exploit the possibilities
Showing 1 - 25 of 69,892 RSS Feed

Advisory Files

Ubuntu Security Notice USN-3916-1
Posted Mar 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3916-1 - It was discovered that libsolv incorrectly handled certain malformed input. If a user or automated system were tricked into opening a specially crafted file, applications that rely on libsolv could be made to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-20532
MD5 | 70fe4f30d8440aca23ca45dae788f1c5
Debian Security Advisory 4413-1
Posted Mar 22, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4413-1 - A heap-based buffer overflow was discovered in NTFS-3G, a read-write NTFS driver for FUSE. A local user can take advantage of this flaw for local root privilege escalation.

tags | advisory, overflow, local, root
systems | linux, debian
advisories | CVE-2019-9755
MD5 | 87d1656a3dc5ceefc787a3b290b7ab3c
Ubuntu Security Notice USN-3917-1
Posted Mar 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3917-1 - The snapd default seccomp filter for strict mode snaps blocks the use of the ioctl system call when used with TIOCSTI as the second argument to the system call. Jann Horn discovered that this restriction could be circumvented on 64 bit architectures. A malicious snap could exploit this to bypass intended access restrictions to insert characters into the terminal's input queue. On Ubuntu, snapd typically will have already automatically refreshed itself to snapd 2.37.4 which is unaffected.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-7303
MD5 | 9673787b73f906be9d48ecf914106030
Ubuntu Security Notice USN-3918-1
Posted Mar 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3918-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, denial of service via successive FTP authorization prompts or modal alerts, trick the user with confusing permission request prompts, obtain sensitive information, conduct social engineering attacks, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-9788, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9797, CVE-2019-9799, CVE-2019-9802, CVE-2019-9803, CVE-2019-9805, CVE-2019-9808, CVE-2019-9809
MD5 | 7a027189c82bdc87f59c8d573a89c651
Ubuntu Security Notice USN-3913-1
Posted Mar 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3913-1 - It was discovered that p7zip did not correctly handle certain malformed archives. If a user or automated system were tricked into processing a specially crafted archive with p7zip, then p7zip could be made to crash, possibly leading to arbitrary code execution.

tags | advisory, code execution
systems | linux, ubuntu
advisories | CVE-2016-2335
MD5 | a222fa1199b772b4af03fd82ced01935
Ubuntu Security Notice USN-3915-1
Posted Mar 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3915-1 - It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-3835
MD5 | 51af7b4abfe723103eb813857d63f1b1
Ubuntu Security Notice USN-3914-1
Posted Mar 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3914-1 - A heap buffer overflow was discovered in NTFS-3G when executing it with a relative mount point path that is too long. A local attacker could potentially exploit this to execute arbitrary code as the administrator.

tags | advisory, overflow, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-9755
MD5 | 0d6118cd73ef057e584a045b065f72bc
Red Hat Security Advisory 2019-0633-01
Posted Mar 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0633-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Multiple vulnerabilities have been addressed.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-3835, CVE-2019-3838
MD5 | d0f663d65f22a212becfbc13b6c307ce
Sourcetree Git Arbitrary Code Execution / URL Handling
Posted Mar 21, 2019
Authored by Atlassian, Terry Zhang

Sourcetree for macOS versions below 3.1.1 to 1.2 and Sourcetree for Windows versions below 3.0.17 to 0.5a suffer from code execution vulnerabilities related to the inclusion of git, a Mercurial hooks argument injection vulnerability, and a URI handling vulnerability.

tags | advisory, vulnerability, code execution
systems | windows
advisories | CVE-2018-17456, CVE-2018-20234, CVE-2018-20235, CVE-2018-20236
MD5 | 8c11e1db6b9aa505af1b9078fb0fe02f
Debian Security Advisory 4412-1
Posted Mar 21, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4412-1 - It was discovered that missing input sanitizing in the file module of Drupal, a fully-featured content management framework, could result in cross-site scripting.

tags | advisory, xss
systems | linux, debian
MD5 | 0a566185c33547dba31527fbb757d9a7
Debian Security Advisory 4411-1
Posted Mar 21, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4411-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2018-18506, CVE-2019-9788, CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, CVE-2019-9796
MD5 | a55828919dc149d864f25e35999b7b7d
Debian Security Advisory 4410-1
Posted Mar 21, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4410-1 - A memory disclosure vulnerability was discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in information disclosure or bypass of sandbox restrictions.

tags | advisory, java, info disclosure
systems | linux, debian
advisories | CVE-2019-2422
MD5 | af0bbc978eb4febdb797ea24debe908c
Ubuntu Security Notice USN-3912-1
Posted Mar 21, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3912-1 - It was discovered that the GDK-PixBuf library did not properly handle certain BMP images. If an user or automated system were tricked into opening a specially crafted BMP file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-12447
MD5 | 6148b2880eeab129f7f0943d1cac0eb5
Java Card VM Memory Safety
Posted Mar 20, 2019
Authored by Adam Gowdiak | Site security-explorations.com

Security Explorations has discovered multiple security vulnerabilities in the reference implementation of Java Card technology from Oracle used in financial, government, transportation and telecommunication sectors among others. As for the impact, the vulnerabilities found make it possible to break memory safety of the underlying Java Card VM. As a result, full access to smartcard memory could be achieved, applet firewall could be broken or native code execution could be gained.

tags | advisory, java, vulnerability, code execution
MD5 | a257c47765f8cfe63cbbecdf5b803bd5
Red Hat Security Advisory 2019-0623-01
Posted Mar 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0623-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.6.0 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2018-18506, CVE-2019-9788, CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, CVE-2019-9796
MD5 | ff510861267b5328f8b5c0f5348eb1ed
Red Hat Security Advisory 2019-0622-01
Posted Mar 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0622-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.6.0 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2018-18506, CVE-2019-9788, CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, CVE-2019-9796
MD5 | 3c1f530646d87e122ac4fe44de5a8ce6
Gentoo Linux Security Advisory 201903-16
Posted Mar 20, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201903-16 - Multiple vulnerabilities have been found in OpenSSH, the worst of which could allow a remote attacker to gain unauthorized access. Versions less than 7.9_p1-r4 are affected.

tags | advisory, remote, vulnerability
systems | linux, gentoo
advisories | CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111
MD5 | 87bd4d4026e3b8a5385b4e39b0a9bafc
Slackware Security Advisory - libssh2 Updates
Posted Mar 19, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libssh2 packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-3855, CVE-2019-3856, CVE-2019-3857, CVE-2019-3858, CVE-2019-3859, CVE-2019-3860, CVE-2019-3861, CVE-2019-3862, CVE-2019-3863
MD5 | 75dc61143a842e32ab8500f75ed4d9ec
Debian Security Advisory 4409-1
Posted Mar 19, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4409-1 - Erik Olof Gunnar Andersson discovered that incorrect validation of port settings in the iptables security group driver of Neutron, the OpenStack virtual network service, could result in denial of service in a multi tenant setup.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2019-9735
MD5 | d3a948ca8507d7cb3d99637b37eb392b
Red Hat Security Advisory 2019-0600-01
Posted Mar 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0600-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a deserialization vulnerability.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2018-16476
MD5 | 1851ff3f967e78cafa8097e80c42894d
Gentoo Linux Security Advisory 201903-15
Posted Mar 19, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201903-15 - Multiple vulnerabilities have been found in NTP, the worst of which could result in the remote execution of arbitrary code. Versions less than 4.2.8_p13 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-12327, CVE-2019-8936
MD5 | 8df860a16344eea891017b2ab32a71ef
Abine Blur 7.8.24x Authentication Bypass
Posted Mar 19, 2019
Authored by RS Tyler Schroder

The Password Manager Extension in Abine Blur versions 7.8.24x allows attackers to bypass the multi-factor authentication and macOS disk-encryption protection mechanisms, and consequently exfiltrate secured data, because the right-click context menu is not secured. NOTE: this vulnerability exists because of a CVE-2018-7213 regression.

tags | advisory, bypass
advisories | CVE-2018-7213, CVE-2019-6481
MD5 | 3f9130ef2411e972988a7ce52ef65e0b
Ubuntu Security Notice USN-3906-2
Posted Mar 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3906-2 - USN-3906-1 and USN-3864-1 fixed several vulnerabilities in LibTIFF. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-10779, CVE-2018-17101
MD5 | d6332636e5ade7508bf28fbcac3c59cc
Red Hat Security Advisory 2019-0597-01
Posted Mar 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0597-01 - The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. An issue with extra ssh keys being added has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-0816
MD5 | da441056e75d3ece906330c44e187ade
Debian Security Advisory 4408-1
Posted Mar 18, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4408-1 - Multiple security issues were discovered in liveMedia, a set of C++ libraries for multimedia streaming which could result in the execution of arbitrary code or denial of service when parsing a malformed RTSP stream.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2019-6256, CVE-2019-7314, CVE-2019-9215
MD5 | 425b2b589d0ad63f13c2c1d76cedbb9e
Page 1 of 2,796
Back12345Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    14 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    15 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close