what you don't know can hurt you
Showing 1 - 21 of 21 RSS Feed

Files Date: 2021-06-22

Red Hat Security Advisory 2021-2523-01
Posted Jun 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2523-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include integer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-12362, CVE-2020-15436
SHA-256 | eb0940216f9af64826b01108cb8e67dea4ba8611c9c537cdffa10b811f82ac49
Ubuntu Security Notice USN-4995-1
Posted Jun 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4995-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the UI, bypass security restrictions, or execute arbitrary code. It was discovered that extensions could open popup windows with control of the window title in some circumstances. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to spoof a website and trick the user into providing credentials. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, windows, ubuntu
advisories | CVE-2021-23961, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987, CVE-2021-23994, CVE-2021-23995, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29948, CVE-2021-29949, CVE-2021-29956, CVE-2021-29957
SHA-256 | 4377b3a315af5e52fb39b7a6d25d2f9f0a167af3746b0bb2a7e6f3615807b933
WordPress Admin Columns Cross Site Scripting
Posted Jun 22, 2021
Authored by Johannes Lauinger

WordPress Admin Columns plugin versions below 5.5.2 Pro and 4.3.2 Pro suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-24365
SHA-256 | 7d7376474770f3c76734318152b6a560b3a2a6645e0b86b13b95bee7521627b0
Ubuntu Security Notice USN-4996-2
Posted Jun 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4996-2 - USN-4996-1 fixed several vulnerabilities in OpenEXR. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-20296, CVE-2021-3605
SHA-256 | 128d55f1c08b249ea5de751303509c3dfe40682a628e2c70692523f220901242
Remote Mouse GUI 3.008 Privilege Escalation
Posted Jun 22, 2021
Authored by Salman Asad

Remote Mouse GUI version 3.008 suffers from a local privilege escalation vulnerability.

tags | exploit, remote, local
SHA-256 | 970a325579635744dbd407334f555cadbc22e50236dffd36e5eb67e0245fa03a
ASUS DisplayWidget Software 3.4.0.036 Unquoted Service Path
Posted Jun 22, 2021
Authored by Julio Avina

ASUS DisplayWidget Software version 3.4.0.036 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 135ba30154d912ebba59d90f64e69e8603c68e4fe97a3c97544d7e7cd1e8da2f
Red Hat Security Advisory 2021-2522-01
Posted Jun 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2522-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include integer overflow and privilege escalation vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-24489, CVE-2021-27219, CVE-2021-3501, CVE-2021-3560
SHA-256 | f5fe6b9d404ea0fffaa66f8c161b4e2c24d4a8d748a31878c1e5c27d1631484c
Responsive Tourism Website 3.1 Remote Code Execution
Posted Jun 22, 2021
Authored by Tagoletta

Responsive Tourism Website version 3.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 7f707e47ca6b9706edb7a5062565ca1430d98bf239d676bcd80bd1f4cc97899a
Red Hat Security Advisory 2021-2519-01
Posted Jun 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2519-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, integer overflow, and privilege escalation vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-24489, CVE-2021-25217, CVE-2021-27219
SHA-256 | 112f549a59b461f2d22e1bfdedcd9717ac61e2b6e828754f073ee85f2c9975ad
Phone Shop Sales Managements System 1.0 Insecure Direct Object Reference
Posted Jun 22, 2021
Authored by Pratik Khalane

Phone Shop Sales Managements System version 1.0 suffers from an insecure direct object reference vulnerability.

tags | exploit
SHA-256 | da1fcca378222fdbf1d4a197a3a4581bc79f274b6898cf2f5ff34500d2da7bed
Falco 0.29.0
Posted Jun 22, 2021
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: 5 rule changes and about a dozen non-user facing changes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 103f2f7b15b1c0cd794a838e4da8e4ad0e0a81325df0cc49da34fae30d620f25
Clam AntiVirus Toolkit 0.103.3
Posted Jun 22, 2021
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Fixed a scan performance issue when ENGINE_OPTIONS_FORCE_TO_DISK is enabled. Fixed ClamDScan crash. Fixed an issue where the mirrors.dat file is owned by root when starting as root (or with sudo) and using daemon-mode. Various other updates.
tags | tool, virus
systems | unix
SHA-256 | 9f6e3d18449f3d1a3992771d696685249dfa12736fe2b2929858f2c7d8276ae9
GRAudit Grep Auditing Tool 3.1
Posted Jun 22, 2021
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Updated secret rules. Updated dotnet rules. Updated C rules. Updated Java and Mongose rules. Added ~/graudit/signatures to database locations. Updated documentation.
tags | tool
systems | unix
SHA-256 | 7bab75bbc6330e05bd374226f5e57a1fab230a1b04db8a88cfe4b4e95c909c90
Customer Relationship Management System 1.0 Remote Code Execution
Posted Jun 22, 2021
Authored by Ishan Saha

Customer Relationship Management System version 1.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 28ea7348ceb9cf9c5aac504fe9f4182e71c9b04ca82eefc8cdfd529e7d67148c
Fedora / Gnome fscaps Issue
Posted Jun 22, 2021
Authored by Tavis Ormandy, Google Security Research

Fedora with Gnome has an issue where it is not using fscaps safely.

tags | exploit
systems | linux, fedora
SHA-256 | 5fe12d617595a462d2a4fb41da183c392412f1d518d9ef97c94501d8e6a9f976
Ubuntu Security Notice USN-4996-1
Posted Jun 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4996-1 - It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-20296, CVE-2021-3605
SHA-256 | c1d8432bd5673f2f735de434123e0d0b122b5d2292e00547868b58c8b352df49
Solaris SunSSH 11.0 Remote Root
Posted Jun 22, 2021
Authored by Joe Rozner, Nathaniel Singer

Solaris SunSSH version 11.0 on x86 libpam remote root exploit.

tags | exploit, remote, x86, root
systems | solaris
advisories | CVE-2020-14871
SHA-256 | 678892d62f9d4edd74e135ec10ed7cd1fb0389a420617db1549d49e581caa0db
Ubuntu Security Notice USN-4994-2
Posted Jun 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4994-2 - USN-4994-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Antonio Morales discovered that the Apache mod_auth_digest module incorrectly handled certain Digest nonces. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641
SHA-256 | 591561495ec3ee08e8e7ad9831af2ad7d1a0ec5997d04ef7fe192b2b3d440f4d
Dlink DSL2750U Command Injection
Posted Jun 22, 2021
Authored by Mohammed Hadi

Dlink DSL2750U suffers from a reboot command injection vulnerability.

tags | exploit
SHA-256 | e1c1e65d0c0408be5cc26b5b08457b6edbb30d79d27245ffd3ab2ad1d7fe9464
Websvn 2.6.0 Remote Code Execution
Posted Jun 22, 2021
Authored by g0ldm45k

Websvn version 2.6.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2021-32305
SHA-256 | 8e465dc0850193e9a6e89867711351af2975a5358a3720f61394e8090d1e4666
Wise Care 365 5.6.7.568 Unquoted Service Path
Posted Jun 22, 2021
Authored by Julio Avina

Wise Care 365 version 5.6.7.568 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 0b17a0e8de5a7d8308d08f716518cf3079320dc019250d52fdb1ccfbc1cb2925
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close