This Metasploit modules exploits a critical vulnerability in Git Large File Storage (Git LFS), an open source Git extension for versioning large files, which allows attackers to achieve remote code execution if the Windows-using victim is tricked into cloning the attacker’s malicious repository using a vulnerable Git version control tool.
aa2d400dab7c8721b2c5166ed34cccd536045aa8292ad9a6b5fb2e07509a8b9e
GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.
03eda09e8f9eaebab602057f3a8b908022a73999f5a31e580b12fcdf01fbebaf
Red Hat Security Advisory 2021-3555-01 - Red Hat OpenShift Serverless Client kn 1.17.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.17.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms.
512490d4b697ab5f487925ef96e72953f6fc45b731e07dba12cbc0f2bd9c34c7
Ubuntu Security Notice 5080-1 - It was discovered that Libgcrypt incorrectly handled ElGamal encryption. An attacker could possibly use this issue to recover sensitive information.
10971dc76dc177b422f3413e8acf550cc88751ecc9e5f954406fbb7c433032f9
Ubuntu Security Notice 5078-2 - USN-5078-1 fixed several vulnerabilities in Squashfs-Tools. This update provides the corresponding update for Ubuntu 16.04 ESM. Etienne Stalmans discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem. Various other issues were also addressed.
a52baf7e1b98fc9a9e68e2c58c2ce1b009b09c3956c00ae061c209948fce2a18
Microsoft Windows cmd.exe suffers from a stack buffer overflow vulnerability.
c0c6e1e6e941a667fff8d2e3a59cb00e4f436bf4e75ed0004cb71c6091fe1a0f
Impress CMS version 1.4.2 suffers from a remote code execution vulnerability.
63842abf6125982980934a7fe1c46d162845ae0c8eaf69ada86b1e2f80b50635