what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2021-09-08

Ionic Identity Vault 4.7 Android Biometric Authentication Bypass
Posted Sep 8, 2021
Authored by Emanuel Duss

Ionic Identity Vault versions 4.7 and below suffer from a biometric authentication bypass vulnerability on Android.

tags | exploit, bypass
advisories | CVE-2021-3145
SHA-256 | 0937a4fec4ba4da6536fb54a86bc96cbee6f829e34003327e23d35d71714b309
Rencode Denial Of Service
Posted Sep 8, 2021
Authored by Antoine Martin

The Rencode python module for object serialization suffers from a 3-byte denial of service vulnerability.

tags | exploit, denial of service, python
SHA-256 | 2b0f26cddb8c62317edbd3a3dc98751567b6200fbc46d8a36361929471bed17f
Ubuntu Security Notice USN-5068-1
Posted Sep 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5068-1 - It was discovered that GD Graphics Library incorrectly handled certain GD and GD2 files. An attacker could possibly use this issue to cause a crash or expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 ESM, and Ubuntu 14.04 ESM. It was discovered that GD Graphics Library incorrectly handled certain TGA files. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-6363, CVE-2021-40145
SHA-256 | 207d9f248fbcf94e7768c791e2cbb722b0127794051e2f24f86ee92248948cdc
Ubuntu Security Notice USN-5067-1
Posted Sep 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5067-1 - Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A local attacker could possibly use this issue to read the sudo rules available for any user. This issue only affected Ubuntu 18.04 LTS. It was discovered that SSSD incorrectly handled Group Policy Objects. When SSSD is configured with too strict permissions causing the GPO to not be readable, SSSD will allow all authenticated users to login instead of being denied, contrary to expectations. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-10852, CVE-2018-16838, CVE-2019-3811, CVE-2021-3621
SHA-256 | 57bb124cbecf36bdb8d4f0c37b6abc7cd806b1d2b852b746eea1be28e8aa2a43
Ubuntu Security Notice USN-5066-1
Posted Sep 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5066-1 - Brian Wolff discovered that PySAML2 incorrectly validated cryptographic signatures. A remote attacker could possibly use this issue to alter SAML documents.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-21239
SHA-256 | d7da81ba843f246e9b5a60c15d6656c982d8581a1c80ea2e080898c2129d00a6
Ubuntu Security Notice USN-5065-1
Posted Sep 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5065-1 - It was discovered that Open vSwitch incorrectly handled decoding RAW_ENCAP actions. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-36980
SHA-256 | 3ee103af555ef817fe1092f9cd4a1fa45427ed530a1657c01ff4a794d462ac9f
Ubuntu Security Notice USN-5063-1
Posted Sep 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5063-1 - Ori Hollander discovered that HAProxy incorrectly handled HTTP header name length encoding. A remote attacker could possibly use this issue to inject a duplicate content-length header and perform request smuggling attacks.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2021-40346
SHA-256 | f4e2e56ce46b97faa45cc84bab033f1a97ee95fad217db2dccffed7fe8c6e543
Ubuntu Security Notice USN-5064-1
Posted Sep 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5064-1 - Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled certain pattern files. A remote attacker could use this issue to cause cpio to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-38185
SHA-256 | 1c3f208bd9baaf2903731af1a7d8c223e7ff4adb68fb8f365acbb430f4bb40f5
Red Hat Security Advisory 2021-3471-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3471-01 - This release of Red Hat JBoss Enterprise Application Platform 7.3.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.9 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-28170, CVE-2021-29425, CVE-2021-3597, CVE-2021-3644, CVE-2021-3690
SHA-256 | 3320ed0cfba6adb64622cf2b6705b15e39b121c4ac08c653def38d4a4e835ac8
Red Hat Security Advisory 2021-3454-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3454-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and security issues.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-20149, CVE-2020-27777, CVE-2021-22543, CVE-2021-22555, CVE-2021-27218, CVE-2021-29154, CVE-2021-29650, CVE-2021-31535, CVE-2021-32399, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558, CVE-2021-3609
SHA-256 | ededc503492f31daf90a74b29a6e64b1e7ee98978cd963f10901af9667484f8e
Red Hat Security Advisory 2021-3447-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3447-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an out of bounds access vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-37576, CVE-2021-38201
SHA-256 | 21758e8d20602709b14092a3a74aa61609c2b08c0cdf3db47ba5c33f5c238629
Red Hat Security Advisory 2021-3446-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3446-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-0512, CVE-2021-3715, CVE-2021-37576
SHA-256 | 11551bfe38e2044b50546e2016efe54060e1f84f42a02916250540ec7bf69bbd
Red Hat Security Advisory 2021-3438-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3438-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-3715
SHA-256 | 05463ec4dd3aa1fdef8624a19523910046e01917a7d997674e27fd28d79c9585
Red Hat Security Advisory 2021-3441-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3441-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-3715
SHA-256 | 93451046633f974465f5d09b04fce337d2994bc8f7db322b79be025290fd2e96
WordPress TablePress 1.14 CSV Injection
Posted Sep 8, 2021
Authored by Nikhil Kapoor

WordPress TablePress plugin version 1.14 suffers from a csv injection vulnerability.

tags | exploit
SHA-256 | 1acedc9d513152bdb3d177ce061124a34e552895da286fa5f1ac320d6f5b68c8
Ubuntu Security Notice USN-5062-1
Posted Sep 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5062-1 - Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2021-3653
SHA-256 | 695fad95e14c4fb2603f02416a8dedd1a00f350821a27e281dab93d00d4e7ed3
Red Hat Security Advisory 2021-3444-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3444-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-3609, CVE-2021-3715, CVE-2021-37576
SHA-256 | 575719fa3dbe06103800a00f34c815470ba521587ac6519e66590ef4249ae702
Red Hat Security Advisory 2021-3445-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3445-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-0512, CVE-2021-3715
SHA-256 | 446bd9201bc6992ce3edf23b286fb31b8c91ce0f788980354c0391763afff980
Red Hat Security Advisory 2021-3443-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3443-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-0512, CVE-2021-3715, CVE-2021-37576
SHA-256 | 5b8c3c448287f0064a6a319c7d24ad818587e9199002eb8210b5442d82ba82f7
Red Hat Security Advisory 2021-3442-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3442-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-3609, CVE-2021-3715, CVE-2021-37576
SHA-256 | 8fd04dbe8f09d552e79fbc09b0887b18d18b39f9ca0caf03b6dd1a1df65d43a8
Red Hat Security Advisory 2021-3439-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3439-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-3715
SHA-256 | 49c8bac1c69b650bac3f427f257711f30050a5811285b9030018c5bd56d27612
Bus Pass Management System 1.0 Cross Site Scripting
Posted Sep 8, 2021
Authored by Emre Aslan

Bus Pass Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 39baa7dde3d050c8d0a4d5c1484ee7a16078d03ad08092ddf779721c9657c795
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close