what you don't know can hurt you
Showing 1 - 17 of 17 RSS Feed

Files Date: 2021-05-11

Ubuntu Security Notice USN-4944-1
Posted May 11, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4944-1 - This update fixed multiple vulnerabilities in MariaDB. Ubuntu 18.04 LTS has been updated to MariaDB 10.1.48. Ubuntu 20.04 LTS has been updated to MariaDB 10.3.29. Ubuntu 20.10 has been updated to MariaDB 10.3.29. Ubuntu 21.04 has been updated to MariaDB 10.5.10.

tags | advisory, vulnerability
systems | linux, ubuntu
MD5 | 0818aacd2588fdf77c07763a45e5a4f6
Customer Relationship Management (CRM) System 1.0 Shell Upload
Posted May 11, 2021
Authored by Richard Jones

Customer Relationship Management (CRM) System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | fd0485926223aa2206f5546dccf46c64
Customer Relationship Management (CRM) System 1.0 Cross Site Scripting
Posted May 11, 2021
Authored by Richard Jones

Customer Relationship Management (CRM) System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | cf0d47675e4753962da5db34f3ef7c4d
Customer Relationship Management (CRM) System 1.0 SQL Injection
Posted May 11, 2021
Authored by Richard Jones

Customer Relationship Management (CRM) System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | df2f1ca3c4905b571716bcf98058482c
Hexagon G!nius Auskunftsportal SQL Injection
Posted May 11, 2021
Authored by Marcel Keiffenheim

Hexagon G!nius Auskunftsportal versions prior to 5.0.0.0 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2021-32051
MD5 | d6dd0935d69c6151673cc0768d99190a
MikroTik RouterOS Memory Corruption
Posted May 11, 2021
Authored by Qian Chen

MikroTik's RouterOS suffers from multiple memory corruption vulnerabilities. Various versions are affected.

tags | advisory, vulnerability
advisories | CVE-2020-20220, CVE-2020-20227, CVE-2020-20245, CVE-2020-20246
MD5 | 29d6d4d3e716abcfa9298b1b0282587d
ERPNext 12.18.0 / 13.0.0 Cross Site Scripting
Posted May 11, 2021
Authored by Stefan Pietsch, Nick Decker | Site trovent.io

ERPNext versions 12.18.0 and 13.0.0 suffer from reflective and persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | ac60bdf342b7bb4270793428c1f9045a
ERPNext 12.18.0 / 13.0.0 SQL Injection
Posted May 11, 2021
Authored by Stefan Pietsch, Nick Decker | Site trovent.io

ERPNext versions 12.18.0 and 13.0.0 suffer from an authenticated remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6c329df5e9d8646f43166acb54002a9b
SIS-REWE GO 7.5.0/12C Cross Site Scripting
Posted May 11, 2021
Authored by S. Robertz, Florian Lienhart | Site sec-consult.com

SIS-REWE GO version 7.5.0/12C suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2021-31537
MD5 | c3294d840117ac301e57757fa66b8ff8
Red Hat Security Advisory 2021-1532-01
Posted May 11, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1532-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and out of bounds read vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-28374, CVE-2021-27364, CVE-2021-27365
MD5 | 6ec5fd3b2ea5ad160a9d03386c76c1bb
Red Hat Security Advisory 2021-1531-01
Posted May 11, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1531-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds read, and out of bounds write vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-19532, CVE-2020-25211, CVE-2020-25705, CVE-2020-28374, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
MD5 | 289978fd9eebabd11ff9f0f6b15bca91
Ubuntu Security Notice USN-4943-1
Posted May 11, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4943-1 - Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. This issue affected only affected Ubuntu 20.10. It was discovered that XStream was vulnerable to server-side forgery attacks. A remote attacker could request data from internal resources that are not publicly available only by manipulating the processed input stream. This issue only affected Ubuntu 20.10. Various other issues were also addressed.

tags | advisory, remote, arbitrary, shell, code execution
systems | linux, ubuntu
advisories | CVE-2020-26217, CVE-2020-26258, CVE-2020-26259, CVE-2021-21342, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350
MD5 | a565fe2178a44c21cfecd0d125585112
Ubuntu Security Notice USN-4942-1
Posted May 11, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4942-1 - A race condition was discovered in Web Render Components. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code.

tags | advisory, web, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-29952
MD5 | fa26ce0ed3531bf64ac95fbb16f4270f
Ubuntu Security Notice USN-4941-1
Posted May 11, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4941-1 - It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code or cause a crash. It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code or cause a crash. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-29457, CVE-2021-3482
MD5 | c00f22b7ee92365c3506b1083a92e48b
TOR Virtual Network Tunneling Tool 0.4.5.8
Posted May 11, 2021
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.4.5.8 fixes several bugs in earlier versions, backporting fixes from the 0.4.6.x series.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | a39d9b930a19936b57f097051c0ad509
Lynis Auditing Tool 3.0.4
Posted May 11, 2021
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Added Detection of cmd tooling, test cmd configuration file, and check for ELILO boot loader presence. Also added OS detection of AlmaLinux, Garuda Linux, Manjaro (ARM), and others. A half dozens changes have also been made.
tags | tool, scanner
systems | unix
MD5 | ebcaac61e8ab7b7d9a61109e5a64578c
Mozilla Windows Maintenance Service Weak DACL
Posted May 11, 2021
Authored by James Forshaw, Google Security Research

Mozilla's Firefox 85 for Windows has a weak DACL for domain networks.

tags | exploit
systems | windows
advisories | CVE-2021-29951
MD5 | 51ec5afa13bba26be3fb02a3fedaa898
Page 1 of 1
Back1Next

File Archive:

July 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    12 Files
  • 3
    Jul 3rd
    1 Files
  • 4
    Jul 4th
    2 Files
  • 5
    Jul 5th
    34 Files
  • 6
    Jul 6th
    21 Files
  • 7
    Jul 7th
    21 Files
  • 8
    Jul 8th
    13 Files
  • 9
    Jul 9th
    6 Files
  • 10
    Jul 10th
    1 Files
  • 11
    Jul 11th
    3 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    19 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    15 Files
  • 16
    Jul 16th
    9 Files
  • 17
    Jul 17th
    2 Files
  • 18
    Jul 18th
    2 Files
  • 19
    Jul 19th
    19 Files
  • 20
    Jul 20th
    21 Files
  • 21
    Jul 21st
    53 Files
  • 22
    Jul 22nd
    14 Files
  • 23
    Jul 23rd
    14 Files
  • 24
    Jul 24th
    1 Files
  • 25
    Jul 25th
    1 Files
  • 26
    Jul 26th
    21 Files
  • 27
    Jul 27th
    8 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close