what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

Files Date: 2021-06-01

American Fuzzy Lop plus plus 3.13c
Posted Jun 1, 2021
Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site thc.org

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: frida_mode added. Created a fuzzing dictionary. Updated the grammar custom mutator to the newest version. Dozens of changes applied across afl-fuzz and afl-cc.
tags | tool, fuzzer
systems | unix
SHA-256 | 7b0d5b17acb38c19878865b91a26ec718fa0ef53363473240c7cfbdbed356f7f
Flawfinder 2.0.16
Posted Jun 1, 2021
Authored by David A. Wheeler | Site sourceforge.net

Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.

Changes: The distributed source file is now flawfinder.py, not flawfinder. Added support for generating SARIF output. Improved handling of Git patch format.
tags | tool
systems | unix
SHA-256 | 5b12c5de0a0f75de84caaebf4b6bd3d87f3776fd3a54de3409ee9c148788251f
Korenix CSRF / Backdoor Accounts / Command Injection / Missing Authentication
Posted Jun 1, 2021
Authored by T. Weber | Site sec-consult.com

Multiple Korenix products are affected by unauthenticated device administration, backdoor accounts, cross site request forgery, unauthenticated tftp actions, and command injection vulnerabilities. Products affected include JetNet 5428G-20SFP, JetNet 5810G, JetNet 4706F, JetNet 4706, JetNet 4706, JetNet 4510, JetNet 5010, JetNet 5310, and JetNet 6095.

tags | exploit, vulnerability, csrf
advisories | CVE-2020-12500, CVE-2020-12501, CVE-2020-12502, CVE-2020-12503, CVE-2020-12504
SHA-256 | 2ab15e19675a05aaabcb76dc1553dadb6ceb96917b39bbdccdfbeaba3666a535
Red Hat Security Advisory 2021-2180-01
Posted Jun 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2180-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-20178, CVE-2021-20180, CVE-2021-20191, CVE-2021-20228
SHA-256 | 6852d4b9f97cf864532f858f2006cc4ee7a38b868296227def5a9a57acebe4ee
Red Hat Security Advisory 2021-2179-01
Posted Jun 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2179-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-28500, CVE-2021-23337
SHA-256 | ce9f506c93ade4ce270780fa19b29e37703e953b3039d04f4e541502e6ebea8d
ProjeQtOr Project Management 9.1.4 Shell Upload
Posted Jun 1, 2021
Authored by Temel Demir

ProjeQtOr Project Management version 9.1.4 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 699e3af0a51fe968519378a4a1d55d03dbb79568c68b2915eb21f38e8903fd14
Ubuntu Security Notice USN-4971-1
Posted Jun 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4971-1 - It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-25009, CVE-2018-25013, CVE-2020-36330
SHA-256 | 4154c64372f3a8ff3f9aba59bd006298ea88881a10facd690dd50280c5d9b968
Ubuntu Security Notice USN-4973-1
Posted Jun 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4973-1 - It was discovered that the Python stdlib ipaddress API incorrectly handled octal strings. A remote attacker could possibly use this issue to perform a wide variety of attacks, including bypassing certain access restrictions.

tags | advisory, remote, python
systems | linux, ubuntu
advisories | CVE-2021-29921
SHA-256 | c5b3ce18c04bb54f8d9cccdbd356b78d71d0e1536f4ddad6ed0d63d355b590c2
Ubee EVW327 Cross Site Request Forgery
Posted Jun 1, 2021
Authored by lated

Ubee EVW327 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | db2ae13634eda913433b0dd6498c6ec401dc37ff7931584eb95b8bc1a5692da9
Ubuntu Security Notice USN-4972-1
Posted Jun 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4972-1 - Tom Lane discovered that PostgreSQL incorrect handled certain array subscripting calculations. An authenticated attacker could possibly use this issue to overwrite server memory and escalate privileges. Andres Freund discovered that PostgreSQL incorrect handled certain INSERT ... ON CONFLICT ... DO UPDATE commands. A remote attacker could possibly use this issue to read server memory and obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-32027, CVE-2021-32028, CVE-2021-32029
SHA-256 | 6d2f32424f89c0673047264898acd8aa2e015967a2bcfa395cfa26c0c00e5ac4
Red Hat Security Advisory 2021-2175-01
Posted Jun 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2175-01 - GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2021-27219
SHA-256 | 478424f318d1e74131e9f85e02a9b25922b2a6b91745030dbf4e8fa3e89d8ff7
Backdoor.Win32.NetSpy.10 MVID-2021-0235 Heap Corruption
Posted Jun 1, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.NetSpy.10 malware suffers from a heap corruption vulnerability.

tags | exploit
systems | windows
SHA-256 | 40b0ad730bc229a47ab2cc59e18aa1563785c0fe02e126f3084c40235157b48d
Red Hat Security Advisory 2021-2170-01
Posted Jun 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2170-01 - GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2021-27219
SHA-256 | 0796c581b90ae2fbf49a21d1670b20a0353d94724f5de524674ea248bfa4fb04
Red Hat Security Advisory 2021-2174-01
Posted Jun 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2174-01 - GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2021-27219
SHA-256 | faf52ca76dff42164de9bb72c6a07c121795726e29c7a03c6be98f0163a5f3fa
Atlassian Jira 8.15.0 Username Enumeration
Posted Jun 1, 2021
Authored by Mohammed Aloraimi

Atlassian Jira version 8.15.0 suffers from a username enumeration vulnerability.

tags | exploit
SHA-256 | 01db45162cdfbd20811911d949d8e0b51cc7df6910ff6fc3394accd66300c530
Red Hat Security Advisory 2021-2168-01
Posted Jun 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2168-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-3501, CVE-2021-3543
SHA-256 | 54bd74fb552802738cbdde5b8c93eb1b4b7df96eca91d8c4e5270b64ceffa2e3
Red Hat Security Advisory 2021-2171-01
Posted Jun 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2171-01 - GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2021-27219
SHA-256 | fb2d64555b5853a867fe091711e97a113d18fe4c99d16af1f7fc696d4f2a1b10
Red Hat Security Advisory 2021-2173-01
Posted Jun 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2173-01 - GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2021-27219
SHA-256 | 512861f554d2d7f21d17f26976722264e25cacffc5bc99e12fa6bd38f2e99a62
CHIYU IoT Cross Site Scripting
Posted Jun 1, 2021
Authored by sirpedrotavares

CHIYU IoT devices suffer from multiple cross site scripting vulnerabilities. Versions affected include BF-430, BF-431, BF-450M, BF-630, BF631-W, BF830-W, Webpass, BF-MINI-W, and SEMAC.

tags | exploit, vulnerability, xss
advisories | CVE-2021-31250, CVE-2021-31641, CVE-2021-31643
SHA-256 | a0e148bec7337cb5cb6a2196c1eaeb2f732ddeb5e61a399ebf58969e953122ea
CHIYU TCP/IP Converter CRLF Injection
Posted Jun 1, 2021
Authored by sirpedrotavares

CHIYU TCP/IP Converter devices suffers from a crlf injection vulnerability. Versions affected include BF-430, BF-431, and BF-450M.

tags | exploit, tcp
SHA-256 | e7a596a59cae5f2c12a480ba0005a90bec441a27f46a82c5481c45eb383eab21
Ubuntu Security Notice USN-4970-1
Posted Jun 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4970-1 - It was discovered that GUPnP incorrectly filtered local requests. If a user were tricked into visiting a malicious website, a remote attacker could possibly use this issue to perform actions against local UPnP services such as obtaining or altering sensitive information.

tags | advisory, remote, local
systems | linux, ubuntu
advisories | CVE-2021-33516
SHA-256 | 0a2b86cdd89d16b61a286b6d83eab7d18ff398bbe1162d771f34da42e8f707d9
Red Hat Security Advisory 2021-2172-01
Posted Jun 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2172-01 - GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2021-27219
SHA-256 | 1c1febdb125274d3a83903cc169f4810862bfd7556b63506f8db15e4aca1c425
WordPress WP Prayer 1.6.1 Cross Site Scripting
Posted Jun 1, 2021
Authored by Bastijn Ouwendijk

WordPress WP Prayer plugin version 1.6.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | afd9a64bbddd69cb57546707ffd7e55632c459f8405d9c50e71711afdf36e788
Red Hat Security Advisory 2021-2165-01
Posted Jun 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2165-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-3501
SHA-256 | 6da6b9ec60b82c610e0c5a7bc75693e5f878172a20d44ed51102d245a512d4a3
Red Hat Security Advisory 2021-2169-01
Posted Jun 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2169-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-3501, CVE-2021-3543
SHA-256 | 57c250694dc9f042f0f6425c74ede96627017e8272ef870419b7c0d4dbe52849
Page 1 of 2
Back12Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close