exploit the possibilities
Showing 1 - 25 of 116,032 RSS Feed

Files

Red Hat Security Advisory 2021-1289-01
Posted Apr 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1289-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and out of bounds read vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
MD5 | 0fdeefa2ddf9eeb1621da28b8405174d
Ubuntu Security Notice USN-4563-2
Posted Apr 20, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4563-2 - USN-4563-1 fixed a vulnerability in NTP. This update provides the corresponding update for Ubuntu 20.04 LTS and Ubuntu 20.10. It was discovered that the fix for CVE-2018-7182 introduced a NULL pointer dereference into NTP. An attacker could use this vulnerability to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-8936
MD5 | 28a575fb29d4294f72a77c91e221dd6f
Red Hat Security Advisory 2021-1288-01
Posted Apr 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1288-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, denial of service, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-29661, CVE-2021-20265, CVE-2021-27364, CVE-2021-27365
MD5 | 6602dc03aef32e6967a9fac4041d5606
Ubuntu Security Notice USN-4918-2
Posted Apr 20, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4918-2 - USN-4918-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to cause ClamAV to hang, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-1252, CVE-2021-1404, CVE-2021-1405
MD5 | a978daa8988afdecf7791da9b48c7983
Microsoft DiagHub Privilege Escalation
Posted Apr 20, 2021
Authored by Imre Rad

Microsoft Diaghub suffers from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2021-28313, CVE-2021-28321, CVE-2021-28322, CVE-2021-28323
MD5 | 524e5dde4767b98885a71c971e7d92e8
Ubuntu Security Notice USN-4919-1
Posted Apr 20, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4919-1 - It was discovered that OpenSLP did not properly validate URLs. A remote attacker could use this issue to cause OpenSLP to crash or possibly execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-5544
MD5 | 6cde121f166a0d2bbd0b1b9884e39325
Scapy Packet Manipulation Tool 2.4.5
Posted Apr 20, 2021
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: 354 commits to Core master since last release. There is a new interfaces system, multiple bug fixes, and more.
tags | tool, scanner, python
systems | unix
MD5 | 7bf39994a6f476ecef96ff125ab18fe0
nullcon Goa 2021 Physical Edition Call For Papers
Posted Apr 20, 2021
Site nullcon.net

The Call For Papers for nullcon Goa 2021 Physical Edition is now open. Nullcon is an information security conference held in Goa, India. The focus of the conference is to showcase the next generation of offensive and defensive security technology. It will take place in September of 2021.

tags | paper, conference
MD5 | 21c9208690c391aeb225128f42c161a3
Red Hat Security Advisory 2021-1272-01
Posted Apr 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1272-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-27363, CVE-2021-27364, CVE-2021-27365, CVE-2021-3347
MD5 | d8727197ed9740775d56d47e2d2234af
Red Hat Security Advisory 2021-1279-01
Posted Apr 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1279-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-27363, CVE-2021-27364, CVE-2021-27365, CVE-2021-3347
MD5 | 30b51a879589e5daec1e7b2575333cfb
Red Hat Security Advisory 2021-1266-01
Posted Apr 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1266-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include buffer overflow, denial of service, and integer overflow vulnerabilities.

tags | advisory, web, denial of service, overflow, perl, vulnerability
systems | linux, redhat
advisories | CVE-2020-10543, CVE-2020-10878, CVE-2020-12723
MD5 | f97b03a9545f11491b1cf08b54df658c
Ubuntu Security Notice USN-4918-1
Posted Apr 20, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4918-1 - It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to cause ClamAV to hang, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing email. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-1252, CVE-2021-1404, CVE-2021-1405
MD5 | 1e4f0c2b0a5872c48cf1db74e5f7a2b7
Fibaro Home Center MITM / Missing Authentication / Code Execution
Posted Apr 20, 2021
Authored by Marton Illes, USER | Site iot-inspector.com

Fibaro Home Center Light and Fibaro Home Center 2 versions 4.600 and below suffer from man-in-the-middle, missing authentication, remote command execution, and missing encryption vulnerabilities.

tags | exploit, remote, vulnerability
advisories | CVE-2021-20989, CVE-2021-20990, CVE-2021-20991, CVE-2021-20992
MD5 | 6c5c5d340dde64001a1195e30ca2a6f1
Red Hat Security Advisory 2021-1267-01
Posted Apr 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1267-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-14351, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
MD5 | 75a91f52f2f9f4b14e2b4601ae5a0948
Phone Shop Sales Management System 1.0 Shell Upload
Posted Apr 20, 2021
Authored by Richard Jones

Phone Shop Sales Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 10fbcabc593444ffc45f13cf9713a185
Red Hat Security Advisory 2021-1260-01
Posted Apr 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1260-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.7.0 serves as a replacement for Red Hat AMQ Streams 1.6.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include an XML injection vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25649
MD5 | 8208717753b6b6b9cac774e305322eef
Red Hat Security Advisory 2021-1263-01
Posted Apr 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1263-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2020-25715, CVE-2021-20179
MD5 | 8ce46493ecbfd90ea03f33fefa70eaea
Cisco RV Authentication Bypass / Code Execution
Posted Apr 20, 2021
Authored by T Shiomitsu | Site iot-inspector.com

Cisco RV-series routers suffer from an authentication bypass vulnerability. The RV34X series are also affected by a command injection vulnerability in the sessionid cookie, when requesting the /upload endpoint. A combination of these issues would allow any person who is able to communicate with the web interface to run arbitrary system commands on the router as the www-data user. Vulnerable versions include RV16X/RV26X versions 1.0.01.02 and below and RV34X versions 1.0.03.20 and below.

tags | exploit, web, arbitrary, bypass
systems | cisco
advisories | CVE-2021-1472, CVE-2021-1473
MD5 | c12d03c8d1125957763a439d71aa925e
Plantronics HUB 3.21 Privilege Escalation
Posted Apr 19, 2021
Authored by redtimmysec | Site redtimmy.com

Plantronics HUB versions 3.21 and below are affected by a privilege escalation vulnerability allowing any local unprivileged user to acquire elevated access rights and take full control of the system.

tags | advisory, local
MD5 | e621c3b1d19f270f4c0d773a88453820
Red Hat Security Advisory 2021-1258-01
Posted Apr 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1258-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include an information leakage vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-35518
MD5 | bcfdc9c9aaa08769f3ae9bac4789bcdc
Red Hat Security Advisory 2021-1246-01
Posted Apr 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1246-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.

tags | advisory, kernel, crypto, protocol, python
systems | linux, redhat
advisories | CVE-2021-20305
MD5 | d037bc355b3b1e959cc8db553011cbc2
Red Hat Security Advisory 2021-1245-01
Posted Apr 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1245-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.

tags | advisory, kernel, crypto, protocol, python
systems | linux, redhat
advisories | CVE-2021-20305
MD5 | 27824832d2a475dc12ab656b6c1bf483
Trojan.Win32.Agent.hsm Insecure Permissions
Posted Apr 19, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Agent.hsm malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
MD5 | 30fdf081c36736d3966de00b316db172
Nagios XI 5.7.3 Remote Code Execution
Posted Apr 19, 2021
Authored by Chris Lyne, Matthew Aberegg, Erik Wynter | Site metasploit.com

This Metasploit module exploits CVE-2020-5791, an OS command injection vulnerability on Nagios XI versions 5.6.0 through 5.7.3 in admin/mibs.php that enables an authenticated user with admin privileges to achieve remote code execution as either the apache user or the www-data user.

tags | exploit, remote, php, code execution
advisories | CVE-2020-5791
MD5 | 639bef5044c0f11d63a9c893409809f3
OpenSSH 8.6p1
Posted Apr 19, 2021
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Extensive amount of code clean ups and bug fixes have been applied.
tags | tool, encryption
systems | linux, unix, openbsd
MD5 | 805f7048aec6dd752584e570383a6f00
Page 1 of 4,642
Back12345Next

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    15 Files
  • 14
    Apr 14th
    27 Files
  • 15
    Apr 15th
    19 Files
  • 16
    Apr 16th
    7 Files
  • 17
    Apr 17th
    1 Files
  • 18
    Apr 18th
    1 Files
  • 19
    Apr 19th
    19 Files
  • 20
    Apr 20th
    18 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close