what you don't know can hurt you
Showing 1 - 25 of 2,434 RSS Feed

Info Disclosure Files

Citytv Video Unencrypted Analytics
Posted Feb 19, 2020
Authored by David Coomber

The Citytv Video Android and iOS applications send potentially sensitive information such as device model and resolution, mobile carrier, days since first use, days since last use, total number of app launches, number of app launches since upgrade, and previous app session length, unencrypted to third party sites (Adobe Experience Cloud, ScorecardResearch). Citytv Video Android versions 4.08.0 and below and iOS versions 3.36 and below are affected.

tags | advisory, info disclosure
systems | ios
advisories | CVE-2020-8507
MD5 | a4c54d68932b6a368bcb9f373ccb7b24
Global TV Unencrypted Analytics
Posted Feb 19, 2020
Authored by David Coomber

The Global TV Android and iOS applications send potentially sensitive information such as device model and resolution, mobile carrier, days since first use, days since last use, total number of app launches, number of app launches since upgrade, and previous app session length, unencrypted to both first (CNAME to third) and third party sites (Adobe Experience Cloud, ScorecardResearch). Global TV Android versions 2.3.2 and below and iOS versions 4.7.5 and below are affected.

tags | advisory, info disclosure
systems | ios
advisories | CVE-2020-8506
MD5 | 53b85b11c7e2c82b9010d72677aa5e0d
Debian Security Advisory 4628-1
Posted Feb 19, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4628-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names.

tags | advisory, denial of service, php, info disclosure
systems | linux, debian
advisories | CVE-2019-11045, CVE-2019-11046, CVE-2019-11047, CVE-2019-11050, CVE-2020-7059, CVE-2020-7060
MD5 | 01708b9f6807865189e459e77166ada4
SmartClient 120 Information Disclosure / XML Injection / LFI / Code Execution
Posted Feb 19, 2020
Authored by Certimeter Group Red Team

SmartClient version 120 suffers from information disclosure, local file inclusion, remote file upload, and XML external entity injection vulnerabilities.

tags | exploit, remote, local, vulnerability, file inclusion, info disclosure, file upload
MD5 | 57f8471ef038330e69a08ce5bd6f84a5
Debian Security Advisory 4626-1
Posted Feb 18, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4626-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names.

tags | advisory, denial of service, php, info disclosure
systems | linux, debian
advisories | CVE-2019-11045, CVE-2019-11046, CVE-2019-11047, CVE-2019-11049, CVE-2019-11050, CVE-2020-7059, CVE-2020-7060
MD5 | 12b024e434e48cf965722db6369b01c2
Nanometrics Centaur / TitanSMA Unauthenticated Remote Memory Leak
Posted Feb 17, 2020
Authored by byteGoblin | Site zeroscience.mk

An information disclosure vulnerability exists when Centaur and TitanSMA fail to properly protect critical system logs such as 'syslog'. Additionally, the implemented Jetty version (9.4.z-SNAPSHOT) suffers from a memory leak of shared buffers that was (supposedly) patched in Jetty version 9.2.9.v20150224.

tags | exploit, memory leak, info disclosure
MD5 | 92e9f1486147a093937b564e106ffc00
LabVantage 8.3 Information Disclosure
Posted Feb 17, 2020
Authored by Joel Aviad Ossi

LabVantage version 8.3 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
MD5 | ef585a038e1409c4fa25a36eedfd5953
SWAPGS Attack Proof Of Concept
Posted Feb 14, 2020
Authored by Dan Horea, Andrei Vlad

SWAPGS attack proof of concept exploit that demonstrates an information disclosure in the windows kernel.

tags | exploit, kernel, proof of concept, info disclosure
systems | windows
advisories | CVE-2019-1125
MD5 | bc36cf27bccf91e98ad52d648c1882e1
Verodin Director Web Console 3.5.4.0 Password Disclosure
Posted Feb 5, 2020
Authored by Nolan B. Kennedy

Verodin Director Web Console version 3.5.4.0 remote authenticated password disclosure proof of concept exploit.

tags | exploit, remote, web, proof of concept, info disclosure
advisories | CVE-2019-10716
MD5 | b80441f581b37ec759191c45b35f987a
AVideo Platform 8.1 User Enumeration
Posted Feb 5, 2020
Authored by Ihsan Sencan

AVideo Platform version 8.1 suffers from an information disclosure vulnerability that allows for user enumeration.

tags | exploit, info disclosure
MD5 | d62321c216670ae38d7594f28dda9f7a
Jira 8.3.4 Information Disclosure
Posted Feb 2, 2020
Authored by Mufeed VH

Jira version 8.3.4 suffers from a username enumeration information disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2019-8449
MD5 | 3cc6ad6b7584b810553e95e611e2c356
Centreon 19.10.5 Credential Disclosure
Posted Jan 28, 2020
Authored by Fabien Aunay, Omri Baso

Centreon version 19.10.5 suffers from a database credential disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 015b6cc11fc60b7914ed4e83bae7f78e
Realtek SDK Information Disclosure / Code Execution
Posted Jan 24, 2020
Authored by Blazej Adamczyk

Realtek SDK based routers suffer from information disclosure, incorrect access control, insecure password storage, code execution, and incorrectly implemented CAPTCHA vulnerabilities.

tags | exploit, vulnerability, code execution, info disclosure
advisories | CVE-2019-19822, CVE-2019-19823, CVE-2019-19824, CVE-2019-19825
MD5 | 655a4e51c6bf4ef1304ab18aee588265
Debian Security Advisory 4604-1
Posted Jan 19, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4604-1 - Multiple issues have been found in cacti, a server monitoring system, potentially resulting in SQL code execution or information disclosure by authenticated users.

tags | advisory, code execution, info disclosure
systems | linux, debian
advisories | CVE-2019-16723, CVE-2019-17357, CVE-2019-17358
MD5 | 19ed4d84151d8d8d569b2ebabf448f5a
Debian Security Advisory 4603-1
Posted Jan 18, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4603-1 - Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code or information disclosure.

tags | advisory, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026
MD5 | 3d4fe141935108d14d22f1fe02e23aef
Solaris xlock Information Disclosure
Posted Jan 17, 2020
Authored by Marco Ivaldi

A low impact information disclosure vulnerability in the setuid root xlock binary distributed with Solaris may allow local users to read partial contents of sensitive files. Due to the fact that target files must be in a very specific format, exploitation of this flaw to escalate privileges in a realistic scenario is unlikely.

tags | exploit, local, root, info disclosure
systems | solaris
advisories | CVE-2020-2656
MD5 | d43954458731660f576f082539a29af3
ASTPP 4.0.1 Database Disclosure
Posted Jan 10, 2020
Authored by Fabien Aunay

ASTPP version 4.0.1 VoIP billing suffers from a database backup disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 8624082f784690fbd7d31d7ec3b9d239
Cisco DCNM JBoss 10.4 Credential Leakage
Posted Jan 8, 2020
Authored by Harrison Neal

Cisco DCNM JBoss version 10.4 suffers from a credential leakage vulnerability.

tags | exploit, info disclosure
systems | cisco
advisories | CVE-2019-15999
MD5 | f2b2bc3ee27fbddf61de2d091386e2bd
Debian Security Advisory 4596-1
Posted Dec 30, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4596-1 - Several issues were discovered in the Tomcat servlet and JSP engine, which could result in session fixation attacks, information disclosure, cross- site scripting, denial of service via resource exhaustion and insecure redirects.

tags | advisory, denial of service, info disclosure
systems | linux, debian
advisories | CVE-2018-11784, CVE-2018-8014, CVE-2019-0199, CVE-2019-0221, CVE-2019-12418, CVE-2019-17563
MD5 | 09c17e7ab1b3a837f06eaa360ec8f557
MyDomoAtHome (MDAH) REST API Domoticz ISS Gateway 0.2.40 Information Disclosure
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

MyDomoAtHome REST API is affected by an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this, via a specially crafted request to gain access to sensitive information.

tags | exploit, remote, info disclosure
MD5 | a1b1c0aaf9c17fbc3d0e5a3f982a85d5
Control Web Panel 0.9.8.864 phpMyAdmin Password Disclosure
Posted Dec 16, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

Control Web Panel versions 0.9.8.856 through 0.9.8.864 suffer from a phpMyAdmin password disclosure vulnerability.

tags | exploit, web, info disclosure
advisories | CVE-2019-14782, CVE-2019-15235
MD5 | 350c05e4dacfce98d3811879f2066056
Squiz Matrix CMS 5.5.x.x Code Execution / Information Disclosure
Posted Dec 15, 2019
Authored by Stephen Shkardoon

Squiz Matrix CMS suffers from PHP unserialization code execution, information disclosure, and arbitrary file deletion vulnerabilities.

tags | exploit, arbitrary, php, vulnerability, code execution, info disclosure
advisories | CVE-2019-19373, CVE-2019-19374
MD5 | 2a89eaa5d695460978b8a6a34c1d28bb
Symantec Endpoint Protection Information Disclosure / Privilege Escalation
Posted Dec 6, 2019
Authored by Kyriakos Economou | Site labs.nettitude.com

A malicious application can take advantage of a vulnerability in Symantec Endpoint Protection to leak privileged information and/or execute code with higher privileges, thus taking full control over the affected host. Symantec Endpoint Protection versions 14.x below 14.2 (RU1) and 12.x below 12.1 (RU6 MP10) are affected. Symantec Endpoint Protection Small Business Edition versions 12.x below 12.1 (RU6 MP10c) are affected.

tags | advisory, info disclosure
advisories | CVE-2019-12750
MD5 | adaa581b77f7d19cd5f1123812a01cb9
OwnCloud 8.1.8 Username Disclosure
Posted Nov 29, 2019
Authored by Daniel Moreno

OwnCloud version 8.1.8 suffers from a username disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 757c36179daa923d31563d7d6f7b1f5f
WordPress 5.3 Username Enumeration
Posted Nov 28, 2019
Authored by sajjadbnd

WordPress version 5.3 suffers from a username enumeration vulnerability.

tags | exploit, info disclosure
MD5 | b263069a414f9bb50aa1628b813065d1
Page 1 of 98
Back12345Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    11 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close