Twenty Year Anniversary
Showing 101 - 125 of 27,273 RSS Feed

Vulnerability Files

Red Hat Security Advisory 2018-3558-01
Posted Nov 13, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3558-01 - The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. Issues addressed include buffer overflow, bypass, denial of service, heap overflow, null pointer, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9586, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000254, CVE-2017-1000257, CVE-2017-15710, CVE-2017-15715, CVE-2017-7407, CVE-2017-8816, CVE-2017-8817, CVE-2018-1000007
MD5 | 516f51a00fc5765270c849817fc3f4b4
Ubuntu Security Notice USN-3814-2
Posted Nov 13, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3814-2 - USN-3814-1 fixed several vulnerabilities in libmspack. In Ubuntu 14.04 libmspack is included into ClamAV. This update provides the corresponding update for Ubuntu 14.04 LTS. It was discovered libmspack incorrectly handled certain malformed CAB files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-18584
MD5 | 4e9d2118a033dbea09d169f302ccd831
Cisco Prime Infrastructure Unauthenticated Remote Code Execution
Posted Nov 13, 2018
Authored by Pedro Ribeiro | Site metasploit.com

Cisco Prime Infrastructure (CPI) contains two basic flaws that when exploited allow an unauthenticated attacker to achieve remote code execution. The first flaw is a file upload vulnerability that allows the attacker to upload and execute files as the Apache Tomcat user; the second is a privilege escalation to root by bypassing execution restrictions in a SUID binary. This Metasploit module exploits these vulnerabilities to achieve unauthenticated remote code execution as root on the CPI default installation. This Metasploit module has been tested with CPI 3.2.0.0.258 and 3.4.0.0.348. Earlier and later versions might also be affected, although 3.4.0.0.348 is the latest at the time of writing. The file upload vulnerability should have been fixed in versions 3.4.1 and 3.3.1 Update 02.

tags | exploit, remote, root, vulnerability, code execution, file upload
systems | cisco
advisories | CVE-2018-15379
MD5 | 2c9170145359581c4c8d1c13f564bce3
Debian Security Advisory 4336-1
Posted Nov 12, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4336-1 - Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service, disclosure of existence and size of arbitrary files, or the execution of arbitrary code if a malformed Postscript file is processed (despite the dSAFER sandbox being enabled).

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-11645, CVE-2018-17961, CVE-2018-18073, CVE-2018-18284
MD5 | 5272b35e98151ec03cae17c1cae7ca73
Debian Security Advisory 4335-1
Posted Nov 12, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4335-1 - Three vulnerabilities were discovered in Nginx, a high-performance web and reverse proxy server, which could in denial of service in processing HTTP/2 (via excessive memory/CPU usage) or server memory disclosure in the ngx_http_mp4_module module (used for server-side MP4 streaming).

tags | advisory, web, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2018-16843, CVE-2018-16844, CVE-2018-16845
MD5 | 4d4bf37877010a706d4c0cec4789a57b
Gentoo Linux Security Advisory 201811-06
Posted Nov 10, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201811-6 - Multiple vulnerabilities have been found in libde265, the worst of which allows remote attackers to execute arbitrary code. Versions less than 1.0.3 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
MD5 | 42a1b84bbaf2f48f50665de5ebeadd39
Gentoo Linux Security Advisory 201811-05
Posted Nov 10, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201811-5 - Multiple vulnerabilities have been found in PHProjekt due to embedded Zend Framework, the worst of which could allow attackers to remotely execute arbitrary commands. Versions less than or equal to 6.1.2 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
MD5 | 023272c53ce86549bc9dc3246a333af5
OpenSLP 2.0.0 Out-Of-Bounds
Posted Nov 9, 2018
Authored by Magnus Klaaborg Stubman

OpenSLP version 2.0.0 suffers from multiple out-of-bounds vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2016-7567
MD5 | b3d6349b8cc468058c2a8826027787e9
Gentoo Linux Security Advisory 201811-04
Posted Nov 9, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201811-4 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. Versions less than 60.3.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-12389, CVE-2018-12390, CVE-2018-12392, CVE-2018-12393, CVE-2018-12395, CVE-2018-12396, CVE-2018-12397
MD5 | 3fbaf140c918fdebb25d085bb15384f8
Gentoo Linux Security Advisory 201811-01
Posted Nov 9, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201811-1 - Multiple vulnerabilities have been found in X.Org X11 library, the worst of which could allow for remote code execution. Versions less than 1.6.6 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2018-14598, CVE-2018-14599, CVE-2018-14600
MD5 | 55133b7ee4b717c649a3eb630beef5fb
LibreHealth 2.0.0 File Read / File Delete / LFI
Posted Nov 7, 2018
Authored by Carlos Avila

LibreHealth version 2.0.0 suffers from arbitrary file read, file delete, and local file inclusion vulnerabilities.

tags | exploit, arbitrary, local, vulnerability, file inclusion
MD5 | c623d621a1af63ea7a2cc412995fc1a4
Ubuntu Security Notice USN-3786-2
Posted Nov 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3786-2 - USN-3786-1 fixed several vulnerabilities in libxkbcommon. This update provides the corresponding update for Ubuntu 18.04 LTS. It was discovered that libxkbcommon incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-15853, CVE-2018-15857, CVE-2018-15862
MD5 | f69ed867096c658c6b1c088943632808
Cradlepoint Router Password Disclosure
Posted Nov 6, 2018
Authored by CrazyOwl

Cradlepoint routers suffer from password disclosure, weak password storage, and privilege escalation vulnerabilities.

tags | exploit, vulnerability
MD5 | 04fdbf01a4b6b3dd328c299c5da76d7e
SQLMAP - Automatic SQL Injection Tool 1.2.11
Posted Nov 5, 2018
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Various updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 5fdd5bb9be166686620512abe0f11658
Red Hat Security Advisory 2018-3470-01
Posted Nov 5, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3470-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, denial of service, deserialization, and format string vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-10858, CVE-2018-10873, CVE-2018-10904, CVE-2018-10907, CVE-2018-10911, CVE-2018-10913, CVE-2018-10914, CVE-2018-10923, CVE-2018-10926, CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, CVE-2018-14652, CVE-2018-14653, CVE-2018-14654, CVE-2018-14659, CVE-2018-14660, CVE-2018-14661
MD5 | 63c838780096bd8787d4d61edcc97a96
CentOS Web Panel 0.9.8.740 Root Account Takeover / Command Execution
Posted Nov 5, 2018
Authored by Numan OZDEMIR

CentOS Web Panel versions 0.9.8.740 and below suffer from cross site request forgery and cross site scripting vulnerabilities that can be leveraged to achieve remote root command execution.

tags | exploit, remote, web, vulnerability, code execution, xss, csrf
systems | linux, centos
advisories | CVE-2018-18772, CVE-2018-18773, CVE-2018-18774
MD5 | 4423810363465943242d5484d215e474
Red Hat Security Advisory 2018-3458-01
Posted Nov 5, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3458-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.2.1. Issues addressed include bypass and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2017-16541, CVE-2018-12376, CVE-2018-12377, CVE-2018-12378, CVE-2018-12379, CVE-2018-12383, CVE-2018-12385
MD5 | a84bad78e2f3169bba5e9897d778e3f4
Debian Security Advisory 4334-1
Posted Nov 4, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4334-1 - Multiple vulnerabilities were discovered in MuPDF, a PDF, XPS, and e-book viewer which could result in denial of service or the execution of arbitrary code if malformed documents are opened.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2017-17866, CVE-2018-1000037, CVE-2018-1000040, CVE-2018-5686, CVE-2018-6187, CVE-2018-6192
MD5 | 0d4bb0b6144acb743c6577accc5c3e20
Debian Security Advisory 4332-1
Posted Nov 3, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4332-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language.

tags | advisory, vulnerability, ruby
systems | linux, debian
advisories | CVE-2018-16395, CVE-2018-16396
MD5 | e9c4818aa6963d8109d3854620683e24
LiquidVPN For macOS 1.3.7 Privilege Escalation
Posted Nov 3, 2018
Authored by Bernd Leitner

LiquidVPN for macOS versions 1.3.7 and below suffer from privilege escalation vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2018-18856, CVE-2018-18857, CVE-2018-18858, CVE-2018-18859
MD5 | 71a022923865a2b28084239cd4031651
Debian Security Advisory 4331-1
Posted Nov 2, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4331-1 - Two vulnerabilities were discovered in cURL, an URL transfer library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2018-16839, CVE-2018-16842
MD5 | e8fcc8f27143451b9ef99f43058db435
Debian Security Advisory 4330-1
Posted Nov 2, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4330-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2018-17462, CVE-2018-17463, CVE-2018-17464, CVE-2018-17465, CVE-2018-17466, CVE-2018-17467, CVE-2018-17468, CVE-2018-17469, CVE-2018-17470, CVE-2018-17471, CVE-2018-17473, CVE-2018-17474, CVE-2018-17475, CVE-2018-17476, CVE-2018-17477, CVE-2018-5179
MD5 | 274f4b9bed0ab00b97cda6b9faf28b97
Zoho ManageEngine OpManager 12.3 Cross Site Scripting
Posted Nov 1, 2018
Authored by Hakan Bayir

Zoho ManageEngine OpManager version 12.3 suffers from multiple cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2018-18715, CVE-2018-18716
MD5 | 1de1f150272edac7298f3eaa4c893362
Apple Security Advisory 2018-10-30-11
Posted Oct 31, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-10-30-11 - tvOS 12 addresses code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple
advisories | CVE-2016-1777, CVE-2018-4126, CVE-2018-4191, CVE-2018-4197, CVE-2018-4203, CVE-2018-4299, CVE-2018-4304, CVE-2018-4305, CVE-2018-4306, CVE-2018-4309, CVE-2018-4312, CVE-2018-4313, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4321, CVE-2018-4323, CVE-2018-4328, CVE-2018-4331, CVE-2018-4332, CVE-2018-4336, CVE-2018-4337, CVE-2018-4340, CVE-2018-4341, CVE-2018-4343, CVE-2018-4344
MD5 | 923d8a8b10912d6e06bbdafb5c762db7
Apple Security Advisory 2018-10-30-14
Posted Oct 31, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-10-30-14 - macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan address buffer overflow, code execution, denial of service, information leakage, and null pointer vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2017-10784, CVE-2017-14033, CVE-2017-14064, CVE-2017-17405, CVE-2017-17742, CVE-2018-3665, CVE-2018-4178, CVE-2018-4248, CVE-2018-4259, CVE-2018-4268, CVE-2018-4269, CVE-2018-4276, CVE-2018-4277, CVE-2018-4280, CVE-2018-4283, CVE-2018-4285, CVE-2018-4286, CVE-2018-4287, CVE-2018-4288, CVE-2018-4289, CVE-2018-4291, CVE-2018-4293, CVE-2018-5383, CVE-2018-6797, CVE-2018-6913, CVE-2018-6914, CVE-2018-8777
MD5 | f1dbc0bc60d79fd4e3c5f0b9d2264c9e
Page 5 of 1,091
Back34567Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    15 Files
  • 11
    Dec 11th
    30 Files
  • 12
    Dec 12th
    25 Files
  • 13
    Dec 13th
    15 Files
  • 14
    Dec 14th
    14 Files
  • 15
    Dec 15th
    2 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    15 Files
  • 18
    Dec 18th
    9 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close