exploit the possibilities
Showing 1 - 25 of 118,016 RSS Feed

Files

Red Hat Security Advisory 2021-3653-01
Posted Sep 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3653-01 - Red Hat Advanced Cluster Management 2.1.11 security fix and container updates are available.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-27777, CVE-2021-22555, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23017, CVE-2021-29154, CVE-2021-29650, CVE-2021-31535, CVE-2021-32399, CVE-2021-36222, CVE-2021-3653, CVE-2021-37750
MD5 | ef43f11cebe0cd0e7f13da5997e4271e
OpenVPN Monitor 1.1.3 Cross Site Request Forgery
Posted Sep 24, 2021
Authored by Sylvain Heiniger, Emanuel Duss

OpenVPN Monitor versions 1.1.3 and below suffer from a cross site request forgery vulnerability that allows an attacker to disconnect arbitrary VPN clients.

tags | exploit, arbitrary, csrf
advisories | CVE-2021-31604
MD5 | 8fe8676ce55952fcce460972fb63424c
Apple Security Advisory 2021-09-23-2
Posted Sep 24, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-09-23-2 - Security Update 2021-006 Catalina addresses a code execution vulnerability.

tags | advisory, code execution
systems | apple
advisories | CVE-2021-30869
MD5 | da2fbee1b8de7e4786058168460ba81d
Red Hat Security Advisory 2021-3660-01
Posted Sep 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3660-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.0 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.1 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, denial of service, and traversal vulnerabilities.

tags | advisory, java, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-13936, CVE-2021-21295, CVE-2021-21409, CVE-2021-28170, CVE-2021-29425, CVE-2021-3536, CVE-2021-3597, CVE-2021-3642, CVE-2021-3644, CVE-2021-3690
MD5 | d1b890023c5f704258c5a41a08dd47eb
OpenVPN Monitor 1.1.3 Command Injection
Posted Sep 24, 2021
Authored by Sylvain Heiniger, Emanuel Duss

OpenVPN Monitor versions 1.1.3 and below suffer from an injection vulnerability that allows an attacker to inject arbitrary commands into the OpenVPN server management interface socket.

tags | exploit, arbitrary
advisories | CVE-2021-31605
MD5 | 6ea912419e5cea8787dd7f4766877eef
Apple Security Advisory 2021-09-23-1
Posted Sep 24, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-09-23-1 - iOS 12.5.5 addresses code execution, integer overflow, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple, ios
advisories | CVE-2021-30858, CVE-2021-30860, CVE-2021-30869
MD5 | 488d3765baad8c4d50fbe4155e799a1b
Red Hat Security Advisory 2021-3658-01
Posted Sep 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3658-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.0 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.1 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, denial of service, and traversal vulnerabilities.

tags | advisory, java, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-13936, CVE-2021-21295, CVE-2021-21409, CVE-2021-28170, CVE-2021-29425, CVE-2021-3536, CVE-2021-3597, CVE-2021-3642, CVE-2021-3644, CVE-2021-3690
MD5 | 9f3015b7fb5759e48aa377a1f59a17bf
Red Hat Security Advisory 2021-3656-01
Posted Sep 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3656-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.0 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.1 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, denial of service, and traversal vulnerabilities.

tags | advisory, java, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-13936, CVE-2021-21295, CVE-2021-21409, CVE-2021-28170, CVE-2021-29425, CVE-2021-3536, CVE-2021-3597, CVE-2021-3642, CVE-2021-3644, CVE-2021-3690
MD5 | d4e532af434c0ddf0cb26799953b9da2
OpenVPN Monitor 1.1.3 Authorization Bypass / Denial Of Service
Posted Sep 24, 2021
Authored by Sylvain Heiniger, Emanuel Duss

OpenVPN Monitor versions 1.1.3 and below suffer from an authorization bypass vulnerability that allows an attacker to disconnect arbitrary clients, even if the disconnect feature is disabled.

tags | exploit, arbitrary, bypass
advisories | CVE-2021-31606
MD5 | e062e120ca7f341e24487a82f218030c
SmarterTools SmarterTrack 7922 Information Disclosure
Posted Sep 24, 2021
Authored by Andrei Manole

SmarterTools SmarterTrack 7922 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
MD5 | eee4a3d556dbb4d6a7731be368f9471b
Zeek 4.0.4
Posted Sep 23, 2021
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: This release addresses six bugs and two security issues.
tags | tool, intrusion detection
systems | unix
MD5 | df39f4f49a69086b3a2a2abbf807e6a3
Ubuntu Security Notice USN-5089-2
Posted Sep 23, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5089-2 - USN-5089-1 updated ca-certificates. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. The ca-certificates package contained a CA certificate that will expire on 2021-09-30 and will cause connectivity issues. This update removes the “DST Root CA X3” CA. Various other issues were also addressed.

tags | advisory, root
systems | linux, ubuntu
MD5 | 3f6bb8efe435926053d369372e5d95d0
Ubuntu Security Notice USN-5089-1
Posted Sep 23, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5089-1 - The ca-certificates package contained a CA certificate that will expire on 2021-09-30 and will cause connectivity issues. This update removes the “DST Root CA X3” CA.

tags | advisory, root
systems | linux, ubuntu
MD5 | b174669d6d445a62c0d3499d26d1c223
WordPress 3DPrint Lite 1.9.1.4 Shell Upload
Posted Sep 23, 2021
Authored by spacehen

WordPress 3DPrint Lite plugin version 1.9.1.4 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | df05024a490ce087dd2a9ea5257bf09c
Pharmacy Point Of Sale System 1.0 SQL Injection
Posted Sep 23, 2021
Authored by Janik Wehrli

Pharmacy Point of Sale System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 0c421cadb58ed3860edd48c36da90815
Ubuntu Security Notice USN-5088-1
Posted Sep 23, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5088-1 - It was discovered that EDK II incorrectly handled input validation in MdeModulePkg. A local user could possibly use this issue to cause EDK II to crash, resulting in a denial of service, obtain sensitive information or execute arbitrary code. Paul Kehrer discovered that OpenSSL used in EDK II incorrectly handled certain input lengths in EVP functions. An attacker could possibly use this issue to cause EDK II to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-11098, CVE-2021-23840, CVE-2021-3712, CVE-2021-38575
MD5 | 556eeb5ec796239ef9d66d964cd4486f
Police Crime Record Management Project 1.0 SQL Injection
Posted Sep 23, 2021
Authored by ()t/\/\1

Police Crime Record Management Project version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 799b2319f52c524aa996f903df4c7448
Redragon Gaming Mouse Denial Of Service
Posted Sep 23, 2021
Authored by Quadron Research Lab

Redragon Gaming Mouse suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | a001d0c25a8946620304491113760b3f
WordPress Advanced Order Export For WooCommerce 3.1.7 Cross Site Scripting
Posted Sep 23, 2021
Authored by 0xB9

WordPress Advanced Order Export For WooCommerce plugin version 3.1.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-24169
MD5 | cda16c38c590a26e4758142316be12a5
Ubuntu Security Notice USN-5087-1
Posted Sep 23, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5087-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2021-30858
MD5 | 847a422a36d646b7e940f861813e77eb
WordPress Fitness Calculators 1.9.5 Cross Site Request Forgery
Posted Sep 23, 2021
Authored by 0xB9

WordPress Fitness Calculators plugin version 1.9.5 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2021-24272
MD5 | 30ca373f3886f6f98013bb82a0a42e7c
Backdrop CMS 1.20.0 Cross Site Request Forgery / Command Execution
Posted Sep 23, 2021
Authored by V1n1v131r4

Backdrop CMS version 1.20.0 suffers from cross site request forgery vulnerabilities that can assist an attacker in achieving command execution.

tags | exploit, vulnerability, csrf
MD5 | 2e44ed7c8aa4c0431592175c5c6161c9
Gurock Testrail 7.2.0.3014 Improper Access Control
Posted Sep 23, 2021
Authored by JohnJHacking, Sick Codes

Gurock Testrail version 7.2.0.3014 suffers from an improper access control vulnerability.

tags | exploit
advisories | CVE-2021-40875
MD5 | ca364a6a681f0978d5193d137515cfbc
Chrome HRTFDatabaseLoader::WaitForLoaderThreadCompletion Data Race
Posted Sep 22, 2021
Authored by Google Security Research, Glazvunov

Chrome suffers from a HRTFDatabaseLoader::WaitForLoaderThreadCompletion data race condition.

tags | exploit
advisories | CVE-2021-30603
MD5 | 0aaadc59ac484d75a50e47a84bef9a4b
Ubuntu Security Notice USN-5085-1
Posted Sep 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5085-1 - It was discovered that SQL parse incorrectly handled certain regular expression. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2021-32839
MD5 | cdd7570b2e91691826b3eb59b9ef014e
Page 1 of 4,721
Back12345Next

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    2 Files
  • 19
    Sep 19th
    2 Files
  • 20
    Sep 20th
    14 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    28 Files
  • 23
    Sep 23rd
    13 Files
  • 24
    Sep 24th
    10 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close