exploit the possibilities
Showing 76 - 100 of 28,954 RSS Feed

Vulnerability Files

Gentoo Linux Security Advisory 202009-13
Posted Sep 29, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202009-13 - Multiple vulnerabilities have been found in Chromiun and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 85.0.4183.121 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-15960, CVE-2020-15961, CVE-2020-15962, CVE-2020-15963, CVE-2020-15964, CVE-2020-15965, CVE-2020-15966
MD5 | 91294756e45d105268587d76794a7e69
Red Hat Security Advisory 2020-4059-01
Posted Sep 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4059-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include information leakage and out of bounds read vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-10756, CVE-2020-14364
MD5 | f80f20f5bbc7df1040c003c552ceba74
Ubuntu Security Notice USN-3968-3
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3968-3 - USN-3968-1 fixed several vulnerabilities in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use this issue to bypass configured restrictions and execute arbitrary commands. Various other issues were also addressed.

tags | advisory, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-7032
MD5 | 6044cf85ada96b50d32b99b140fb790d
Sifter 10_r2
Posted Sep 28, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Revision 2 of version 10. Includes separated categories and various additions.
tags | tool, remote, local, scanner, vulnerability
systems | unix
MD5 | 6bee73d58cd39101159e5cda8f2f4469
Apple Security Advisory 2020-09-24-1
Posted Sep 25, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-09-24-1 - macOS Catalina 10.15.6 Supplemental Update, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave are now available and address code execution and out of bounds read vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2020-9941, CVE-2020-9961, CVE-2020-9968, CVE-2020-9973
MD5 | 515938eea09c5011442b4fd556e8582e
Red Hat Security Advisory 2020-3835-01
Posted Sep 24, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3835-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.3.0 ESR. Issues addressed include cross site scripting, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, spoof, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-15673, CVE-2020-15676, CVE-2020-15677, CVE-2020-15678
MD5 | f1f9b6d167f6008e5dfc5f954276b78e
Red Hat Security Advisory 2020-3832-01
Posted Sep 24, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3832-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.3.0 ESR. Issues addressed include cross site scripting, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, spoof, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-15673, CVE-2020-15676, CVE-2020-15677, CVE-2020-15678
MD5 | 3ca5ecb0a4c3ac7b3db3a17cb99489d1
Red Hat Security Advisory 2020-3833-01
Posted Sep 24, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3833-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.3.0 ESR. Issues addressed include cross site scripting, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, spoof, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-15673, CVE-2020-15676, CVE-2020-15677, CVE-2020-15678
MD5 | 64f5454e98144268d918f5d325ba315f
Red Hat Security Advisory 2020-3834-01
Posted Sep 24, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3834-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.3.0 ESR. Issues addressed include cross site scripting, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, spoof, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-15673, CVE-2020-15676, CVE-2020-15677, CVE-2020-15678
MD5 | 18b017a52db603d8902592742e090ab3
Red Hat Security Advisory 2020-3806-01
Posted Sep 24, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3806-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.2.6.SP2 serves as a replacement for Red Hat support for Spring Boot 2.2.6.SP1, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include cross site scripting and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-10688, CVE-2020-10693, CVE-2020-13934, CVE-2020-13935
MD5 | e03d7a44e0c0d90c25bb06b54ca272f8
Red Hat Security Advisory 2020-3807-01
Posted Sep 24, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3807-01 - The org.ovirt.engine-root is a core component of oVirt. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, root, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-11022, CVE-2020-11023, CVE-2020-14333, CVE-2020-8203
MD5 | 780c083fc00b5826b5832bcbc0efebb5
VyOS restricted-shell Escape / Privilege Escalation
Posted Sep 21, 2020
Authored by Brendan Coles, Rich Mirch | Site metasploit.com

This Metasploit module exploits command injection vulnerabilities and an insecure default sudo configuration on VyOS versions 1.0.0 through 1.1.8 to execute arbitrary system commands as root. VyOS features a restricted-shell system shell intended for use by low privilege users with operator privileges. This module exploits a vulnerability in the telnet command to break out of the restricted shell, then uses sudo to exploit a command injection vulnerability in /opt/vyatta/bin/sudo-users/vyatta-show-lldp.pl to execute commands with root privileges. This module has been tested successfully on VyOS 1.1.8 amd64 and VyOS 1.0.0 i386.

tags | exploit, arbitrary, shell, root, vulnerability
advisories | CVE-2018-18556
MD5 | 3d5d65d5e0f254ce3c9343e508e95b9d
Apple Security Advisory 2020-09-16-4
Posted Sep 18, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-09-16-4 - watchOS 7.0 is now available and addresses cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
systems | apple
advisories | CVE-2020-9946, CVE-2020-9952, CVE-2020-9968, CVE-2020-9976
MD5 | d0cb12546d5aebcf540ac9c015984183
Apple Security Advisory 2020-09-16-3
Posted Sep 18, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-09-16-3 - Safari 14.0 is now available and addresses code execution, cross site scripting, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple
advisories | CVE-2020-9948, CVE-2020-9951, CVE-2020-9952, CVE-2020-9983
MD5 | ae29185c1601a94111093736fc67de83
Apple Security Advisory 2020-09-16-2
Posted Sep 18, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-09-16-2 - tvOS 14.0 is now available and addresses cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
systems | apple
advisories | CVE-2020-9952, CVE-2020-9968, CVE-2020-9976, CVE-2020-9979
MD5 | ef7376338a1a7ad7e72201d43197b146
Apple Security Advisory 2020-09-16-1
Posted Sep 18, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-09-16-1 - iOS 14.0 and iPadOS 14.0 are now available and address code execution, cross site scripting, out of bounds read, and out of bounds write vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple, ios
advisories | CVE-2020-9773, CVE-2020-9946, CVE-2020-9952, CVE-2020-9958, CVE-2020-9959, CVE-2020-9964, CVE-2020-9968, CVE-2020-9973, CVE-2020-9976, CVE-2020-9979, CVE-2020-9992
MD5 | bf2d39afbca775367e4876e819239e81
Red Hat Security Advisory 2020-3779-01
Posted Sep 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3779-01 - Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project. This release of Red Hat Data Grid 7.3.7 serves as a replacement for Red Hat Data Grid 7.3.6 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum. Issues addressed include XML injection, bypass, and improper authorization vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2017-7658, CVE-2019-10172, CVE-2020-10672, CVE-2020-10673, CVE-2020-10714, CVE-2020-10968, CVE-2020-10969, CVE-2020-11111, CVE-2020-11112, CVE-2020-11113, CVE-2020-11612, CVE-2020-11619, CVE-2020-11620, CVE-2020-1695, CVE-2020-1710, CVE-2020-1719, CVE-2020-1745, CVE-2020-1748, CVE-2020-1757, CVE-2020-8840, CVE-2020-9488, CVE-2020-9546, CVE-2020-9547, CVE-2020-9548
MD5 | 0014bbfc17261dd58806694335808506
Gentoo Linux Security Advisory 202009-10
Posted Sep 14, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202009-10 - A vulnerabilities in PHP could lead to a Denial of Service condition. Versions less than 7.2.33:7.2 are affected.

tags | advisory, denial of service, php, vulnerability
systems | linux, gentoo
advisories | CVE-2020-7068
MD5 | d02ea2e4e445ae9dc9a0319b525b6459
Gentoo Linux Security Advisory 202009-09
Posted Sep 14, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202009-9 - Multiple vulnerabilities have been found in Nextcloud Desktop Sync client, the worst of which may allow execution of arbitrary code. Versions less than 2.6.5 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-8189, CVE-2020-8224, CVE-2020-8227
MD5 | d9185a75c941fbb57d5cb781956639a4
Gentoo Linux Security Advisory 202009-07
Posted Sep 14, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202009-7 - Multiple vulnerabilities have been found in the Perl module DBI, the worst of which could result in a Denial of Service condition. Versions less than 1.643.0 are affected.

tags | advisory, denial of service, perl, vulnerability
systems | linux, gentoo
advisories | CVE-2020-14392, CVE-2020-14393
MD5 | adc99cfc7d25d1f38f9f4dab9b40bd69
MikroTik RouterOS Memory Corruption / Reachable Assertion Failure
Posted Sep 11, 2020
Authored by Qian Chen

MikroTik RouterOS suffers from memory corruption and reachable assertion failure vulnerabilities.

tags | advisory, vulnerability
MD5 | 950d0eee51c2f617a1415882d1b88a0a
IlchCMS 2.1.37 Cross Site Scripting
Posted Sep 10, 2020
Authored by Daniel Bishtawi | Site netsparker.com

IlchCMS version 2.1.37 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 44643740a4ccbef00c29bdf57af23e23
Red Hat Security Advisory 2020-3723-01
Posted Sep 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3723-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 85.0.4183.83. Issues addressed include information leakage, integer overflow, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-6559, CVE-2020-6560, CVE-2020-6561, CVE-2020-6562, CVE-2020-6563, CVE-2020-6564, CVE-2020-6565, CVE-2020-6566, CVE-2020-6567, CVE-2020-6568, CVE-2020-6569, CVE-2020-6570, CVE-2020-6571
MD5 | 3a3ae1c3cfa4b75de5e2102a900dbac4
Gentoo Linux Security Advisory 202009-03
Posted Sep 10, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202009-3 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 85.0.4183.102 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-15959, CVE-2020-6573, CVE-2020-6575, CVE-2020-6576
MD5 | 8416b17fa3bef5e21adc86d3c5a2672d
Ubuntu Security Notice USN-4488-2
Posted Sep 9, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4488-2 - USN-4488-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update and also the update from USN-4490-1 for Ubuntu 14.04 ESM. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the input extension protocol. A local attacker could possibly use this issue to escalate privileges. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly initialized memory. A local attacker could possibly use this issue to obtain sensitive information. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSelectEvents function. A local attacker could possibly use this issue to escalate privileges. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XRecordRegisterClients function. A local attacker could possibly use this issue to escalate privileges.

tags | advisory, local, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2020-14345, CVE-2020-14346, CVE-2020-14347, CVE-2020-14361, CVE-2020-14362
MD5 | 2c21e36caf7b07e3cf7bab5cb7a9f1d9
Page 4 of 1,159
Back23456Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close