exploit the possibilities
Showing 26 - 50 of 29,219 RSS Feed

Vulnerability Files

Practical Insight Into Injections
Posted Jan 13, 2021
Authored by Hanut Kumar Arora

Whitepaper called Practical Insight into Injections. This document describes the meaning, working, implementation, and impact of injection vulnerabilities.

tags | paper, vulnerability
MD5 | 03c734fe0bc100e2234162e8efb3ea3b
Ubuntu Security Notice USN-4689-2
Posted Jan 12, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4689-2 - USN-4689-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-1052, CVE-2021-1053, CVE-2021-1056
MD5 | 5400659ba37710eaa6b249f1d24c9de7
Ubuntu Security Notice USN-4649-2
Posted Jan 12, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4649-2 - USN-4649-1 fixed vulnerabilities in xdg-utils. That update caused a regression by removing the --attach functionality in thunderbird and others applications. This update fix the problem by reverting these changes. Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
MD5 | e3181c84ebf88124fc8440988b2185ac
Cemetery Mapping And Information System 1.0 SQL Injection
Posted Jan 12, 2021
Authored by Mesut Cetin

Cemetery Mapping and Information System version 1.0 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 13b51c2660d3b63bd96411a4b133e165
Gentoo Linux Security Advisory 202101-08
Posted Jan 11, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-8 - Multiple vulnerabilities have been found in Pillow, the worst of which could result in a Denial of Service condition. Versions less than 8.1.0 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2020-35653, CVE-2020-35654, CVE-2020-35655
MD5 | 10a03ba321505f8f440a2d98f3727dc4
Gentoo Linux Security Advisory 202101-07
Posted Jan 11, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-7 - Multiple vulnerabilities have been found in NodeJS, the worst of which could result in the arbitrary execution of code. Versions less than 15.5.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-15095, CVE-2020-8172, CVE-2020-8174, CVE-2020-8201, CVE-2020-8251, CVE-2020-8265, CVE-2020-8277, CVE-2020-8287
MD5 | 8b174981332595ec9347b63b26850dc4
Red Hat Security Advisory 2021-0050-01
Posted Jan 11, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0050-01 - This release of Red Hat Quay v3.3.3 includes: Security Update: quay: persistent XSS in repository notification display quay: email notifications authorization bypass. Issues addressed include bypass and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2018-20843, CVE-2019-13050, CVE-2019-13627, CVE-2019-14889, CVE-2019-15165, CVE-2019-15903, CVE-2019-16168, CVE-2019-16935, CVE-2019-19221, CVE-2019-19906, CVE-2019-19956, CVE-2019-20218, CVE-2019-20387, CVE-2019-20388, CVE-2019-20454, CVE-2019-20807, CVE-2019-20907, CVE-2019-20916, CVE-2019-5018, CVE-2019-8625, CVE-2019-8710, CVE-2019-8720, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8769, CVE-2019-8771
MD5 | e773185f896a2e376e6f5315784e7699
Gentoo Linux Security Advisory 202101-05
Posted Jan 11, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-5 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 87.0.4280.141 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-15995, CVE-2020-16043, CVE-2021-21106, CVE-2021-21107, CVE-2021-21108, CVE-2021-21109, CVE-2021-21110, CVE-2021-21111, CVE-2021-21112, CVE-2021-21113, CVE-2021-21114, CVE-2021-21115, CVE-2021-21116
MD5 | bb4d644e582bd3f8ac9ec502362461dc
Gentoo Linux Security Advisory 202101-02
Posted Jan 11, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-2 - Multiple vulnerabilities have been found in Firejail, the worst of which could result in the arbitrary execution of code. Versions less than 0.9.64 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-17367, CVE-2020-17368
MD5 | e8a34c4864a5d0cb1f6207d62bf6e986
Gentoo Linux Security Advisory 202101-01
Posted Jan 11, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-1 - Multiple vulnerabilities have been found in Dovecot, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 2.3.13 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2020-24386, CVE-2020-25275
MD5 | 3a89fff6479017300d6ec9a323c8b69e
Cemetery Mapping And Information System 1.0 Cross Site Scripting
Posted Jan 10, 2021
Authored by Mesut Cetin

Cemetery Mapping and Information System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 411cd927de4dc77c72949d80635f4523
Online Doctor Appointment System 1.0 Cross Site Scripting
Posted Jan 8, 2021
Authored by Mohamed Habib Smidi

Online Doctor Appointment System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 76c223f15acb1a444605758caefc7bb2
OX App Suite / OX Documents 7.10.x XSS / SSRF
Posted Jan 8, 2021
Authored by Martin Heiland, notoriousrip, Stuart Redman

OX App Suite and OX Documents suffer from server-side request forgery and multiple cross site scripting vulnerabilities. Various versions are affected including 7.10.4 and 7.10.3.

tags | exploit, vulnerability, xss
advisories | CVE-2020-24700, CVE-2020-24701
MD5 | 2fbb089c8daa5ef915d9f746ea2a73a4
Life Insurance Management System 1.0 Cross Site Scripting
Posted Jan 8, 2021
Authored by Arnav Tripathy

Life Insurance Management System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 69c15061f1341d5b67f0075fcd3b91a2
Red Hat Security Advisory 2020-5388-01
Posted Jan 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5388-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.2.11 serves as a replacement for Red Hat support for Spring Boot 2.2.10, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2020-11996, CVE-2020-25638
MD5 | b3bdc25df3f101e501f013f1465ac1d3
NVIDIA Driver Information Disclosure / Code Execution
Posted Jan 7, 2021
Authored by Ofir Moskovitch

The NVIDIA graphics driver suffers from information disclosure and code execution vulnerabilities. Affected builds include 460.79, 460.89, 457.71, 457.30, 457.09, and 456.71.

tags | advisory, vulnerability, code execution, info disclosure
MD5 | 363fb14c236bcc3dc1c9ae8c87961a97
Red Hat Security Advisory 2021-0019-01
Posted Jan 5, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0019-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-20836, CVE-2019-15917, CVE-2019-20636
MD5 | 936db7e77ce10f20206d35312906b1c5
CSZ CMS 1.2.9 Cross Site Scripting
Posted Jan 5, 2021
Authored by SunCSR

CSZ CMS version 1.2.9 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 1ed4df9d15c3b3ca05832e0d79200b0a
EgavilanMedia User Registration And Login System With Admin Panel 1.0 XSS
Posted Jan 5, 2021
Authored by Mesut Cetin

EgavilanMedia User Registration and Login System with Admin Panel version 1.0 suffers from multiple persistent cross site scripting vulnerabilities. Original discovery of persistent cross site scripting in this version is attributed to Soushikta Chowdhury in December of 2020.

tags | exploit, vulnerability, xss
MD5 | c0088fd63210a6f4ebeb65d5f533a11d
House Rental And Property Listing 1.0 Cross Site Scripting
Posted Jan 5, 2021
Authored by Mohamed Habib Smidi

House Rental and Property Listing version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | a6e015b7f0196d673377897e7e405d0e
Ubuntu Security Notice USN-4668-3
Posted Jan 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4668-3 - USN-4668-1 fixed vulnerabilities in python-apt. The update caused a regression when using certain APIs with a file handle. This update fixes the problem. Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local, vulnerability, python
systems | linux, ubuntu
MD5 | a029e69b2f2fd6b5ff7a56f554dcb47f
SQLMAP - Automatic SQL Injection Tool 1.5
Posted Jan 4, 2021
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Bug fixes.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | c07963ad8b64601adc6f1793b84d5786
CRUD Operation Software 1.0 Cross Site Scripting
Posted Jan 4, 2021
Authored by Arnav Tripathy

CRUD Operation Software version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 9aaff9e6958d9377d58feec2ecfba283
Rock RMS File Upload / Account Takeover / Information Disclosure
Posted Jan 4, 2021
Authored by Cyber Security Research Group

Rock RMS suffers from arbitrary file upload, account takeover, and personal information disclosure vulnerabilities. Various versions are affected.

tags | exploit, arbitrary, vulnerability, info disclosure, file upload
advisories | CVE-2019-18641, CVE-2019-18642, CVE-2019-18643
MD5 | 496349ae2fd93f703a324dcbbd378676
Resumes Management And Job Application Website 1.0 Cross Site Scripting
Posted Jan 4, 2021
Authored by Saswat Subhajyoti Mallick

Resumes Management and Job Application Website version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | ff455771a934d45b23ddf81b4813f13f
Page 2 of 1,169
Back12345Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    10 Files
  • 22
    Jan 22nd
    16 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close