what you don't know can hurt you
Showing 1 - 25 of 28,267 RSS Feed

Vulnerability Files

Red Hat Security Advisory 2020-0591-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0591-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, ruby
systems | linux, redhat
advisories | CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-8777, CVE-2018-8780
MD5 | 1466db90fcaec7836bac3cd15b7cb8d7
Red Hat Security Advisory 2020-0592-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0592-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-20976, CVE-2019-11085, CVE-2019-14895, CVE-2019-17133
MD5 | 41062dc0a72a79f27648eeff44f918eb
Red Hat Security Advisory 2020-0593-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0593-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. State injection and out-of-bounds read vulnerabilities have been addressed.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2018-15686, CVE-2018-16866
MD5 | 54aae99d7f22b77d94b98d37db970849
Red Hat Security Advisory 2020-0594-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0594-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include denial of service, null pointer, and out of bounds write vulnerabilities.

tags | advisory, web, denial of service, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2018-1000007, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000301
MD5 | df8981f3d1666f0e1fac725df6f6dcf9
Debian Security Advisory 4633-1
Posted Feb 25, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4633-1 - Multiple vulnerabilities were discovered in cURL, an URL transfer library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2019-5436, CVE-2019-5481, CVE-2019-5482
MD5 | 7f606fba91b7dc47bb50af7affaf96b9
Wapiti Web Application Vulnerability Scanner 3.0.3
Posted Feb 24, 2020
Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: Work was performed to reduce false positives in XSS detections.
tags | tool, web, scanner, vulnerability
systems | unix
MD5 | 39673c6f9593119051077731df2fa2da
The Network Protocol Cheatsheet
Posted Feb 24, 2020
Authored by Riddhi Suryavanshi

This document is intended for students and security professionals as a quick reference for networking protocols. It covers 50 protocols classified according to the OSI Layer they operate on. The corresponding RFC has been provided to further check for parameters / commands of a particular protocol. From a security perspective, the corresponding attacks / vulnerabilities are also included in this cheatsheet.

tags | paper, vulnerability, protocol
MD5 | 5283f87c171d89b2a5c9d8ddec708942
Open-Xchange App Suite / Documents Server-Side Request Forgery
Posted Feb 21, 2020
Authored by Martin Heiland

Open-Xchange App Suite and Documents versions 7.10.2 and below suffer from multiple server-side request forgery vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2019-18846, CVE-2019-9853
MD5 | 43acfce60891d606ddbc7bb9726ef5ad
Red Hat Security Advisory 2020-0565-01
Posted Feb 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0565-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.5.0. Memory safety issues and various other vulnerabilities have been addressed.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6798, CVE-2020-6800
MD5 | 879ed163ae72f560b6ff5130cff4c68f
Ubuntu Security Notice USN-4279-2
Posted Feb 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4279-2 - USN-4279-1 fixed vulnerabilities in PHP. The updated packages caused a regression. This update fixes the problem. It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-9253, CVE-2020-7059, CVE-2020-7060
MD5 | 7832c919bd2f89e68f7d1e97d3e21a3c
Ubuntu Security Notice USN-4286-2
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4286-2 - USN-4286-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15217, CVE-2019-15220, CVE-2019-15221, CVE-2019-17351, CVE-2019-19051, CVE-2019-19056, CVE-2019-19066, CVE-2019-19068, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108
MD5 | aff5d99660a6cf45c6cd9363ec293dc7
Ubuntu Security Notice USN-4287-2
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4287-2 - USN-4287-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15099, CVE-2019-15291, CVE-2019-16229, CVE-2019-16232, CVE-2019-18683, CVE-2019-18786, CVE-2019-18809, CVE-2019-18885, CVE-2019-19057, CVE-2019-19062, CVE-2019-19063, CVE-2019-19071, CVE-2019-19078, CVE-2019-19082, CVE-2019-19227, CVE-2019-19332, CVE-2019-19767, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108, CVE-2020-7053
MD5 | e0a917b1318a227cbe7dcda44cca0d1a
SmartClient 120 Information Disclosure / XML Injection / LFI / Code Execution
Posted Feb 19, 2020
Authored by Certimeter Group Red Team

SmartClient version 120 suffers from information disclosure, local file inclusion, remote file upload, and XML external entity injection vulnerabilities.

tags | exploit, remote, local, vulnerability, file inclusion, info disclosure, file upload
MD5 | 57f8471ef038330e69a08ce5bd6f84a5
Red Hat Security Advisory 2020-0543-01
Posted Feb 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0543-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-20856, CVE-2018-20976, CVE-2019-11085, CVE-2019-11599, CVE-2019-14895, CVE-2019-17133, CVE-2019-17666
MD5 | 891d7f413bcda9c61a938542509339f3
Red Hat Security Advisory 2020-0544-01
Posted Feb 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0544-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include denial of service, null pointer, and out of bounds write vulnerabilities.

tags | advisory, web, denial of service, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2018-1000007, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000301
MD5 | 6e5f2809f97c01e413f0335f27349e23
Red Hat Security Advisory 2020-0542-01
Posted Feb 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0542-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, ruby
systems | linux, redhat
advisories | CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-8777, CVE-2018-8780
MD5 | 36ca79a9c0aa092c71d1c1e109fc609f
Debian Security Advisory 4627-1
Posted Feb 18, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4627-1 - Cross site scripting, denial of service, and various other vulnerabilities have been discovered in the webkit2gtk web engine.

tags | advisory, web, denial of service, vulnerability, xss
systems | linux, debian
advisories | CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868
MD5 | f3947b1b2cfd794fb8ffa2fd07974cd5
Debian Security Advisory 4624-1
Posted Feb 17, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4624-1 - Several vulnerabilities were discovered in evince, a simple multi-page document viewer.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2017-1000159, CVE-2019-1010006, CVE-2019-11459
MD5 | d759d57aa46efab3f4b2a0d5b68fb07e
Red Hat Security Advisory 2020-0514-01
Posted Feb 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0514-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.87. Issues addressed include information leakage, null pointer, and out of bounds write vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2019-18197, CVE-2019-19880, CVE-2019-19923, CVE-2019-19925, CVE-2019-19926, CVE-2020-6381, CVE-2020-6382, CVE-2020-6385, CVE-2020-6387, CVE-2020-6388, CVE-2020-6389, CVE-2020-6390, CVE-2020-6391, CVE-2020-6392, CVE-2020-6393, CVE-2020-6394, CVE-2020-6395, CVE-2020-6396, CVE-2020-6397, CVE-2020-6398, CVE-2020-6399, CVE-2020-6400, CVE-2020-6401, CVE-2020-6402, CVE-2020-6403, CVE-2020-6404, CVE-2020-6405, CVE-2020-6406
MD5 | 674d9ff97b1fed31431ddce21fa5117e
Debian Security Advisory 4621-1
Posted Feb 17, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4621-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, incorrect implementation of Kerberos GSSAPI and TGS requests or incorrect TLS handshakes.

tags | advisory, java, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2659
MD5 | d8f6fe82a3da5926a5bf6c7c66327ba9
WebKitGTK+ / WPE WebKit DoS / Logic Issue / Code Execution
Posted Feb 17, 2020
Authored by WebKitGTK+ Team

WebKitGTK+ and WPE WebKit suffer from denial of service, logic, and code execution vulnerabilities. Versions affected include WebKitGTK before 2.26.4 and WPE WebKit before 2.26.4.

tags | advisory, denial of service, vulnerability, code execution
advisories | CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868
MD5 | 63296e037dbca3224fc4f826a24e45da
SOPlanning 1.45 SQL Injection
Posted Feb 15, 2020
Authored by J3rryBl4nks

SOPlanning version 1.45 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | ec84825ba294188a751657c615e0f774
CA Unified Infrastructure Management Command Execution
Posted Feb 14, 2020
Authored by Ken Williams, wetw0rk | Site www3.ca.com

CA Technologies, A Broadcom Company, is alerting customers to three vulnerabilities in CA Unified Infrastructure Management (Nimsoft / UIM). Multiple vulnerabilities exist that can allow an unauthenticated remote attacker to execute arbitrary code or commands, read from or write to systems, or conduct denial of service attacks. CA published solutions to address these vulnerabilities and recommends that all affected customers implement these solutions. The first vulnerability, CVE-2020-8010, occurs due to improper ACL handling. A remote attacker can execute commands, read from, or write to the target system. The second vulnerability, CVE-2020-8011, occurs due to a null pointer dereference. A remote attacker can crash the Controller service. The third vulnerability, CVE-2020-8012, occurs due to a buffer overflow vulnerability in the Controller service. A remote attacker can execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
advisories | CVE-2020-8010, CVE-2020-8011, CVE-2020-8012
MD5 | b836a3683ff08a889e3a66d3ea648cdf
Red Hat Security Advisory 2020-0498-01
Posted Feb 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0498-01 - The org.ovirt.engine-root is a core component of oVirt. Issues addressed include cross site scripting and null pointer vulnerabilities.

tags | advisory, root, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-19336
MD5 | be6712bb6e1b0b6fbcc03ea514fe6279
XPC Memory Disclosure / Corruption
Posted Feb 13, 2020
Authored by Google Security Research, ianbeer

XPC fast path fails to ensure NULL termination of XPC strings, leading to memory disclosure and corruption vulnerabilities in XPC services.

tags | exploit, vulnerability
advisories | CVE-2020-3856
MD5 | 0f1657d7f62dc322829fee09424c0e5c
Page 1 of 1,131
Back12345Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    37 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close