Twenty Year Anniversary
Showing 1 - 25 of 26,935 RSS Feed

Vulnerability Files

Red Hat Security Advisory 2018-2373-01
Posted Aug 10, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2373-01 - The redhat-certification package provides partners with a unified web-based user interface to certify their products for use on Red Hat Infrastructure. It can currently be used in the latest releases of Red Hat Certified Cloud and Service Provider Certification, Red Hat OpenStack Certification and Red Hat Hardware Certification Programs. Issues addressed include writeable and downloadable file vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2018-10864, CVE-2018-10869, CVE-2018-10870
MD5 | 9011f0406b503eef4d0a261e2e5b7cb2
Fwknop Port Knocking Utility 2.6.10
Posted Aug 8, 2018
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Added MAX_FW_TIMEOUT to access.conf stanzas to allow a maximum number of seconds for client-specified timeouts in SPA packets. Bug fix in CMD_EXEC mode to make sure to call exit() upon any error from execvpe(). Various other additions and fixes.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 5b5850ab8684ce0bdf52ef400a83065c
Ubuntu Security Notice USN-3732-2
Posted Aug 7, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3732-2 - USN-3732-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packets. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, tcp, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-5390
MD5 | 802eb3abdd14bdadb5da2e1595870840
WebKitGTK+ / WPE WebKit Code Execution / Denial Of Service
Posted Aug 7, 2018
Authored by WebKitGTK+ Team

WebKitGTK+ and WPE WebKit suffers from buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
advisories | CVE-2018-12911, CVE-2018-4246, CVE-2018-4261, CVE-2018-4262, CVE-2018-4263, CVE-2018-4264, CVE-2018-4265, CVE-2018-4266, CVE-2018-4267, CVE-2018-4270, CVE-2018-4271, CVE-2018-4272, CVE-2018-4273, CVE-2018-4278, CVE-2018-4284
MD5 | 62e067ffa9acced01f46f39957628987
Debian Security Advisory 4266-1
Posted Aug 7, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4266-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2018-13405, CVE-2018-5390
MD5 | fd149235f5f3d7399795b4610222711d
Debian Security Advisory 4262-1
Posted Aug 6, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4262-1 - Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to open redirects, cross-site request forgery, information disclosure, session fixation or denial of service.

tags | advisory, denial of service, php, vulnerability, info disclosure, csrf
systems | linux, debian
advisories | CVE-2016-2403, CVE-2017-1665, CVE-2017-16653, CVE-2017-16654, CVE-2017-16790, CVE-2018-11385, CVE-2018-11386, CVE-2018-11406
MD5 | 9d90561cb123024abe81fc4647a6aff3
Rufus 3.0 / 3.1 Privilege Escalation
Posted Aug 6, 2018
Authored by Stefan Kanthak

Rufus versions 3.0 and 3.1 suffers from dll hijacking vulnerabilities.

tags | exploit, vulnerability
MD5 | 126457333255fc195b632df825af6a15
Red Hat Security Advisory 2018-2308-01
Posted Aug 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2308-01 - OpenSLP is an open source implementation of the Service Location Protocol which is an Internet Engineering Task Force standards track protocol and provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, protocol
systems | linux, redhat
advisories | CVE-2017-17833
MD5 | f935c99bbae2bc1e980eeb092cce4228
Debian Security Advisory 4260-1
Posted Aug 3, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4260-1 - Several vulnerabilities were discovered in libsmpack, a library used to handle Microsoft compression formats. A remote attacker could craft malicious CAB, CHM or KWAJ files and use these flaws to cause a denial of service via application crash, or potentially execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-14679, CVE-2018-14680, CVE-2018-14681, CVE-2018-14682
MD5 | d755de94a97a35ef3445c6980f25e25c
PHP Template Store Script 3.0.6 Cross Site Scripting
Posted Aug 3, 2018
Authored by Sarafraz Khan

PHP Template Store Script version 3.0.6 suffers from persistent cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss
advisories | CVE-2018-14869
MD5 | 955dd57ab80d69477021cb73445e4ecf
Ubuntu Security Notice USN-3728-3
Posted Aug 2, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3728-3 - USN-3728-2 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM. Hanno Boeck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-14679, CVE-2018-14681, CVE-2018-14682
MD5 | 342c999b06779c9933a6f72b37765ff3
Ubuntu Security Notice USN-3728-2
Posted Aug 2, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3728-2 - USN-3728-1 fixed several vulnerabilities in libmspack. In Ubuntu 14.04 libmspack is included into ClamAV. This update provides the corresponding update for Ubuntu 14.04 LTS. Hanno Boeck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-14679, CVE-2018-14681, CVE-2018-14682
MD5 | 8410ac792923025c01d404223fbb1a5b
VMWare Player 12.5.9 Privilege Escalation / Denial Of Service
Posted Aug 2, 2018
Authored by Stefan Kanthak

VMWare Player version 12.5.9 suffers from denial of service and privilege escalation vulnerabilities.

tags | exploit, denial of service, vulnerability
systems | windows
MD5 | 7c7fe612150cceaf8be1320706d1c05c
Debian Security Advisory 4259-1
Posted Aug 1, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4259-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may result in incorrect processing of HTTP/FTP, directory traversal, command injection, unintended socket creation or information disclosure.

tags | advisory, web, vulnerability, info disclosure, ruby
systems | linux, debian
advisories | CVE-2017-17405, CVE-2017-17742, CVE-2017-17790, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780
MD5 | a76e5483b8c8bfad98c37d0bb78f7568
MicroFocus Secure Messaging Gateway Remote Code Execution
Posted Jul 31, 2018
Authored by Mehmet Ince | Site metasploit.com

This Metasploit module exploits a SQL injection and command injection vulnerability in MicroFocus Secure Messaging Gateway. An unauthenticated user can execute a terminal command under the context of the web user. One of the user supplied parameters of API endpoint is used by the application without input validation and/or parameter binding, which leads to SQL injection vulnerability. Successfully exploiting this vulnerability gives a ability to add new user onto system. manage_domains_dkim_keygen_request.php endpoint is responsible for executing an operation system command. It's not possible to access this endpoint without having a valid session. Combining these vulnerabilities gives the opportunity execute operation system commands under the context of the web user.

tags | exploit, web, php, vulnerability, sql injection
advisories | CVE-2018-12464, CVE-2018-12465
MD5 | e1ed8b7a67ea6ddd018934d8c751a6d1
Ubuntu Security Notice USN-3725-2
Posted Jul 31, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3725-2 - USN-3725-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 12.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.61 in Ubuntu 12.04 ESM. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-2767, CVE-2018-3070
MD5 | 6ddecd1b2fc9707ddd532c901cf90170
Microsoft Wireless Display Adapter 2 Command Injection / Broken Access Control
Posted Jul 30, 2018
Authored by Tobias Glemser, Simon Winter | Site secuvera.de

Microsoft Wireless Display Adapter versions 2.0.8350 to 2.0.8372 suffer from command injection, broken access control, and evil twin attack vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2018-8306
MD5 | 79b0670ec3acfc2b6e1824b11bd94e05
Red Hat Security Advisory 2018-2282-01
Posted Jul 30, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2282-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 68.0.3440.75. Issues addressed include buffer overflow, bypass, and information leakage vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-4117, CVE-2018-6044, CVE-2018-6150, CVE-2018-6151, CVE-2018-6152, CVE-2018-6153, CVE-2018-6154, CVE-2018-6155, CVE-2018-6156, CVE-2018-6157, CVE-2018-6158, CVE-2018-6159, CVE-2018-6161, CVE-2018-6162, CVE-2018-6163, CVE-2018-6164, CVE-2018-6165, CVE-2018-6166, CVE-2018-6167, CVE-2018-6168, CVE-2018-6169, CVE-2018-6170, CVE-2018-6171, CVE-2018-6172, CVE-2018-6173, CVE-2018-6174, CVE-2018-6175, CVE-2018-6176
MD5 | ebe959506bce23a345eeeda9a2fcda81
Debian Security Advisory 4258-1
Posted Jul 30, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4258-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-14395
MD5 | b29735aa0ee881fa568c841333c8a3cd
Gentoo Linux Security Advisory 201807-03
Posted Jul 30, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201807-3 - Multiple vulnerabilities have been found in ZNC, the worst of which could result in privilege escalation. Versions less than 1.7.1-rc1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2018-14055, CVE-2018-14056
MD5 | 875bd82bb9479cd1df1a399538cc11bb
Debian Security Advisory 4256-1
Posted Jul 27, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4256-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2018-4117, CVE-2018-6044, CVE-2018-6150, CVE-2018-6151, CVE-2018-6152, CVE-2018-6153, CVE-2018-6154, CVE-2018-6155, CVE-2018-6156, CVE-2018-6157, CVE-2018-6158, CVE-2018-6159, CVE-2018-6161, CVE-2018-6162, CVE-2018-6163, CVE-2018-6164, CVE-2018-6165, CVE-2018-6166, CVE-2018-6167, CVE-2018-6168, CVE-2018-6169, CVE-2018-6170, CVE-2018-6171, CVE-2018-6172, CVE-2018-6173, CVE-2018-6174, CVE-2018-6175, CVE-2018-6176
MD5 | 5bb620c32bfc3016ca0649d9d9d6d40b
Super CMS Blog Pro PHP Script 1.0 SQL Injection / Shell Upload
Posted Jul 27, 2018
Authored by ShanoWeb

Super CMS Blog Pro PHP Script version 1.0 suffers from shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, php, vulnerability, sql injection
MD5 | 4d4af76da07a9471a1cd3679240ce824
Red Hat Security Advisory 2018-2251-01
Posted Jul 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2251-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.9.1. Issues addressed include buffer overflow, cross site request forgery, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2018-12359, CVE-2018-12360, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-12372, CVE-2018-12373, CVE-2018-12374, CVE-2018-5188
MD5 | 95ed1e22119659b36b9dc528e4b17547
Red Hat Security Advisory 2018-2252-01
Posted Jul 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2252-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.9.1. Issues addressed include buffer overflow, cross site request forgery, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2018-12359, CVE-2018-12360, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-12372, CVE-2018-12373, CVE-2018-12374, CVE-2018-5188
MD5 | a3fd8fb4c593fb30023245e31a67281f
Ubuntu Security Notice USN-3722-3
Posted Jul 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3722-3 - USN-3722-1 fixed vulnerabilities in ClamAV. The updated ClamAV version removed some configuration options which caused the daemon to fail to start in environments where the ClamAV configuration file was manually edited. This update fixes the problem. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-0360, CVE-2018-0361
MD5 | 7272d25ace6b15017b495dcdc09f7b09
Page 1 of 1,078
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

August 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    19 Files
  • 2
    Aug 2nd
    17 Files
  • 3
    Aug 3rd
    16 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    1 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    9 Files
  • 9
    Aug 9th
    7 Files
  • 10
    Aug 10th
    10 Files
  • 11
    Aug 11th
    1 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    14 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close