exploit the possibilities
Showing 26 - 50 of 8,154 RSS Feed

Web Files

Red Hat Security Advisory 2020-0322-01
Posted Feb 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0322-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue has been addressed.

tags | advisory, web, php
systems | linux, redhat
advisories | CVE-2019-11043
MD5 | 3e1d8ddc4e85fd180e1d0cc71c21c4ef
SQLMAP - Automatic SQL Injection Tool 1.4.2
Posted Feb 3, 2020
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Multiple updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | abd19f5b92dea0a58bfe8b75c5186526
Lulzbuster 1.1.0
Posted Jan 31, 2020
Authored by noptrix | Site nullsecurity.net

Lulzbuster is a very fast and smart web directory and file enumeration tool written in C.

Changes: Various updates.
tags | tool, web, scanner
systems | unix
MD5 | 0afd00c3b6e0246a5b5b94d7c39d0831
Red Hat Security Advisory 2020-0310-01
Posted Jan 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0310-01 - Apache XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls. Issues addressed include a deserialization vulnerability.

tags | advisory, java, remote, web, protocol
systems | linux, redhat
advisories | CVE-2019-17570
MD5 | 6eeacd509cd99d6bc1f74bc19b6a57e9
Red Hat Security Advisory 2020-0295-01
Posted Jan 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0295-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.4.1 ESR. Issues addressed include buffer overflow, bypass, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-17005, CVE-2019-17008, CVE-2019-17010, CVE-2019-17011, CVE-2019-17012, CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026
MD5 | bdc85b62a883b5a60f3806fcc1f56d46
Debian Security Advisory 4610-1
Posted Jan 30, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4610-1 - Multiple code execution vulnerabilities have been addressed in the webkit2gtk web engine.

tags | advisory, web, vulnerability, code execution
systems | linux, debian
advisories | CVE-2019-8835, CVE-2019-8844, CVE-2019-8846
MD5 | 329e93db698d4f8060c880553c0781de
Ubuntu Security Notice USN-4261-1
Posted Jan 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4261-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2019-8835
MD5 | 016f695463157c80fd637ddc1347439f
FreeBSD Security Advisory - FreeBSD-SA-20:01.libfetch
Posted Jan 28, 2020
Authored by Duncan Overbruck | Site security.freebsd.org

FreeBSD Security Advisory - A programming error allows an attacker who can specify a URL with a username and/or password components to overflow libfetch(3) buffers. An attacker in control of the URL to be fetched (possibly via HTTP redirect) may cause a heap buffer overflow, resulting in program misbehavior or malicious code execution.

tags | advisory, web, overflow, code execution
systems | freebsd, bsd
advisories | CVE-2020-7450
MD5 | db7e06ba955fcce711123c791d179c85
Red Hat Security Advisory 2020-0250-01
Posted Jan 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0250-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 1 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 and includes bug fixes and enhancements.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-0220
MD5 | e9e865faa9f57ebcc571a13ec70ba2a0
Red Hat Security Advisory 2020-0251-01
Posted Jan 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0251-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 1 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 and includes bug fixes and enhancements.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-0220
MD5 | 2a7172325e0dd09568885e7aa1230e2c
OLK Web Store 2020 Cross Site Request Forgery
Posted Jan 24, 2020
Authored by Joel Aviad Ossi

OLK Web Store 2020 suffers from a cross site request forgery vulnerability.

tags | exploit, web, csrf
MD5 | a5ded10a3689cf112e487b214cf147cc
Lulzbuster 1.0.0
Posted Jan 24, 2020
Authored by noptrix | Site nullsecurity.net

Lulzbuster is a very fast and smart web directory and file enumeration tool written in C.

tags | tool, web, scanner
systems | unix
MD5 | e9dc6d65cdc1ab2134701a2adf07dc74
Red Hat Security Advisory 2020-0214-01
Posted Jan 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0214-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 79.0.3945.130. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-6378, CVE-2020-6379, CVE-2020-6380
MD5 | 0039a069d120f5ba1b0ccc2dff714e4b
Zed Attack Proxy 2.9.0 Cross Platform Package
Posted Jan 21, 2020
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. This is the cross platform package.

Changes: Various updates.
tags | tool, web, vulnerability
MD5 | cca49caf000734404c697dcceab2c7f2
Debian Security Advisory 4607-1
Posted Jan 20, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4607-1 - Lukas Kupczyk reported a vulnerability in the handling of chunked HTTP in openconnect, an open client for Cisco AnyConnect, Pulse and GlobalProtect VPN. A malicious HTTP server (after having accepted its identity certificate), can provide bogus chunk lengths for chunked HTTP encoding and cause a heap-based buffer overflow.

tags | advisory, web, overflow
systems | cisco, linux, debian
advisories | CVE-2019-16239
MD5 | 6cbb058b70a03ea1bda3ffe2cb05aeaa
Debian Security Advisory 4606-1
Posted Jan 20, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4606-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2019-13725, CVE-2019-13726, CVE-2019-13727, CVE-2019-13728, CVE-2019-13729, CVE-2019-13730, CVE-2019-13732, CVE-2019-13734, CVE-2019-13735, CVE-2019-13736, CVE-2019-13737, CVE-2019-13738, CVE-2019-13739, CVE-2019-13740, CVE-2019-13741, CVE-2019-13742, CVE-2019-13743, CVE-2019-13744, CVE-2019-13745, CVE-2019-13746, CVE-2019-13747, CVE-2019-13748, CVE-2019-13749, CVE-2019-13750, CVE-2019-13751, CVE-2019-13752
MD5 | 76969c621578023f3ac6699c659dc8b6
Ubuntu Security Notice USN-4235-2
Posted Jan 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4235-2 - USN-4235-1 fixed a vulnerability in nginx. This update provides the corresponding update for Ubuntu 14.04 ESM. Bert JW Regeer and Francisco Oca Gonzalez discovered that nginx incorrectly handled certain error_page configurations. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks and access resources contrary to expectations. Various other issues were also addressed.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2019-20372
MD5 | 79f5ea577eeb2a6404b974c04050e995
Red Hat Security Advisory 2020-0111-01
Posted Jan 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0111-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.4.1 ESR. Issues addressed include a bypass vulnerability.

tags | advisory, web, bypass
systems | linux, redhat
advisories | CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026
MD5 | 36adb5f774a4e684239d2466916380dd
Barco WePresent file_transfer.cgi Command Injection
Posted Jan 14, 2020
Authored by Jacob Baines | Site metasploit.com

This Metasploit module exploits an unauthenticated remote command injection vulnerability found in Barco WePresent and related OEM'ed products. The vulnerability is triggered via an HTTP POST request to the file_transfer.cgi endpoint.

tags | exploit, remote, web, cgi
advisories | CVE-2019-3929
MD5 | 9bf16d3b24df38008118d2a86f469b2e
Red Hat Security Advisory 2020-0085-01
Posted Jan 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0085-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.4.1 ESR. Issues addressed include a bypass vulnerability.

tags | advisory, web, bypass
systems | linux, redhat
advisories | CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026
MD5 | 27d1f7894855bbe772cc12a4aca4b134
Red Hat Security Advisory 2020-0086-01
Posted Jan 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0086-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.4.1 ESR. Issues addressed include a bypass vulnerability.

tags | advisory, web, bypass
systems | linux, redhat
advisories | CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026
MD5 | 4037d1911aa9507b6c6224fdbdce9776
Ubuntu Security Notice USN-4235-1
Posted Jan 13, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4235-1 - Bert JW Regeer and Francisco Oca Gonzalez discovered that nginx incorrectly handled certain error_page configurations. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks and access resources contrary to expectations.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2019-20372
MD5 | c85cca82ee0dd4f5217de8cc90b4a010
Red Hat Security Advisory 2020-0084-01
Posted Jan 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0084-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 79.0.3945.117. A use-after-free vulnerability was addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-6377
MD5 | ef00de891f14bcadc1cb2100710b1e4d
Debian Security Advisory 4600-1
Posted Jan 9, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4600-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, data exfiltration or cross-site scripting.

tags | advisory, web, arbitrary, xss
systems | linux, debian
advisories | CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026
MD5 | 5c389eae58b71f0e5752b71079631732
Debian Security Advisory 4598-1
Posted Jan 8, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4598-1 - Simon Charette reported that the password reset functionality in Django, a high-level Python web development framework, uses a Unicode case-insensitive query to retrieve accounts matching the email address requesting the password reset. An attacker can take advantage of this flaw to potentially retrieve password reset tokens and hijack accounts.

tags | advisory, web, python
systems | linux, debian
advisories | CVE-2019-19844
MD5 | c6581f7a746d8444fc15505cf63908ce
Page 2 of 327
Back12345Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close