what you don't know can hurt you
Showing 1 - 25 of 28,210 RSS Feed

Vulnerability Files

Ubuntu Security Notice USN-4252-2
Posted Jan 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4252-2 - USN-4252-1 fixed several vulnerabilities in tcpdump. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Multiple security issues were discovered in tcpdump. A remote attacker could use these issues to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-16808, CVE-2018-14462, CVE-2018-14466, CVE-2018-14470, CVE-2018-14882, CVE-2018-16230, CVE-2018-19519
MD5 | d3212aa18e1bf406166c4bdd340b5096
Realtek SDK Information Disclosure / Code Execution
Posted Jan 24, 2020
Authored by Blazej Adamczyk

Realtek SDK based routers suffer from information disclosure, incorrect access control, insecure password storage, code execution, and incorrectly implemented CAPTCHA vulnerabilities.

tags | exploit, vulnerability, code execution, info disclosure
advisories | CVE-2019-19822, CVE-2019-19823, CVE-2019-19824, CVE-2019-19825
MD5 | 655a4e51c6bf4ef1304ab18aee588265
WebKitGTK+ / WPE WebKit Code Execution
Posted Jan 24, 2020
Authored by WebKitGTK+ Team

WebKitGTK+ and WPE WebKit suffer from multiple memory handling vulnerabilities that can result in arbitrary code execution. Versions affected include WebKitGTK before 2.26.3 and WPE WebKit before 2.26.3.

tags | advisory, arbitrary, vulnerability, code execution
advisories | CVE-2019-8835, CVE-2019-8844, CVE-2019-8846
MD5 | 60afd86448b992032ad38da4997a862c
Ubuntu Security Notice USN-4247-3
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4247-3 - USN-4247-1 fixed several vulnerabilities in python-apt. This update provides the corresponding updates for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. Various other issues were also addressed.

tags | advisory, remote, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2019-15795, CVE-2019-15796
MD5 | 365b223712a9ad320b2c991a605088bb
Umbraco CMS 8.2.2 Cross Site Request Forgery
Posted Jan 23, 2020
Authored by A. Melnikova | Site sec-consult.com

Umbraco CMS version 8.2.2 suffers from cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
advisories | CVE-2020-7210
MD5 | d01b5a5f3c58a2fb42e85e7b0b6cdc7a
Ubuntu Security Notice USN-4247-2
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4247-2 - USN-4247-1 fixed vulnerabilities in python-apt. The updated packages caused a regression when attempting to upgrade to a new Ubuntu release. This update fixes the problem. It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. It was discovered that python-apt could install packages from untrusted repositories, contrary to expectations. Various other issues were also addressed.

tags | advisory, remote, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2019-15795, CVE-2019-15796
MD5 | a668be287b5e157bce5f39c0a1d59049
Red Hat Security Advisory 2020-0204-01
Posted Jan 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0204-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, heap overflow, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-12207, CVE-2018-16884, CVE-2019-0154, CVE-2019-0155, CVE-2019-10126, CVE-2019-11135, CVE-2019-14816, CVE-2019-14821, CVE-2019-14901, CVE-2019-3900, CVE-2019-5489, CVE-2019-9506
MD5 | 8ed65fed136027cab3a33df882cdd686
Red Hat Security Advisory 2020-0199-01
Posted Jan 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0199-01 - OpenSLP is an open source implementation of the Service Location Protocol which is an Internet Engineering Task Force standards track protocol and provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. Issues addressed include buffer overflow and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution, protocol
systems | linux, redhat
advisories | CVE-2019-5544
MD5 | b4794de27a65960e05acce29197a7023
Zed Attack Proxy 2.9.0 Cross Platform Package
Posted Jan 21, 2020
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. This is the cross platform package.

Changes: Various updates.
tags | tool, web, vulnerability
MD5 | cca49caf000734404c697dcceab2c7f2
Red Hat Security Advisory 2020-0174-01
Posted Jan 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0174-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include buffer overflow, bypass, denial of service, heap overflow, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-18559, CVE-2018-3693, CVE-2019-10126, CVE-2019-11487, CVE-2019-14814, CVE-2019-14815, CVE-2019-14816, CVE-2019-17133, CVE-2019-18660, CVE-2019-3846, CVE-2019-8912
MD5 | bbb36ba5cb7b3908d12d4a095ffb5372
Red Hat Security Advisory 2020-0159-01
Posted Jan 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0159-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, java, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2019-10219, CVE-2019-14540, CVE-2019-14885, CVE-2019-14888, CVE-2019-14892, CVE-2019-14893, CVE-2019-16335, CVE-2019-16869, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-17531
MD5 | 4339f27e4c6f11938469bca486e5f813
Red Hat Security Advisory 2020-0164-01
Posted Jan 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0164-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, java, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2019-10219, CVE-2019-14540, CVE-2019-14885, CVE-2019-14888, CVE-2019-14892, CVE-2019-14893, CVE-2019-16335, CVE-2019-16869, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-17531
MD5 | 762bc919b2009c7390fb5bb5cff52847
Red Hat Security Advisory 2020-0161-01
Posted Jan 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0161-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, java, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2019-10219, CVE-2019-14540, CVE-2019-14885, CVE-2019-14888, CVE-2019-14892, CVE-2019-14893, CVE-2019-16335, CVE-2019-16869, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-17531
MD5 | ff0f5c17cc890b2dda17e583dd29415d
Debian Security Advisory 4606-1
Posted Jan 20, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4606-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2019-13725, CVE-2019-13726, CVE-2019-13727, CVE-2019-13728, CVE-2019-13729, CVE-2019-13730, CVE-2019-13732, CVE-2019-13734, CVE-2019-13735, CVE-2019-13736, CVE-2019-13737, CVE-2019-13738, CVE-2019-13739, CVE-2019-13740, CVE-2019-13741, CVE-2019-13742, CVE-2019-13743, CVE-2019-13744, CVE-2019-13745, CVE-2019-13746, CVE-2019-13747, CVE-2019-13748, CVE-2019-13749, CVE-2019-13750, CVE-2019-13751, CVE-2019-13752
MD5 | 76969c621578023f3ac6699c659dc8b6
Maavi Fuzzing Utility
Posted Jan 20, 2020
Authored by Haroon Awan | Site github.com

Maavi is a fuzzing tool that scans for vulnerabilities with obfuscated payloads. Has proxy support, records full history of actions, and has various bells and whistles.

tags | tool, vulnerability, fuzzer
MD5 | 8b50fff96c900e99ba8349cdfd37aab0
Red Hat Security Advisory 2020-0160-01
Posted Jan 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0160-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, java, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2019-10219, CVE-2019-14540, CVE-2019-14885, CVE-2019-14888, CVE-2019-14892, CVE-2019-14893, CVE-2019-16335, CVE-2019-16869, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-17531
MD5 | 08cb6a23bb830ef4335a34d6e337f7d0
Debian Security Advisory 4605-1
Posted Jan 19, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4605-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, incorrect implementation of Kerberos GSSAPI and TGS requests or incorrect TLS handshakes.

tags | advisory, java, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2655
MD5 | e8ac245eaa7296091e19d7c755a2f31e
Ubuntu Security Notice USN-4225-2
Posted Jan 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4225-2 - USN-4225-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 19.10 for Ubuntu 18.04 LTS. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14895, CVE-2019-16231, CVE-2019-18660, CVE-2019-18813, CVE-2019-19045, CVE-2019-19051, CVE-2019-19052, CVE-2019-19055, CVE-2019-19072, CVE-2019-19524, CVE-2019-19529, CVE-2019-19534
MD5 | 2d5ceaa9194d6f63659fa747cf422d27
Red Hat Security Advisory 2020-0134-01
Posted Jan 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0134-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.0.102, .NET Core Runtime 3.0.2, .NET Core SDK 3.1.101 and .NET Core Runtime 3.1.1. Security Fixes: dotnet: Memory Corruption in SignalR. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-0602, CVE-2020-0603
MD5 | 5b3240eb09a8647473342b298589c1b0
Red Hat Security Advisory 2020-0130-01
Posted Jan 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0130-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.0.102 and .NET Core Runtime 3.0.2. Security Fixes: dotnet: Memory Corruption in SignalR. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-0602, CVE-2020-0603
MD5 | f5a0048385d31c994a41184256b88116
Ubuntu Security Notice USN-4237-2
Posted Jan 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4237-2 - USN-4237-1 fixed several vulnerabilities in SpamAssassin. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially-crafted CF file, a remote attacker could possibly run arbitrary code. Various other issues were also addressed.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-11805, CVE-2019-12420
MD5 | 24283c9eeaee6b6e24145d1e9c95c89d
Debian Security Advisory 4602-1
Posted Jan 15, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4602-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, guest-to-host privilege escalation or information leaks.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2018-12207, CVE-2019-11091, CVE-2019-11135, CVE-2019-17340, CVE-2019-17341, CVE-2019-17342, CVE-2019-17343, CVE-2019-17344, CVE-2019-17345, CVE-2019-17346, CVE-2019-17347, CVE-2019-17348, CVE-2019-17349, CVE-2019-17350, CVE-2019-18420, CVE-2019-18421, CVE-2019-18422, CVE-2019-18423, CVE-2019-18424, CVE-2019-18425, CVE-2019-19577, CVE-2019-19578, CVE-2019-19579
MD5 | 8759c914ef760bf6ab8a00be963ebc88
Hospital Management System 4.0 Cross Site Scripting
Posted Jan 13, 2020
Authored by FULLSHADE

Hospital Management System version 4.0 suffers from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2020-5193
MD5 | a80247a72d198f3efd23385234b45367
Android ashmem Read-Only Bypasses
Posted Jan 10, 2020
Authored by Jann Horn, Google Security Research

Android suffers from ashmem read-only bypass vulnerabilities via remap_file_pages() and ASHMEM_UNPIN.

tags | exploit, vulnerability
advisories | CVE-2020-0009
MD5 | 1ce1f492c6697220a1377f632e2b8f79
Debian Security Advisory 4599-1
Posted Jan 8, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4599-1 - Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform various Cross-Side Scripting (XSS) and Cross-Site Request Forgery (CSRF) attacks, create open redirects, poison cache, and bypass authorization access and input sanitation.

tags | advisory, remote, web, vulnerability, csrf
systems | linux, debian
advisories | CVE-2019-16217, CVE-2019-16218, CVE-2019-16219, CVE-2019-16220, CVE-2019-16221, CVE-2019-16222, CVE-2019-16223, CVE-2019-16780, CVE-2019-16781, CVE-2019-17669, CVE-2019-17671, CVE-2019-17672, CVE-2019-17673, CVE-2019-17674, CVE-2019-17675, CVE-2019-20041, CVE-2019-20042, CVE-2019-20043
MD5 | 4cfa3cf73bd5ad4d9281921b1a5f55a1
Page 1 of 1,129
Back12345Next

File Archive:

January 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    8 Files
  • 2
    Jan 2nd
    11 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    2 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    18 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    10 Files
  • 10
    Jan 10th
    13 Files
  • 11
    Jan 11th
    2 Files
  • 12
    Jan 12th
    4 Files
  • 13
    Jan 13th
    21 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    12 Files
  • 16
    Jan 16th
    18 Files
  • 17
    Jan 17th
    11 Files
  • 18
    Jan 18th
    3 Files
  • 19
    Jan 19th
    2 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    21 Files
  • 22
    Jan 22nd
    19 Files
  • 23
    Jan 23rd
    19 Files
  • 24
    Jan 24th
    11 Files
  • 25
    Jan 25th
    1 Files
  • 26
    Jan 26th
    1 Files
  • 27
    Jan 27th
    19 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close