-25829
SHA-256 | 1a0b7a13e55aa409cf7dd7d3871ee3056e1aa0f33241282dda8d17a5f2731643
WordPress Adning Advertising 1.5.5 Shell Upload
Posted Dec 24, 2020
Authored by spacehen

Adning Advertising plugin version 1.5.5 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | b8557316f332094f6672bb8c0004bcbd1f143157334bb43bddaa829f3b02d82b
Gentoo Linux Security Advisory 202012-18
Posted Dec 24, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-18 - An information disclosure vulnerability in PowerDNS allow remote attackers to obtain sensitive information. Versions less than 4.3.1 are affected.

tags | advisory, remote, info disclosure
systems | linux, gentoo
advisories | CVE-2020-17482
SHA-256 | 704df9880c4a0fd844a1a0504544397c333157cd26c177c9c8f4d24de36804b1
Gentoo Linux Security Advisory 202012-17
Posted Dec 24, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-17 - A local Denial of Service vulnerability was discovered in D-Bus. Versions less than 1.12.20 are affected.

tags | advisory, denial of service, local
systems | linux, gentoo
SHA-256 | d24fef0933746329a1375cfa995e50b3953cee853f21f0f4321cfbceb8ad26ad
Gentoo Linux Security Advisory 202012-16
Posted Dec 24, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-16 - Multiple vulnerabilities have been found in PHP, the worst of which could result in a Denial of Service condition. Versions less than 8.0.0 are affected.

tags | advisory, denial of service, php, vulnerability
systems | linux, gentoo
advisories | CVE-2020-7069, CVE-2020-7070
SHA-256 | 0a324c9df6116f0293feef12896ad6a985963a013bf429dde82e154fd65a423a
Gentoo Linux Security Advisory 202012-15
Posted Dec 24, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-15 - A vulnerability in GDK-PixBuf library could lead to a Denial of Service condition. Versions less than 2.42.2 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2020-29385
SHA-256 | 14bc8e8787b55a47d0523a3b4f0b89c62ff0a566f965289d796c69152294fb54
Page 2 of 20
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close