what you don't know can hurt you
Showing 101 - 125 of 27,584 RSS Feed

Vulnerability Files

Red Hat Security Advisory 2019-0544-01
Posted Mar 13, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0544-01 - .NET Core is a managed-software framework. It implements the .NET standard APIs and several additional APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core 1.0.15, 1.1.12, 2.1.9, and 2.2.3. Issues addressed include a tampering vulnerability.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-0757
MD5 | 83019d7c9a60ad8d3a6cfddc224cb6d3
Gentoo Linux Security Advisory 201903-07
Posted Mar 11, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201903-7 - Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. Versions less than 239-r4 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-16864, CVE-2018-16865, CVE-2018-16866, CVE-2019-6454
MD5 | 54c0e1f2f9097feadba5e834cb7254c0
Gentoo Linux Security Advisory 201903-06
Posted Mar 11, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201903-6 - Multiple vulnerabilities have been discovered in rdesktop, the worst of which could result in the remote execution of arbitrary code. Versions less than 1.8.4 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-20174, CVE-2018-20175, CVE-2018-20176, CVE-2018-20177, CVE-2018-20178, CVE-2018-20179, CVE-2018-20180, CVE-2018-20181, CVE-2018-20182, CVE-2018-8791, CVE-2018-8792, CVE-2018-8793, CVE-2018-8794, CVE-2018-8795, CVE-2018-8796, CVE-2018-8797, CVE-2018-8798, CVE-2018-8799, CVE-2018-8800
MD5 | bd29d49587b4aa9a06f853c5a4f16d28
Gentoo Linux Security Advisory 201903-04
Posted Mar 11, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201903-4 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. Versions less than 60.5.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-12405, CVE-2018-18356, CVE-2018-18492, CVE-2018-18493, CVE-2018-18494, CVE-2018-18498, CVE-2018-18500, CVE-2018-18501, CVE-2018-18505, CVE-2019-5785
MD5 | 6751fa8425ac41b61633c4b262443455
Gentoo Linux Security Advisory 201903-03
Posted Mar 11, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201903-3 - Multiple vulnerabilities have been found in cURL, the worst of which could result in a Denial of Service condition. Versions less than 7.64.0 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2019-3822, CVE-2019-3823
MD5 | 2f866be211b86ff71d0279d185e7082f
Debian Security Advisory 4405-1
Posted Mar 11, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4405-1 - Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, that could be leveraged to cause a denial of service or possibly remote code execution.

tags | advisory, remote, denial of service, vulnerability, code execution
systems | linux, debian
advisories | CVE-2017-17480, CVE-2018-14423, CVE-2018-18088, CVE-2018-5785, CVE-2018-6616
MD5 | dd68b6adb0b142371c9fa559b22fea4a
Gentoo Linux Security Advisory 201903-01
Posted Mar 10, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201903-1 - Multiple vulnerabilities have been found in Keepalived, the worst of which could allow an attacker to cause Denial of Service condition. Versions less than 2.0.10 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2018-19044, CVE-2018-19045, CVE-2018-19046, CVE-2018-19115
MD5 | b871631c7c75a9ff65246226d82a5d6d
OrientDB 3.0.17 GA Community Edition XSS / CSRF
Posted Mar 7, 2019
Authored by Ozer Goker

OrientDB version 3.0.17 GA Community Edition suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 7f5a2fb2ec857569b12ec32ef1b6b35b
Sparkasse Cross Site Scripting
Posted Mar 7, 2019
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

The vulnerability laboratory core research team discovered multiple persistent cross site vulnerabilities in the Sparkasse online service web-application.

tags | exploit, web, vulnerability
MD5 | 40ab69f0309c212c4b750c71a779f73e
Ubuntu Security Notice USN-3903-2
Posted Mar 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3903-2 - USN-3903-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Jason Wang discovered that the vhost net driver in the Linux kernel contained an out of bounds write vulnerability. An attacker in a guest virtual machine could use this to cause a denial of service or possibly execute arbitrary code in the host kernel. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-16880, CVE-2018-18397, CVE-2019-6133
MD5 | 5e5d9cbb5878ed83496a64b72a97df4f
Ubuntu Security Notice USN-3901-2
Posted Mar 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3901-2 - USN-3901-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the userfaultd implementation in the Linux kernel did not properly restrict access to certain ioctls. A local attacker could use this possibly to modify files. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-18397, CVE-2018-19854, CVE-2019-6133
MD5 | b16c27e4df4131e0ce265e946b97e632
WordPress WP-Image-News-Slider 3.3 Cross Site Request Forgery / Shell Upload
Posted Mar 5, 2019
Authored by KingSkrupellos

WordPress WP-Image-News-Slider plugin version 3.3 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
MD5 | 565786e871040f0759e592f8d15a7c02
Ubuntu Security Notice USN-3885-2
Posted Mar 4, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3885-2 - USN-3885-1 fixed vulnerabilities in OpenSSH. It was discovered that the fix for CVE-2019-6111 turned out to be incomplete. This update fixes the problem. Harry Sintonen discovered multiple issues in the OpenSSH scp utility. If a user or automated system were tricked into connecting to an untrusted server, a remote attacker could possibly use these issues to write to arbitrary files, change directory permissions, and spoof client output. Various other issues were also addressed.

tags | advisory, remote, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-6111
MD5 | f34497e7fb170dcf3d9ac60a51149cd4
WordPress WP-DreamworkGallery 2.3 CSRF / Shell Upload
Posted Mar 4, 2019
Authored by KingSkrupellos

WordPress WP-DreamworkGallery plugin version 2.3 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
MD5 | ebb77b46f615eb3e479a22add194666d
Joomla ModPPCSimpleSpotLight 1.2 / 3.0 CSRF / Shell Upload
Posted Mar 4, 2019
Authored by KingSkrupellos

Joomla ModPPCSimpleSpotLight module versions 1.2 and 3.0 suffer from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
MD5 | deefd967b89d7090b674d60afaae3978
SQLMAP - Automatic SQL Injection Tool 1.3.3
Posted Mar 3, 2019
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Various updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | f6ac90cfc745d2be3d5170314277e32f
RSA Archer GRC Platform Information Exposure
Posted Mar 3, 2019
Authored by Dell Product Security Incident Response Team | Site dellemc.com

RSA Archer versions prior to 6.5 P1 and 6.5 P2 suffer from multiple information exposure vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2019-3705, CVE-2019-3706
MD5 | 79a1317f06a7344455d448abcdf70a83
Debian Security Advisory 4401-1
Posted Mar 1, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4401-1 - Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform various Cross-Side Scripting (XSS) and PHP injections attacks, delete files, leak potentially sensitive data, create posts of unauthorized types, or cause denial-of-service by application crash.

tags | advisory, remote, web, php, vulnerability
systems | linux, debian
advisories | CVE-2018-20147, CVE-2018-20148, CVE-2018-20149, CVE-2018-20150, CVE-2018-20151, CVE-2018-20152, CVE-2018-20153, CVE-2019-8942
MD5 | 05b43b33e20c2931702e4ba73c03a7c2
FileZilla 3.40.0 Denial Of Service
Posted Mar 1, 2019
Authored by Mr Winst0n

FileZilla version 3.40.0 suffers from multiple denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
MD5 | e863765acf28067796ac5a55a400c105
OOP CMS BLOG 1.0 Cross Site Request Forgery / SQL Injection
Posted Mar 1, 2019
Authored by Mr Winst0n

OOP CMS BLOG version 1.0 suffers from cross site request forgery and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
MD5 | 345ed1a3fd16cedef1a698f5b206c975
CMSsite 1.0 Cross Site Request Forgery
Posted Mar 1, 2019
Authored by Mr Winst0n

CMSsite version 1.0 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 1a3f0005e3aa3103fb75afaa2b1810f3
PRTG Network Monitor 7.1.3.3378 Cross Site Scripting
Posted Mar 1, 2019
Authored by Rafael Pedrero

PRTG Network Monitor version 7.1.3.3378 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-9206, CVE-2019-9207
MD5 | ced473addd9d72db8d0bc103a9c6e662
WordPress Cerber 8.0 Bypass
Posted Feb 28, 2019
Authored by ed0x21son

WordPress Cerber Security, Antispam, and Malware Scan plugin version 8.0 suffers from multiple bypass vulnerabilities.

tags | exploit, vulnerability, bypass
MD5 | 82af8c252b38332c5e39d09169002a64
SHAREit For Android 4.0.38 Authentication Bypass / File Download
Posted Feb 27, 2019
Authored by Abdulrahman Nour | Site redforce.io

DUMPit is an exploit for the SHAREit mobile app abusing two recently discovered vulnerabilities affecting SHAREit Android application versions 4.0.38 and below. The first one allows an attacker to bypass SHAREit device authentication mechanism, and the other one enables the authenticated attacker to download arbitrary files from the user's device. Both vulnerabilities were reported to the vendor and patches have been released.

tags | exploit, arbitrary, vulnerability
MD5 | 3f976a2a05f5d62b9b09600fb47b3c43
Chrome PaymentRequest Service Use-After-Free
Posted Feb 27, 2019
Authored by Google Security Research, Mark Brand

Chrome suffers from multiple use-after-free vulnerabilities in the PaymentRequest service.

tags | exploit, vulnerability
MD5 | 542901546f769fa6884fd395a1a3c73e
Page 5 of 1,104
Back34567Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    1 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close