exploit the possibilities
Showing 1 - 25 of 30 RSS Feed

Files Date: 2021-02-02

YARA 4.0.3 Denial Of Service / Information Disclosure
Posted Feb 2, 2021
Authored by Luis Merino

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA version 4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file.

tags | exploit, denial of service, overflow, info disclosure
MD5 | ad1922b02eb705629273a6b67632f508
Oracle Privilege Escalation / Denial Of Service / Code Execution
Posted Feb 2, 2021
Authored by Harrison Neal

The Oracle CPU dated 2020 Jan 14 included patches for various issues related to database links and gateways ("Oracle Heterogeneous Services"). Two vulnerabilities in particular might lead to privilege escalation, denial of service, or code execution attacks against Oracle databases.

tags | advisory, denial of service, vulnerability, code execution
MD5 | 1fe163207ad85f89a41dc4ed17e8407f
Red Hat Security Advisory 2021-0384-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0384-01 - Red Hat Fuse provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat A-MQ is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat Fuse 6.3 and Red Hat A-MQ 6.3. It includes bug fixes, which are documented in the patch notes accompanying the package on the download page. Issues addressed include bypass, code execution, and deserialization vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-13933, CVE-2020-26217, CVE-2021-26117
MD5 | f6b225727d9a2d5b8600a077b541de2e
Red Hat Security Advisory 2021-0383-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0383-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. The Manager is a JBoss Application Server application that provides several interfaces through which the virtual environment can be accessed and interacted with, including an Administration Portal, a VM Portal, and a Representational State Transfer Application Programming Interface.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-35497
MD5 | 1428076e3792fcdf57297f20f4b20a34
Red Hat Security Advisory 2021-0381-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0381-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. The Manager is a JBoss Application Server application that provides several interfaces through which the virtual environment can be accessed and interacted with, including an Administration Portal, a VM Portal, and a Representational State Transfer Application Programming Interface. Issues addressed include an XML injection vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25649
MD5 | 92eeb68bad6174b72713cc441d454a82
Ubuntu Security Notice USN-4467-2
Posted Feb 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4467-2 - USN-4467-1 fixed several vulnerabilities in QEMU. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that the QEMU SD memory card implementation incorrectly handled certain memory operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-13253, CVE-2020-13361, CVE-2020-13362, CVE-2020-13659, CVE-2020-13754, CVE-2020-14364
MD5 | 2d14a29a78878b0d667761d1bc1fdd9e
Red Hat Security Advisory 2021-0338-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0338-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-15436, CVE-2020-35513
MD5 | 622a677916efe5c5b11e12950ab8bf03
Red Hat Security Advisory 2021-0336-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0336-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-15436, CVE-2020-35513
MD5 | f44a5df5279667be9b9e82ed77f90f2e
Red Hat Security Advisory 2021-0346-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0346-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-16092, CVE-2020-1983
MD5 | ff71ebeb4616744f4e2e55ba85fc8af8
Red Hat Security Advisory 2021-0347-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0347-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include code execution and out of bounds access vulnerabilities.

tags | advisory, kernel, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-13765, CVE-2020-16092
MD5 | 1d5f9973a1bb6bde25d7796739928d55
Red Hat Security Advisory 2021-0343-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0343-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include buffer overflow, denial of service, and integer overflow vulnerabilities.

tags | advisory, web, denial of service, overflow, perl, vulnerability
systems | linux, redhat
advisories | CVE-2020-10543, CVE-2020-10878, CVE-2020-12723
MD5 | fd544b1b601f01432dcbce4b41dc19aa
Red Hat Security Advisory 2021-0348-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0348-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include buffer over-read and buffer overflow vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat, osx
advisories | CVE-2019-25013, CVE-2020-10029, CVE-2020-29573
MD5 | e85163612008c3d9c255694571499d78
Red Hat Security Advisory 2021-0339-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0339-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-12321
MD5 | c1121ebadf618361c78dc7d7c7d5f45e
Red Hat Security Advisory 2021-0358-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0358-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.

tags | advisory, perl, protocol
systems | linux, redhat
advisories | CVE-2020-15862
MD5 | 99f90f88434e1cc848ac30290cbaa6e7
Red Hat Security Advisory 2021-0292-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0292-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.3.6 serves as a replacement for Red Hat support for Spring Boot 2.3.4, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2020-11996, CVE-2020-25638
MD5 | 3195b004179b248a170a409f55ea82fa
Red Hat Security Advisory 2021-0354-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0354-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-15436, CVE-2020-1749, CVE-2020-29661
MD5 | b37b38356982e78ff86c720ade552d87
Red Hat Security Advisory 2021-0329-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0329-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.4.6 serves as a replacement for Red Hat AMQ Broker 7.4.5, and includes security and bug fixes, and enhancements.

tags | advisory, protocol
systems | linux, redhat
MD5 | f80f7a60fed112b983708469667aa14f
SQLMAP - Automatic SQL Injection Tool 1.5.2
Posted Feb 2, 2021
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Minor release with no notes in the changelog.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 78c920583fa0ecc1970cdd57b22c5d8c
Apple Security Advisory 2021-02-01-4
Posted Feb 2, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-02-01-4 - watchOS 7.3 addresses bypass, code execution, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple
advisories | CVE-2021-1741, CVE-2021-1743, CVE-2021-1744, CVE-2021-1746, CVE-2021-1747, CVE-2021-1748, CVE-2021-1750, CVE-2021-1757, CVE-2021-1758, CVE-2021-1760, CVE-2021-1761, CVE-2021-1764, CVE-2021-1766, CVE-2021-1769, CVE-2021-1772, CVE-2021-1773, CVE-2021-1776, CVE-2021-1778, CVE-2021-1782, CVE-2021-1783, CVE-2021-1785, CVE-2021-1786, CVE-2021-1787, CVE-2021-1788, CVE-2021-1789, CVE-2021-1791, CVE-2021-1792, CVE-2021-1793
MD5 | e29974846f0948218d0d12f3ed760c53
Apple Security Advisory 2021-02-01-3
Posted Feb 2, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-02-01-3 - tvOS 14.4 addresses bypass, code execution, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple
advisories | CVE-2021-1741, CVE-2021-1743, CVE-2021-1744, CVE-2021-1746, CVE-2021-1747, CVE-2021-1748, CVE-2021-1750, CVE-2021-1757, CVE-2021-1758, CVE-2021-1759, CVE-2021-1760, CVE-2021-1761, CVE-2021-1764, CVE-2021-1766, CVE-2021-1769, CVE-2021-1772, CVE-2021-1773, CVE-2021-1776, CVE-2021-1778, CVE-2021-1782, CVE-2021-1783, CVE-2021-1785, CVE-2021-1786, CVE-2021-1787, CVE-2021-1788, CVE-2021-1789, CVE-2021-1791, CVE-2021-1792
MD5 | 4bec9d64145fb4645576c79f624ec64d
Apple Security Advisory 2021-02-01-2
Posted Feb 2, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-02-01-2 - iOS 14.4 and iPadOS 14.4 addresses buffer overflow, bypass, code execution, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple, ios
advisories | CVE-2021-1741, CVE-2021-1743, CVE-2021-1744, CVE-2021-1745, CVE-2021-1746, CVE-2021-1747, CVE-2021-1748, CVE-2021-1750, CVE-2021-1753, CVE-2021-1756, CVE-2021-1757, CVE-2021-1758, CVE-2021-1759, CVE-2021-1760, CVE-2021-1761, CVE-2021-1762, CVE-2021-1763, CVE-2021-1764, CVE-2021-1766, CVE-2021-1767, CVE-2021-1768, CVE-2021-1769, CVE-2021-1772, CVE-2021-1773, CVE-2021-1776, CVE-2021-1778, CVE-2021-1780, CVE-2021-1781
MD5 | 5a08bcdee83129425fd6c1eb6b2dd555
Apple Security Advisory 2021-02-01-1
Posted Feb 2, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-02-01-1 - macOS Big Sur 11.2, Security Update 2021-001 Catalina, and Security Update 2021-001 Mojave address buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2019-20838, CVE-2020-14155, CVE-2020-15358, CVE-2020-25709, CVE-2020-27904, CVE-2020-27937, CVE-2020-27938, CVE-2020-27945, CVE-2020-29608, CVE-2020-29614, CVE-2020-29633, CVE-2021-1736, CVE-2021-1737, CVE-2021-1738, CVE-2021-1741, CVE-2021-1742, CVE-2021-1743, CVE-2021-1744, CVE-2021-1745, CVE-2021-1746, CVE-2021-1747, CVE-2021-1750, CVE-2021-1751, CVE-2021-1753, CVE-2021-1754, CVE-2021-1757, CVE-2021-1758
MD5 | 5053d838c03981649c5d92e46ec9f06b
Ubuntu Security Notice USN-4717-1
Posted Feb 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4717-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct clickjacking attacks, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-23953, CVE-2021-23958, CVE-2021-23963
MD5 | f6f05555968e4f6500feca7736c8d8bc
Red Hat Security Advisory 2021-0327-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0327-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.5 serves as a replacement for Red Hat Single Sign-On 7.4.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include memory leak and server-side request forgery vulnerabilities.

tags | advisory, web, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-10770, CVE-2020-13956, CVE-2020-25640, CVE-2020-25689, CVE-2020-27782
MD5 | 482455568d0c4338e9145918d9311670
Ubuntu Security Notice USN-4715-2
Posted Feb 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4715-2 - USN-4715-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 14.04 ESM. Wang Baohua discovered that Django incorrectly extracted archive files. A remote attacker could possibly use this issue to extract files outside of their expected location. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-3281
MD5 | 0f6d0a13f4ace50fe93368e7565d27a5
Page 1 of 2
Back12Next

File Archive:

February 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    33 Files
  • 2
    Feb 2nd
    30 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    8 Files
  • 5
    Feb 5th
    11 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    1 Files
  • 8
    Feb 8th
    37 Files
  • 9
    Feb 9th
    15 Files
  • 10
    Feb 10th
    11 Files
  • 11
    Feb 11th
    26 Files
  • 12
    Feb 12th
    8 Files
  • 13
    Feb 13th
    1 Files
  • 14
    Feb 14th
    1 Files
  • 15
    Feb 15th
    9 Files
  • 16
    Feb 16th
    33 Files
  • 17
    Feb 17th
    6 Files
  • 18
    Feb 18th
    10 Files
  • 19
    Feb 19th
    20 Files
  • 20
    Feb 20th
    1 Files
  • 21
    Feb 21st
    1 Files
  • 22
    Feb 22nd
    17 Files
  • 23
    Feb 23rd
    15 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    28 Files
  • 26
    Feb 26th
    25 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close