what you don't know can hurt you
Showing 101 - 125 of 29,204 RSS Feed

Vulnerability Files

Sifter 11-R3
Posted Dec 14, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Various additions.
tags | tool, remote, local, scanner, vulnerability
systems | unix
MD5 | 9fabaf7e84833691cebd2959629bc2af
OpenAsset Digital Asset Management Cross Site Scripting
Posted Dec 11, 2020
Authored by Jack Misiura

The OpenAsset Digital Asset Management web application suffers from multiple reflected and persistent cross site scripting vulnerabilities. Vulnerable versions include 12.0.19 (Cloud) and 11.2.1 (On-premise).

tags | exploit, web, vulnerability, xss
advisories | CVE-2020-28857, CVE-2020-28859
MD5 | 35b3d6bf27bfcacaa597e0ed89c5cc54
WordPress DirectoriesPro 1.3.45 Cross Site Scripting
Posted Dec 11, 2020
Authored by Jack Misiura

WordPress DirectoriesPro plugin version 1.3.45 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2020-29303, CVE-2020-29304
MD5 | ea91243869739ae676c39bebb79d51c4
Rukovoditel 2.6.1 Shell Upload / Local File Inclusion
Posted Dec 11, 2020
Authored by coiffeur

Rukovoditel version 2.6.1 remote code execution exploit that leverages shell upload and local file inclusion vulnerabilities.

tags | exploit, remote, shell, local, vulnerability, code execution, file inclusion
MD5 | e2fa9c797d92a57016481570e269e9e5
Courier Management System 1.0 SQL Injection
Posted Dec 11, 2020
Authored by Zhaiyi

Courier Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 807bfd73dd0313f2fd9ce52866147d82
Medical Center Portal Management System 1.0 Cross Site Scripting
Posted Dec 11, 2020
Authored by Saeed Bala Ahmed

Medical Center Portal Management System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 00e4c95eecce91a63dfe0d538a7f1039
Jenkins 2.235.3 Cross Site Scripting
Posted Dec 11, 2020
Authored by gx1

Jenkins version 2.235.3 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2020-2229, CVE-2020-2230
MD5 | 85158ef5e1a886db017a968f1200bb77
Ubuntu Security Notice USN-4665-2
Posted Dec 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4665-2 - USN-4665-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Varnavas Papaioannou discovered that curl incorrectly handled FTP PASV responses. An attacker could possibly use this issue to trick curl into connecting to an arbitrary IP address and be used to perform port scanner and other information gathering. Various other issues were also addressed.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-8284, CVE-2020-8285
MD5 | 70ae3c3e1b163767c7314ec475487ed0
WordPress Popup Builder 3.69.6 Cross Site Scripting
Posted Dec 10, 2020
Authored by Ilca Lucian Florin

WordPress Popup Builder plugin versions 3.69.6 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 9f9a142141b13f9bf771d57b8b4d5076
Ubuntu Security Notice USN-4668-2
Posted Dec 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4668-2 - USN-4668-1 fixed vulnerabilities in python-apt. That update caused a regression by removing information describing the Ubuntu 20.10 release from the Ubuntu templates. This update fixes the problem by restoring this information. Various other issues were also addressed.

tags | advisory, vulnerability, python
systems | linux, ubuntu
MD5 | c139cb84adaae88c523ef36f4c1810e0
Ubuntu Security Notice USN-4656-2
Posted Dec 8, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4656-2 - USN-4656-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM. Jan-Niklas Sohn discovered that the X.Org X Server XKB extension incorrectly handled certain inputs. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-14360
MD5 | ced1235af213c4fb025d91a0a2d09a4c
Red Hat Security Advisory 2020-5365-01
Posted Dec 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5365-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.8.0 serves as a replacement for Red Hat AMQ Broker 7.7.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include cross site scripting and server-side request forgery vulnerabilities.

tags | advisory, vulnerability, protocol, xss
systems | linux, redhat
advisories | CVE-2015-5183, CVE-2019-9827, CVE-2020-13932, CVE-2020-27216
MD5 | 23edc379ef654f167d109ba7d6f10bff
Gentoo Linux Security Advisory 202012-08
Posted Dec 7, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-8 - Multiple vulnerabilities have been found in MariaDB, the worst of which could result in privilege escalation. Versions less than 10.5.8 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2020-2752, CVE-2020-2760, CVE-2020-2812, CVE-2020-2814
MD5 | f93167da152d14c172627b0bfd156c17
Gentoo Linux Security Advisory 202012-07
Posted Dec 7, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-7 - Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in arbitrary code execution. Versions less than 13.1 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
MD5 | be19de36dc8efd02ce649046656d99bb
Gentoo Linux Security Advisory 202012-05
Posted Dec 7, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-5 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 87.0.4280.88 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-16014, CVE-2020-16015, CVE-2020-16018, CVE-2020-16019, CVE-2020-16020, CVE-2020-16021, CVE-2020-16022, CVE-2020-16023, CVE-2020-16024, CVE-2020-16025, CVE-2020-16026, CVE-2020-16027, CVE-2020-16028, CVE-2020-16029, CVE-2020-16030, CVE-2020-16031, CVE-2020-16032, CVE-2020-16033, CVE-2020-16034, CVE-2020-16036, CVE-2020-16037, CVE-2020-16038, CVE-2020-16039, CVE-2020-16040, CVE-2020-16041, CVE-2020-16042
MD5 | 745e9e2f0cdc2ac43898c9fa2623cc24
Gentoo Linux Security Advisory 202012-04
Posted Dec 7, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-4 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to the execution of arbitrary code. Versions less than 78.5.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-15999, CVE-2020-16012, CVE-2020-26951, CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26968, CVE-2020-26970
MD5 | 8742747476492ac0ff48d2a8c86867fa
Gentoo Linux Security Advisory 202012-03
Posted Dec 7, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-3 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 83 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-16012, CVE-2020-26951, CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26968
MD5 | b25a4f0089a4be2c379aeaddfb57e35d
Gentoo Linux Security Advisory 202012-02
Posted Dec 7, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-2 - Multiple vulnerabilities have been found in SeaMonkey, the worst of which could result in the arbitrary execution of code. Versions less than 2.53.5.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
MD5 | faadb1f5366394ac7178be191d3c0fc2
Gentoo Linux Security Advisory 202012-01
Posted Dec 7, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-1 - Multiple vulnerabilities have been found in X.org X Server, the worst of which could lead to privilege escalation. Versions less than 1.20.10 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2020-14345, CVE-2020-14346, CVE-2020-14347, CVE-2020-14360, CVE-2020-14361, CVE-2020-14362, CVE-2020-25712
MD5 | 58c30cbef23b224d2851bb15d3cf57dc
Red Hat Security Advisory 2020-5342-01
Posted Dec 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5342-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, memory leak, and remote SQL injection vulnerabilities.

tags | advisory, java, remote, vulnerability, sql injection, memory leak
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2020-25644, CVE-2020-25649
MD5 | f3da3a857cd5d1a25083fe1074923453
Red Hat Security Advisory 2020-5341-01
Posted Dec 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5341-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, memory leak, and remote SQL injection vulnerabilities.

tags | advisory, java, remote, vulnerability, sql injection, memory leak
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2020-25644, CVE-2020-25649
MD5 | 2f32d3532759da33ac105fbb5d9559db
Red Hat Security Advisory 2020-5340-01
Posted Dec 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5340-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, memory leak, and remote SQL injection vulnerabilities.

tags | advisory, java, remote, vulnerability, sql injection, memory leak
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2020-25644, CVE-2020-25649
MD5 | fd5f47be3b183253dfdf3ec7a25d546f
Red Hat Security Advisory 2020-5344-01
Posted Dec 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5344-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, memory leak, and remote SQL injection vulnerabilities.

tags | advisory, java, remote, vulnerability, sql injection, memory leak
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2020-25644, CVE-2020-25649
MD5 | 94085eef489b46d47ad00938de334025
Car Rental Management System 1.0 Local File Inclusion / SQL Injection
Posted Dec 2, 2020
Authored by mosaaed

Car Rental Management System version 1.0 suffers from local file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
MD5 | 3a68203e8a08bc0b1358a7badb0e67c3
SQLMAP - Automatic SQL Injection Tool 1.4.12
Posted Dec 1, 2020
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Bug fixes.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 63f11245bc7cdef373e7b5a811aa3c43
Page 5 of 1,169
Back34567Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close