what you don't know can hurt you
Showing 1 - 25 of 27,452 RSS Feed

Vulnerability Files

Red Hat Security Advisory 2019-0374-01
Posted Feb 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0374-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.5.1 ESR. Issues addressed include integer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18356, CVE-2019-5785
MD5 | db823f1f9ba67018af64f3fbc3ef4353
Red Hat Security Advisory 2019-0366-01
Posted Feb 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0366-01 - This release adds the new Apache HTTP Server 2.4.29 Service Pack 1 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.29, and includes bug fixes and enhancements. Issues addressed include bypass, denial of service, null pointer, out of bounds write, traversal, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2017-10140, CVE-2017-15710, CVE-2017-15715, CVE-2018-0739, CVE-2018-1000168, CVE-2018-11759, CVE-2018-11763, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-1333
MD5 | 677751d5be68a0a89b505b85b6621cfd
Quest NetVault Backup Server Code Execution / SQL Injection
Posted Feb 22, 2019
Authored by rgod, Chris Anastasio

Quest NetVault Backup Server versions prior to 11.4.5 suffer from process manager service SQL injection and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, sql injection
advisories | CVE-2017-17417
MD5 | 4f000d15da674df9aa20ea5e062d99c2
Ubuntu Security Notice USN-3866-2
Posted Feb 21, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3866-2 - USN-3866-1 fixed vulnerabilities in Ghostscript. The new Ghostscript version introduced a regression when printing certain page sizes. This update fixes the problem. Tavis Ormandy discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
MD5 | 77dd6ff7d1ee5ef8a4e5f5a8cfca6724
WordPress Village 5.0 CSRF / Backdoor / SQL Injection
Posted Feb 21, 2019
Authored by KingSkrupellos

WordPress Village theme version 5.0 suffers from cross site request forgery, backdoor access, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
MD5 | 61b6dad4e62244a4d5b8f34bc2aebc83
Joomla AdsManager 3.2.0 CSRF / Database Disclosure / SQL Injection
Posted Feb 21, 2019
Authored by KingSkrupellos

Joomla AdsManager component version 3.2.0 suffers from cross site request forgery, database disclosure, remote file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, code execution, sql injection, file inclusion, csrf
MD5 | 5564752e65defdfd7b0020bd14875166
Micro Focus Filr 3.4.0.217 Path Traversal / Privilege Escalation
Posted Feb 20, 2019
Authored by Leandro Cuozzo, Matias Choren | Site secureauth.com

Micro Focus Filr version 3.4.0.217 suffers from privilege escalation and path traversal vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2019-3474, CVE-2019-3475
MD5 | 0f5f5a0a0c1393716974e1621adf95ad
Teracue ENC-400 Command Injection / Missing Authentication
Posted Feb 20, 2019
Authored by Stephen Shkardoon

Teracue ENC-400 suffers from hard-coded credential, missing authentication, and command injection vulnerabilities.

tags | exploit, vulnerability, bypass
advisories | CVE-2018-20219, CVE-2018-20220
MD5 | 95463864b7547c7635d21323e2319460
Kanboard 1.2.7 Code Execution / Cross Site Request Forgery
Posted Feb 20, 2019
Authored by Will Boucher | Site pulsesecurity.co.nz

Kanboard version 1.2.7 contains multiple vulnerabilities. The vulnerabilities include CSV account import cross site request forgery which allows an unauthenticated attacker to create a new administrative user. Cross site request forgery 2FA deactivation, allowing an unauthenticated attacker to disable an account's 2FA configuration. A lack of integrity checking or transport layer encryption enforced on plugins enables remote code execution by a malicious admin. Other vulnerabilities include: session privilege retention, 2FA bypass, database user_id and pre-2FA information disclosure.

tags | exploit, remote, vulnerability, code execution, info disclosure, csrf
MD5 | df69e7e6f136931b8bc524474d232e12
Debian Security Advisory 4396-1
Posted Feb 20, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4396-1 - Several vulnerabilities have been found in Ansible, a configuration management, deployment, and task execution system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2018-10855, CVE-2018-10875, CVE-2018-16837, CVE-2018-16876, CVE-2019-3828
MD5 | e731970af38b8a949348da84d1ee14ec
Red Hat Security Advisory 2019-0373-01
Posted Feb 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0373-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.5.1 ESR. Issues addressed include integer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18356, CVE-2019-5785
MD5 | aba5ff454a0a9d1052dd0d696c042c09
WordPress WooCommerce GloBee Payment Gateway 1.1.1 Bypass / Spoofing
Posted Feb 19, 2019
Authored by GeekHack

WordPress WooCommerce plugin with GloBee cryptocurrency payment gateway versions 1.1.1 and below suffer from payment bypass and unauthorized order status spoofing vulnerabilities.

tags | exploit, spoof, vulnerability, bypass
advisories | CVE-2018-20782
MD5 | a070536b50a013c2522b2ed38c52cccc
Typo3 CMS Realty Manager tx_realty_pi1 2.0.0 Database Disclosure / SQL Injection
Posted Feb 19, 2019
Authored by KingSkrupellos

Typo3 CMS Realty Manager tx_realty_pi1 version 2.0.0 suffers from database disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
MD5 | 5d7dec2aefebceae6a65631a827f8e8b
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 Traversal / XSS
Posted Feb 19, 2019
Authored by Rafael Pedrero

Zoho ManageEngine Netflow Analyzer Professional version 7.0.0.2 suffers from cross site scripting and path traversal vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-8925, CVE-2019-8926, CVE-2019-8927, CVE-2019-8928, CVE-2019-8929
MD5 | 724d1de0fd6158c59223ef6f56da9819
XAMPP 5.6.8 Cross Site Scripting / SQL Injection
Posted Feb 19, 2019
Authored by Rafael Pedrero

XAMPP version 5.6.8 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2019-8923, CVE-2019-8924
MD5 | d3b4abd8b214a98581afd33afc0e6e00
Typo3 Calendar Base tx_pxkalender_pi1 2.0.0 Database Disclosure / SQL Injection
Posted Feb 19, 2019
Authored by KingSkrupellos

Typo3 Calendar Base tx_pxkalender_pi1 version 2.0.0 suffers from database disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 808d418ea3800957d61bb00160dd00e9
Joomla JWallPapers 2.0.1 Cross Site Request Forgery / Shell Upload
Posted Feb 19, 2019
Authored by KingSkrupellos

Joomla JWallPapers component version 2.0.1 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
MD5 | 9aab6fcc8810d60727be6c9cea7da1d0
eDirectory SQL Injection / File Disclosure
Posted Feb 19, 2019
Authored by Efren Diaz

eDirectory suffers from file disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
MD5 | 547830901be6ad48fca825663b4859f0
Ask Expert Script 3.0.5 Cross Site Scripting / SQL Injection
Posted Feb 19, 2019
Authored by Mr Winst0n

Ask Expert Script version 3.0.5 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | bdf465097feefbb3eb5ca2c3ba334370
Debian Security Advisory 4395-1
Posted Feb 19, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4395-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2018-17481, CVE-2019-5754, CVE-2019-5755, CVE-2019-5756, CVE-2019-5757, CVE-2019-5758, CVE-2019-5759, CVE-2019-5760, CVE-2019-5762, CVE-2019-5763, CVE-2019-5764, CVE-2019-5765, CVE-2019-5766, CVE-2019-5767, CVE-2019-5768, CVE-2019-5769, CVE-2019-5770, CVE-2019-5772, CVE-2019-5773, CVE-2019-5774, CVE-2019-5775, CVE-2019-5776, CVE-2019-5777, CVE-2019-5778, CVE-2019-5779, CVE-2019-5780, CVE-2019-5781, CVE-2019-5782
MD5 | 0061c54a4714f406f941325fe4f93029
Red Hat Security Advisory 2019-0367-01
Posted Feb 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0367-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.29 Service Pack 1 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.29, and includes bug fixes for CVEs which are linked to in the References section. Issues addressed include bypass, denial of service, null pointer, out of bounds write, traversal, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2017-15710, CVE-2017-15715, CVE-2018-0739, CVE-2018-1000168, CVE-2018-11759, CVE-2018-11763, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-1333
MD5 | 5914e90114ef4f2c7081a8afaed30780
Ubuntu Security Notice USN-3850-2
Posted Feb 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3850-2 - USN-3850-1 fixed several vulnerabilities in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM. Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. Various other issues were also addressed.

tags | advisory, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-0495, CVE-2018-12384, CVE-2018-12404
MD5 | 550bd66bfce61ba6685d7549da716d49
Red Hat Security Advisory 2019-0361-01
Posted Feb 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0361-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. Issues addressed include stack overflow vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-16864, CVE-2018-16865
MD5 | 523f26d20691fc01d67553236bb8e3eb
HTMLy 2.7.4 Cross Site Scripting
Posted Feb 18, 2019
Authored by Omar Kurt | Site netsparker.com

HTMLy version 2.7.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-8349
MD5 | 9c2fae1f1a3125e338c33a0c3d901126
Comodo Dome Firewall 2.7.0 Cross Site Scripting
Posted Feb 18, 2019
Authored by Ozer Goker

Comodo Dome Firewall version 2.7.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 5e7745733f4787cab9bbbc7c018c2c42
Page 1 of 1,099
Back12345Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    2 Files
  • 18
    Feb 18th
    27 Files
  • 19
    Feb 19th
    32 Files
  • 20
    Feb 20th
    15 Files
  • 21
    Feb 21st
    17 Files
  • 22
    Feb 22nd
    12 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close