what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

Files Date: 2021-07-13

Red Hat Security Advisory 2021-2694-01
Posted Jul 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2694-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.8 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2021-21409, CVE-2021-3536
MD5 | fd9ab99ae5051ad583e02801d687677e
Gentoo Linux Security Advisory 202107-31
Posted Jul 13, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-31 - A vulnerability in polkit could lead to local root privilege escalation. Versions less than 0.119 are affected.

tags | advisory, local, root
systems | linux, gentoo
advisories | CVE-2021-3560
MD5 | ce9a4968c78b1f7a6e75b5e89c26d6c6
VMware vCenter Server Virtual SAN Health Check Remote Code Execution
Posted Jul 13, 2021
Authored by wvu, Ricter Z | Site metasploit.com

This Metasploit module exploits Java unsafe reflection and SSRF in the VMware vCenter Server Virtual SAN Health Check plugin's ProxygenController class to execute code as the vsphere-ui user. See the vendor advisory for affected and patched versions. Tested against VMware vCenter Server 6.7 Update 3m (Linux appliance

tags | exploit, java
systems | linux
advisories | CVE-2021-21985
MD5 | e234bf71ac8d25a40b1cdd8ae081ea0d
ForgeRock / OpenAM Jato Java Deserialization
Posted Jul 13, 2021
Authored by Spencer McIntyre, Michael Stepankin, bwatters-r7, jheysel-r7 | Site metasploit.com

This Metasploit module leverages a pre-authentication remote code execution vulnerability in the OpenAM identity and access management solution. The vulnerability arises from a Java deserialization flaw in OpenAM's implementation of the Jato framework and can be triggered by a simple one-line GET or POST request to a vulnerable endpoint. Successful exploitation yields code execution on the target system as the service user. This vulnerability also affects the ForgeRock identity platform which is built on top of OpenAM and thus is susceptible to the same issue.

tags | exploit, java, remote, code execution
advisories | CVE-2021-35464
MD5 | 963e24d766328fca3453819b7e551411
Red Hat Security Advisory 2021-2692-01
Posted Jul 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2692-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.8 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2021-21409, CVE-2021-3536
MD5 | 9977068232b57294161a5e8cdd451245
Global Socket 1.4.33
Posted Jul 13, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: OpenWRT related update and merged pull request #50 from hackerschoice/fixie.
tags | tool, tcp
systems | unix
MD5 | 4375e4daa510a89157d89aea0d28708e
Red Hat Security Advisory 2021-2693-01
Posted Jul 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2693-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.8 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2021-21409, CVE-2021-3536
MD5 | 09183fae1f1966220d702c09f085ab30
VirTool.Win32.Afix Buffer Overflow / Code Execution
Posted Jul 13, 2021
Authored by malvuln | Site malvuln.com

VirTool.Win32.Afix malware suffers from buffer overflow and code execution vulnerabilities.

tags | exploit, overflow, vulnerability, code execution
systems | windows
MD5 | f369cc6a6386fcb18a2d13ccc18955b9
Red Hat Security Advisory 2021-2696-01
Posted Jul 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2696-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.8 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2021-21409, CVE-2021-3536
MD5 | 8c015ad45f4929c9b295e0645332c72f
Invoice System 1.0 Cross Site Scripting
Posted Jul 13, 2021
Authored by Subhadip Nag

Invoice System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | ae515ca8430ebaf0b5e6780c40a79454
Backdoor.Win32.Surila.j Denial Of Service
Posted Jul 13, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Surila.j malware suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | windows
MD5 | 12074173824594a8b05fd6e099cfe6d6
Red Hat Security Advisory 2021-2689-01
Posted Jul 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2689-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.8.2 serves as a replacement for Red Hat AMQ Broker 7.8.1, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service, information leakage, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2020-27223, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-28163, CVE-2021-28164, CVE-2021-28165, CVE-2021-3425
MD5 | c1453b232a0eeee2f5c1fbe66f7effd9
Red Hat Security Advisory 2021-2683-01
Posted Jul 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2683-01 - XStream is a Java XML serialization library to serialize objects to and deserialize object from XML.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-29505
MD5 | ac930659d2e69c6654050d80df7144d1
Garbage Collection Management System 1.0 Shell Upload / SQL Injection
Posted Jul 13, 2021
Authored by Luca Bernardi

Garbage Collection Management System version 1.0 shell upload exploit that leverages a SQL injection vulnerability.

tags | exploit, shell, sql injection
MD5 | ea34ecce44fb54eefcd9fffe39d45a35
Gentoo Linux Security Advisory 202107-30
Posted Jul 13, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-30 - Multiple vulnerabilities have been found in Xen, the worst of which could result in privilege escalation. Versions less than 4.15.0-r1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2020-29479, CVE-2020-29486, CVE-2020-29487, CVE-2020-29566, CVE-2020-29567, CVE-2020-29568, CVE-2020-29569, CVE-2020-29570, CVE-2020-29571, CVE-2021-0089, CVE-2021-26313, CVE-2021-28687, CVE-2021-28690, CVE-2021-28691, CVE-2021-28692, CVE-2021-28693, CVE-2021-3308
MD5 | 1d26c6cc37ecbb1198a4ad2bc750c33a
Gentoo Linux Security Advisory 202107-29
Posted Jul 13, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-29 - A buffer overflow in ConnMan might allow remote attacker(s) to execute arbitrary code. Versions less than 1.40 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2021-26675, CVE-2021-26676, CVE-2021-33833
MD5 | 13cb49fbdea66b2ed4c2ce56447f75fc
WordPress WPFront Notification Bar 1.9.1.04012 Cross Site Scripting
Posted Jul 13, 2021
Authored by Swapnil Subhash Bodekar

WordPress WPFront Notification Bar plugin version 1.9.1.04012 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0a33f701a76c573d9c89e82964d46175
VirTool.Win32.Afix Buffer Overflow / Code Execution
Posted Jul 13, 2021
Authored by malvuln | Site malvuln.com

VirTool.Win32.Afix malware suffers from buffer overflow and code execution vulnerabilities.

tags | exploit, overflow, vulnerability, code execution
systems | windows
MD5 | 1990c218d15002f622e822d6731341dd
OpenEMR 5.0.1.3 Shell Upload
Posted Jul 13, 2021
Authored by Alexandre Zanni

OpenEMR version 5.0.1.3 authenticated remote shell upload exploit that leverages a vulnerability discovered in 2018.

tags | exploit, remote, shell
advisories | CVE-2018-15139
MD5 | 42dde552844a71d54aa98a08c105ae9f
Page 1 of 1
Back1Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    14 Files
  • 23
    Oct 23rd
    3 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    33 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close