what you don't know can hurt you
Showing 1 - 25 of 8,065 RSS Feed

Web Files

Ubuntu Security Notice USN-4181-1
Posted Nov 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4181-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2019-8812
MD5 | d2ed637960fd61223d19e006ebfa327b
Computrols CBAS-Web 19.0.0 Username Enumeration
Posted Nov 12, 2019
Authored by LiquidWorm | Site applied-risk.com

Computrols CBAS-Web versions 19.0.0 and below suffer from a username enumeration vulnerability.

tags | exploit, web
advisories | CVE-2019-10848
MD5 | b21b9628d2b702a22f4341e36e237ad9
Computrols CBAS-Web 19.0.0 Cross Site Scripting
Posted Nov 12, 2019
Authored by LiquidWorm | Site applied-risk.com

Computrols CBAS-Web versions 19.0.0 and below suffer from a reflective cross site scripting vulnerability.

tags | exploit, web, xss
advisories | CVE-2019-10846
MD5 | 98ed5bd8f8a9dd9b41007dd8458f785d
Computrols CBAS-Web 19.0.0 Blind SQL Injection
Posted Nov 12, 2019
Authored by LiquidWorm | Site applied-risk.com

Computrols CBAS-Web versions 19.0.0 and below suffer from a remote blind SQL injection vulnerability.

tags | exploit, remote, web, sql injection
advisories | CVE-2019-10852
MD5 | 640f8db598a83f5700d896d5ef44f45f
Computrols CBAS-Web 19.0.0 Information Disclosure
Posted Nov 12, 2019
Authored by LiquidWorm | Site applied-risk.com

Computrols CBAS-Web versions 19.0.0 and below suffer from an information disclosure vulnerability.

tags | exploit, web, info disclosure
advisories | CVE-2019-10849
MD5 | 5c7936e80b5befaa3d555351201da658
Computrols CBAS-Web 19.0.0 Cross Site Request Forgery
Posted Nov 12, 2019
Authored by LiquidWorm | Site applied-risk.com

Computrols CBAS-Web version 19.0.0 add super admin cross site request forgery exploit.

tags | exploit, web, csrf
advisories | CVE-2019-10847
MD5 | 00a6be4d12c353fd10eca0b16876da15
Computrols CBAS-Web 19.0.0 Command Injection
Posted Nov 12, 2019
Authored by Sipke Mellema | Site applied-risk.com

Computrols CBAS-Web versions 19.0.0 and below unauthenticated remote command injection exploit.

tags | exploit, remote, web
MD5 | 50d03aaede914ca877d49bdec4da6d01
Debian Security Advisory 4562-1
Posted Nov 11, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4562-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2019-13659, CVE-2019-13660, CVE-2019-13661, CVE-2019-13662, CVE-2019-13663, CVE-2019-13664, CVE-2019-13665, CVE-2019-13666, CVE-2019-13667, CVE-2019-13668, CVE-2019-13669, CVE-2019-13670, CVE-2019-13671, CVE-2019-13673, CVE-2019-13674, CVE-2019-13675, CVE-2019-13676, CVE-2019-13677, CVE-2019-13678, CVE-2019-13679, CVE-2019-13680, CVE-2019-13681, CVE-2019-13682, CVE-2019-13683, CVE-2019-13685, CVE-2019-13686
MD5 | 51e287808c40898ffae74b8b36159d0a
Honeywell MCR Web Controller Cross Site Scripting / Path Disclosure
Posted Nov 11, 2019
Authored by Pablo Rebolini

Honeywell MCR Web Controller suffers from cross site scripting and path disclosure vulnerabilities. Versions affected include XL1000C50 EXCEL WEB 52 I/O, XL1000C500 EXCEL WEB 300 I/O, XL1000C100 EXCEL WEB 104 I/O, XL1000C1000 EXCEL WEB 600 I/O, XL1000C50U EXCEL WEB 52 I/O UUKL, XL1000C500U EXCEL WEB 300 I/O UUKL, XL1000C100U EXCEL WEB 104 I/O UUKL, and XL1000C1000U EXCEL WEB 600 I/O UUKL.

tags | exploit, web, vulnerability, xss
MD5 | 003b47896ad21065085529e4e711beeb
Ubuntu Security Notice USN-4178-1
Posted Nov 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4178-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2019-8625
MD5 | 306c8955c2f273afb8b953e5c146c877
Red Hat Security Advisory 2019-3775-01
Posted Nov 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3775-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 78.0.3904.87. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-13720, CVE-2019-13721
MD5 | c6d1cda56806c3cb9490946e2ddca353
rConfig 3.9.2 Command Injection
Posted Nov 7, 2019
Authored by Brendan Coles, mhaskar | Site metasploit.com

This Metasploit module exploits an unauthenticated command injection vulnerability in rConfig versions 3.9.2 and prior. The install directory is not automatically removed after installation, allowing unauthenticated users to execute arbitrary commands via the ajaxServerSettingsChk.php file as the web server user. This module has been tested successfully on rConfig version 3.9.2 on CentOS 7.7.1908 (x64).

tags | exploit, web, arbitrary, php
systems | linux, centos
advisories | CVE-2019-16662
MD5 | 5a8c7959c835ac3cbcc733bb6b9b60ac
Adobe ColdFusion RDS Authentication Bypass
Posted Nov 7, 2019
Authored by Scott Buckel | Site metasploit.com

Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication using the RDS component. Due to default settings or misconfiguration, its password can be set to an empty value. This allows an attacker to create a session via the RDS login that can be carried over to the admin web interface even though the passwords might be different, and therefore bypassing authentication on the admin web interface leading to arbitrary code execution. Tested on Windows and Linux with ColdFusion 9.

tags | exploit, remote, web, arbitrary, code execution
systems | linux, windows
MD5 | b279a1c376f201d8307caf2142e52d50
Red Hat Security Advisory 2019-3759-01
Posted Nov 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3759-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 78.0.3904.70. Issues addressed include bypass, file download, and use-after-free vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2019-13699, CVE-2019-13700, CVE-2019-13701, CVE-2019-13702, CVE-2019-13703, CVE-2019-13704, CVE-2019-13705, CVE-2019-13706, CVE-2019-13707, CVE-2019-13708, CVE-2019-13709, CVE-2019-13710, CVE-2019-13711, CVE-2019-13713, CVE-2019-13714, CVE-2019-13715, CVE-2019-13716, CVE-2019-13717, CVE-2019-13718, CVE-2019-13719
MD5 | 2d1541d1503cb1b010c4a7673a96d245
Adaware Web Companion 4.8.2078.3950 Unquoted Service Path
Posted Nov 7, 2019
Authored by Mariela L Martinez Hdez

Adaware Web Companion version 4.8.2078.3950 suffers from an unquoted service path vulnerability.

tags | exploit, web
MD5 | 57dbed68045118e90b9baabce5bbe9ce
Red Hat Security Advisory 2019-3736-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3736-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue has been addressed.

tags | advisory, web, php
systems | linux, redhat
advisories | CVE-2019-11043
MD5 | f7aae271bc0791293c1bdcb48d0c78fa
Red Hat Security Advisory 2019-3735-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3735-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue has been addressed.

tags | advisory, web, php
systems | linux, redhat
advisories | CVE-2019-11043
MD5 | 29b3ad7c82bcd6d2987d7e46cdcbccdd
Red Hat Security Advisory 2019-3724-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3724-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue has been addressed.

tags | advisory, web, php
systems | linux, redhat
advisories | CVE-2019-11043
MD5 | 04147c22152bf5396f6d6a2a49fad314
Red Hat Security Advisory 2019-3701-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3701-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow, protocol
systems | linux, redhat
advisories | CVE-2018-16890, CVE-2018-20483, CVE-2019-3822, CVE-2019-3823
MD5 | 455709ca8c7afa5600951eaadbe8896d
Red Hat Security Advisory 2019-3590-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3590-01 - The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. A CRLF injection issue was addressed.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2019-11236, CVE-2019-11324
MD5 | 58bdc7ebbdb568cbb72f8325fcab337b
Red Hat Security Advisory 2019-3497-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3497-01 - The http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2018-12121
MD5 | b6e1f7815709c0c01fc75ce7931341bc
Red Hat Security Advisory 2019-3476-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3476-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2019-13345
MD5 | 96f3aeff2e03f0b5388bc81790ed8235
Red Hat Security Advisory 2019-3421-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3421-01 - The mod_auth_mellon module for the Apache HTTP Server is an authentication service that implements the SAML 2.0 federation protocol. The module grants access based on the attributes received in assertions generated by an IdP server. An open redirect was addressed.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2019-3877
MD5 | 7fdef1d4333eb8d1560c4badbecb42ea
Red Hat Security Advisory 2019-3436-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3436-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a bypass vulnerability.

tags | advisory, web, bypass
systems | linux, redhat
advisories | CVE-2019-0217, CVE-2019-0220
MD5 | 88cad45c049432d18f3ee97feed53fc3
Ubuntu Security Notice USN-4174-1
Posted Nov 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4174-1 - It was discovered that HAproxy incorrectly handled certain HTTP requests. An attacker could possibly use this issue to a privilege escalation.

tags | advisory, web
systems | linux, ubuntu
advisories | CVE-2019-18277
MD5 | 9b9a5ae382a985e016d2a4ecf5570372
Page 1 of 323
Back12345Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close