what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-11-03

Processwire CMS 2.4.0 Local File Inclusion
Posted Nov 3, 2020
Authored by Y1LD1R1M

Processwire CMS version 2.4.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | d638156394b1d9cb10b76acc41643fc8694591f2e067046515232d3f2805d643
Joomla Publisher 3.0.19 Cross Site Scripting
Posted Nov 3, 2020
Authored by Vincent666 ibn Winnie

Joomla Publisher component version 3.0.19 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e9a9e431e0e577fc66304edff11367730b1270cafc2b252ea1602e7175791021
Ubuntu Security Notice USN-4615-1
Posted Nov 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4615-1 - It was discovered that Yerase's TNEF had null pointer dereferences, infinite loop, buffer overflow, out of bounds reads, directory traversal issues and other vulnerabilities. An attacker could use those issues to cause a crash and consequently a denial of service.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-6298, CVE-2017-6300, CVE-2017-6301, CVE-2017-6302, CVE-2017-6305, CVE-2017-6306
SHA-256 | 3869e12fce16eea951cb220b506c88845f76fe0188982ea1279b8ba3cb498fb0
Joomla JomSocial 4.7.6 Cross Site Scripting
Posted Nov 3, 2020
Authored by Vincent666 ibn Winnie

Joomla JomSocial component version 4.7.6 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 46129dd825549cfb6a2b769da3a2262326962375131e551192982a355ed4020d
Ubuntu Security Notice USN-4613-1
Posted Nov 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4613-1 - Hubert Kario discovered that python-cryptography incorrectly handled certain decryption. An attacker could possibly use this issue to expose sensitive information.

tags | advisory, python
systems | linux, ubuntu
advisories | CVE-2020-25659
SHA-256 | 9ed9f2545b7006abd797d12678e80ffe1c47a9586d26c798968308808a4eb004
Ubuntu Security Notice USN-4616-1
Posted Nov 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4616-1 - Kevin Backhouse discovered that AccountsService incorrectly dropped privileges. A local user could possibly use this issue to cause AccountsService to crash or hang, resulting in a denial of service. Kevin Backhouse discovered that AccountsService incorrectly handled reading .pam_environment files. A local user could possibly use this issue to cause AccountsService to crash or hang, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2018-14036, CVE-2020-16126, CVE-2020-16127
SHA-256 | 431f97790170c34bab7a8a14f759ad89ab8506bb8c733802cd4591abd348a6a1
Ubuntu Security Notice USN-4614-1
Posted Nov 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4614-1 - Kevin Backhouse discovered that GDM incorrectly launched the initial setup tool when the accountsservice daemon was not reachable. A local attacker able to cause accountsservice to crash or stop responding could trick GDM into launching the initial setup tool and create a privileged user.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2020-16125
SHA-256 | 2e5232209ab0587bb864494d01f2eb2cfca129aeacb9844120d80ce19f38b2cf
Ubuntu Security Notice USN-4605-2
Posted Nov 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4605-2 - Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service. While a previous security update fixed the issue, this update provides additional improvements by enabling PolicyKit authentication for privileged commands. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2020-15238
SHA-256 | a002dc8f38994b9b14e4c9d270098dbd18203170e58487b85174d6fd4cf21c4c
Gentoo Linux Security Advisory 202011-05
Posted Nov 3, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202011-5 - A vulnerability in libssh could lead to a Denial of Service condition. Versions less than 0.9.5 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2020-16135
SHA-256 | a477bebb9b5d8aec5e5d946b1d10be0ea4f43acf28cc5ef60b5d00554a13a928
Gentoo Linux Security Advisory 202011-04
Posted Nov 3, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202011-4 - Multiple vulnerabilities have been found in Fossil, the worst of which could result in the arbitrary execution of code. Versions less than 2.12.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-24614
SHA-256 | 75c7318751cd4487359c15c3b8423956cf538291c5a6f97c486764ac6e7f12fa
Gentoo Linux Security Advisory 202011-03
Posted Nov 3, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202011-3 - A vulnerability in kpmcore could result in privilege escalation. Versions less than 4.2.0 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2020-27187
SHA-256 | 67964d6e87167f8e5cb8ddefca80738ee356e926515acb695ee933af609f9c98
Gentoo Linux Security Advisory 202011-02
Posted Nov 3, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202011-2 - A heap-based buffer overflow in OpenDMARC might allow remote attackers to execute arbitrary code. Versions less than 1.3.3 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2020-12460
SHA-256 | 2959de287cc0da7bc11211121709d5c537d8f322b3aeb6aea3987a3752186261
Gentoo Linux Security Advisory 202011-01
Posted Nov 3, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202011-1 - A vulnerability in BlueZ might allow remote attackers to execute arbitrary code. Versions less than 5.55 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2020-27153
SHA-256 | 456feecce536f47f217dd110ba0e9be0c758bee7bf46966c7bf2f8cc0df96c6d
GitHub Widespread Injection
Posted Nov 3, 2020
Authored by Google Security Research, Felix Wilhelm

Github Actions supports a feature called workflow commands that is susceptible to widespread code injection vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2020-15228
SHA-256 | fad674c47b105cfc1035cbe0b4661f311b3d8159fc76033622fa185b205e5785
Complaints Report Management System 1.0 SQL Injection / Remote Code Execution
Posted Nov 3, 2020
Authored by mosaaed

Complaints Report Management System version 1.0 suffers from a remote SQL injection vulnerability that can allow for remote code execution.

tags | exploit, remote, code execution, sql injection
SHA-256 | b630401ff24cb158b114a6e6f89d0f81bf94403caa737efff5cf7ae81706f205
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close