exploit the possibilities
Showing 1 - 14 of 14 RSS Feed

Files Date: 2021-04-27

Red Hat Security Advisory 2021-1389-01
Posted Apr 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1389-01 - OpenLDAP is an open-source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. Issues addressed include a null pointer vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-25692
SHA-256 | 63d7bd955c0c0b5f897fedb062b27d303ea02234b1da57fbadca0405295a212e
Ubuntu Security Notice USN-4926-1
Posted Apr 27, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4926-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, trick the user into disclosing confidential information, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29947
SHA-256 | f55c2332782fe26e72bd86b4970020318554061cc3558a83e9597678bbf3463c
Red Hat Security Advisory 2021-1384-01
Posted Apr 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1384-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-25648
SHA-256 | b9384c51fa1cd1c88848153f7efda1460bd918ed9f161b7e522e2b0b07d65081
Kimai 1.14 CSV Injection
Posted Apr 27, 2021
Authored by Mohammed Aloraimi

Kimai version 1.14 suffers from a CSV injection vulnerability.

tags | exploit
SHA-256 | afb42232708cf7c479a931df88973a1686f1c2e59c5995bf6636cc24c9b50abf
Red Hat Security Advisory 2021-1230-01
Posted Apr 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1230-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution and deserialization vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-14718, CVE-2018-14719, CVE-2018-14720, CVE-2018-14721, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2019-14379, CVE-2020-24750, CVE-2020-35490, CVE-2020-35491, CVE-2020-35728, CVE-2020-36179, CVE-2020-36180, CVE-2020-36181, CVE-2020-36182, CVE-2020-36183, CVE-2020-36184, CVE-2020-36185, CVE-2020-36186, CVE-2020-36187, CVE-2020-36188, CVE-2020-36189, CVE-2021-20190, CVE-2021-3449
SHA-256 | c7d10448a5d29916548625e02af2286811c91fe3d47e52579e3a45663d570cc4
VMware vRealize Operations Manager Server-Side Request Forgery / Code Execution
Posted Apr 27, 2021
Authored by wvu, Egor Dimitrenko | Site metasploit.com

This Metasploit module exploits a pre-auth server-side request forgery (CVE-2021-21975) and post-auth file write (CVE-2021-21983) in VMware vRealize Operations Manager to leak admin creds and write/execute a JSP payload. CVE-2021-21975 affects the /casa/nodes/thumbprints endpoint, and CVE-2021-21983 affects the /casa/private/config/slice/ha/certificate endpoint. Code execution occurs as the "admin" Unix user.

tags | exploit, code execution
systems | unix
advisories | CVE-2021-21975, CVE-2021-21983
SHA-256 | 8fb3fd3d2660db09b165a788ebbd4aab98bfde09593d01e190121efb5d69716d
Red Hat Security Advisory 2021-1401-01
Posted Apr 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1401-01 - This release of Red Hat Fuse 7.8.1 serves as a patch to Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot 2, and includes security fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2020-28052
SHA-256 | 6a37dcbd49aff0b17f539cf95e73580a679208b239007b0e3fe04e49131db793
WordPress WPGraphQL 1.3.5 Denial Of Service
Posted Apr 27, 2021
Authored by Dolev Farhi

WordPress WPGraphQL plugin version 1.3.5 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | fd8100cf3908043374f8ea4c72265eeed0145c4053e6b5d3a90a8ffba4670edd
Red Hat Security Advisory 2021-1376-01
Posted Apr 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1376-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-15436, CVE-2020-28374, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
SHA-256 | 240032e93bcb7b4ed0735232f82e3b09c775facff14f3a3bea7b130dd3b6a555
Apache Druid 0.20.0 Remote Command Execution
Posted Apr 27, 2021
Authored by Litch1, je5442804, Alibaba Cloud Security Team | Site metasploit.com

Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests; however, that feature is disabled by default. In Druid versions prior to 0.20.1, an authenticated user can send a specially-crafted request that both enables the JavaScript code-execution feature and executes the supplied code all at once, allowing for code execution on the server with the privileges of the Druid Server process. More critically, authentication is not enabled in Apache Druid by default.

tags | exploit, javascript, code execution
advisories | CVE-2021-25646
SHA-256 | b298c899e38be69b54163c4da54bb4be979f3abb34cca3c04ac527f6a5c92905
Red Hat Security Advisory 2021-1377-01
Posted Apr 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1377-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and out of bounds read vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-28374, CVE-2021-27364, CVE-2021-27365
SHA-256 | ef5f189198155a80dd82a4c1ff695427a03a5f6126ff823378ccca72f3fa0f42
Red Hat Security Advisory 2021-1379-01
Posted Apr 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1379-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include buffer overflow, denial of service, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-11669, CVE-2021-27364, CVE-2021-27365, CVE-2021-3347
SHA-256 | 39ae052b6e94164d686c089d8de36b2b2bbf67921f14194ffe304415461aaf6a
Montiorr 1.7.6m Cross Site Scripting
Posted Apr 27, 2021
Authored by Ahmad Shakla

Montiorr version 1.7.6m suffers from a cross site scripting vulnerability via a file upload.

tags | exploit, xss, file upload
SHA-256 | 5e6dcee09ca3a6208dca09fa733156105f960720d70334ae602f8f337f70aaa0
Red Hat Security Advisory 2021-1373-01
Posted Apr 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1373-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and out of bounds read vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
SHA-256 | 1f4d9d0e249812a79e1d8846ca1ee2bd1ed40eb3dd88b4c6ea3ae28227ac7239
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close