what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2021-07-14

Schneider Electric EVlink Charging Stations Authentication Bypass / Code Execution
Posted Jul 14, 2021
Authored by Stefan Viehbock | Site sec-consult.com

Multiple Schneider Electric EVlink Charging Stations suffers from authentication bypass and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution
advisories | CVE-2021-22707, CVE-2021-22708
SHA-256 | 261e0a7af24605abbcb498cca0acda8b6897b40daab2471d8fafde95edc1b848
Red Hat Security Advisory 2021-2643-01
Posted Jul 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2643-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.38.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-25011, CVE-2020-36328, CVE-2020-36329, CVE-2020-7598, CVE-2021-3570, CVE-2021-3583
SHA-256 | 41521a1cbdc585ddab55d8b30782095faf6e66d5c607a3909b0027f209a56635
Microsoft Windows CreateProcessWithLogon Write Restricted Service Privilege Escalation
Posted Jul 14, 2021
Authored by James Forshaw, Google Security Research

Microsoft Windows has an issue where you can use the CreateProcessWithLogon API to escape a write restricted service and achieve full write access as the service user.

tags | exploit
systems | windows
SHA-256 | f7fbef38375142a8ef413e304679bb1f30ba17803f5f88f543d793439b06b967
Gentoo Linux Security Advisory 202107-33
Posted Jul 14, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-33 - Multiple vulnerabilities have been found in Pillow, the worst of which could result in a Denial of Service condition. Versions less than 8.2.0 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2021-25287, CVE-2021-25288, CVE-2021-25289, CVE-2021-25290, CVE-2021-25291, CVE-2021-25292, CVE-2021-25293, CVE-2021-27921, CVE-2021-27922, CVE-2021-27923, CVE-2021-28675, CVE-2021-28676, CVE-2021-28677, CVE-2021-28678
SHA-256 | 26dda539c7762b5ab4e6b5ee029356b95a444412d1cf068eadfa5fafec5b0726
XNU Network Stack Kernel Heap Overflow
Posted Jul 14, 2021
Authored by Google Security Research, ianbeer

XNU suffers from a network stack kernel heap overflow due to an out-of-bounds memmove in 6lowpan. Proof of concept code included.

tags | exploit, overflow, kernel, proof of concept
advisories | CVE-2020-9967, CVE-2021-30736
SHA-256 | a1d06d7c40ef5cee75dbfed56b2263d072ffb407a0a5a9ac79847d59421ad896
Windows TCP/IP Denial Of Service
Posted Jul 14, 2021
Authored by 0vercl0k | Site github.com

This is a proof of concept for a Windows TCP/IP denial of service vulnerability due to a NULL dereference in tcpip.sys. This was patched by Microsoft in February 2021. It is triggerable remotely by sending malicious UDP packet over IPv6.

tags | exploit, denial of service, udp, tcp, proof of concept
systems | windows
advisories | CVE-2021-24086
SHA-256 | 0516b2a0dc860ebf19e63ce4021cd59c81f89b4c0605fd9ecea4c32742d682e0
Realtek RTKVHD64.sys Out-Of-Bounds Access
Posted Jul 14, 2021
Authored by 0vercl0k | Site github.com

Proof of concept exploit for an out-of-bounds access vulnerability in the Realtek RTKVHD64.sys, leading to pool corruption.

tags | exploit, proof of concept
advisories | CVE-2021-32537
SHA-256 | bb5ee485c5648076add9bf2abf25ea37396550a4e2aa9b60094cc8338c092692
Microsoft Hyper-V vmswitch.sys Proof Of Concept
Posted Jul 14, 2021
Authored by 0vercl0k | Site github.com

This is a proof of concept for CVE-2021-28476 ("Hyper-V Remote Code Execution Vulnerability"), an arbitrary memory read in vmswitch.sys (network virtualization service provider) patched by Microsoft in May 2021.

tags | exploit, remote, arbitrary, code execution, proof of concept
advisories | CVE-2021-28476
SHA-256 | 48a1cc3a6acb78d90f7e5beca74fe39f754180b4d7a5529002e913fac71d8976
Red Hat Security Advisory 2021-2705-01
Posted Jul 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2705-01 - Red Hat OpenShift Serverless 1.16.0 release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6 and 4.7, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section. Issues addressed include a memory exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2017-14502, CVE-2019-25013, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-13434, CVE-2020-13776, CVE-2020-15358, CVE-2020-24977, CVE-2020-27618, CVE-2020-28196, CVE-2020-29361, CVE-2020-29362, CVE-2020-29363, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2020-8927, CVE-2021-27219, CVE-2021-27918, CVE-2021-31525, CVE-2021-33196, CVE-2021-3326
SHA-256 | 08eae3fe4757ace30ec86f5cc2744cf14810094d114320ba3dccf22aa96dce2c
WordPress Current Book 1.0.1 Cross Site Scripting
Posted Jul 14, 2021
Authored by Vikas Srivastava

WordPress Current Book plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c5e8aeebe5d859247c0728c436044839727a15a9d9d418df2a4570b241fb76a2
Gentoo Linux Security Advisory 202107-32
Posted Jul 14, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-32 - Multiple vulnerabilities have been found in Apache Thrift, the worst of which could result in a Denial of Service condition. Versions less than 0.14.1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2019-0205, CVE-2019-0210, CVE-2020-13949
SHA-256 | 6b93100b3f1aaaab602748fcb9ee444dd77f2f1b2aaae3e36d4fd3368cecc466
Red Hat Security Advisory 2021-2704-01
Posted Jul 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2704-01 - Red Hat OpenShift Serverless Client kn 1.16.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.16.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Issues addressed include a memory exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-27918, CVE-2021-31525, CVE-2021-33196
SHA-256 | df952e770c03be91f26c8dc21a03791097b10d64503502d3f6756a261c503661
Webmin 1.973 Cross Site Request Forgery
Posted Jul 14, 2021
Authored by Mesh3l_911, Z0ldyck

Webmin version 1.973 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2021-31762
SHA-256 | 6584fbea56cb36aed6cf20c070f41684482266289815df1aa41748fc786befa2
Ubuntu Security Notice USN-5006-2
Posted Jul 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5006-2 - USN-5006-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that PHP incorrectly handled certain PHAR files. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-7068, CVE-2020-7071, CVE-2021-21702, CVE-2021-21704, CVE-2021-21705
SHA-256 | eedca1a470ded97b0623427c6e5fdcf4bb966c9f811fd215e5d150d46f82e283
UFONet 1.7
Posted Jul 14, 2021
Authored by psy | Site ufonet.03c8.net

UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.

Changes: Bugfixes. Added Deploy, SHIP.TV, and Nodes. Modified and updated the Web GUI. Updated documentation, FAQ, and website.
tags | tool, web, denial of service, spoof
systems | unix
SHA-256 | 8c81ab72cd7fafd7004f83e330537e3a5d70e4c761505862cbc9593becb430e0
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close