what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2021-09-21

ManageEngine OpManager SumPDU Java Deserialization
Posted Sep 21, 2021
Authored by Spencer McIntyre, Robin Peraglie, Johannes Moritz | Site metasploit.com

An HTTP endpoint used by the Manage Engine OpManager Smart Update Manager component can be leveraged to deserialize an arbitrary Java object. This can be abused by an unauthenticated remote attacker to execute OS commands in the context of the OpManager application. This vulnerability is also present in other products that are built on top of the OpManager application. This vulnerability affects OpManager versions 12.1 through 12.5.328.

tags | exploit, java, remote, web, arbitrary
advisories | CVE-2020-28653, CVE-2021-3287
SHA-256 | a64897f563277f473cabf805ba128ebed5a9f941959e6b9130ab7f541f5a6e50
Ubuntu Security Notice USN-5079-4
Posted Sep 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5079-4 - USN-5079-2 fixed vulnerabilities in curl. One of the fixes introduced a regression. This update fixes the problem. Patrick Monnerat discovered that curl incorrectly handled upgrades to TLS. When receiving certain responses from servers, curl would continue without TLS even when the option to require a successful upgrade to TLS was specified. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-22946, CVE-2021-22947
SHA-256 | f4f6d97f9e479e48e18c50f65141b5cecaeca83955ce66cc82980e7fcf775b8e
Red Hat Security Advisory 2021-3623-01
Posted Sep 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3623-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, path sanitization, and use-after-free vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
SHA-256 | e179f4dbe148fdbdace9806a19f7395a84125ca2e4c6340fc7e2f527f5e7ff75
Ubuntu Security Notice USN-5084-1
Posted Sep 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5084-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-19143
SHA-256 | f576795be249c0af98c361b6e1f9654b10e60fb38035496df66a7960d9535ce6
OpenCats 0.9.4 XML Injection
Posted Sep 21, 2021
Authored by Raed Ahsan

OpenCats version 0.9.4 suffers from an XML external entity injection vulnerability.

tags | exploit
SHA-256 | 37dfb4d5a73e7d0887ce9b4976edbbc863f10d9a03d303e2b7cdcc798b496228
Red Hat Security Advisory 2021-3572-01
Posted Sep 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3572-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-25648
SHA-256 | 79bc8941ed9ce09e0b921c0e3fc28794f451e732c5d712bb5d1922f9dcc34b71
Backdoor.Win32.Minilash.10.b MVID-2021-0344 Denial Of Service
Posted Sep 21, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Minilash.10.b malware suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | windows
SHA-256 | 5b5111931e51185edbabf520c6445c43e0fa8fe94fda600ab3573259e59f7c88
Red Hat Security Advisory 2021-3598-01
Posted Sep 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3598-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-22555, CVE-2021-27218, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558, CVE-2021-3609, CVE-2021-37576, CVE-2021-38201, CVE-2021-38575
SHA-256 | 3a62781802214e6eb77a0d28fc9fa05ebee3d12366b8219cccc000ace400db7e
Red Hat Security Advisory 2021-3582-01
Posted Sep 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3582-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2021-22922, CVE-2021-22923, CVE-2021-22924
SHA-256 | 1b88eef1d3d06c1dad83790d43adf99ca662eeb37a7ac9c52c0eae714cc60f25
Ubuntu Security Notice USN-5079-3
Posted Sep 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5079-3 - USN-5079-1 fixed vulnerabilities in curl. One of the fixes introduced a regression on Ubuntu 18.04 LTS. This update fixes the problem. It was discovered that curl incorrect handled memory when sending data to an MQTT server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. Patrick Monnerat discovered that curl incorrectly handled upgrades to TLS. When receiving certain responses from servers, curl would continue without TLS even when the option to require a successful upgrade to TLS was specified. Patrick Monnerat discovered that curl incorrectly handled responses received before STARTTLS. A remote attacker could possibly use this issue to inject responses and intercept communications. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-22945, CVE-2021-22946, CVE-2021-22947
SHA-256 | 0ed5cbb6171e4f59bf66a7fec9639c782a0a1b53c8e5cbbf6e468d1dda90bf96
Backdoor.Win32.Hupigon.asqx MVID-2021-0343 Unauthenticated Open Proxy
Posted Sep 21, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.asqx malware suffers from an unauthenticated open proxy vulnerability.

tags | exploit
systems | windows
SHA-256 | 97edcaf65e5f73e415462404f29783bc2d034babe1b971265205fd7c2de5a2ff
Red Hat Security Advisory 2021-3590-01
Posted Sep 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3590-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-14672, CVE-2020-14765, CVE-2020-14769, CVE-2020-14773, CVE-2020-14775, CVE-2020-14776, CVE-2020-14777, CVE-2020-14785, CVE-2020-14786, CVE-2020-14789, CVE-2020-14790, CVE-2020-14791, CVE-2020-14793, CVE-2020-14794, CVE-2020-14800, CVE-2020-14804, CVE-2020-14809, CVE-2020-14812, CVE-2020-14814, CVE-2020-14821, CVE-2020-14828, CVE-2020-14829, CVE-2020-14830, CVE-2020-14836, CVE-2020-14837, CVE-2020-14838
SHA-256 | 5068a2d07b9897b69495fa190f5163fdcb4f986a1082a6618ba9c845d2dbcdd2
Red Hat Security Advisory 2021-3585-01
Posted Sep 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3585-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-29923
SHA-256 | 0627c3f7c57598e6ea5dd22c542dd99a80fc6e4a17a328d414c9c4d238b3fe5c
WebsiteBaker 2.13.0 Remote Code Execution
Posted Sep 21, 2021
Authored by Halit Akaydin

WebsiteBaker version 2.13.0 authenticated remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | e1219a2fd5ffad46e29c2bafb24c7549cb30621b95ab7228f0a8ea401eb76420
Red Hat Security Advisory 2021-3576-01
Posted Sep 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3576-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include denial of service and null pointer vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-36222, CVE-2021-37750
SHA-256 | 176c8112dae74b55a1e68ef3a5a8e1e49f5632f19539fe74885cf7d4afcad4af
Budgets And Expense Tracker System 1.0 Shell Upload
Posted Sep 21, 2021
Authored by Abdullah Khawaja

Budgets and Expense Tracker System version 1.0 suffers from an unauthenticated remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 7786512b0c77d0259b917bff396f4c713bc729cbba33482adddf10c7aa6f6431
Trojan.Win32.Agent.xaamkd MVID-2021-0342 Insecure Permissions
Posted Sep 21, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Agent.xaamkd malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | d204a3c1cf0adf45e210469476678fc5b11dd8a9f81bee78d07ad955d1e522ae
Church Management System 1.0 SQL Injection / Code Execution
Posted Sep 21, 2021
Authored by Janik Wehrli

Church Management System version 1.0 remote SQL injection exploit that achieves code execution.

tags | exploit, remote, code execution, sql injection
SHA-256 | ed72d56420b2fd693945d0b7a68763fdff117e81bee5f416ef75825168a33ac2
Securing Authentication And Authorization
Posted Sep 21, 2021
Authored by Jitendra Kumar Singh

This is a brief whitepaper discussing the securing of authentication and authorization.

tags | paper
SHA-256 | ec474e596a9d9ba2ab9781f4af02b1dee9f12e35a15b86af9d6a4566b3045d04
Yenkee Hornet Gaming Mouse Denial Of Service
Posted Sep 21, 2021
Authored by Quadron Research Lab

Yenkee Hornet Gaming Mouse suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 026f0165a67418000f40b9a9340c0c8b132e1b64e0bbae924880597e971b485e
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close