This Metasploit module exploits a command injection vulnerability in Metasploit Framework's msfvenom payload generator when using a crafted APK file as an Android payload template. Affected includes Metasploit Framework versions 6.0.11 and below and Metasploit Pro versions 4.18.0 and below.
695d70bbd2e49f70ab302feba13c9124The WordPress File Manager (wp-file-manager) plugin versions 6.0 through 6.8 allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, for example, allows attackers to run the elFinder upload (or mkfile and put) command to write PHP code into the wp-content/plugins/wp-file-manager/lib/files/ directory.
33be7d7b4c3915b9705e403be54c86a0Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
675a73dd8b5cb2da098fc07e8c914807Red Hat Security Advisory 2020-5054-01 - The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files.
3665bf80fb80e17580d7ed2a669f1e07Red Hat Security Advisory 2020-5056-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.
40bf1e4803c1827dc705ed0538142fbdRed Hat Security Advisory 2020-5055-01 - The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.
39fead1e54f0fec7b34134ca5cd89ee4Ubuntu Security Notice 4624-1 - It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause unexpected behaviours, or execute arbitrary code.
7a05bea2012947c33ca0fa3a8095b12dRed Hat Security Advisory 2020-5010-01 - Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Issues addressed include a denial of service vulnerability.
e953addcfd874b13f34ef55c38b1ca22Anuko Time Tracker version 1.19.23.5325 suffers from a CSV formula injection vulnerability.
f59fe007bbbbb7aec58f8530c3cfdfe2Red Hat Security Advisory 2020-5012-01 - The librepo library provides a C and Python API to download repository metadata. Issues addressed include a traversal vulnerability.
a97c42936c9f31c824f1ef68cea19591Red Hat Security Advisory 2020-5004-01 - The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability environment. Issues addressed include a crlf injection vulnerability.
1cfa53c1fc8e17ab910a60a2b8d66fe0Red Hat Security Advisory 2020-5003-01 - The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Issues addressed include a crlf injection vulnerability.
1b750ae82ad48851db83e79877680db3Red Hat Security Advisory 2020-5050-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
663899c6a9b85140897d8374828af83cRed Hat Security Advisory 2020-5023-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
8b4efb51252161618854f934a97ca5d2Red Hat Security Advisory 2020-5040-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include a double free vulnerability.
dda07a5a85d1d8c7a6701cbfe495ec92Red Hat Security Advisory 2020-5021-01 - The qt packages contain a software toolkit that simplifies the task of writing and maintaining Graphical User Interface applications for the X Window System. Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Issues addressed include a buffer over-read vulnerability.
60151d5bc8af3d27f7966d17c2ca1ad3Red Hat Security Advisory 2020-5026-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
c6f577d9ccebc2e88f6eb360d806dac6ShoreTel Conferencing version 19.46.1802.0 suffers from a cross site scripting vulnerability.
2f5b884078ccb6aa0728f24e32a5bea8Red Hat Security Advisory 2020-5002-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
e3c9b04c7505494aa3a26599542a0fe1Red Hat Security Advisory 2020-5011-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
20e0e91ba5953fd52a4ace31425e52a8Red Hat Security Advisory 2020-5020-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Issues addressed include a HTTP request smuggling vulnerability.
099a329060aa5f5330f19f1769829972Red Hat Security Advisory 2020-5009-01 - Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries.
206ae095f52d2b15264505721e94caf8Red Hat Security Advisory 2020-4999-01 - The unixODBC packages contain a framework that supports accessing databases through the ODBC protocol. Issues addressed include a buffer overflow vulnerability.
de7e8ca6255adb8f20983c5d0b02b466Red Hat Security Advisory 2020-4992-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
2df526743f6f442491b3a751b481f962Red Hat Security Advisory 2020-4991-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.
a490fdbf04f8b760a08c543e6916c39f
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed