what you don't know can hurt you
Showing 1 - 21 of 21 RSS Feed

Files Date: 2021-06-22

Red Hat Security Advisory 2021-2523-01
Posted Jun 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2523-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include integer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-12362, CVE-2020-15436
MD5 | 24814523a2095c09fe61e85358d10b3e
Ubuntu Security Notice USN-4995-1
Posted Jun 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4995-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the UI, bypass security restrictions, or execute arbitrary code. It was discovered that extensions could open popup windows with control of the window title in some circumstances. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to spoof a website and trick the user into providing credentials. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, windows, ubuntu
advisories | CVE-2021-23961, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987, CVE-2021-23994, CVE-2021-23995, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29948, CVE-2021-29949, CVE-2021-29956, CVE-2021-29957
MD5 | 20dc83202964373baf16304f35c94c5a
WordPress Admin Columns Cross Site Scripting
Posted Jun 22, 2021
Authored by Johannes Lauinger

WordPress Admin Columns plugin versions below 5.5.2 Pro and 4.3.2 Pro suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-24365
MD5 | c897aa331ad29744b3a5484196319ba3
Ubuntu Security Notice USN-4996-2
Posted Jun 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4996-2 - USN-4996-1 fixed several vulnerabilities in OpenEXR. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-20296, CVE-2021-3605
MD5 | de99dc4a308ddeae7347e5cfbf070a7a
Remote Mouse GUI 3.008 Privilege Escalation
Posted Jun 22, 2021
Authored by Salman Asad

Remote Mouse GUI version 3.008 suffers from a local privilege escalation vulnerability.

tags | exploit, remote, local
MD5 | 0ab48d1551508463359f31d583237a8c
ASUS DisplayWidget Software 3.4.0.036 Unquoted Service Path
Posted Jun 22, 2021
Authored by Julio Avina

ASUS DisplayWidget Software version 3.4.0.036 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | f418ac365e60f60a05f82c2f7dfdd2db
Red Hat Security Advisory 2021-2522-01
Posted Jun 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2522-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include integer overflow and privilege escalation vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-24489, CVE-2021-27219, CVE-2021-3501, CVE-2021-3560
MD5 | 58fe7c239c342ebdfeb3ec0adeb292d6
Responsive Tourism Website 3.1 Remote Code Execution
Posted Jun 22, 2021
Authored by Tagoletta

Responsive Tourism Website version 3.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | e53126ad91dbcbe579b0f26a3ccf73e3
Red Hat Security Advisory 2021-2519-01
Posted Jun 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2519-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, integer overflow, and privilege escalation vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-24489, CVE-2021-25217, CVE-2021-27219
MD5 | b765519eb1dded8feec387e980f06c72
Phone Shop Sales Managements System 1.0 Insecure Direct Object Reference
Posted Jun 22, 2021
Authored by Pratik Khalane

Phone Shop Sales Managements System version 1.0 suffers from an insecure direct object reference vulnerability.

tags | exploit
MD5 | f6112869b75f23a5c30df98609900e64
Falco 0.29.0
Posted Jun 22, 2021
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: 5 rule changes and about a dozen non-user facing changes.
tags | tool, intrusion detection
systems | unix
MD5 | 938c2ed46ff2f83ca2be4dea36141532
Clam AntiVirus Toolkit 0.103.3
Posted Jun 22, 2021
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Fixed a scan performance issue when ENGINE_OPTIONS_FORCE_TO_DISK is enabled. Fixed ClamDScan crash. Fixed an issue where the mirrors.dat file is owned by root when starting as root (or with sudo) and using daemon-mode. Various other updates.
tags | tool, virus
systems | unix
MD5 | f8dcf678953f6af056ddd5917bcc50c3
GRAudit Grep Auditing Tool 3.1
Posted Jun 22, 2021
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Updated secret rules. Updated dotnet rules. Updated C rules. Updated Java and Mongose rules. Added ~/graudit/signatures to database locations. Updated documentation.
tags | tool
systems | unix
MD5 | 59bcc6eb32bf165087c295f3640d001c
Customer Relationship Management System 1.0 Remote Code Execution
Posted Jun 22, 2021
Authored by Ishan Saha

Customer Relationship Management System version 1.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 99340adb5ad46f21eb2f6d0bdb63c633
Fedora / Gnome fscaps Issue
Posted Jun 22, 2021
Authored by Tavis Ormandy, Google Security Research

Fedora with Gnome has an issue where it is not using fscaps safely.

tags | exploit
systems | linux, fedora
MD5 | 137193ebd7236c05c0e162358341652e
Ubuntu Security Notice USN-4996-1
Posted Jun 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4996-1 - It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-20296, CVE-2021-3605
MD5 | b93dcc816616eb15d58ff43abf8f5dfb
Solaris SunSSH 11.0 Remote Root
Posted Jun 22, 2021
Authored by Joe Rozner, Nathaniel Singer

Solaris SunSSH version 11.0 on x86 libpam remote root exploit.

tags | exploit, remote, x86, root
systems | solaris
advisories | CVE-2020-14871
MD5 | ad6170fd6c91ea4241f7bcc669da3838
Ubuntu Security Notice USN-4994-2
Posted Jun 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4994-2 - USN-4994-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Antonio Morales discovered that the Apache mod_auth_digest module incorrectly handled certain Digest nonces. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641
MD5 | 660fa56849544234d133450e4f7d0b84
Dlink DSL2750U Command Injection
Posted Jun 22, 2021
Authored by Mohammed Hadi

Dlink DSL2750U suffers from a reboot command injection vulnerability.

tags | exploit
MD5 | e52a267317400d55b811baf68a56c96e
Websvn 2.6.0 Remote Code Execution
Posted Jun 22, 2021
Authored by g0ldm45k

Websvn version 2.6.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2021-32305
MD5 | 6ae7383ff4fe81d3446640a77cf479db
Wise Care 365 5.6.7.568 Unquoted Service Path
Posted Jun 22, 2021
Authored by Julio Avina

Wise Care 365 version 5.6.7.568 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | 1e5c422e986035f8e0e5d6d5e68ecce2
Page 1 of 1
Back1Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close