what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2021-07-13

Red Hat Security Advisory 2021-2694-01
Posted Jul 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2694-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.8 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2021-21409, CVE-2021-3536
SHA-256 | 182d8c7206dd938e39e41e290e4cd6a338d031ef0d9174ec5787a46121cef39c
Gentoo Linux Security Advisory 202107-31
Posted Jul 13, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-31 - A vulnerability in polkit could lead to local root privilege escalation. Versions less than 0.119 are affected.

tags | advisory, local, root
systems | linux, gentoo
advisories | CVE-2021-3560
SHA-256 | a0c2061f382ef67106608fe19136f3b3a8828926ea491fade8034d45af8f6b4b
VMware vCenter Server Virtual SAN Health Check Remote Code Execution
Posted Jul 13, 2021
Authored by wvu, Ricter Z | Site metasploit.com

This Metasploit module exploits Java unsafe reflection and SSRF in the VMware vCenter Server Virtual SAN Health Check plugin's ProxygenController class to execute code as the vsphere-ui user. See the vendor advisory for affected and patched versions. Tested against VMware vCenter Server 6.7 Update 3m (Linux appliance

tags | exploit, java
systems | linux
advisories | CVE-2021-21985
SHA-256 | bdb3128591e803fa1beff81827096bb294a0b4124989ab73f3593b99e35faca8
ForgeRock / OpenAM Jato Java Deserialization
Posted Jul 13, 2021
Authored by Spencer McIntyre, Michael Stepankin, bwatters-r7, jheysel-r7 | Site metasploit.com

This Metasploit module leverages a pre-authentication remote code execution vulnerability in the OpenAM identity and access management solution. The vulnerability arises from a Java deserialization flaw in OpenAM's implementation of the Jato framework and can be triggered by a simple one-line GET or POST request to a vulnerable endpoint. Successful exploitation yields code execution on the target system as the service user. This vulnerability also affects the ForgeRock identity platform which is built on top of OpenAM and thus is susceptible to the same issue.

tags | exploit, java, remote, code execution
advisories | CVE-2021-35464
SHA-256 | 7ab7e165e1eabb4c0774d5b02fa501308e44a10ac91af40c1b4ed6a62fc60ca6
Red Hat Security Advisory 2021-2692-01
Posted Jul 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2692-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.8 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2021-21409, CVE-2021-3536
SHA-256 | 50ade74599cb1230ee646568de9051265f883647e4d34d15b7eb13f0a3f5248b
Global Socket 1.4.33
Posted Jul 13, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: OpenWRT related update and merged pull request #50 from hackerschoice/fixie.
tags | tool, tcp
systems | unix
SHA-256 | 5bbc850a274b933a4e8b0ac7d5bc8b0527c3eddbaee7f8a9389c284f27a6fe14
Red Hat Security Advisory 2021-2693-01
Posted Jul 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2693-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.8 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2021-21409, CVE-2021-3536
SHA-256 | cb33e2a011b4eb661fb9b4003f8a03f9d124b688c2850a6591807e59ec8532ed
VirTool.Win32.Afix MVID-2021-0291 Buffer Overflow / Code Execution
Posted Jul 13, 2021
Authored by malvuln | Site malvuln.com

VirTool.Win32.Afix malware suffers from buffer overflow and code execution vulnerabilities.

tags | exploit, overflow, vulnerability, code execution
systems | windows
SHA-256 | 9dad98cd006c23a0bb59030a700ae55c9ea6d472fd3acf470174319320d92a52
Red Hat Security Advisory 2021-2696-01
Posted Jul 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2696-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.8 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2021-21409, CVE-2021-3536
SHA-256 | 7261e658c9514c8017a4dc0c8a17b8993110cc1fbcc5571a4d01993d01611bde
Invoice System 1.0 Cross Site Scripting
Posted Jul 13, 2021
Authored by Subhadip Nag

Invoice System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 37dcc00e015cfbcb00bad2618b0a4096b2cdead048157b4db268dfdc894e6487
Backdoor.Win32.Surila.j MVID-2021-0290 Denial Of Service
Posted Jul 13, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Surila.j malware suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | windows
SHA-256 | b2db80b143b4ee0f73c819e5d7e3a13dfaa2bfd7552f8d75728042b819676203
Red Hat Security Advisory 2021-2689-01
Posted Jul 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2689-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.8.2 serves as a replacement for Red Hat AMQ Broker 7.8.1, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service, information leakage, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2020-27223, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-28163, CVE-2021-28164, CVE-2021-28165, CVE-2021-3425
SHA-256 | 797ae866913245376a53ab9b2027c144a57e156f08fb0901e02b9cb20c189fda
Red Hat Security Advisory 2021-2683-01
Posted Jul 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2683-01 - XStream is a Java XML serialization library to serialize objects to and deserialize object from XML.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-29505
SHA-256 | d8ea8ce278e94ab6b02669838c9fe309951257f38518183717b830aa7b4f5ad4
Garbage Collection Management System 1.0 Shell Upload / SQL Injection
Posted Jul 13, 2021
Authored by Luca Bernardi

Garbage Collection Management System version 1.0 shell upload exploit that leverages a SQL injection vulnerability.

tags | exploit, shell, sql injection
SHA-256 | 362cc75fef4a9b5814055f74ae47affd8cf33fdb77b55369eaaead43fbec7bb1
Gentoo Linux Security Advisory 202107-30
Posted Jul 13, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-30 - Multiple vulnerabilities have been found in Xen, the worst of which could result in privilege escalation. Versions less than 4.15.0-r1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2020-29479, CVE-2020-29486, CVE-2020-29487, CVE-2020-29566, CVE-2020-29567, CVE-2020-29568, CVE-2020-29569, CVE-2020-29570, CVE-2020-29571, CVE-2021-0089, CVE-2021-26313, CVE-2021-28687, CVE-2021-28690, CVE-2021-28691, CVE-2021-28692, CVE-2021-28693, CVE-2021-3308
SHA-256 | 36d5f476b51c23defc6f7d17ba7518ef98181a7154a78a23daa94e2802513ab7
Gentoo Linux Security Advisory 202107-29
Posted Jul 13, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-29 - A buffer overflow in ConnMan might allow remote attacker(s) to execute arbitrary code. Versions less than 1.40 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2021-26675, CVE-2021-26676, CVE-2021-33833
SHA-256 | 8fcff86608431d98ad7fc9a103d42f3e7a49758999950a65a0023225172d3b4f
WordPress WPFront Notification Bar 1.9.1.04012 Cross Site Scripting
Posted Jul 13, 2021
Authored by Swapnil Subhash Bodekar

WordPress WPFront Notification Bar plugin version 1.9.1.04012 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 126c894e7f7c15d9b752ef230951b2336e52a29bd77c4c18cf9ce658c7b05840
VirTool.Win32.Afix MVID-2021-0292 Buffer Overflow / Code Execution
Posted Jul 13, 2021
Authored by malvuln | Site malvuln.com

VirTool.Win32.Afix malware suffers from buffer overflow and code execution vulnerabilities.

tags | exploit, overflow, vulnerability, code execution
systems | windows
SHA-256 | 2a97b3a15f0108112f1924c5e453996fd2098a215da172e302c635af319d9b41
OpenEMR 5.0.1.3 Shell Upload
Posted Jul 13, 2021
Authored by Alexandre Zanni

OpenEMR version 5.0.1.3 authenticated remote shell upload exploit that leverages a vulnerability discovered in 2018.

tags | exploit, remote, shell
advisories | CVE-2018-15139
SHA-256 | c870808a4f9a9a137fcb679a6a3037401a0616eb79f037981dc723adf1f8b701
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    33 Files
  • 8
    Feb 8th
    34 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close