what you don't know can hurt you
Showing 1 - 25 of 33 RSS Feed

Files Date: 2021-03-09

Red Hat Security Advisory 2021-0780-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0780-01 - Red Hat Ansible Tower 3.8.2-1 has a security and bug fix update. Issues addressed include privilege escalation and traversal vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-10543, CVE-2020-10878, CVE-2020-12723, CVE-2020-35678, CVE-2021-20178, CVE-2021-20180, CVE-2021-20191, CVE-2021-20228, CVE-2021-20253, CVE-2021-3281
MD5 | 273e0643c8b4033a91140a8a18a198ca
Red Hat Security Advisory 2021-0778-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0778-01 - Red Hat Ansible Tower 3.6.7-1 has a security and bug fix update. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and privilege escalation vulnerabilities.

tags | advisory, web, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2016-5766, CVE-2018-20843, CVE-2019-11719, CVE-2019-11727, CVE-2019-11756, CVE-2019-12749, CVE-2019-14866, CVE-2019-15903, CVE-2019-17006, CVE-2019-17023, CVE-2019-17498, CVE-2019-19956, CVE-2019-20372, CVE-2019-20388, CVE-2019-20907, CVE-2020-10543, CVE-2020-10878, CVE-2020-11022, CVE-2020-11023, CVE-2020-12243, CVE-2020-12400, CVE-2020-12401, CVE-2020-12402, CVE-2020-12403, CVE-2020-12723, CVE-2020-1971
MD5 | 198f85a6d096aab12ca29885a346b930
Red Hat Security Advisory 2021-0779-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0779-01 - Red Hat Ansible Tower 3.7.5-1 has a security and bug fix update. Issues addressed include HTTP request smuggling and privilege escalation vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2019-20372, CVE-2020-10543, CVE-2020-10878, CVE-2020-12723, CVE-2020-35678, CVE-2021-20178, CVE-2021-20180, CVE-2021-20191, CVE-2021-20228, CVE-2021-20253
MD5 | fee4cb4e9b4465aff1ce39f4a6da2053
Red Hat Security Advisory 2021-0781-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0781-01 - Red Hat Ansible Automation Platform integrates Red Hat's automation suite consisting of Red Hat Ansible Tower, Red Hat Ansible Engine, Automation Hub and use-case specific capabilities for Microsoft Windows, network, security, and more, along with Software-as-a-Service -based capabilities and features for organization-wide effectiveness. This update fixes various bugs and adds enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section. Issues addressed include code execution, denial of service, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat, windows
advisories | CVE-2020-15366, CVE-2020-7789, CVE-2021-20270, CVE-2021-3281
MD5 | 7ba66622f6268d926f6a082440c05ad4
OpenCMS 11.0.2 Cross Site Request Forgery / Open Redirection
Posted Mar 9, 2021
Authored by Daniel Moreno

OpenCMS version 11.0.2 suffers from cross site request forgery and open redirection vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | ea6c81906090ef0dbb9bc833d8237fc4
OpenCMS 11.0.2 Shell Upload
Posted Mar 9, 2021
Authored by Daniel Moreno

OpenCMS version 11.0.2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | c723d79a8297b3ce3ac3075416c8832f
Sticky Notes Apps Using JavaScript 1.0 Cross Site Scripting
Posted Mar 9, 2021
Authored by Richard Jones

Sticky Notes Apps using JavaScript version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, javascript, xss
MD5 | c34812b56f1fa2ae36a2816630cf1b86
HPE Systems Insight Manager AMF Deserialization Remote Code Execution
Posted Mar 9, 2021
Authored by Harrison Neal, Grant Willcox, Jang | Site metasploit.com

A remotely exploitable vulnerability exists within HPE System Insight Manager (SIM) version 7.6.x that can be leveraged by a remote unauthenticated attacker to execute code within the context of HPE System Insight Manager's hpsimsvc.exe process, which runs with administrative privileges. The vulnerability occurs due to a failure to validate data during the deserialization process when a user submits a POST request to the /simsearch/messagebroker/amfsecure page. This module exploits this vulnerability by leveraging an outdated copy of Commons Collection, namely 3.2.2, that ships with HPE SIM, to gain remote code execution as the administrative user running HPE SIM.

tags | exploit, remote, code execution
advisories | CVE-2020-7200
MD5 | cf8674aaae2451fb617daa09623805e0
Red Hat Security Advisory 2021-0765-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0765-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0444, CVE-2020-14351, CVE-2020-25211, CVE-2020-25705, CVE-2020-29661
MD5 | 88665fa6046fc4f4f643c1c6e8669393
Red Hat Security Advisory 2021-0771-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0771-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-25723
MD5 | a8295c6936392a6294e3ebb1157e1ea3
Apple Security Advisory 2021-03-08-4
Posted Mar 9, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-03-08-4 - watchOS 7.3.2 addresses a code execution vulnerability.

tags | advisory, code execution
systems | apple
advisories | CVE-2021-1844
MD5 | e57471ba583baeb6cb1ca308c601959f
Apple Security Advisory 2021-03-08-3
Posted Mar 9, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-03-08-3 - Safari 14.0.3* addresses a code execution vulnerability.

tags | advisory, code execution
systems | apple
advisories | CVE-2021-1844
MD5 | 70ae5ea9978c9b1d43fd7d5e90a7c55b
Ubuntu Security Notice USN-4758-1
Posted Mar 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4758-1 - It was discovered that Go applications incorrectly handled uploaded content. If a user were tricked into visiting a malicious page, a remote attacker could exploit this with a crafted file to conduct cross-site scripting attacks.

tags | advisory, remote, xss
systems | linux, ubuntu
advisories | CVE-2020-24553
MD5 | 9134ad5350739b814653b794341ec8dc
Ubuntu Security Notice USN-4760-1
Posted Mar 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4760-1 - It was discovered that libzstd incorrectly handled file permissions. A local attacker could possibly use this issue to access certain files, contrary to expectations.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2021-24031
MD5 | 0c1e14501b9ec06c7fc82b3ec0f14485
Microsoft Windows WindowsCodecsRaw!COlympusE300LoadRaw Out-Of-Bounds Write
Posted Mar 9, 2021
Authored by Ivan Fratric, Google Security Research

There is an out-of-bounds write vulnerability in WindowsCodecsRaw.dll in the COlympusE300LoadRaw::olympus_e300_load_raw function that can be triggered by parsing a crafted Olympus E300 raw image with Windows Imaging Component (WIC). The vulnerability has been reproduced on Windows 10 64-bit with the most recent patches applied.

tags | exploit
systems | windows
advisories | CVE-2021-24091
MD5 | 815147d984fdba3d24de7e30eaacb8fb
Ubuntu Security Notice USN-4759-1
Posted Mar 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4759-1 - Krzesimir Nowak discovered that GLib incorrectly handled certain large buffers. A remote attacker could use this issue to cause applications linked to GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. Kevin Backhouse discovered that GLib incorrectly handled certain memory allocations. A remote attacker could use this issue to cause applications linked to GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-27218, CVE-2021-27219
MD5 | 6b55a2dbfb04e4a2fd60d526f7564062
Red Hat Security Advisory 2021-0774-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0774-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0444, CVE-2020-14351, CVE-2020-25211, CVE-2020-25705, CVE-2020-29661
MD5 | 025aec37b80e7099fb4f174ea60a2ae0
Golden FTP Server 4.70 Buffer Overflow
Posted Mar 9, 2021
Authored by Craig Freyman, Gerardo Iglesias Galvan, 1F98D

Golden FTP Server version 4.70 PASS buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2006-6576
MD5 | bccefcb188dc7cda02d62312cb607447
Red Hat Security Advisory 2021-0763-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0763-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0444, CVE-2020-25211, CVE-2020-29661
MD5 | 42e820cc579d09bc87a51c535a03497b
Apple Security Advisory 2021-03-08-2
Posted Mar 9, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-03-08-2 - macOS Big Sur 11.2.3 addresses a code execution vulnerability.

tags | advisory, code execution
systems | apple
advisories | CVE-2021-1844
MD5 | 5e399d19afa8e5fadb4f8e8ddc7deb19
Ubuntu Security Notice USN-4733-2
Posted Mar 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4733-2 - USN-4733-1 fixed a vulnerability in GNOME Autoar. The upstream fix introduced a regression when extracting archives containing directories. This update fixes the problem. Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution. Various other issues were also addressed.

tags | advisory, remote, arbitrary, code execution
systems | linux, ubuntu
MD5 | 2086fff33a1cdd7b63c70ff5a6dec675
Red Hat Security Advisory 2021-0760-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0760-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-24394, CVE-2020-25212
MD5 | ca6c0577b8ff2b5a55cc6622ecf9031a
Red Hat Security Advisory 2021-0758-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0758-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Issues addressed include out of bounds read and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-11756, CVE-2019-17006, CVE-2020-12403
MD5 | d6f8538bef25bda0c2684a62bbcf8d30
Sandboxie Plus 0.7.2 Unquoted Service Path
Posted Mar 9, 2021
Authored by Mohammed Alshehri

Sandboxie Plus version 0.7.2 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | 8a7c9bdc588cf139ef26738c06a63266
FreeLAN 2.2 Unquoted Service Path
Posted Mar 9, 2021
Authored by Mohammed Alshehri

FreeLAN version 2.2 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | ca36adb7c0621ffb47616b8a51bfcf48
Page 1 of 2
Back12Next

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    1 Files
  • 29
    Nov 29th
    11 Files
  • 30
    Nov 30th
    7 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close