what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 366 RSS Feed

Files Date: 2021-04-01 to 2021-04-30

GRAudit Grep Auditing Tool 3.0
Posted Apr 29, 2021
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Fixed broken Java rule causing massive false positives. Additional PHP fruit rules added.
tags | tool
systems | unix
SHA-256 | a1153c5de5bd786a24a28e3e31ce5ead66ccd16a90c162f15c858d17d6001e7f
Ubuntu Security Notice USN-4929-1
Posted Apr 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4929-1 - Greg Kuechle discovered that Bind incorrectly handled certain incremental zone updates. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. Siva Kakarla discovered that Bind incorrectly handled certain DNAME records. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. It was discovered that Bind incorrectly handled GSSAPI security policy negotiation. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-25214, CVE-2021-25215, CVE-2021-25216
SHA-256 | c45f0b4e1c0fde4746b7b25c887fd512e3f5fcbea47069d93e4d57eb89927b5c
Red Hat Security Advisory 2021-1468-01
Posted Apr 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1468-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-25215
SHA-256 | 1a4ce9c00ca6e5255273a2b36e66d370775badb33a04f790cc54020804c5a70f
NodeBB Emoji 3.2.1 Arbitrary FIle Write
Posted Apr 29, 2021
Authored by 1F98D

NodeBB Emoji plugin version 3.2.1 suffers from an arbitrary file write vulnerability.

tags | exploit, arbitrary
SHA-256 | b8efb1e731fd411b0d82d14ee601854ed4c4affe7d5760b5648cf818e59afbaa
Ubuntu Security Notice USN-4928-1
Posted Apr 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4928-1 - It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to cause access sensitive information or cause a crash. It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code or cause a crash. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3497, CVE-2021-3498
SHA-256 | be51491c5d6d6a3dfb44d83819cbe818550f9918ad2e93299d0796121b896c6e
Red Hat Security Advisory 2021-1452-01
Posted Apr 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1452-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. The ceph-ansible package provides Ansible playbooks for installing, maintaining, and upgrading Red Hat Ceph Storage. Perf Tools is a collection of performance analysis tools, including a high performance multi-threaded malloc() implementation that works particularly well with threads and STL, a thread-friendly heap-checker, a heap profiler, and a cpu-profiler.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25678, CVE-2021-3139
SHA-256 | 5d41edca2cc85cc097fff41b21e2b23e9b187fa52958e3c5cb6066efe04a15fb
Cacti 1.2.12 SQL Injection / Remote Code Execution
Posted Apr 29, 2021
Authored by M4yFly, Leonardo Paiva

Cacti version 1.2.12 remote code execution exploit that leverages a remote SQL vulnerability.

tags | exploit, remote, code execution, sql injection
advisories | CVE-2020-14295
SHA-256 | 5599594befaf80c893938a8659f1ac8a0b62ce19e5b98e608838251275c379bd
Red Hat Security Advisory 2021-1448-01
Posted Apr 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1448-01 - Red Hat Advanced Cluster Management for Kubernetes 2.0.10 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which resolve some security issues and bugs. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-0466, CVE-2020-15586, CVE-2020-16845, CVE-2020-27152, CVE-2020-28362, CVE-2020-28374, CVE-2021-20305, CVE-2021-23358, CVE-2021-26708, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365, CVE-2021-3347, CVE-2021-3449, CVE-2021-3450
SHA-256 | e0ed9dcea65dc8c6aed72a7323bfdf194a8e68c45019b280ca356c117d319f9c
Fog Project 1.5.9 Shell Upload
Posted Apr 29, 2021
Authored by sML

Fog Project version 1.5.9 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 7e8cccd3841e142272092a1936ee9f391365414d6ca4534f3ca93844e16d8c1b
Debian Security Advisory 4882-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4882-1 - Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, which could result in denial of service or the execution of arbitrary code when opening a malformed image.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2020-15389, CVE-2020-27814, CVE-2020-27823, CVE-2020-27824, CVE-2020-27841, CVE-2020-27842, CVE-2020-27843, CVE-2020-27845, CVE-2020-6851, CVE-2020-8112
SHA-256 | 5fc3f278bb64bcfcf29ee82912aa943b536f0376eb4d1d1fd72ad6bc7fcf84c7
Debian Security Advisory 4883-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4883-1 - It was discovered that missing input sanitising in the template() function of the Underscore JavaScript library could result in the execution of arbitrary code.

tags | advisory, arbitrary, javascript
systems | linux, debian
advisories | CVE-2021-23358
SHA-256 | c0b2dfa2b994cca132b9bed945a3e229ea9da1d689d20e73ba313f909884cb9e
Debian Security Advisory 4884-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4884-1 - Multiple vulnerabilities have been discovered in ldb, a LDAP-like embedded database built on top of TDB.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2020-10730, CVE-2020-27840, CVE-2021-20277
SHA-256 | c3a33b4c07f5fde2dde893faaf3574e6b961a8454fd101f414eb42a540ea80e7
Debian Security Advisory 4885-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4885-1 - Multiple security issues were discovered in Netty, a Java NIO client/server framework, which could result in HTTP request smuggling, denial of service or information disclosure.

tags | advisory, java, web, denial of service, info disclosure
systems | linux, debian
advisories | CVE-2019-20444, CVE-2019-20445, CVE-2020-11612, CVE-2020-7238, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409
SHA-256 | 6a526fc31321b64c4acb5653a9654f65c2eb9bacc8eeae0a6e619452216f22f7
Debian Security Advisory 4886-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4886-1 - Several vulnerabilites have been discovered in the chromium web browser.

tags | advisory, web
systems | linux, debian
advisories | CVE-2021-21159, CVE-2021-21160, CVE-2021-21161, CVE-2021-21162, CVE-2021-21163, CVE-2021-21165, CVE-2021-21166, CVE-2021-21167, CVE-2021-21168, CVE-2021-21169, CVE-2021-21170, CVE-2021-21171, CVE-2021-21172, CVE-2021-21173
SHA-256 | 91464af4bd71134e1890c13d6173cde4ec8cdf26c54b9235f08b83830896fcfa
Debian Security Advisory 4887-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4887-1 - A use-after-free was discovered in Lib3MF, a C++ implementation of the 3D Manufacturing Format, which could result in the execution of arbitrary code if a malformed file is opened.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2021-21772
SHA-256 | 35bbd49deeb21382d5b1f4fdf3c475a6b5944ac8965d93701e6f7e9c6bd90db3
Debian Security Advisory 4888-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4888-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, privilege escalation or memory disclosure.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2021-26933, CVE-2021-27379
SHA-256 | 59e07669cdeed8f06fc9b1e8019517c110224b603dd928949ce5f0729cdf99b0
Debian Security Advisory 4889-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4889-1 - Multiple security issues were found in MediaWiki, a website engine for collaborative work, which could result in incomplete page/blocking protection, denial of service or cross-site scripting.

tags | advisory, denial of service, xss
systems | linux, debian
advisories | CVE-2021-20270, CVE-2021-27291, CVE-2021-30152, CVE-2021-30154, CVE-2021-30155, CVE-2021-30157, CVE-2021-30158, CVE-2021-30159
SHA-256 | 49b1118e5e434a47257059a1f6acac6dd79c19b2654b3272799d4a74621cc53a
Debian Security Advisory 4890-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4890-1 - Stan Hu discovered that kramdown, a pure Ruby Markdown parser and converter, performed insufficient namespace validation of Rouge syntax highlighting formatters.

tags | advisory, ruby
systems | linux, debian
advisories | CVE-2021-28834
SHA-256 | 60fe6ac5fd6c7b4347f726fe140eae03e02e88ad5e42ce04e067b8d63dd4276d
Debian Security Advisory 4891-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4891-1 - Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in information disclosure or denial of service.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2021-25122, CVE-2021-25329
SHA-256 | 1cc0c8e922520ac710a5eb680952a81085830ab697d578ee126aa8cdb6ed32ad
Debian Security Advisory 4892-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4892-1 - It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when 'svg' or 'math' are in the allowed tags, 'p' or 'br' are in allowed tags, 'style', 'title', 'noscript', 'script', 'textarea', 'noframes', 'iframe', or 'xmp' are in allowed tags and 'strip_comments=False' is set.

tags | advisory, python
systems | linux, debian
advisories | CVE-2021-23980
SHA-256 | e925541c26637d55f5311218ab1047e942a1ea57bb81e223c144e1e77c463d88
Debian Security Advisory 4893-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4893-1 - Jan-Niklas Sohn discovered that missing input sanitising in the XInput extension of the X.org X server may result in privilege escalation if the X server is running privileged.

tags | advisory
systems | linux, debian
advisories | CVE-2021-3472
SHA-256 | fca9892ceaa552967e97ff8b515414e8335d4aac2313b7bc5bf3a80a7f6744a6
Debian Security Advisory 4894-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4894-1 - It was discovered that the PEAR Archive_Tar package for handling tar files in PHP is prone to a directory traversal flaw due to inadequate checking of symbolic links.

tags | advisory, php
systems | linux, debian
advisories | CVE-2020-36193
SHA-256 | d061787b973d1c843767158272f68254956904b392fc7c66dc0920757d06b8d4
Debian Security Advisory 4895-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4895-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, privilege escalation or spoofing.

tags | advisory, web, arbitrary, spoof, info disclosure
systems | linux, debian
advisories | CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946
SHA-256 | a90591c14b940c58ca0deaa0ce3ecba9d1b79aee98db18f5c67359115f4cc1be
Debian Security Advisory 4896-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4896-1 - Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform XML External Entity (XXE) attacks, and access private content.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2021-29447, CVE-2021-29450
SHA-256 | e00b69e4ff46ca105c70362ee5ece24f6f93cc7b36e5b41b63549ad18bd8c25b
Debian Security Advisory 4897-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4897-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. In adddition a number of security issues were addressed in the OpenPGP support.

tags | advisory, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2021-23961, CVE-2021-23991, CVE-2021-23992, CVE-2021-23993, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948, CVE-2021-29949
SHA-256 | d046261a5bea547646c1ad71555d4faa8f38e2e133e219e9721c0bfe1ba81218
Page 1 of 15
Back12345Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    33 Files
  • 8
    Feb 8th
    34 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close