what you don't know can hurt you
Showing 1 - 25 of 8,382 RSS Feed

Web Files

Ubuntu Security Notice USN-4522-1
Posted Sep 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4522-1 - It was discovered that noVNC did not properly manage certain messages, resulting in the remote VNC server injecting arbitrary HTML into the noVNC web page. An attacker could use this issue to conduct cross-site scripting attacks.

tags | advisory, remote, web, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2017-18635
MD5 | 59a7e5a0c092d88cf983a64841479d13
B-swiss 3 Digital Signage System 3.6.5 Cross Site Request Forgery
Posted Sep 20, 2020
Authored by LiquidWorm | Site zeroscience.mk

B-swiss 3 Digital Signage System version 3.6.5 allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.

tags | exploit, web
MD5 | 31d83019ab8016cf568904060791896f
Red Hat Security Advisory 2020-3740-01
Posted Sep 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3740-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 85.0.4183.102. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-15959, CVE-2020-6573, CVE-2020-6574, CVE-2020-6575, CVE-2020-6576
MD5 | 7beae7d29a2a9e74655915b35e5e37ae
Red Hat Security Advisory 2020-3733-01
Posted Sep 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3733-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-9490
MD5 | 5e39994ed55bc6c3a12ea673df304f79
Red Hat Security Advisory 2020-3734-01
Posted Sep 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3734-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-9490
MD5 | 572ba91222d89848f8aff1f4a7ba87a2
Red Hat Security Advisory 2020-3726-01
Posted Sep 11, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3726-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-9490
MD5 | 42e492c2a5d6c225048eb25a2e2aec1c
Red Hat Security Advisory 2020-3723-01
Posted Sep 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3723-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 85.0.4183.83. Issues addressed include information leakage, integer overflow, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-6559, CVE-2020-6560, CVE-2020-6561, CVE-2020-6562, CVE-2020-6563, CVE-2020-6564, CVE-2020-6565, CVE-2020-6566, CVE-2020-6567, CVE-2020-6568, CVE-2020-6569, CVE-2020-6570, CVE-2020-6571
MD5 | 3a3ae1c3cfa4b75de5e2102a900dbac4
Red Hat Security Advisory 2020-3714-01
Posted Sep 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3714-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-9490
MD5 | 39fb1fdee375d2aac57c16ea2aade943
Red Hat Security Advisory 2020-3662-01
Posted Sep 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3662-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer over-read, buffer overflow, code execution, information leakage, integer overflow, null pointer, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, web, overflow, php, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-11039, CVE-2019-11040, CVE-2019-11041, CVE-2019-11042, CVE-2019-11045, CVE-2019-11047, CVE-2019-11048, CVE-2019-11050, CVE-2019-13224, CVE-2019-13225, CVE-2019-16163, CVE-2019-19203, CVE-2019-19204, CVE-2019-19246, CVE-2019-20454, CVE-2020-7059, CVE-2020-7060, CVE-2020-7062, CVE-2020-7063, CVE-2020-7064, CVE-2020-7065, CVE-2020-7066
MD5 | 1e12fa29983b7f83af758496e3d90857
Red Hat Security Advisory 2020-3623-01
Posted Sep 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3623-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-15810, CVE-2020-15811
MD5 | ddb845760e3fe557d5f94b143c3f5342
Go CGI / FastCGI Transport Cross Site Scripting
Posted Sep 2, 2020
Site redteam-pentesting.de

The CGI and FastCGI implementations in the Go standard library behave differently from the HTTP server implementation when serving content. In contrast to the documented behavior, they may return non-HTML data as HTML. This may lead to cross site scripting vulnerabilities even if uploaded data has been validated during upload. Versions 1.15 and 1.14.7 and below are affected.

tags | exploit, web, cgi, vulnerability, xss
advisories | CVE-2020-24553
MD5 | 130ddc7a83a7200dee6d6d19904f8bd0
SQLMAP - Automatic SQL Injection Tool 1.4.9
Posted Sep 1, 2020
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Bug fixes.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | f79dac9b60f40ccdb4e1a05797b7cdc6
Ubuntu Security Notice USN-4477-1
Posted Aug 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4477-1 - Amit Klein discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. RĂ©gis Leroy discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request splitting attack, resulting in cache poisoning. Lubos Uhliarik discovered that Squid incorrectly handled certain Cache Digest response messages sent by trusted peers. A remote attacker could possibly use this issue to cause Squid to consume resources, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, web, denial of service
systems | linux, ubuntu
advisories | CVE-2020-15810, CVE-2020-15811, CVE-2020-24606
MD5 | 44c77ca040383d52dd8b135b79c2c848
Red Hat Security Advisory 2020-3574-01
Posted Aug 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3574-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include bypass and code execution vulnerabilities.

tags | advisory, web, vulnerability, code execution, ruby
systems | linux, redhat
advisories | CVE-2020-10778, CVE-2020-10783, CVE-2020-14324, CVE-2020-14325
MD5 | bd03d4978fc69d3110e68b9684b0e2b9
Red Hat Security Advisory 2020-3560-01
Posted Aug 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3560-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 84.0.4147.135. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-6542, CVE-2020-6543, CVE-2020-6544, CVE-2020-6545, CVE-2020-6546, CVE-2020-6547, CVE-2020-6548, CVE-2020-6549, CVE-2020-6550, CVE-2020-6551, CVE-2020-6552, CVE-2020-6553, CVE-2020-6554, CVE-2020-6555, CVE-2020-6556
MD5 | 7d82d6fd82dc7a6edf5470b7c4813239
Red Hat Security Advisory 2020-3559-01
Posted Aug 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3559-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.2.0 ESR. Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-12422, CVE-2020-12424, CVE-2020-12425, CVE-2020-15648, CVE-2020-15653, CVE-2020-15654, CVE-2020-15656, CVE-2020-15658, CVE-2020-15664, CVE-2020-15669
MD5 | dd14bba5bb91f3ba087aaf23ce9cf45e
Red Hat Security Advisory 2020-3557-01
Posted Aug 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3557-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.2.0 ESR. Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-12422, CVE-2020-12424, CVE-2020-12425, CVE-2020-15648, CVE-2020-15653, CVE-2020-15654, CVE-2020-15656, CVE-2020-15658, CVE-2020-15664, CVE-2020-15669
MD5 | 8187253bad47d8d9c53578bf1006c716
Red Hat Security Advisory 2020-3556-01
Posted Aug 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3556-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.12.0 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-15664, CVE-2020-15669
MD5 | 3f03bf1ee96b20ef6af6fb876c27f851
Red Hat Security Advisory 2020-3555-01
Posted Aug 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3555-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.2.0 ESR. Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-12422, CVE-2020-12424, CVE-2020-12425, CVE-2020-15648, CVE-2020-15653, CVE-2020-15654, CVE-2020-15656, CVE-2020-15658, CVE-2020-15664, CVE-2020-15669
MD5 | 11f134d07ab19c60b45cd9d94c83d352
Red Hat Security Advisory 2020-3558-01
Posted Aug 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3558-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.12.0 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-15664, CVE-2020-15669
MD5 | 8590472feb45c8cdc03eaf44d7eb210c
Red Hat Security Advisory 2020-3501-01
Posted Aug 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3501-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.2 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include XML injection, denial of service, deserialization, and improper authorization vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-10672, CVE-2020-10673, CVE-2020-10683, CVE-2020-10687, CVE-2020-10693, CVE-2020-10714, CVE-2020-10718, CVE-2020-10740, CVE-2020-10758, CVE-2020-11612, CVE-2020-14307, CVE-2020-1710, CVE-2020-1728, CVE-2020-1748
MD5 | ac9bd5cfa5a256e6462e7a36ea5cb84a
Red Hat Security Advisory 2020-3495-01
Posted Aug 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3495-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.2 security update on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2020-10758, CVE-2020-1728
MD5 | 79d39cd0dd74dc916c03935a389202d6
Red Hat Security Advisory 2020-3496-01
Posted Aug 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3496-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.2 security update on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2020-10758, CVE-2020-1728
MD5 | 18ddcbf798c1e82188024d61e90a7736
Red Hat Security Advisory 2020-3497-01
Posted Aug 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3497-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.2 security update on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2020-10758, CVE-2020-1728
MD5 | 4092f7809fe8d90daccc6e1f81e09d7d
UFONet 1.6
Posted Aug 18, 2020
Authored by psy | Site ufonet.03c8.net

UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.

Changes: Added 8 attacks and updated the documentation, website, and more.
tags | tool, web, denial of service, spoof
systems | unix
MD5 | 49e9e16fbc97e3a2ca94cbab3ae02631
Page 1 of 336
Back12345Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    14 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close