what you don't know can hurt you
Showing 1 - 22 of 22 RSS Feed

Files Date: 2021-09-08

Ionic Identity Vault 4.7 Android Biometric Authentication Bypass
Posted Sep 8, 2021
Authored by Emanuel Duss

Ionic Identity Vault versions 4.7 and below suffer from a biometric authentication bypass vulnerability on Android.

tags | exploit, bypass
advisories | CVE-2021-3145
MD5 | dfbe21d46c191918aee5d86df6d57c25
Rencode Denial Of Service
Posted Sep 8, 2021
Authored by Antoine Martin

The Rencode python module for object serialization suffers from a 3-byte denial of service vulnerability.

tags | exploit, denial of service, python
MD5 | 68fe69c1f12b00f7861dfcf881e40d0c
Ubuntu Security Notice USN-5068-1
Posted Sep 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5068-1 - It was discovered that GD Graphics Library incorrectly handled certain GD and GD2 files. An attacker could possibly use this issue to cause a crash or expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 ESM, and Ubuntu 14.04 ESM. It was discovered that GD Graphics Library incorrectly handled certain TGA files. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-6363, CVE-2021-40145
MD5 | 55cde79fc8fad14bd21ede9844621f85
Ubuntu Security Notice USN-5067-1
Posted Sep 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5067-1 - Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A local attacker could possibly use this issue to read the sudo rules available for any user. This issue only affected Ubuntu 18.04 LTS. It was discovered that SSSD incorrectly handled Group Policy Objects. When SSSD is configured with too strict permissions causing the GPO to not be readable, SSSD will allow all authenticated users to login instead of being denied, contrary to expectations. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-10852, CVE-2018-16838, CVE-2019-3811, CVE-2021-3621
MD5 | 1b35eb77b4627b8a0afc682c590e7003
Ubuntu Security Notice USN-5066-1
Posted Sep 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5066-1 - Brian Wolff discovered that PySAML2 incorrectly validated cryptographic signatures. A remote attacker could possibly use this issue to alter SAML documents.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-21239
MD5 | ec7ebbab1b74d7583382808e1c6b706d
Ubuntu Security Notice USN-5065-1
Posted Sep 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5065-1 - It was discovered that Open vSwitch incorrectly handled decoding RAW_ENCAP actions. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-36980
MD5 | 6efb5c8ace4a1eda9fae8a466888ded5
Ubuntu Security Notice USN-5063-1
Posted Sep 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5063-1 - Ori Hollander discovered that HAProxy incorrectly handled HTTP header name length encoding. A remote attacker could possibly use this issue to inject a duplicate content-length header and perform request smuggling attacks.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2021-40346
MD5 | d7a819670dace7d701b08923b3597780
Ubuntu Security Notice USN-5064-1
Posted Sep 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5064-1 - Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled certain pattern files. A remote attacker could use this issue to cause cpio to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-38185
MD5 | 9673414a57ebfe220bde6cce1e16a47a
Red Hat Security Advisory 2021-3471-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3471-01 - This release of Red Hat JBoss Enterprise Application Platform 7.3.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.9 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-28170, CVE-2021-29425, CVE-2021-3597, CVE-2021-3644, CVE-2021-3690
MD5 | 6e17f4c64e2dee40e6ba81950a457e26
Red Hat Security Advisory 2021-3454-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3454-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and security issues.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-20149, CVE-2020-27777, CVE-2021-22543, CVE-2021-22555, CVE-2021-27218, CVE-2021-29154, CVE-2021-29650, CVE-2021-31535, CVE-2021-32399, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558, CVE-2021-3609
MD5 | 9fe56b076bba5afdd4b2766eaf38b13f
Red Hat Security Advisory 2021-3447-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3447-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an out of bounds access vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-37576, CVE-2021-38201
MD5 | 25f8a4c91e11b8712f7106139a1309f3
Red Hat Security Advisory 2021-3446-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3446-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-0512, CVE-2021-3715, CVE-2021-37576
MD5 | 3781a034f8565e89037e08f5c2b6d6cf
Red Hat Security Advisory 2021-3438-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3438-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-3715
MD5 | 1b253a824489e30994b915acc179b06b
Red Hat Security Advisory 2021-3441-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3441-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-3715
MD5 | 5c5ba7ddd60d7b320b7ab8d1703fd84c
WordPress TablePress 1.14 CSV Injection
Posted Sep 8, 2021
Authored by Nikhil Kapoor

WordPress TablePress plugin version 1.14 suffers from a csv injection vulnerability.

tags | exploit
MD5 | 9dace92f496f8d0627979edd65671809
Ubuntu Security Notice USN-5062-1
Posted Sep 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5062-1 - Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2021-3653
MD5 | 86cc9ee54552eda2f3e3d955525be9ea
Red Hat Security Advisory 2021-3444-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3444-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-3609, CVE-2021-3715, CVE-2021-37576
MD5 | bf46516021feaa6dd6eb02b4283c9637
Red Hat Security Advisory 2021-3445-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3445-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-0512, CVE-2021-3715
MD5 | d9a7f0c34311c9034673d5026f2283bb
Red Hat Security Advisory 2021-3443-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3443-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-0512, CVE-2021-3715, CVE-2021-37576
MD5 | cce664b30d0b8f9558f28a0e74e72030
Red Hat Security Advisory 2021-3442-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3442-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-3609, CVE-2021-3715, CVE-2021-37576
MD5 | 82171edb0f0b806e94120c89e3c4a198
Red Hat Security Advisory 2021-3439-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3439-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-3715
MD5 | 4426b9440d12eedc7b370bd084feb183
Bus Pass Management System 1.0 Cross Site Scripting
Posted Sep 8, 2021
Authored by Emre Aslan

Bus Pass Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | c6c1e5986347851fef16dc0de5d2b63f
Page 1 of 1
Back1Next

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    2 Files
  • 19
    Sep 19th
    2 Files
  • 20
    Sep 20th
    14 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    28 Files
  • 23
    Sep 23rd
    13 Files
  • 24
    Sep 24th
    10 Files
  • 25
    Sep 25th
    1 Files
  • 26
    Sep 26th
    1 Files
  • 27
    Sep 27th
    20 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close