what you don't know can hurt you
Showing 1 - 25 of 33 RSS Feed

Files Date: 2021-03-09

Red Hat Security Advisory 2021-0780-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0780-01 - Red Hat Ansible Tower 3.8.2-1 has a security and bug fix update. Issues addressed include privilege escalation and traversal vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-10543, CVE-2020-10878, CVE-2020-12723, CVE-2020-35678, CVE-2021-20178, CVE-2021-20180, CVE-2021-20191, CVE-2021-20228, CVE-2021-20253, CVE-2021-3281
SHA-256 | a31c39fa66b6bc6b23e3b19170fc67487d8151e576474565c044fe7a2b50c600
Red Hat Security Advisory 2021-0778-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0778-01 - Red Hat Ansible Tower 3.6.7-1 has a security and bug fix update. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and privilege escalation vulnerabilities.

tags | advisory, web, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2016-5766, CVE-2018-20843, CVE-2019-11719, CVE-2019-11727, CVE-2019-11756, CVE-2019-12749, CVE-2019-14866, CVE-2019-15903, CVE-2019-17006, CVE-2019-17023, CVE-2019-17498, CVE-2019-19956, CVE-2019-20372, CVE-2019-20388, CVE-2019-20907, CVE-2020-10543, CVE-2020-10878, CVE-2020-11022, CVE-2020-11023, CVE-2020-12243, CVE-2020-12400, CVE-2020-12401, CVE-2020-12402, CVE-2020-12403, CVE-2020-12723, CVE-2020-1971
SHA-256 | b36485939bcc96f4f05a1b61fcc6c6e3aefa7b635d0f1eb06d546cdccf61da2a
Red Hat Security Advisory 2021-0779-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0779-01 - Red Hat Ansible Tower 3.7.5-1 has a security and bug fix update. Issues addressed include HTTP request smuggling and privilege escalation vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2019-20372, CVE-2020-10543, CVE-2020-10878, CVE-2020-12723, CVE-2020-35678, CVE-2021-20178, CVE-2021-20180, CVE-2021-20191, CVE-2021-20228, CVE-2021-20253
SHA-256 | ffea5b924d380661bcc8195b96557d4036aa09a293d42a21776c1077e68571d1
Red Hat Security Advisory 2021-0781-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0781-01 - Red Hat Ansible Automation Platform integrates Red Hat's automation suite consisting of Red Hat Ansible Tower, Red Hat Ansible Engine, Automation Hub and use-case specific capabilities for Microsoft Windows, network, security, and more, along with Software-as-a-Service -based capabilities and features for organization-wide effectiveness. This update fixes various bugs and adds enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section. Issues addressed include code execution, denial of service, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat, windows
advisories | CVE-2020-15366, CVE-2020-7789, CVE-2021-20270, CVE-2021-3281
SHA-256 | 31eef7ec3b851813c547d30e87efc846893d2cc98b58d36edf0cac10328e2710
OpenCMS 11.0.2 Cross Site Request Forgery / Open Redirection
Posted Mar 9, 2021
Authored by Daniel Moreno

OpenCMS version 11.0.2 suffers from cross site request forgery and open redirection vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 822b8f0065b6805f519eea0db3bdd50fbdac963c4b2fe17513fa35ed63ad0fbc
OpenCMS 11.0.2 Shell Upload
Posted Mar 9, 2021
Authored by Daniel Moreno

OpenCMS version 11.0.2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 677daee69c339585e3e483f124afa7a3541aba8c93da326dd5aa2267b507a5fa
Sticky Notes Apps Using JavaScript 1.0 Cross Site Scripting
Posted Mar 9, 2021
Authored by Richard Jones

Sticky Notes Apps using JavaScript version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, javascript, xss
SHA-256 | 234515a691f0b64cd76f2e7cc768f21f6b4a2acd12de1fdfb8d053770977997a
HPE Systems Insight Manager AMF Deserialization Remote Code Execution
Posted Mar 9, 2021
Authored by Harrison Neal, Grant Willcox, Jang | Site metasploit.com

A remotely exploitable vulnerability exists within HPE System Insight Manager (SIM) version 7.6.x that can be leveraged by a remote unauthenticated attacker to execute code within the context of HPE System Insight Manager's hpsimsvc.exe process, which runs with administrative privileges. The vulnerability occurs due to a failure to validate data during the deserialization process when a user submits a POST request to the /simsearch/messagebroker/amfsecure page. This module exploits this vulnerability by leveraging an outdated copy of Commons Collection, namely 3.2.2, that ships with HPE SIM, to gain remote code execution as the administrative user running HPE SIM.

tags | exploit, remote, code execution
advisories | CVE-2020-7200
SHA-256 | 345538a899771c26db9d29a59a3850937177e4ce0cf67f8b2233fabdd208dc60
Red Hat Security Advisory 2021-0765-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0765-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0444, CVE-2020-14351, CVE-2020-25211, CVE-2020-25705, CVE-2020-29661
SHA-256 | 9d5ae1d8d35b1a5772b263eafd110e715d046cae9a1abd6d52ad704d4a354def
Red Hat Security Advisory 2021-0771-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0771-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-25723
SHA-256 | ef9aa1296c0bc89b82b2e15d31d203978bb1db3ff425a57e01c61d3d458fdad1
Apple Security Advisory 2021-03-08-4
Posted Mar 9, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-03-08-4 - watchOS 7.3.2 addresses a code execution vulnerability.

tags | advisory, code execution
systems | apple
advisories | CVE-2021-1844
SHA-256 | 394a31409cba4a2a53e559eeac87dd1f1bd5997788d24ebe3d3472be55abfe7d
Apple Security Advisory 2021-03-08-3
Posted Mar 9, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-03-08-3 - Safari 14.0.3* addresses a code execution vulnerability.

tags | advisory, code execution
systems | apple
advisories | CVE-2021-1844
SHA-256 | 056daad30a6a417f08eaa4fac54d0ec1be2030572c0c8c32884e2ba482834106
Ubuntu Security Notice USN-4758-1
Posted Mar 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4758-1 - It was discovered that Go applications incorrectly handled uploaded content. If a user were tricked into visiting a malicious page, a remote attacker could exploit this with a crafted file to conduct cross-site scripting attacks.

tags | advisory, remote, xss
systems | linux, ubuntu
advisories | CVE-2020-24553
SHA-256 | ec7a75c3d729b70e4e9577e5c347086d722b514785b95d015dc4aca2124b4f2c
Ubuntu Security Notice USN-4760-1
Posted Mar 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4760-1 - It was discovered that libzstd incorrectly handled file permissions. A local attacker could possibly use this issue to access certain files, contrary to expectations.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2021-24031
SHA-256 | da231c5b59cf607585e005397293dd5030a9ea4cd1b95900c27b92b301af5ec2
Microsoft Windows WindowsCodecsRaw!COlympusE300LoadRaw Out-Of-Bounds Write
Posted Mar 9, 2021
Authored by Ivan Fratric, Google Security Research

There is an out-of-bounds write vulnerability in WindowsCodecsRaw.dll in the COlympusE300LoadRaw::olympus_e300_load_raw function that can be triggered by parsing a crafted Olympus E300 raw image with Windows Imaging Component (WIC). The vulnerability has been reproduced on Windows 10 64-bit with the most recent patches applied.

tags | exploit
systems | windows
advisories | CVE-2021-24091
SHA-256 | d01f7ca6621863dce70b509fef4e28ee4b3568035e8e437b4e161e9285c8ecbb
Ubuntu Security Notice USN-4759-1
Posted Mar 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4759-1 - Krzesimir Nowak discovered that GLib incorrectly handled certain large buffers. A remote attacker could use this issue to cause applications linked to GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. Kevin Backhouse discovered that GLib incorrectly handled certain memory allocations. A remote attacker could use this issue to cause applications linked to GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-27218, CVE-2021-27219
SHA-256 | 9ebbda8c491911911de0e2130fc1f53d86ce6b12c31e832ce285e5713cbc02f1
Red Hat Security Advisory 2021-0774-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0774-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0444, CVE-2020-14351, CVE-2020-25211, CVE-2020-25705, CVE-2020-29661
SHA-256 | 82b19c04725220a375efdb20cf793f37f28706b4844b1bad216d068f80b9049c
Golden FTP Server 4.70 Buffer Overflow
Posted Mar 9, 2021
Authored by Craig Freyman, Gerardo Iglesias Galvan, 1F98D

Golden FTP Server version 4.70 PASS buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2006-6576
SHA-256 | 16159dc816f140941e09c862768fbfab9dfff7504f561762b8f4cadfc2699872
Red Hat Security Advisory 2021-0763-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0763-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0444, CVE-2020-25211, CVE-2020-29661
SHA-256 | d6c4f4cc417345c363ac874284e3855077ba8015e9d80c87432d7dd4935b704e
Apple Security Advisory 2021-03-08-2
Posted Mar 9, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-03-08-2 - macOS Big Sur 11.2.3 addresses a code execution vulnerability.

tags | advisory, code execution
systems | apple
advisories | CVE-2021-1844
SHA-256 | bd8198deedf32fb4e2673a2e63ea7c5bfc9aca208084d0e40d4dbe7c529df92f
Ubuntu Security Notice USN-4733-2
Posted Mar 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4733-2 - USN-4733-1 fixed a vulnerability in GNOME Autoar. The upstream fix introduced a regression when extracting archives containing directories. This update fixes the problem. Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution. Various other issues were also addressed.

tags | advisory, remote, arbitrary, code execution
systems | linux, ubuntu
SHA-256 | d940f66186c9a81231b49cd7cd38224d1e26adee304caf2ad5e0a94b69075923
Red Hat Security Advisory 2021-0760-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0760-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-24394, CVE-2020-25212
SHA-256 | 8ab9a27f59391b5775c4114cc28e1e91a71bab3ef9b57e5d9b1cb360a669e9f5
Red Hat Security Advisory 2021-0758-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0758-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Issues addressed include out of bounds read and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-11756, CVE-2019-17006, CVE-2020-12403
SHA-256 | 9688ffeab3cce2f1d11ad411d3d167f435089eddaa5bae544cc5dd61710b36a4
Sandboxie Plus 0.7.2 Unquoted Service Path
Posted Mar 9, 2021
Authored by Mohammed Alshehri

Sandboxie Plus version 0.7.2 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 027c2d2cb1346aef2b39f5a9c85ae0bb1762d04de134ed72e1783d8b853b1726
FreeLAN 2.2 Unquoted Service Path
Posted Mar 9, 2021
Authored by Mohammed Alshehri

FreeLAN version 2.2 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 3f53b274871be51304399fbf248d45faffabedb5505540ef2befac50fdb80e06
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close