what you don't know can hurt you
Showing 26 - 50 of 13,988 RSS Feed

Arbitrary Files

Ubuntu Security Notice USN-4261-1
Posted Jan 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4261-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2019-8835
MD5 | 016f695463157c80fd637ddc1347439f
OpenBSD OpenSMTPD Privilege Escalation / Code Execution
Posted Jan 29, 2020
Authored by Qualys Security Advisory

Qualys discovered a vulnerability in OpenSMTPD, OpenBSD's mail server. This vulnerability is exploitable since May 2018 (commit a8e222352f, "switch smtpd to new grammar") and allows an attacker to execute arbitrary shell commands, as root.

tags | exploit, arbitrary, shell, root
systems | openbsd
advisories | CVE-2020-7247
MD5 | a167abd4844564a180e18a022a305764
Ubuntu Security Notice USN-4256-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4256-1 - It was discovered that Cyrus SASL incorrectly handled certain LDAP packets. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-19906
MD5 | da2ac3b5c57fadeeb1b734bcfafb3e3c
Ubuntu Security Notice USN-4255-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4255-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that a race condition can lead to a use-after-free while destroying GEM contexts in the i915 driver for the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2020-7053
MD5 | 8355331a9fdcb46e17fbb4c2ba7a86a6
Ubuntu Security Notice USN-4252-2
Posted Jan 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4252-2 - USN-4252-1 fixed several vulnerabilities in tcpdump. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Multiple security issues were discovered in tcpdump. A remote attacker could use these issues to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-16808, CVE-2018-14462, CVE-2018-14466, CVE-2018-14470, CVE-2018-14882, CVE-2018-16230, CVE-2018-19519
MD5 | d3212aa18e1bf406166c4bdd340b5096
Ubuntu Security Notice USN-4252-1
Posted Jan 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4252-1 - Multiple security issues were discovered in tcpdump. A remote attacker could use these issues to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-16808, CVE-2018-14462, CVE-2018-14466, CVE-2018-14470, CVE-2018-14882, CVE-2018-16230, CVE-2018-19519
MD5 | e3de9f6ac9cf4c263cae32925ace5430
WebKitGTK+ / WPE WebKit Code Execution
Posted Jan 24, 2020
Authored by WebKitGTK+ Team

WebKitGTK+ and WPE WebKit suffer from multiple memory handling vulnerabilities that can result in arbitrary code execution. Versions affected include WebKitGTK before 2.26.3 and WPE WebKit before 2.26.3.

tags | advisory, arbitrary, vulnerability, code execution
advisories | CVE-2019-8835, CVE-2019-8844, CVE-2019-8846
MD5 | 60afd86448b992032ad38da4997a862c
Ubuntu Security Notice USN-4249-1
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4249-1 - It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-5188
MD5 | 67193cdbe5e371aaa205df5eced9af67
Ubuntu Security Notice USN-4246-1
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4246-1 - It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that zlib incorrectly handled vectors involving left shifts of negative integers. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843
MD5 | cabd1479de5aab731a0faa7bd655105f
Red Hat Security Advisory 2020-0194-01
Posted Jan 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0194-01 - The Apache Commons BeanUtils library provides utility methods for accessing and modifying properties of arbitrary JavaBeans.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2019-10086
MD5 | 6481eeef92376f87c8fafe3805f88157
Ubuntu Security Notice USN-4245-1
Posted Jan 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4245-1 - It was discovered that PySAML2 incorrectly handled certain SAML files. An attacker could possibly use this issue to bypass signature verification with arbitrary data.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-5390
MD5 | 930e89bc3b6e8746a3917ed4d9a3ead0
Ubuntu Security Notice USN-4243-1
Posted Jan 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4243-1 - It was discovered that libbsd incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM. It was discovered that libbsd incorrectly handled certain strings. An attacker could possibly use this issue to access sensitive information.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-2090, CVE-2019-20367
MD5 | 66ca5d86b1d1fedeb88a40a3371f9f80
Ubuntu Security Notice USN-4242-1
Posted Jan 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4242-1 - It was discovered that Sysstat incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 19.04 and Ubuntu 19.10. It was discovered that Sysstat incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-16167, CVE-2019-19725
MD5 | fb139dcc049601b2e63b80b43e677bca
Debian Security Advisory 4603-1
Posted Jan 18, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4603-1 - Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code or information disclosure.

tags | advisory, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026
MD5 | 3d4fe141935108d14d22f1fe02e23aef
Ubuntu Security Notice USN-4225-2
Posted Jan 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4225-2 - USN-4225-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 19.10 for Ubuntu 18.04 LTS. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14895, CVE-2019-16231, CVE-2019-18660, CVE-2019-18813, CVE-2019-19045, CVE-2019-19051, CVE-2019-19052, CVE-2019-19055, CVE-2019-19072, CVE-2019-19524, CVE-2019-19529, CVE-2019-19534
MD5 | 2d5ceaa9194d6f63659fa747cf422d27
Trend Micro Security 2019 Security Bypass Protected Service Tampering
Posted Jan 17, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Trend Micro Maximum Security is vulnerable to arbitrary code execution as it allows for creation of registry key to target a process running as SYSTEM. This can allow a malware to gain elevated privileges to take over and shutdown services that require SYSTEM privileges like Trend Micros "Asmp" service "coreServiceShell.exe" which does not allow Administrators to tamper with them. This could allow an attacker or malware to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. Note administrator privileges are required to exploit this vulnerability.

tags | exploit, arbitrary, registry, code execution
advisories | CVE-2019-19697
MD5 | 8141cd4c6867deb8b0509555a9e089df
Ubuntu Security Notice USN-4241-1
Posted Jan 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4241-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting attacks, or execute arbitrary code. It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2019-11745, CVE-2019-17011, CVE-2019-17012, CVE-2019-17016, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026
MD5 | 3610655eb691555973e60450f99803ce
Online Book Store 1.0 Arbitrary File Upload
Posted Jan 16, 2020
Authored by Or4nG.M4N

Online Book Store version 1.0 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
MD5 | c3242a78aae097bf85be645f4e3403ec
Ubuntu Security Notice USN-4237-2
Posted Jan 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4237-2 - USN-4237-1 fixed several vulnerabilities in SpamAssassin. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially-crafted CF file, a remote attacker could possibly run arbitrary code. Various other issues were also addressed.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-11805, CVE-2019-12420
MD5 | 24283c9eeaee6b6e24145d1e9c95c89d
Citrix ADC (NetScaler) Directory Traversal / Remote Code Execution
Posted Jan 14, 2020
Authored by Ramella Sebastien, Project Zero India | Site metasploit.com

This Metasploit module exploits a directory traversal in Citrix Application Delivery Controller (ADC), aka NetScaler, and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0, to execute an arbitrary command payload.

tags | exploit, arbitrary
advisories | CVE-2019-19781
MD5 | 4ddb7070438e963bf4a9bf8ddfe94f31
Ubuntu Security Notice USN-4237-1
Posted Jan 13, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4237-1 - It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially-crafted CF file, a remote attacker could possibly run arbitrary code. It was discovered that SpamAssassin incorrectly handled certain messages. A remote attacker could possibly use this issue to cause SpamAssassin to consume resources, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-11805, CVE-2019-12420
MD5 | 1b87df95a40747a665d19b9114b4397a
Ubuntu Security Notice USN-4047-2
Posted Jan 13, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4047-2 - USN-4047-1 fixed a vulnerability in libvirt. This update provides the corresponding update for Ubuntu 14.04 ESM. Matthias Gerstner and J

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-10161
MD5 | 5c0cf3b857919078bd5bd13419eb3f7d
Ubuntu Security Notice USN-4234-1
Posted Jan 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4234-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass Content Security Policy restrictions, conduct cross-site scripting attacks, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2019-17016, CVE-2019-17023
MD5 | 1a51e76c4ef522241e5832bf35b5dcac
Launcher Execution Mitigation Patch
Posted Jan 10, 2020
Authored by Enrico Weigelt

This patch mitigates allowing launcher the ability to execute arbitrary programs.

tags | arbitrary, patch
systems | unix
MD5 | d0e094be8a12f022f64cbd5e9ac858ac
Debian Security Advisory 4600-1
Posted Jan 9, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4600-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, data exfiltration or cross-site scripting.

tags | advisory, web, arbitrary, xss
systems | linux, debian
advisories | CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026
MD5 | 5c389eae58b71f0e5752b71079631732
Page 2 of 560
Back12345Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    2 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    16 Files
  • 13
    Feb 13th
    19 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    20 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close