Zero day exploit for Nehelper Wifi Info on iOS 15.0. XPC endpoint com.apple.nehelper accepts user-supplied parameter sdk-version, and if its value is less than or equal to 524288, the com.apple.developer.networking.wifi-info entitlement check is skipped. This makes it possible for any qualifying application (e.g. possessing location access authorization) to gain access to Wifi information without the required entitlement. This happens in -[NEHelperWiFiInfoManager checkIfEntitled:] in /usr/libexec/nehelper.
0af5f880ff757d8f4ecf82631a976eb88cd98d6646578d823eeb66b9199ddf29Zero day exploit for nehelper on iOS 15.0 that allows any user-installed application to determine whether any application is installed on the device given its bundle ID.
375980bf93ee070923c3bb357ef6f80b43ca064d6099d8de7d730edb2ea93c70Zero day exploit for Gamed on iOS 15.0 that demonstrates information disclosure vulnerabilities.
064f75f646068bb009495ba2efc5724b31cd4cd7265da1713630bea9d23cab50This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
4590890ea9bb9ace4f71ae331785a3a5823232435161960ed5fc86588f331fe9Red Hat Security Advisory 2021-3666-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, path sanitization, and use-after-free vulnerabilities.
c3e88fe61108ab45d44ef8e7ffedeed0ae53649beffdf3ca315f12cedd7d9b64Simple Attendance System version 1.0 authentication bypass exploit that adds an administrator.
e4a056c4bf0781532ad19c5a4655a2089555c71ce7492598d7a21cf841394ff6WordPress Wappointment plugin version 2.2.4 suffers from a persistent cross site scripting vulnerability.
0ec2de8d6b3e7c213f925b6bf7c1a9f7fa2dd529191d328cb5129e5f0ca43245Backdoor.Win32.Hupigon.afjk malware suffers from a directory traversal vulnerability.
d43696509b1d079ab11a9230faf15e7121c44dabdb639bf4f8f247da5e678d97CMS Made Simple version 2.1.3 details on how to achieve remote code execution.
7b3459513dec24564aa30a512ffef2b5d1b795047278d892848f4efdab0eb7ccLibrary System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to Aitor Herrero in January of 2021.
eb854621eb94dfe51e7c8783a6ace3f21838ab76409df3a060deec311572353cBackdoor.Win32.Hupigon.afjk malware suffers from bypass and code execution vulnerabilities.
3789a2c7b0f6ca3d18975f82d38fd4946423b730c882367fe89c3532b522752bXAMPP version 7.4.3 suffers from a local privilege escalation vulnerability.
0f5c7877625783cce13ce18ad512bfe8d734d9d56724b3d2d03dd5e65b70849aBackdoor.Win32.Hupigon.fjcd malware suffers from an unauthenticated open proxy vulnerability.
7de0bdc194e9a195fd15f5c530731f710ddb394ce0942d22da142be4871e92c4Backdoor.Win32.RmtSvc.l malware suffers from a denial of service vulnerability.
7d8120cf6e5bc376034abd303564b5f0fc177eff78ec31c21e5e6838e9ec741bBackdoor.Win32.Agent.aer malware suffers from an insecure transit vulnerability that allows for password disclosure.
82907adb2d7ecb4c6e6ea602ffe8c252d98ed152468ed0e2f2d0c16894ca4ad2Cisco Small Business RV130W version 1.0.3.44 exploit that injects counterfeit routers.
9ed47dde50d98da582e5d59d6001b33156cd31eb809f23d7ab77bd1c630c5a6aEther MP3 CD Burner version 1.3.8 suffers from a buffer overflow vulnerability.
38045f1e0ebf2d489d9eb899bc1be79fc0401a50f3e8f8e83b9685b5d8606206Backdoor.Win32.Agent.aer malware suffers from a denial of service vulnerability.
6b8cd0c45d2977584957ed345ebad70c13f8edd94a144cc645cf10bf595862ebTrojan-Downloader.Win32.VB.abb malware suffers from an insecure permissions vulnerability.
64e272a1e2097a25247ad10b5a8dcc3752c5438e31d03242bc1673fcdbc280e3PASS-PHP version 1.0 suffers from remote SQL injection and cross site scripting vulnerabilities.
1145a2df44f5b9647b8ad4207215a93abb5fe637fa0a66c4b4596511a4b1e5f5
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed