what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2021-04-14

Microsoft Azure DevOps Server 2020.0.1 Cross Site Scripting
Posted Apr 14, 2021
Authored by M. Li | Site sec-consult.com

Microsoft Azure DevOps Server version 2020.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-28459
SHA-256 | 2865bdfc703b7d0f9e4183f21398f57ed28f9364149b790650846f15f2d1f767
Red Hat Security Advisory 2021-1195-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1195-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, java, web, vulnerability
systems | linux, redhat
advisories | CVE-2021-3449, CVE-2021-3450
SHA-256 | 4f37c599f7e8c48194ac0302bb61b5f6a42cf2d6e305b8bd8ec073fdc4f53478
Red Hat Security Advisory 2021-1197-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1197-01 - The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. Issues addressed include an out of bounds read vulnerability.

tags | advisory, remote, local
systems | linux, redhat
advisories | CVE-2021-20277
SHA-256 | 7e635439f9063bb6410c061409cd77a0be43c5d5eb27cef4c65a641868d49d21
Webmail Edition 5.2.22 XSS / Remote Code Execution
Posted Apr 14, 2021
Authored by nu11secur1ty, Ventsislav Varbanovski, Alex Birnberg

Webmail Edition version 5.2.22 suffers from remote code execution and cross site scripting vulnerabilities via the Horde_Text_Filter library.

tags | exploit, remote, vulnerability, code execution, xss
advisories | CVE-2021-26929
SHA-256 | 61274f1f45025235aa4f5b093517018fc749ec8ab469618084fac2fa0a8d6fe9
HEUR.Hoax.Win32.FrauDrop.gen MVID-2021-0170 Insecure Permissions
Posted Apr 14, 2021
Authored by malvuln | Site malvuln.com

HEUR.Hoax.Win32.FrauDrop.gen malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | 41b968222d8773d20c8b3317a23d105cd36326de7b48f2a0ad6dcfe751c1c099
Red Hat Security Advisory 2021-1192-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1192-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-23991, CVE-2021-23992, CVE-2021-23993
SHA-256 | c948e9ec428568d27a15b05550951abc57ff9feb310c82e6b96d46880c3ddbdd
URLCrazy Domain Name Typo Tool 0.7.3
Posted Apr 14, 2021
Authored by Andrew Horton | Site github.com

URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo.

Changes: Minor update with some bug fixes and improvements to the README.md.
tags | tool, web
systems | unix
SHA-256 | b04745000e2c27fd85f7b6af98bdac81b7d1685da87267fc47adea0735a42b95
Red Hat Security Advisory 2021-1196-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1196-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, java, web, vulnerability
systems | linux, redhat
advisories | CVE-2021-3449, CVE-2021-3450
SHA-256 | 805fd116b01cb33b9525ec6a734ac818161e1d4d5b49c50e822a0e34a2e417ad
CITSmart ITSM 9.1.2.27 SQL Injection
Posted Apr 14, 2021
Authored by skys

CITSmart ITSM version 9.1.2.27 suffers from a remote time-based blind SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2021-28142
SHA-256 | 00f310b365d6f28ece51a2b5cc0898ad40ad47859665986ed15f4c8646f0c5ce
CITSmart ITSM 9.1.2.22 LDAP Injection
Posted Apr 14, 2021
Authored by skys

CITSmart ITSM version 9.1.2.22 suffers from an LDAP injection vulnerability.

tags | exploit
advisories | CVE-2020-35775
SHA-256 | 97de053873681829149a127423d8ad70cb9b802ae2777d48c6c157dc86463114
Red Hat Security Advisory 2021-1193-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1193-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-23991, CVE-2021-23992, CVE-2021-23993
SHA-256 | 332440aa23616d424274ca68a996e31b6e75368d0d74703d69046824987fb3b4
Red Hat Security Advisory 2021-1169-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1169-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2019-20921, CVE-2020-25657, CVE-2020-28458, CVE-2020-28477
SHA-256 | ad61386766366b722b219913b56b8cfa60dfc16f9db363fa82bc4c4108510fb1
Trojan.Win32.Agent.zfgh MVID-2021-0169 Insecure Permissions
Posted Apr 14, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Agent.zfgh malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 4962355bc1a06ada54d7e7c20d668dc1f62d6b693ef0ddb868c0888076f7cf26
MariaDB 10.2 Command Execution
Posted Apr 14, 2021
Authored by Central Infosec

MariaDB version 10.2 suffers from a command execution vulnerability.

tags | exploit
advisories | CVE-2021-27928
SHA-256 | 7b600a800323cd1607ef6b3df7b72a4d052811dfd58a08322cad74c0a8fedacf
Red Hat Security Advisory 2021-1016-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1016-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.5.37. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-15586, CVE-2020-16845
SHA-256 | 16b82a78d6c72a76a7a49de72dd71d48892f5736d9e55a186ac3b89d48670317
Red Hat Security Advisory 2021-1184-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1184-01 - The ovirt-hosted-engine-setup package provides a self-hosted engine tool for the Red Hat Virtualization Manager. A self-hosted engine is a virtualized environment in which the Manager runs on a virtual machine on the hosts managed by the Manager. Bug Fix: In this release, it is now possible to enter a path to the OVA archive for local appliance installation using the cockpit-ovirt UI. Previously, following a successful migration on the Self-hosted Engine, he HA agent on the source host immediately moved to the state EngineDown, and shorly thereafter tried to start the engine locally, if the destination host didn't update the shared storage quickly enough, marking the Manager virtual machine as being up. As a result, starting the virtual machine failed due to a shared lock held by the destination host. This also resulted in generating false alarms and notifications. In this release, the HA agent first moves to the state EngineMaybeAway, providing the destination host more time to update the shared storage with the updated state. As a result, no notifications or false alarms are generated. Note: in scenarios where the virtual machine needs to be started on the source host, this fix slightly increases the time it takes the Manager virtual machine on the source host to start.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2020-28458
SHA-256 | 8c4853f907f45df559cfbcef018d60c5fcb4358ea5aa03417502549b5e324f5e
Genexis PLATINUM 4410 2.1 P4410-V2-1.28 Remote Command Execution
Posted Apr 14, 2021
Authored by Jay Sharma

Genexis PLATINUM 4410 version 2.1 P4410-V2-1.28 suffers from a remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2021-29003
SHA-256 | da3a5b768eda92ca4a1de49af219ea2090bddc95e52d6479b4b1e6a84a2910ca
Trojan.Win32.Jorik.qje MVID-2021-0168 Insecure Permissions
Posted Apr 14, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Jorik.qje malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 09e3a37ed0bb4fcf11c4b5370ed5a25c4823e0d3d121466bf91c05554547bdf5
Red Hat Security Advisory 2021-1189-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1189-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2021-3449, CVE-2021-3450
SHA-256 | f0ad367a8dacbe7d3f27ab64c77547cac99e0c6d0fd9dfd325275cc2293a40f3
Red Hat Security Advisory 2021-1186-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1186-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Bug Fix: Previously, saving user preferences in the Red Hat Virtualization Manager required the MANIPULATE_USERS permission level. As a result, user preferences were not saved on the server. In this release, the required permission level for saving user preferences was changed to EDIT_PROFILE, which is the permission level assigned by default to all users. As a result, saving user preferences works as expected. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2019-20921, CVE-2020-28458
SHA-256 | 4c18c1012319e88173dfbea22f337e2c7cfbebdf4b2a56114c37dc6509ff743c
Digital Crime Report Management System 1.0 SQL Injection
Posted Apr 14, 2021
Authored by Galuh Muhammad Iman Akbar

Digital Crime Report Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 117f1c801d0b5dca824192ac540a6ec63690601d04d24bd26e93227bde1a1913
Red Hat Security Advisory 2021-1190-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1190-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-23991, CVE-2021-23992, CVE-2021-23993
SHA-256 | b4855587d2c21eaa956921785d37b83cebbf547204ef5645662bbd6c3b731c03
Ubuntu Security Notice USN-4905-1
Posted Apr 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4905-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain lengths of XInput extension ChangeFeedbackControl requests. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3472
SHA-256 | 4459762b858227b182cf6edf99ec5c603a39341361b44501876cf4e9591de418
jQuery 1.0.3 Cross Site Scripting
Posted Apr 14, 2021
Authored by Central Infosec

jQuery version 1.0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-11023
SHA-256 | 7ff5c0bf22409a30bef573c9e5485eb91fec6fb5647f3807595a866b12f17491
jQuery 1.2 Cross Site Scripting
Posted Apr 14, 2021
Authored by Central Infosec

jQuery version 1.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-11022
SHA-256 | e46a9bcd5c68212173c90bfe7a472e62486ceae0b3bc203dd6d56f46c93fd2a6
Page 1 of 2
Back12Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    8 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close