exploit the possibilities
Showing 101 - 125 of 8,642 RSS Feed

Web Files

Red Hat Security Advisory 2021-0488-01
Posted Feb 11, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0488-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 6 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 5 and includes bug fixes and enhancements. Issues addressed include a null pointer vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-1971
MD5 | 7133ddecc68898b3cf112d1f4a584699
Red Hat Security Advisory 2021-0486-01
Posted Feb 11, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0486-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 6 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 5 and includes bug fixes and enhancements. Issues addressed include a null pointer vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-1971
MD5 | 8c96ceb393d0dea89582c2909728fe39
LiteSpeed Web Server Enterprise 5.4.11 Command Injection
Posted Feb 5, 2021
Authored by SunCSR, cmOs

LiteSpeed Web Server Enterprise version 5.4.11 suffers from an authenticated remote command injection vulnerability.

tags | exploit, remote, web
MD5 | 4ccb7816f0ee2cec9578a104021a7947
Ubuntu Security Notice USN-4722-1
Posted Feb 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4722-1 - It was discovered that ReadyMedia allowed subscription requests with a delivery URL on a different network segment than the fully qualified event-subscription URL. An attacker could use this to hijack smart devices and cause denial of service attacks. It was discovered that ReadyMedia allowed remote code execution. A remote attacker could send a malicious UPnP HTTP request to the service using HTTP chunked encoding and cause a denial of service.

tags | advisory, remote, web, denial of service, code execution
systems | linux, ubuntu
advisories | CVE-2020-12695, CVE-2020-28926
MD5 | 953de698276847ad6c1d3202ff1ee70c
Red Hat Security Advisory 2021-0421-01
Posted Feb 4, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0421-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, denial of service, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2020-15366, CVE-2020-7754, CVE-2020-7774, CVE-2020-7788, CVE-2020-8265, CVE-2020-8277, CVE-2020-8287
MD5 | e283a998f1a50c5c272a6ee786b5f530
Red Hat Security Advisory 2021-0420-01
Posted Feb 4, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0420-01 - Quay 3.4.0 release. Issues addressed include HTTP request smuggling, buffer overflow, information leakage, integer overflow, out of bounds read, and out of bounds write vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-16785, CVE-2019-16786, CVE-2019-16789, CVE-2019-19911, CVE-2019-20477, CVE-2019-3866, CVE-2020-10177, CVE-2020-10378, CVE-2020-10379, CVE-2020-10994, CVE-2020-11538, CVE-2020-14040, CVE-2020-5310, CVE-2020-5311, CVE-2020-5312, CVE-2020-5313, CVE-2020-8131
MD5 | 2ae3f955883f631ac5b146bb89873f7f
Red Hat Security Advisory 2021-0343-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0343-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include buffer overflow, denial of service, and integer overflow vulnerabilities.

tags | advisory, web, denial of service, overflow, perl, vulnerability
systems | linux, redhat
advisories | CVE-2020-10543, CVE-2020-10878, CVE-2020-12723
MD5 | fd544b1b601f01432dcbce4b41dc19aa
SQLMAP - Automatic SQL Injection Tool 1.5.2
Posted Feb 2, 2021
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Minor release with no notes in the changelog.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 78c920583fa0ecc1970cdd57b22c5d8c
Red Hat Security Advisory 2021-0327-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0327-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.5 serves as a replacement for Red Hat Single Sign-On 7.4.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include memory leak and server-side request forgery vulnerabilities.

tags | advisory, web, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-10770, CVE-2020-13956, CVE-2020-25640, CVE-2020-25689, CVE-2020-27782
MD5 | 482455568d0c4338e9145918d9311670
Red Hat Security Advisory 2021-0319-01
Posted Feb 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0319-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.5 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.4.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a server-side request forgery vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-10770
MD5 | 7e19184c1fb89a4762666157c182fbdf
Red Hat Security Advisory 2021-0320-01
Posted Feb 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0320-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.5 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.4.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a server-side request forgery vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-10770
MD5 | f2e307c2f2dc5e0111a10a35e2793a8e
Red Hat Security Advisory 2021-0318-01
Posted Feb 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0318-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.5 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.4.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a server-side request forgery vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-10770
MD5 | 0914f7d50b6b71e0ae8fcc6b38297ec1
PRTG Network Monitor Remote Code Execution
Posted Jan 28, 2021
Authored by Josh Berry, Julien Bedel | Site metasploit.com

This Metasploit module exploits an authenticated remote code execution vulnerability in PRTG Network Monitor. Notifications can be created by an authenticated user and can execute scripts when triggered. Due to a poorly validated input on the script name, it is possible to chain it with a user-supplied command allowing command execution under the context of privileged user. The module uses provided credentials to log in to the web interface, then creates and triggers a malicious notification to perform remote code execution using a Powershell payload. It may require a few tries to get a shell because notifications are queued up on the server. This vulnerability affects versions prior to 18.2.39.

tags | exploit, remote, web, shell, code execution
advisories | CVE-2018-9276
MD5 | 60bd8795d3c06d9bcbf5158034587215
Ubuntu Security Notice USN-4706-1
Posted Jan 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4706-1 - Olle Segerdahl found that ceph-mon and ceph-mgr daemons did not properly restrict access, resulting in gaining access to unauthorized resources. An authenticated user could use this vulnerability to modify the configuration and possibly conduct further attacks. Adam Mohammed found that Ceph Object Gateway was vulnerable to HTTP header injection via a CORS ExposeHeader tag. An attacker could use this to gain access or cause a crash. Various other issues were also addressed.

tags | advisory, web
systems | linux, ubuntu
advisories | CVE-2020-10736, CVE-2020-10753, CVE-2020-25660
MD5 | bebf402244a4c2e679e813eb9b40b74c
Red Hat Security Advisory 2021-0290-01
Posted Jan 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0290-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.7.0 ESR. Issues addressed include an information leakage vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
MD5 | 23de7908f0a14058e0e2953b7c17c73b
Red Hat Security Advisory 2021-0289-01
Posted Jan 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0289-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.7.0 ESR. Issues addressed include an information leakage vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
MD5 | 680f285e060eaac272c2dd60cadaec74
Red Hat Security Advisory 2021-0288-01
Posted Jan 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0288-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.7.0 ESR. Issues addressed include an information leakage vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
MD5 | 2ab343e1850374f3ce10ab0fe7db2ceb
Red Hat Security Advisory 2021-0285-01
Posted Jan 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0285-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.7.0 ESR. Issues addressed include an information leakage vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
MD5 | abcf489fc3c560d33113f4730af1bb40
Openlitespeed Web Server 1.7.8 Command Injection
Posted Jan 27, 2021
Authored by SunCSR, cmOs

Openlitespeed Web Server version 1.7.8 suffers from an authenticated command injection vulnerability.

tags | exploit, web
MD5 | 2e75a75342364422e92b5451204a799a
Ubuntu Security Notice USN-4702-1
Posted Jan 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4702-1 - It was discovered that Pound incorrectly handled certain HTTP requests A remote attacker could use it to retrieve some sensitive information.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2016-10711
MD5 | a0cc5acf94fe6c368769567ffbbf09ec
Simple JobBoard Authenticated File Read
Posted Jan 21, 2021
Authored by SunCSR, Hoa Nguyen, Arcangelo Saracino | Site metasploit.com

This Metasploit module exploits an authenticated directory traversal vulnerability in WordPress plugin Simple JobBoard versions prior to 2.9.3 to perform an arbitrary file read with the web server privileges.

tags | exploit, web, arbitrary
advisories | CVE-2020-35749
MD5 | f67aec0e1808a4048efded2042ded5a9
Cisco UCS Manager 2.2(1d) Remote Command Execution
Posted Jan 18, 2021
Authored by liquidsky

Cisco UCS Manager version 2.2(1d) remote command execution exploit. An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System (UCS) Manager before 2.2(4b), 2.2(5) before 2.2(5a), and 3.0 before 3.0(2e) allows remote attackers to execute arbitrary shell commands via a crafted HTTP request, aka Bug ID CSCur90888.

tags | exploit, remote, web, arbitrary, shell, cgi
systems | cisco
advisories | CVE-2015-6435
MD5 | 483ae8252192dee26cf8c9814dc78eb9
WhatWeb Scanner 0.5.5
Posted Jan 15, 2021
Authored by Andrew Horton | Site morningstarsecurity.com

WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more. WhatWeb supports an aggression level to control the trade off between speed and reliability.

Changes: 1 fix, 8 new plugins, and 3 plugin updates.
tags | tool, web, scanner, javascript
systems | unix
MD5 | bc2f2e427e390103121096cda4697849
Red Hat Security Advisory 2021-0053-01
Posted Jan 11, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0053-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.6.1 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-16044
MD5 | d88f179c5c353071de0371dfc532eae9
Code16 Notes Magazine 03
Posted Jan 11, 2021
Authored by Cody Sixteen, code16

Code16 is a compilation of notes from research performed by Cody16. This issue discusses creating web modules for Metasploit, a mass scanner for WordPress plugins, Learning Arduino, and more.

tags | web, magazine
MD5 | 3dc7de3a1510e8929e532e7ea94698de
Page 5 of 346
Back34567Next

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    26 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    11 Files
  • 8
    May 8th
    2 Files
  • 9
    May 9th
    2 Files
  • 10
    May 10th
    13 Files
  • 11
    May 11th
    17 Files
  • 12
    May 12th
    22 Files
  • 13
    May 13th
    11 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close