what you don't know can hurt you
Showing 1 - 25 of 27 RSS Feed

Files Date: 2021-04-14

Microsoft Azure DevOps Server 2020.0.1 Cross Site Scripting
Posted Apr 14, 2021
Authored by M. Li | Site sec-consult.com

Microsoft Azure DevOps Server version 2020.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-28459
MD5 | 4994087ae5636e46cc4be43cc0c489f6
Red Hat Security Advisory 2021-1195-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1195-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, java, web, vulnerability
systems | linux, redhat
advisories | CVE-2021-3449, CVE-2021-3450
MD5 | dacb6d6c13c5d9b7be6d35069dad438d
Red Hat Security Advisory 2021-1197-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1197-01 - The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. Issues addressed include an out of bounds read vulnerability.

tags | advisory, remote, local
systems | linux, redhat
advisories | CVE-2021-20277
MD5 | e9e03e4b0233fd765faa0bcd5a79ec44
Webmail Edition 5.2.22 XSS / Remote Code Execution
Posted Apr 14, 2021
Authored by nu11secur1ty, Ventsislav Varbanovski, Alex Birnberg

Webmail Edition version 5.2.22 suffers from remote code execution and cross site scripting vulnerabilities via the Horde_Text_Filter library.

tags | exploit, remote, vulnerability, code execution, xss
advisories | CVE-2021-26929
MD5 | dd1588866001ae370f23e0d6ec8d2f71
HEUR.Hoax.Win32.FrauDrop.gen Insecure Permissions
Posted Apr 14, 2021
Authored by malvuln | Site malvuln.com

HEUR.Hoax.Win32.FrauDrop.gen malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
MD5 | 50c66b4d86576b7c155504ec687423d1
Red Hat Security Advisory 2021-1192-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1192-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-23991, CVE-2021-23992, CVE-2021-23993
MD5 | 604f18fd08c65968d8fa91d20c2b406a
URLCrazy Domain Name Typo Tool 0.7.3
Posted Apr 14, 2021
Authored by Andrew Horton | Site github.com

URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo.

Changes: Minor update with some bug fixes and improvements to the README.md.
tags | tool, web
systems | unix
MD5 | 70399a7f2746db5f47153ca373ef738c
Red Hat Security Advisory 2021-1196-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1196-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, java, web, vulnerability
systems | linux, redhat
advisories | CVE-2021-3449, CVE-2021-3450
MD5 | 1e20b1d3fa25aae80ecbb9ca2aa74000
CITSmart ITSM 9.1.2.27 SQL Injection
Posted Apr 14, 2021
Authored by skys

CITSmart ITSM version 9.1.2.27 suffers from a remote time-based blind SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2021-28142
MD5 | 3d24d2282ef6f774e3ec4558ad1409d1
CITSmart ITSM 9.1.2.22 LDAP Injection
Posted Apr 14, 2021
Authored by skys

CITSmart ITSM version 9.1.2.22 suffers from an LDAP injection vulnerability.

tags | exploit
advisories | CVE-2020-35775
MD5 | 4ac23ee971f692bf2ad5ddba1be97403
Red Hat Security Advisory 2021-1193-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1193-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-23991, CVE-2021-23992, CVE-2021-23993
MD5 | c31cfdd7eaa6012152d6ea8f09fc108c
Red Hat Security Advisory 2021-1169-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1169-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2019-20921, CVE-2020-25657, CVE-2020-28458, CVE-2020-28477
MD5 | f30c28086eb6756954fbbebcf8322ae6
Trojan.Win32.Agent.zfgh Insecure Permissions
Posted Apr 14, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Agent.zfgh malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
MD5 | 3b8d24907908e6336805de66cf3aa2f4
MariaDB 10.2 Command Execution
Posted Apr 14, 2021
Authored by Central Infosec

MariaDB version 10.2 suffers from a command execution vulnerability.

tags | exploit
advisories | CVE-2021-27928
MD5 | ce7c5713f1101721cb65c9278e2e5467
Red Hat Security Advisory 2021-1016-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1016-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.5.37. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-15586, CVE-2020-16845
MD5 | db422cc0c1b73c6ad83d84a7abc3d10c
Red Hat Security Advisory 2021-1184-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1184-01 - The ovirt-hosted-engine-setup package provides a self-hosted engine tool for the Red Hat Virtualization Manager. A self-hosted engine is a virtualized environment in which the Manager runs on a virtual machine on the hosts managed by the Manager. Bug Fix: In this release, it is now possible to enter a path to the OVA archive for local appliance installation using the cockpit-ovirt UI. Previously, following a successful migration on the Self-hosted Engine, he HA agent on the source host immediately moved to the state EngineDown, and shorly thereafter tried to start the engine locally, if the destination host didn't update the shared storage quickly enough, marking the Manager virtual machine as being up. As a result, starting the virtual machine failed due to a shared lock held by the destination host. This also resulted in generating false alarms and notifications. In this release, the HA agent first moves to the state EngineMaybeAway, providing the destination host more time to update the shared storage with the updated state. As a result, no notifications or false alarms are generated. Note: in scenarios where the virtual machine needs to be started on the source host, this fix slightly increases the time it takes the Manager virtual machine on the source host to start.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2020-28458
MD5 | 422cff21582d2e8a024a9b33ba6882ce
Genexis PLATINUM 4410 2.1 P4410-V2-1.28 Remote Command Execution
Posted Apr 14, 2021
Authored by Jay Sharma

Genexis PLATINUM 4410 version 2.1 P4410-V2-1.28 suffers from a remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2021-29003
MD5 | 43aeccc4d2fcad984b051b4cdbb1583f
Trojan.Win32.Jorik.qje Insecure Permissions
Posted Apr 14, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Jorik.qje malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
MD5 | faf5ffe170a3559624827f291850035f
Red Hat Security Advisory 2021-1189-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1189-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2021-3449, CVE-2021-3450
MD5 | 35e740aea2aba5046d28139bf1b9ca72
Red Hat Security Advisory 2021-1186-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1186-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Bug Fix: Previously, saving user preferences in the Red Hat Virtualization Manager required the MANIPULATE_USERS permission level. As a result, user preferences were not saved on the server. In this release, the required permission level for saving user preferences was changed to EDIT_PROFILE, which is the permission level assigned by default to all users. As a result, saving user preferences works as expected. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2019-20921, CVE-2020-28458
MD5 | 38f08cca6cbd83e274e0091d548fbc60
Digital Crime Report Management System 1.0 SQL Injection
Posted Apr 14, 2021
Authored by Galuh Muhammad Iman Akbar

Digital Crime Report Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 0caf2f815b9b8bcfabd56d4dce51e40c
Red Hat Security Advisory 2021-1190-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1190-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-23991, CVE-2021-23992, CVE-2021-23993
MD5 | 5613c59ddd185710abc4c344d22c36ae
Ubuntu Security Notice USN-4905-1
Posted Apr 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4905-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain lengths of XInput extension ChangeFeedbackControl requests. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3472
MD5 | a4d5efe17f7fa50258fbfbe4f6957ecb
jQuery 1.0.3 Cross Site Scripting
Posted Apr 14, 2021
Authored by Central Infosec

jQuery version 1.0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-11023
MD5 | 179fd6b72dec05ab89308264840d7aa5
jQuery 1.2 Cross Site Scripting
Posted Apr 14, 2021
Authored by Central Infosec

jQuery version 1.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-11022
MD5 | f6880c94004df62f5be9b507d04e021f
Page 1 of 2
Back12Next

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    15 Files
  • 14
    Apr 14th
    27 Files
  • 15
    Apr 15th
    19 Files
  • 16
    Apr 16th
    7 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close