Exploit the possiblities
Showing 51 - 75 of 26,353 RSS Feed

Vulnerability Files

Red Hat Security Advisory 2017-3081-01
Posted Oct 30, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3081-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: A vulnerability was discovered in Tomcat's handling of pipelined requests when "Sendfile" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. Two vulnerabilities were discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.

tags | advisory, java, web, vulnerability, code execution, info disclosure
systems | linux, redhat
advisories | CVE-2017-12615, CVE-2017-12617, CVE-2017-5647, CVE-2017-7674
MD5 | ed7db0112f16f762e72879e4f791c3a9
Gentoo Linux Security Advisory 201710-32
Posted Oct 30, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-32 - Multiple vulnerabilities have been found in Apache, the worst of which may result in the loss of secrets. Versions less than 2.4.27-r1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2017-3167, CVE-2017-3169, CVE-2017-7659, CVE-2017-7668, CVE-2017-7679, CVE-2017-9788, CVE-2017-9789
MD5 | 6702dea8604021598b7ad6570ac8ea75
Gentoo Linux Security Advisory 201710-31
Posted Oct 30, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-31 - Multiple vulnerabilities have been found in Oracle's JDK and JRE software suites, the worst of which can be remotely exploited without authentication. Versions less than 1.8.0.152-r1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388
MD5 | a7c529adfd84fe6fc678b0cdb8e526b3
Gentoo Linux Security Advisory 201710-30
Posted Oct 30, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-30 - Multiple vulnerabilities have been found in X.Org Server the worst of which could allow a local attacker to replace shared memory segments. Versions less than 1.19.4 are affected.

tags | advisory, local, vulnerability
systems | linux, gentoo
advisories | CVE-2013-6424, CVE-2017-13721, CVE-2017-13723, CVE-2017-2624
MD5 | c3cded738c906680cb3a502ef39b1721
Gentoo Linux Security Advisory 201710-29
Posted Oct 29, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-29 - Multiple vulnerabilities have been found in Asterisk, the worst of which allows remote execution of arbitrary shell commands. Versions less than 11.25.3 are affected.

tags | advisory, remote, arbitrary, shell, vulnerability
systems | linux, gentoo
advisories | CVE-2017-14098, CVE-2017-14099, CVE-2017-14100, CVE-2017-14603
MD5 | dc6664f1f4febce3a1ec19be4fbf4607
Red Hat Security Advisory 2017-3071-01
Posted Oct 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3071-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: Two vulnerabilities were discovered in the NTP server's parsing of configuration directives. A remote, authenticated attacker could cause ntpd to crash by sending a crafted message.

tags | advisory, remote, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2017-6462, CVE-2017-6463, CVE-2017-6464
MD5 | 366851a24a420e6f5970fdec993b2ae1
Mura CMS Server-Side Request Forgery / XXE Injection
Posted Oct 26, 2017
Authored by Anthony Cole

Mura CMS versions prior to 6.2 suffer from server-side request forgery and XML external entity injection vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2017-15639
MD5 | 082f770ed9b178ced262ba51f73e3f10
Sonicwall WXA5000 1.3.2-10-30 Console Jail Escape / Privilege Escalation
Posted Oct 25, 2017
Authored by Matthew Bergin | Site korelogic.com

Sonicwall WXA5000 version 1.3.2-10-30 suffers from console jail escape and privilege escalation vulnerabilities.

tags | exploit, vulnerability
MD5 | 96ae20044a39b528b9cd3c1fe1e9bab9
Infoblox NetMRI 7.1.4 Shell Escape / Privilege Escalation
Posted Oct 25, 2017
Authored by Hank Leininger, Matthew Bergin | Site korelogic.com

Infoblox NetMRI versions 7.1.2 through 7.1.4 suffer from administration shell escape and privilege escalation vulnerabilities.

tags | exploit, shell, vulnerability
MD5 | b723ed326bd04aa156050b80d0b7a39f
Ubuntu Security Notice USN-3388-2
Posted Oct 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3388-2 - USN-3388-1 fixed several vulnerabilities in Subversion. This update provides the corresponding update for Ubuntu 12.04 ESM. Ivan Zhakov discovered that Subversion did not properly handle some requests. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-2167, CVE-2016-2168, CVE-2017-9800
MD5 | e21388389183c326fdaef5767e8457ca
Debian Security Advisory 4006-1
Posted Oct 25, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4006-1 - Multiple vulnerabilities have been found in MuPDF, a PDF file viewer, which may result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2017-14685, CVE-2017-14686, CVE-2017-14687, CVE-2017-15587
MD5 | f7a8a034d503f31208c5424904f91dc2
Red Hat Security Advisory 2017-3047-01
Posted Oct 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3047-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 171. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388
MD5 | 416535023fc568d3159b0effb46e9a17
Red Hat Security Advisory 2017-3046-01
Posted Oct 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3046-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 161. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-10165, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388
MD5 | 91f933416d3f5f60db5f53926da9cbc0
Ubuntu Security Notice USN-3441-2
Posted Oct 23, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3441-2 - USN-3441-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. A Daniel Stenberg discovered that curl incorrectly handled large A floating point output. A remote attacker could use this issue to cause A curl to crash, resulting in a denial of service, or possibly execute A arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-9586, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000254, CVE-2017-1000257, CVE-2017-7407
MD5 | 760c2b6698f663e2ef5f890cf50af9ce
Gentoo Linux Security Advisory 201710-27
Posted Oct 23, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-27 - Multiple vulnerabilities have been found in Dnsmasq, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 2.78 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496
MD5 | 9b9dcb500dd6dd3f006c41613c8c757a
Gentoo Linux Security Advisory 201710-26
Posted Oct 23, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-26 - Multiple vulnerabilities have been found in OpenJPEG, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 2.3.0:2 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-10504, CVE-2016-10505, CVE-2016-10506, CVE-2016-10507, CVE-2016-1626, CVE-2016-1628, CVE-2016-9112, CVE-2016-9113, CVE-2016-9114, CVE-2016-9115, CVE-2016-9116, CVE-2016-9117, CVE-2016-9118, CVE-2016-9572, CVE-2016-9573, CVE-2016-9580, CVE-2016-9581, CVE-2017-12982, CVE-2017-14039, CVE-2017-14164
MD5 | b73b2aa1adc1d1ebcdc73950d598e3a6
Gentoo Linux Security Advisory 201710-25
Posted Oct 23, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-25 - Multiple vulnerabilities have been found in the PCRE Library, the worst of which may allow remote attackers to cause a Denial of Service condition. Versions less than 8.41 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2017-7186, CVE-2017-7244, CVE-2017-7245, CVE-2017-7246
MD5 | 0ee8c8d39b1ddaa98337bdb75112b325
Red Hat Security Advisory 2017-2999-01
Posted Oct 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2999-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 151. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-10165, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388
MD5 | a0cd8f1a42bccfe32ca3147acb9d6275
Gentoo Linux Security Advisory 201710-24
Posted Oct 23, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-24 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the execution of arbitrary code. Versions less than 62.0.3202.62 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-15386, CVE-2017-15387, CVE-2017-15388, CVE-2017-15389, CVE-2017-15390, CVE-2017-15391, CVE-2017-15392, CVE-2017-15393, CVE-2017-15394, CVE-2017-15395, CVE-2017-5124, CVE-2017-5125, CVE-2017-5126, CVE-2017-5127, CVE-2017-5128, CVE-2017-5129, CVE-2017-5130, CVE-2017-5131, CVE-2017-5132, CVE-2017-5133
MD5 | 3f00a04e2bf1c2595ddf72f7844b3fa7
Gentoo Linux Security Advisory 201710-23
Posted Oct 23, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-23 - Multiple vulnerabilities have been found in Go, the worst of which may result in the execution of arbitrary commands. Versions less than 1.9.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-15041, CVE-2017-15042
MD5 | f5f167411f9dac3f27c06377f9819d48
Fuzzing Font Parsing
Posted Oct 23, 2017
Authored by James Fell

This article presents a cross-platform test harness written in Python that assists the user in searching for vulnerabilities in web browsers, specifically by fuzzing their font parsing functionality. The tool automates the delivery of test cases (font files in this context) into a web browser. The creation of a corpus of mutated TTF font files suitable for use in fuzzing is also covered.

tags | tool, web, vulnerability, python, fuzzer
systems | unix
MD5 | 9836d6b3407dbfd2c3fa9eee3efaf3c7
Debian Security Advisory 4002-1
Posted Oct 20, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4002-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.58, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2017-10268, CVE-2017-10378, CVE-2017-10379, CVE-2017-10384
MD5 | f2c725729bb0242ef87846c5c977af61
BMC Remedy LFI / RFI / XSS / Code Execution
Posted Oct 19, 2017
Authored by Simon Rawet

BMC Remedy suffers from log hijacking, code execution, cross site scripting, local/remote file inclusion, and various other vulnerabilities.

tags | advisory, remote, local, vulnerability, code execution, xss, file inclusion
MD5 | 6a00391d6567c156d616b913657c8b20
FreeBSD Security Advisory - FreeBSD-SA-17:07.wpa
Posted Oct 19, 2017
Authored by Mathy Vanhoef | Site security.freebsd.org

FreeBSD Security Advisory - A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys. Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.

tags | advisory, vulnerability
systems | freebsd, bsd
advisories | CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
MD5 | dd1ceecd8830ca90a5666d6a9425ade7
WebKitGTK+ Code Execution / Cookie Handling / Memory Corruption
Posted Oct 18, 2017
Authored by WebKitGTK+ Team

WebKitGTK+ has had numerous security vulnerabilities addressed including arbitrary code execution, memory corruption, cookie theft, and various other issues.

tags | advisory, arbitrary, vulnerability, code execution
advisories | CVE-2017-7081, CVE-2017-7087, CVE-2017-7089, CVE-2017-7090, CVE-2017-7091, CVE-2017-7092, CVE-2017-7093, CVE-2017-7094, CVE-2017-7095, CVE-2017-7096, CVE-2017-7098, CVE-2017-7099, CVE-2017-7100, CVE-2017-7102, CVE-2017-7104, CVE-2017-7107, CVE-2017-7109, CVE-2017-7111, CVE-2017-7117, CVE-2017-7120, CVE-2017-7142
MD5 | 40a14f9ee80a9b6a0dd89788c1f7de76
Page 3 of 1,055
Back12345Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close