what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2021-07-14

Schneider Electric EVlink Charging Stations Authentication Bypass / Code Execution
Posted Jul 14, 2021
Authored by Stefan Viehbock | Site sec-consult.com

Multiple Schneider Electric EVlink Charging Stations suffers from authentication bypass and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution
advisories | CVE-2021-22707, CVE-2021-22708
MD5 | 44aa1ce1ec5add044a209bb847731e37
Red Hat Security Advisory 2021-2643-01
Posted Jul 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2643-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.38.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-25011, CVE-2020-36328, CVE-2020-36329, CVE-2020-7598, CVE-2021-3570, CVE-2021-3583
MD5 | 657fbc51e2910f917e0772b389746ac2
Microsoft Windows CreateProcessWithLogon Write Restricted Service Privilege Escalation
Posted Jul 14, 2021
Authored by James Forshaw, Google Security Research

Microsoft Windows has an issue where you can use the CreateProcessWithLogon API to escape a write restricted service and achieve full write access as the service user.

tags | exploit
systems | windows
MD5 | 00f7a019dea4bf3a1d19442fae579890
Gentoo Linux Security Advisory 202107-33
Posted Jul 14, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-33 - Multiple vulnerabilities have been found in Pillow, the worst of which could result in a Denial of Service condition. Versions less than 8.2.0 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2021-25287, CVE-2021-25288, CVE-2021-25289, CVE-2021-25290, CVE-2021-25291, CVE-2021-25292, CVE-2021-25293, CVE-2021-27921, CVE-2021-27922, CVE-2021-27923, CVE-2021-28675, CVE-2021-28676, CVE-2021-28677, CVE-2021-28678
MD5 | ab6ede30166d61329b6800418146dc91
XNU Network Stack Kernel Heap Overflow
Posted Jul 14, 2021
Authored by Google Security Research, ianbeer

XNU suffers from a network stack kernel heap overflow due to an out-of-bounds memmove in 6lowpan. Proof of concept code included.

tags | exploit, overflow, kernel, proof of concept
advisories | CVE-2020-9967, CVE-2021-30736
MD5 | 9333b7751aa7686ac0ca4c62a49c3d4e
Windows TCP/IP Denial Of Service
Posted Jul 14, 2021
Authored by 0vercl0k | Site github.com

This is a proof of concept for a Windows TCP/IP denial of service vulnerability due to a NULL dereference in tcpip.sys. This was patched by Microsoft in February 2021. It is triggerable remotely by sending malicious UDP packet over IPv6.

tags | exploit, denial of service, udp, tcp, proof of concept
systems | windows
advisories | CVE-2021-24086
MD5 | 603e905801bb4f31bf554bafa86b2826
Realtek RTKVHD64.sys Out-Of-Bounds Access
Posted Jul 14, 2021
Authored by 0vercl0k | Site github.com

Proof of concept exploit for an out-of-bounds access vulnerability in the Realtek RTKVHD64.sys, leading to pool corruption.

tags | exploit, proof of concept
advisories | CVE-2021-32537
MD5 | 61c0be3a39d9a150ecd6ecc535ae3063
Microsoft Hyper-V vmswitch.sys Proof Of Concept
Posted Jul 14, 2021
Authored by 0vercl0k | Site github.com

This is a proof of concept for CVE-2021-28476 ("Hyper-V Remote Code Execution Vulnerability"), an arbitrary memory read in vmswitch.sys (network virtualization service provider) patched by Microsoft in May 2021.

tags | exploit, remote, arbitrary, code execution, proof of concept
advisories | CVE-2021-28476
MD5 | f030942316606ad6079ada92310ac838
Red Hat Security Advisory 2021-2705-01
Posted Jul 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2705-01 - Red Hat OpenShift Serverless 1.16.0 release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6 and 4.7, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section. Issues addressed include a memory exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2017-14502, CVE-2019-25013, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-13434, CVE-2020-13776, CVE-2020-15358, CVE-2020-24977, CVE-2020-27618, CVE-2020-28196, CVE-2020-29361, CVE-2020-29362, CVE-2020-29363, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2020-8927, CVE-2021-27219, CVE-2021-27918, CVE-2021-31525, CVE-2021-33196, CVE-2021-3326
MD5 | cf60d4cefd636ea32aced9b71992e9aa
WordPress Current Book 1.0.1 Cross Site Scripting
Posted Jul 14, 2021
Authored by Vikas Srivastava

WordPress Current Book plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9e6e35a0f251dadb33e65deae120dd38
Gentoo Linux Security Advisory 202107-32
Posted Jul 14, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-32 - Multiple vulnerabilities have been found in Apache Thrift, the worst of which could result in a Denial of Service condition. Versions less than 0.14.1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2019-0205, CVE-2019-0210, CVE-2020-13949
MD5 | e1549b4970612beb4ec9e13258c14141
Red Hat Security Advisory 2021-2704-01
Posted Jul 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2704-01 - Red Hat OpenShift Serverless Client kn 1.16.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.16.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Issues addressed include a memory exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-27918, CVE-2021-31525, CVE-2021-33196
MD5 | cf9907f7932396429580cd0bb946f993
Webmin 1.973 Cross Site Request Forgery
Posted Jul 14, 2021
Authored by Mesh3l_911, Z0ldyck

Webmin version 1.973 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2021-31762
MD5 | 0fda878b90a012ca2ea1c4d01fc82f40
Ubuntu Security Notice USN-5006-2
Posted Jul 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5006-2 - USN-5006-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that PHP incorrectly handled certain PHAR files. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-7068, CVE-2020-7071, CVE-2021-21702, CVE-2021-21704, CVE-2021-21705
MD5 | 66293c19cf8113112211326af4be7f4c
UFONet 1.7
Posted Jul 14, 2021
Authored by psy | Site ufonet.03c8.net

UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.

Changes: Bugfixes. Added Deploy, SHIP.TV, and Nodes. Modified and updated the Web GUI. Updated documentation, FAQ, and website.
tags | tool, web, denial of service, spoof
systems | unix
MD5 | e0c779fbf429085d555102ea90c5813f
Page 1 of 1
Back1Next

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close