Ubuntu Security Notice 4971-2 - USN-4971-1 fixed several vulnerabilities in libwebp. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
f63aaf0ab9c4c2c6d9380becd06ab7d255d0d5feb334a87f9ac6044ffe487df2
Red Hat Security Advisory 2021-2375-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include an integer overflow vulnerability.
c042d6f34aae750960747ec88301137dcbdc6cc452232066250df57113b2d33d
This Metasploit module allows an attacker with knowledge of the admin password of NSClient++ to start a privileged shell. For this module to work, both web interface of NSClient++ and ExternalScripts feature should be enabled.
e95945a965159bfea31fbd8366718d83da086d569e817f49987fd013571a676d
Red Hat Security Advisory 2021-2372-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include an integer overflow vulnerability.
7e67326f76ad97807b4606f2335d3aed6a6ba59f3f9d249295411d2301d78b8e
GravCMS version 1.10.7 unauthenticated arbitrary YAML write/update exploit. This is a variant exploit of the original discovery made by Mehmet Ince in April of 2021.
49140ae899e7ff1751c131e4e4771cefd61241671559ec6115024c9f61838e8c
Red Hat Security Advisory 2021-2370-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
5bc343ec3f12dd72908531df2ee835a0669862064994baf5664821373661e802
Student Result Management System version 1.0 remote SQL injection exploit. This is a variant of the original discovery of SQL injection in this version by Ritesh Gohil.
133259e059ff358aeeb8219391052f672d845e9dc9c91f3fbaef4a6288d0f6a2
Red Hat Security Advisory 2021-2371-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
7c5a6a02a3a974d232cf8ec39365143397d8ea6a1daf0041bca1acc7ead3512f
TextPattern CMS version 4.8.7 suffers from a persistent cross site scripting vulnerability.
5e51f1447fde17c90e3be1790ab147aee3c71a152ae4954667270fec50e1ea6c
Ubuntu Security Notice 4986-2 - USN-4986-1 fixed a vulnerability in rpcbind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that rpcbind incorrectly handled certain large data sizes. A remote attacker could use this issue to cause rpcbind to consume resources, leading to a denial of service. Various other issues were also addressed.
32b149ed8230cc124da11b6389b252a579c710c6cb7964575dcf45329cc714ef
Red Hat Security Advisory 2021-2150-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.452.
05acb44eb9620352face14dbb07a59189b6751c84ff16519938d35ddceb2b29a
memono Notepad 4.2 denial of service proof of concept exploit.
6e0c80eeec1f14cb6c54d8b2608794aad97b58dbd5466fd0e4ea84a35c530d90
EasyFTP Server version 1.7.0.11 XRMD denial of service proof of concept exploit.
4f7789b1d4176284fefe0a8f3b908427852a8228b67f9e6a4263e89a59386e80
Red Hat Security Advisory 2021-2363-01 - GUPnP is an object-oriented open source framework for creating UPnP devices and control points, written in C using GObject and libsoup. The GUPnP API is intended to be easy to use, efficient and flexible.
32ae5f6e73df24a8d93e13e6d5a85ee4758434700d677c4d484d14aede483674
Red Hat Security Advisory 2021-2364-01 - The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format. Webmasters, web developers and browser developers can use WebP to compress, archive, and distribute digital images more efficiently. Issues addressed include buffer overflow and use-after-free vulnerabilities.
e64a761e69fd127030d0ac7b8390f78903b07db4c7f88b41081fcf9d117db414
Sticky Notes Widget version 3.0.6 suffers from a denial of service vulnerability.
618290dcd10cdf4d9f261b4ef1ca78612d4e84ff026b3347ccd20966a5f24122
n+otes version 1.6.2 suffers from a denial of service vulnerability.
71fc0b1921e0dbd578d82437496c66abb0f747f5eec685df03be0a90a70111f5
Red Hat Security Advisory 2021-2365-01 - The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format. Webmasters, web developers and browser developers can use WebP to compress, archive, and distribute digital images more efficiently. Issues addressed include buffer overflow and use-after-free vulnerabilities.
f8b17afe87189b9170c3f7e12ab2a02a1da4703f1f1dd92263f936efe95d152a
70 bytes small Linux/x86 shellcode with XOR decoder stub and fstenv MMX FPU spawning a /bin/sh shell.
11b3b90f9432231138d2380813aec5392fb07dbce222b7123fb12312d6eaa007
Petalus is a crypto wallet microservice in python that allows users to store any type of information on a virtual wallet. The main functionalities of Petalus are blockchain support on the storage data, multiple hashes for the blockchain (sha256, blake2s and sha3-256), multiple process execution, support for read/write triggers on the wallets, and authorization of write blocks with public/private key.
535dcde4cc02e3aaed94a32fcddbf9482acb15845d4e4689e59fc8aee26cd414