what you don't know can hurt you
Showing 76 - 100 of 113,497 RSS Feed

Files

Red Hat Security Advisory 2020-4289-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4289-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352, CVE-2020-14331, CVE-2020-14385, CVE-2020-14386
MD5 | 51c6fb98b1d3707da3d7531842005a5d
Ubuntu Security Notice USN-4591-1
Posted Oct 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4591-1 - Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2020-12351, CVE-2020-12352
MD5 | 5d0eee3a0d51a48fdc43a1f3e9d24038
Ultimate Project Manager CRM PRO 2.05 SQL Injection
Posted Oct 20, 2020
Authored by nag0mez

Ultimate Project Manager CRM PRO versions 2.0.5 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0218911dc1316838cdde1cba109f6620
Apache Struts 2 Remote Code Execution
Posted Oct 20, 2020
Authored by Jonatas Fil

Apache Struts 2 DefaultActionMapper Prefixes OGNL remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2013-2251
MD5 | 4bacfb503bb7a49d5262f888693bb1b8
Red Hat Security Advisory 2020-4287-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4287-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and information leakage vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352, CVE-2020-14385, CVE-2020-14386
MD5 | 0e9b2a44406e1502eb1daf6f63e7d8d9
WordPress SuperStoreFinder 6.1 CSRF / Shell Upload
Posted Oct 20, 2020
Authored by Joe Iz

WordPress SuperStoreFinder plugin version 6.1 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
MD5 | d65d9b7ecb896e5b99b319e01822cb42
Red Hat Security Advisory 2020-4285-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4285-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include crlf injection, cross site scripting, denial of service, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, xss, python
systems | linux, redhat
advisories | CVE-2019-16935, CVE-2019-18348, CVE-2019-20907, CVE-2019-20916, CVE-2020-14422, CVE-2020-26116, CVE-2020-8492
MD5 | 6bbb5941e3c53ce867479fb49b113d8d
Rite CMS 2.2.1 Remote Code Execution
Posted Oct 20, 2020
Authored by H0j3n

Rite CMS version 2.2.1 authenticated remote code execution exploit. Original finding for remote code execution in this version of Rite CMS is attributed to Enes Ozeser.

tags | exploit, remote, code execution
MD5 | ae908efdadf489d50daf07ce1577dbb2
Red Hat Security Advisory 2020-4288-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4288-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352
MD5 | 61d9fa29c37889ca12050e621901e5e1
Ubuntu Security Notice USN-4590-1
Posted Oct 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4590-1 - It was discovered that Collabtive did not properly validate avatar image file uploads. An authenticated user could exploit this with a crafted file to cause Collabtive to execute arbitrary code.

tags | advisory, arbitrary, file upload
systems | linux, ubuntu
advisories | CVE-2015-0258
MD5 | 179fd7eba43ef7a3691ef8f62753e5e7
Red Hat Security Advisory 2020-4277-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4277-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352
MD5 | fa2151e7b6eebcebf212e2ab38898eb5
Loan Management System 1.0 Cross Site Scripting
Posted Oct 20, 2020
Authored by Akiner Kisa

Loan Management System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 11d8962f2b912b9c85fac11800d77316
Textpattern CMS 4.6.2 Cross Site Request Forgery
Posted Oct 20, 2020
Authored by Alperen Ergel

Textpattern CMS version 4.6.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | b753353b69cc27b5e38d093ff1af5070
Red Hat Security Advisory 2020-4279-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4279-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352, CVE-2020-16166, CVE-2020-25212
MD5 | 089fc53a4db59f56fbe1508d0c173faf
Comtrend AR-5387un Cross Site Scripting
Posted Oct 20, 2020
Authored by OscarAkaElvis

The Comtrend AR-5387un router suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-8062
MD5 | ff78049c01eff75386a14638053da8b9
Red Hat Security Advisory 2020-4281-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4281-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352
MD5 | 712e413e9ff631e3fec3be5bafbf4557
Red Hat Security Advisory 2020-4278-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4278-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352
MD5 | f10ac7eccb67d177cab7bd7f7166c106
Typesetter CMS 5.1 Remote Code Execution
Posted Oct 20, 2020
Authored by Rodolfo Tavares

Typesetter CMS version 5.1 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2020-25790
MD5 | be124f8d98baac1116395606bbbfd43c
Hostel Management System 2.1 Cross Site Scripting
Posted Oct 20, 2020
Authored by Kokn3t

Hostel Management System version 2.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2020-25270
MD5 | 620bdf332f1b0bcd48be82a4227ff758
Red Hat Security Advisory 2020-4280-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4280-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352
MD5 | d3edc48be352193ef675d80c3c1dbf9e
Sifter 10.4g
Posted Oct 20, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: GHunt added for email reconnaissance. DeadTrap has been readded. Various other updates and additions.
tags | tool, remote, local, scanner, vulnerability
systems | unix
MD5 | 295e8fb0ea4fe941b286e8c39240f816
Microsoft SharePoint SSI / ViewState Remote Code Execution
Posted Oct 19, 2020
Authored by mr_me, wvu | Site metasploit.com

This Metasploit module exploits a server-side include (SSI) in SharePoint to leak the web.config file and forge a malicious ViewState with the extracted validation key. This exploit is authenticated and requires a user with page creation privileges, which is a standard permission in SharePoint. The web.config file will be stored in loot once retrieved, and the VALIDATION_KEY option can be set to short-circuit the SSI and trigger the ViewState deserialization.

tags | exploit, web
advisories | CVE-2020-16952
MD5 | a5350820d850daaac2cdc5db70533321
Chrome USB::OnServiceConnectionError Use-After-Free
Posted Oct 19, 2020
Authored by Google Security Research, Glazvunov

Chrome suffers from a use-after-free vulnerability in USB::OnServiceConnectionError.

tags | exploit
advisories | CVE-2020-6541
MD5 | 5edb5820b7d1b2c0f59e318c98fb4d0b
Chrome WebIDBGetDBNamesCallbacksImpl::SuccessNamesAndVersionsList Use-After-Free
Posted Oct 19, 2020
Authored by Google Security Research, Glazvunov

Chrome suffers from a use-after-free vulnerability in WebIDBGetDBNamesCallbacksImpl::SuccessNamesAndVersionsList.

tags | exploit
advisories | CVE-2020-6550
MD5 | 411e2d70af0ac966392cea6e525962e3
Mocha For Android Audio Interception
Posted Oct 19, 2020
Authored by Google Security Research, natashenka

Mocha for Android suffers from an issue where a call can cause the callee device to send audio without user interaction.

tags | exploit
MD5 | 772edab5551c467389bb2fea0c6d8a2f
Page 4 of 4,540
Back23456Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close