what you don't know can hurt you
Showing 1 - 25 of 37 RSS Feed

Files Date: 2021-02-08

SmartFoxServer 2X 2.17.0 Remote Code Execution
Posted Feb 8, 2021
Authored by LiquidWorm | Site zeroscience.mk

SmartFoxServer 2X version 2.17.0 suffers from a God Mode Console remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2021-26551
SHA-256 | 03b5281c632e520c856359db17d4f588b46523bd5c5fc5c6fb099c8c5708af45
AIDE 0.17.2
Posted Feb 8, 2021
Authored by Rami Lehti | Site aide.github.io

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Changes: Fixed null pointer dereference in db_close(). Fixed out-of-bounds read of attributes array.
tags | tool, intrusion detection
systems | unix
SHA-256 | 3cff624b1717dc19c106d4b898c37eee106bf2fae029880f005820294917bafa
Unibox 2.4 CSRF / Remote Code Execution
Posted Feb 8, 2021
Authored by Kaustubh G. Padwad

Unibox version 2.4 suffers from remote code execution and cross site request forgery vulnerabilities.

tags | exploit, remote, vulnerability, code execution, csrf
SHA-256 | 8dd77b322f43636d3235c2c88700453adfa9865970ffd5dd3a39a083974ecbb8
SmartFoxServer 2X 2.17.0 Credential Disclosure
Posted Feb 8, 2021
Authored by LiquidWorm | Site zeroscience.mk

SmartFoxServer 2X version 2.17.0 suffers from a credential disclosure vulnerability.

tags | exploit
advisories | CVE-2021-26550
SHA-256 | 66b040d7f471c336db6b082f84ee4e47694635e83ec3f1a46ad2526dfa0018c8
Unibox Cross Site Request Forgery
Posted Feb 8, 2021
Authored by Kaustubh G. Padwad

Various Unibox products suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | b2ad463fe05cca881eb2aaa2883ee1d6b019cd543a3dfca94efb14e2e27c91e8
SmartFoxServer 2X 2.17.0 God Mode Console WebSocket Cross Site Scripting
Posted Feb 8, 2021
Authored by LiquidWorm | Site zeroscience.mk

SmartFoxServer 2X version 2.17.0 suffers from a God Mode Console cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-26549
SHA-256 | 4a78410e31be1950c5b055d206a28996ba204fcef0bb0f2363e3e5942189b9eb
Millewin 13.39.028 Unquoted Service Path / Insecure Permissions
Posted Feb 8, 2021
Authored by Andrea Intilangelo

Millewin version 13.39.028 suffers from a local privilege escalation issue due to insecure permission and unquoted service path vulnerabilities.

tags | exploit, local, vulnerability
advisories | CVE-2021-3394
SHA-256 | 9c3a6a6a64b49d3d2a14af6f3258667c88074e9061ebec03c1f8e4cfe33078db
Backdoor.Win32.Wollf.15 MVID-2021-0079 Missing Authentication
Posted Feb 8, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Wollf.15 malware suffers from a missing authentication vulnerability.

tags | exploit
systems | windows
SHA-256 | c41d4e61e238652534263ff190da9b31485a2ea670fba91accb2732c0271f2be
Alt-N MDaemon Webmail 20.0.0 Cross Site Scripting
Posted Feb 8, 2021
Authored by Kailash Bohara

Alt-N MDaemon webmail version 20.0.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2020-18723, CVE-2020-18724
SHA-256 | 168842d9bfb9b9a9daec02d1c705c071a0802417160b8e798a9654b1a4eebb9a
Trojan-Spy.Win32.WinSpy.vwl MVID-2021-0078 Insecure Permissions
Posted Feb 8, 2021
Authored by malvuln | Site malvuln.com

Trojan-Spy.Win32.WinSpy.vwl malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 026c6b0c349e86e43c5a43835c5941f5db65347448416bb24177660d2b517527
Trojan-Spy.Win32.WebCenter.a MVID-2021-0077 Information Disclosure
Posted Feb 8, 2021
Authored by malvuln | Site malvuln.com

Trojan-Spy.Win32.WebCenter.a malware suffers from an information leakage vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | bbe687c0905aad324c811b55eb6f7b45bbca79de22771d469b8334329c6242a8
WordPress Supsystic Backup 2.3.9 Local File Inclusion
Posted Feb 8, 2021
Authored by Erik David Martin

WordPress Supsystic Backup plugin version 2.3.9 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | ec9df473ec6c5b2aa30e2f7f712758f39e5ddff10939d73f66f223aa3ea66fc0
Trojan-Spy.Win32.SpyEyes.awow MVID-2021-0076 Insecure Permissions
Posted Feb 8, 2021
Authored by malvuln | Site malvuln.com

Trojan-Spy.Win32.SpyEyes.awow malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | ba5d2bac54536f8be56c0254f2356d7b42eafd82552965c4a22c6af4a88d0bec
Trojan.Win32.Delf.uq MVID-2021-0071 Insecure Permissions
Posted Feb 8, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Delf.uq malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 64b9061a42d5f5fae6dcf0a527bec9678dbe34d09dfcf6b146fb4dd62ca2dd54
Email-Worm.Win32.Sircam.eb MVID-2021-0070 Insecure Permissions
Posted Feb 8, 2021
Authored by malvuln | Site malvuln.com

Email-Worm.Win32.Sircam.eb malware suffers from an insecure permissions vulnerability.

tags | exploit, worm
systems | windows
SHA-256 | b9dfc635d0039e0fcdcf8cfc0f97162a15393a0db0cf5cdee41e8fc094c569ab
WordPress Supsystic Contact Form 1.7.5 XSS / SQL Injection
Posted Feb 8, 2021
Authored by Erik David Martin

WordPress Supsystic Contact Form plugin version 1.7.5 suffers from remote SQL injection and persistent cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 56f2ae91fa06e83588a7393d88db600fbee075b5d25ff03c3f0d19147557f4cc
Trojan.Win32.Cospet.abg MVID-2021-0069 Insecure Permissions
Posted Feb 8, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Cospet.abg malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 3cff9371902cdab70b8f68e16bf9c15b3b10ee1def66254e184c03bd990fb80b
Trojan.Win32.Comei.pgo MVID-2021-0068 Insecure Permissions
Posted Feb 8, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Comei.pgo malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | d0a3b9f261ca058c8d6c46e6ec08424d809e42466bc3384000a65e99e17e020d
Trojan-Spy.Win32.SpyEyes.auwl MVID-2021-0075 Insecure Permissions
Posted Feb 8, 2021
Authored by malvuln | Site malvuln.com

Trojan-Spy.Win32.SpyEyes.auwl malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 11ffcccc23188d69db7024b086566e3809157fd078bba81265b9e4a8c51fccaf
Red Hat Security Advisory 2021-0308-01
Posted Feb 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0308-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.6.16. Issues addressed include memory leak and privilege escalation vulnerabilities.

tags | advisory, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2015-8011, CVE-2016-2183, CVE-2020-14382, CVE-2021-20198, CVE-2021-3344
SHA-256 | dca033969dbad57e5b0b2d3a6a1dad57f3f1a39cd52810fbcbaa5225da1fd411
Red Hat Security Advisory 2021-0310-01
Posted Feb 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0310-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.16.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14382, CVE-2020-27816
SHA-256 | 4f4d43c008a12651541f4fa4629d0b9852191fd33a490f815581f708c01c50d6
Ubuntu Security Notice USN-4724-1
Posted Feb 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4724-1 - It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A remote attacker could use this issue to cause OpenLDAP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-36221, CVE-2020-36223, CVE-2020-36225, CVE-2020-36227, CVE-2020-36228, CVE-2020-36229
SHA-256 | ff6c0a7da6d4ab87f7053c6097c911adf8167d6526eb449efc04678f59506880
Ubuntu Security Notice USN-4723-1
Posted Feb 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4723-1 - It was discovered that PEAR incorrectly handled symbolic links in archives. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-36193
SHA-256 | 698e211489c38cf4a792844b262265f21e7fd57fb3213515e1401f7a40e8c0cf
Ubuntu Security Notice USN-4725-1
Posted Feb 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4725-1 - It was discovered that QEMU incorrectly handled memory in iSCSI emulation. An attacker inside the guest could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Alexander Bulekov discovered that QEMU incorrectly handled Intel e1000e emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2020-11947, CVE-2020-15859, CVE-2020-27821, CVE-2020-28916, CVE-2020-29443, CVE-2021-20181
SHA-256 | 0cb00f8c69ce1eb4a48a5ddf3c7250eef70edcf933345ec3243885c6ada0dc3f
Red Hat Security Advisory 2021-0433-01
Posted Feb 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0433-01 - Red Hat Data Grid is a distributed, in-memory data store. This release of Red Hat Data Grid 8.1.1 serves as a replacement for Red Hat Data Grid 8.1.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, deserialization, and memory leak vulnerabilities.

tags | advisory, vulnerability, code execution, memory leak
systems | linux, redhat
advisories | CVE-2020-25644, CVE-2020-25711, CVE-2020-26217
SHA-256 | f1c79c20d580fa558d028f3fe2080c509658dd2e86161290239035afbb290a98
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close