what you don't know can hurt you
Showing 1 - 25 of 28,867 RSS Feed

Vulnerability Files

Apple Security Advisory 2020-09-16-4
Posted Sep 18, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-09-16-4 - watchOS 7.0 is now available and addresses cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
systems | apple
advisories | CVE-2020-9946, CVE-2020-9952, CVE-2020-9968, CVE-2020-9976
MD5 | d0cb12546d5aebcf540ac9c015984183
Apple Security Advisory 2020-09-16-3
Posted Sep 18, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-09-16-3 - Safari 14.0 is now available and addresses code execution, cross site scripting, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple
advisories | CVE-2020-9948, CVE-2020-9951, CVE-2020-9952, CVE-2020-9983
MD5 | ae29185c1601a94111093736fc67de83
Apple Security Advisory 2020-09-16-2
Posted Sep 18, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-09-16-2 - tvOS 14.0 is now available and addresses cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
systems | apple
advisories | CVE-2020-9952, CVE-2020-9968, CVE-2020-9976, CVE-2020-9979
MD5 | ef7376338a1a7ad7e72201d43197b146
Apple Security Advisory 2020-09-16-1
Posted Sep 18, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-09-16-1 - iOS 14.0 and iPadOS 14.0 are now available and address code execution, cross site scripting, out of bounds read, and out of bounds write vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple, ios
advisories | CVE-2020-9773, CVE-2020-9946, CVE-2020-9952, CVE-2020-9958, CVE-2020-9959, CVE-2020-9964, CVE-2020-9968, CVE-2020-9973, CVE-2020-9976, CVE-2020-9979, CVE-2020-9992
MD5 | bf2d39afbca775367e4876e819239e81
Red Hat Security Advisory 2020-3779-01
Posted Sep 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3779-01 - Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project. This release of Red Hat Data Grid 7.3.7 serves as a replacement for Red Hat Data Grid 7.3.6 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum. Issues addressed include XML injection, bypass, and improper authorization vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2017-7658, CVE-2019-10172, CVE-2020-10672, CVE-2020-10673, CVE-2020-10714, CVE-2020-10968, CVE-2020-10969, CVE-2020-11111, CVE-2020-11112, CVE-2020-11113, CVE-2020-11612, CVE-2020-11619, CVE-2020-11620, CVE-2020-1695, CVE-2020-1710, CVE-2020-1719, CVE-2020-1745, CVE-2020-1748, CVE-2020-1757, CVE-2020-8840, CVE-2020-9488, CVE-2020-9546, CVE-2020-9547, CVE-2020-9548
MD5 | 0014bbfc17261dd58806694335808506
Gentoo Linux Security Advisory 202009-10
Posted Sep 14, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202009-10 - A vulnerabilities in PHP could lead to a Denial of Service condition. Versions less than 7.2.33:7.2 are affected.

tags | advisory, denial of service, php, vulnerability
systems | linux, gentoo
advisories | CVE-2020-7068
MD5 | d02ea2e4e445ae9dc9a0319b525b6459
Gentoo Linux Security Advisory 202009-09
Posted Sep 14, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202009-9 - Multiple vulnerabilities have been found in Nextcloud Desktop Sync client, the worst of which may allow execution of arbitrary code. Versions less than 2.6.5 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-8189, CVE-2020-8224, CVE-2020-8227
MD5 | d9185a75c941fbb57d5cb781956639a4
Gentoo Linux Security Advisory 202009-07
Posted Sep 14, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202009-7 - Multiple vulnerabilities have been found in the Perl module DBI, the worst of which could result in a Denial of Service condition. Versions less than 1.643.0 are affected.

tags | advisory, denial of service, perl, vulnerability
systems | linux, gentoo
advisories | CVE-2020-14392, CVE-2020-14393
MD5 | adc99cfc7d25d1f38f9f4dab9b40bd69
MikroTik RouterOS Memory Corruption / Reachable Assertion Failure
Posted Sep 11, 2020
Authored by Qian Chen

MikroTik RouterOS suffers from memory corruption and reachable assertion failure vulnerabilities.

tags | advisory, vulnerability
MD5 | 950d0eee51c2f617a1415882d1b88a0a
IlchCMS 2.1.37 Cross Site Scripting
Posted Sep 10, 2020
Authored by Daniel Bishtawi | Site netsparker.com

IlchCMS version 2.1.37 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 44643740a4ccbef00c29bdf57af23e23
Red Hat Security Advisory 2020-3723-01
Posted Sep 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3723-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 85.0.4183.83. Issues addressed include information leakage, integer overflow, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-6559, CVE-2020-6560, CVE-2020-6561, CVE-2020-6562, CVE-2020-6563, CVE-2020-6564, CVE-2020-6565, CVE-2020-6566, CVE-2020-6567, CVE-2020-6568, CVE-2020-6569, CVE-2020-6570, CVE-2020-6571
MD5 | 3a3ae1c3cfa4b75de5e2102a900dbac4
Gentoo Linux Security Advisory 202009-03
Posted Sep 10, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202009-3 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 85.0.4183.102 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-15959, CVE-2020-6573, CVE-2020-6575, CVE-2020-6576
MD5 | 8416b17fa3bef5e21adc86d3c5a2672d
Ubuntu Security Notice USN-4488-2
Posted Sep 9, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4488-2 - USN-4488-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update and also the update from USN-4490-1 for Ubuntu 14.04 ESM. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the input extension protocol. A local attacker could possibly use this issue to escalate privileges. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly initialized memory. A local attacker could possibly use this issue to obtain sensitive information. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSelectEvents function. A local attacker could possibly use this issue to escalate privileges. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XRecordRegisterClients function. A local attacker could possibly use this issue to escalate privileges.

tags | advisory, local, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2020-14345, CVE-2020-14346, CVE-2020-14347, CVE-2020-14361, CVE-2020-14362
MD5 | 2c21e36caf7b07e3cf7bab5cb7a9f1d9
Red Hat Security Advisory 2020-3616-01
Posted Sep 9, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3616-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include bypass, code execution, and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2019-16538, CVE-2020-2109, CVE-2020-2110, CVE-2020-2111, CVE-2020-2134, CVE-2020-2135, CVE-2020-2136
MD5 | 2a08694d7af59fd8bf40152477cd5a0e
Red Hat Security Advisory 2020-3699-01
Posted Sep 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3699-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.1.108 and .NET Core Runtime 3.1.8. Security Fixes: .NET Core: ASP.NET cookie prefix spoofing vulnerability. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof, vulnerability, asp
systems | linux, redhat
advisories | CVE-2020-1045
MD5 | 3fa3742d20b581bf1ce4a1edfffb538c
Hyland OnBase XML Injection
Posted Sep 8, 2020
Authored by Adaptive Security Consulting

All versions up to and prior to Hyland OnBase Foundation EP1 (tested: 19.8.9.1000) and OnBase 18 (tested: 18.0.0.32) suffer from XML external entity injection vulnerabilities.

tags | advisory, vulnerability
MD5 | 73776c1814d36459a833a60dc075c439
Yaws 2.0.7 XML Injection / Command Injection
Posted Sep 8, 2020
Authored by Alexey Pronin

Yaws versions 1.81 through 2.0.7 suffer from remote OS command injection and XML external entity injection vulnerabilities.

tags | exploit, remote, vulnerability
advisories | CVE-2020-24379, CVE-2020-24916
MD5 | c619e8801cfec332cd3e0889564d6571
Hyland OnBase Path Traversal
Posted Sep 8, 2020
Authored by Adaptive Security Consulting

All versions up to and prior to Hyland OnBase Foundation EP1 (tested: 19.8.9.1000) and OnBase 18 (tested: 18.0.0.32) suffer from path traversal vulnerabilities.

tags | advisory, vulnerability, file inclusion
MD5 | 156aaf01e3f567caba60826f8c0e3305
Hyland OnBase DLL Hijacking
Posted Sep 8, 2020
Authored by Adaptive Security Consulting

All versions up to and prior to Hyland OnBase Foundation EP1 (tested: 19.8.9.1000) and OnBase 18 (tested: 18.0.0.32) suffer from DLL hijacking vulnerabilities.

tags | advisory, vulnerability
systems | windows
MD5 | 1ebced414524995b1fa42746405d452f
Ubuntu Security Notice USN-4487-2
Posted Sep 8, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4487-2 - USN-4487-1 fixed several vulnerabilities in libx11. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Todd Carson discovered that libx11 incorrectly handled certain memory operations. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-14344, CVE-2020-14363
MD5 | 7b5ef11330385584e46af64155d4486c
Red Hat Security Advisory 2020-3625-01
Posted Sep 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3625-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include cross site scripting and information leakage vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-2181, CVE-2020-2182, CVE-2020-2190, CVE-2020-2224, CVE-2020-2225, CVE-2020-2226
MD5 | ee4a49890f9ca9474251423fb2473c77
Red Hat Security Advisory 2020-3662-01
Posted Sep 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3662-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer over-read, buffer overflow, code execution, information leakage, integer overflow, null pointer, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, web, overflow, php, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-11039, CVE-2019-11040, CVE-2019-11041, CVE-2019-11042, CVE-2019-11045, CVE-2019-11047, CVE-2019-11048, CVE-2019-11050, CVE-2019-13224, CVE-2019-13225, CVE-2019-16163, CVE-2019-19203, CVE-2019-19204, CVE-2019-19246, CVE-2019-20454, CVE-2020-7059, CVE-2020-7060, CVE-2020-7062, CVE-2020-7063, CVE-2020-7064, CVE-2020-7065, CVE-2020-7066
MD5 | 1e12fa29983b7f83af758496e3d90857
Red Hat Security Advisory 2020-3678-01
Posted Sep 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3678-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.8.1 serves as an update to Red Hat Process Automation Manager 7.8.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include XML injection and code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-13692, CVE-2020-1714
MD5 | 66ccc95f168b4ea8bad261163122f621
Red Hat Security Advisory 2020-3669-01
Posted Sep 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3669-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include buffer overflow, bypass, and improper authorization vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10164, CVE-2019-10208, CVE-2020-14349, CVE-2020-14350, CVE-2020-1720
MD5 | 59b67ef16ff6aa9bb22226e4526917c3
Red Hat Security Advisory 2020-3675-01
Posted Sep 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3675-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.8.1 serves as an update to Red Hat Decision Manager 7.8.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include XML injection and code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-13692, CVE-2020-1714
MD5 | 2a4f053ecd9a745998925e0a686eff30
Page 1 of 1,155
Back12345Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close