exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2021-07-26

Red Hat Security Advisory 2021-2881-01
Posted Jul 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2881-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.12.0. Issues addressed include man-in-the-middle, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2021-29969, CVE-2021-29970, CVE-2021-29976, CVE-2021-30547
SHA-256 | 1abad6cd034d4e210003aeea49a7aa96a6531d7d8206e2d3653727e7a693a7e0
Gentoo Linux Security Advisory 202107-55
Posted Jul 26, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-55 - Multiple vulnerabilities have been found in libsdl2, the worst of which could result in a Denial of Service condition. Versions less than 2.0.14-r1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2020-14409, CVE-2020-14410
SHA-256 | ce60cb93d4997d55bae33b037ba8280ed4b981765af10c76c95d32a36c5aad1f
WordPress SP Project And Document Remote Code Execution
Posted Jul 26, 2021
Authored by Ron Jost, Yann Castel | Site metasploit.com

This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress SP Project and Document plugin versions prior to 4.22. The security check only searches for lowercase file extensions such as .php, making it possible to upload .pHP files for instance. Finally, the uploaded payload can be triggered by a call to /wp-content/uploads/sp-client-document-manager/<user_id>/<random_payload_name>.php.

tags | exploit, arbitrary, shell, php, file upload
advisories | CVE-2021-24347
SHA-256 | 7d2c3f217f9d96a1b8933d18886edae37099a342dcf9addd2e24438914311c20
Backdoor.Win32.Nbdd.bgz MVID-2021-0309 Buffer Overflow
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Nbdd.bgz malware suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
SHA-256 | 02a6e6b4e7f1ee2a3ee5d1ff17768628f0fd9a6cf9e2fe485ffa062e136c4971
Backdoor.Win32.Bifrose.acci MVID-2021-0308 Buffer Overflow
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Bifrose.acci malware suffers from a buffer overflow vulnerability that can allow for code execution.

tags | exploit, overflow, code execution
systems | windows
SHA-256 | e7ff7beba1447ac3d608179f7dbf177816f920b58076bfc625d74462128d57c3
WordPress Modern Events Calendar Remote Code Execution
Posted Jul 26, 2021
Authored by Ron Jost, Yann Castel, Nguyen Van Khanh | Site metasploit.com

This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress Modern Events Calendar plugin versions prior to 5.16.5. This is due to an incorrect check of the uploaded file extension. Indeed, by using text/csv content-type in a request, it is possible to upload a .php payload as is is not forbidden by the plugin. Finally, the uploaded payload can be triggered by a call to /wp-content/uploads/<random_payload_name>.php.

tags | exploit, arbitrary, shell, php, file upload
advisories | CVE-2021-24145
SHA-256 | 69c7df31917c6908273c697f81d8629ab2b33991a9590623c7646f14dbb26004
Kernel Live Patch Security Notice LSN-0079-1
Posted Jul 26, 2021
Authored by Benjamin M. Romer

It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code. It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2021-33909, CVE-2021-3600
SHA-256 | 85ecff3443cabbbdfd95e276021ce53f9ded3558dc511597031bf1014cb24140
Gentoo Linux Security Advisory 202107-54
Posted Jul 26, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-54 - Multiple vulnerabilities have been found in libyang, the worst of which could result in a Denial of Service condition. Versions less than 1.0.236 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2021-28902, CVE-2021-28903, CVE-2021-28904, CVE-2021-28905, CVE-2021-28906
SHA-256 | 981ee2a45cdbec8d46e060b9a1d8a582b616f5daa93004cafe4da957e87f6d3c
Backdoor.Win32.PsyRat.b MVID-2021-0306 Code Execution
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.PsyRat.b malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
SHA-256 | b94f188d5b72816ba6c6a88047e9b234a8b6e2bf4982245db628b2ec3e188457
NoteBurner 2.35 Denial Of Service
Posted Jul 26, 2021
Authored by Achilles

NoteBurner version 2.35 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | ce941ba2e26208ce754836f68111a875aae6bea508e8f79dbf7827a148fcd779
Backdoor.Win32.PsyRat.b MVID-2021-0307 Denial Of Service
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.PsyRat.b malware suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | windows
SHA-256 | 18baa74565e7118914ef0b230542a315d6f466336949d00462737f4c0ecb232f
Backdoor.Win32.Agent.cu MVID-2021-0305 Code Execution
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.cu malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
SHA-256 | cb6498c6bec099d2379ea17d52876ebbf81804d7c7486de499a91e24bd47624d
Backdoor.Win32.Agent.cu MVID-2021-0304 Man-In-The-Middle
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.cu malware suffers from a man-in-the-middle vulnerability.

tags | exploit
systems | windows
SHA-256 | bfc8d46b65dccc55f4aa9b62ef7da9aa24b50f4baaf5e68e09810c2405eccc91
Red Hat Security Advisory 2021-2883-01
Posted Jul 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2883-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.12.0. Issues addressed include man-in-the-middle, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2021-29969, CVE-2021-29970, CVE-2021-29976, CVE-2021-30547
SHA-256 | e096683e76898d1eaea35357ab1b988bbe72aec2f57378f059c90f0a0adb2d64
XOS Shop 1.0.9 Arbitrary File Deletion
Posted Jul 26, 2021
Authored by faisalfs10x

XOS Shop version 1.0.9 suffers from an authenticated arbitrary file deletion vulnerability.

tags | exploit, arbitrary
SHA-256 | 6f8b017fcb905dadb6bf19edef6c377d8386f4f1960c35cbb20f753ea24da872
Red Hat Security Advisory 2021-2882-01
Posted Jul 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2882-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.12.0. Issues addressed include man-in-the-middle, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2021-29969, CVE-2021-29970, CVE-2021-29976, CVE-2021-30547
SHA-256 | 979c833879e17cecfaecb4a319ffb009ce3014d0ffab398c546dc8b76c33b894
Backdoor.Win32.Agent.cu MVID-2021-0303 Authentication Bypass
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.cu malware suffers from an authentication bypass vulnerability that can lead to code execution.

tags | exploit, code execution, bypass
systems | windows
SHA-256 | 61eda62bb4a6f9929d043aba15017859198331f85695deaccf5ad4b3d7eab803
Leawo Prof. Media 11.0.0.1 Denial Of Service
Posted Jul 26, 2021
Authored by Achilles

Leawo Prof. Media version 11.0.0.1 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | dc71b0a59f379ba636465daebc7ef5fee1d75cfae636e3685417324cc2100f4a
Backdoor.Win32.Mazben.me MVID-2021-0302 Unauthenticated Open Proxy
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Mazben.me malware suffers from an unauthenticated open proxy vulnerability.

tags | exploit
systems | windows
SHA-256 | 54674dcd5128860dc74e2d01a51168f50378f33b7acdb33a6c2da63880a20352
Backdoor.Win32.Hupigon.aaur MVID-2021-0301 Unauthenticated Open Proxy
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.aaur malware suffers from an unauthenticated open proxy vulnerability.

tags | exploit
systems | windows
SHA-256 | 2917f1529a64d063f4a36d2b4856b25b9f6f04e88aa83362d67dd0ff25e6efe1
Elasticsearch ECE 7.13.3 Database Disclosure
Posted Jul 26, 2021
Authored by Joan Martinez

Elasticsearch ECE version 7.13.3 anonymous database dumping exploit.

tags | exploit, info disclosure
advisories | CVE-2021-22146
SHA-256 | fca9927fbaec3c0c7e66a7316f382e0c4a0a308b7deb63b9e0b0e30c13e6579d
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close