what you don't know can hurt you
Showing 1 - 25 of 28 RSS Feed

Files Date: 2021-10-28

TOR Virtual Network Tunneling Tool 0.4.6.8
Posted Oct 28, 2021
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.

Changes: This version fixes several bugs from earlier versions of Tor. One highlight is a fix on how they track DNS timeouts to report general relay overload.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | 15ce1a37b4cc175b07761e00acdcfa2c08f0d23d6c3ab9c97c464bd38cc5476a
Red Hat Security Advisory 2021-4012-01
Posted Oct 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4012-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.4.9 serves as a replacement for Red Hat support for Spring Boot 2.3.10 and includes security, bug fixes, and enhancements. For more information, see the release notes listed in the References section.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-13943, CVE-2020-17527
SHA-256 | ad5a223d35cf4cbbf00fc0835b2b348db5c25cea1db02646b8b345b9c3a7462b
Ubuntu Security Notice USN-5125-1
Posted Oct 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5125-1 - It was discovered that PHP-FPM in PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

tags | advisory, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2021-21703
SHA-256 | d21525acd8302ff0a222bb83d5aaf4626c4e5306cce80cee1e2e72aac37eef61
Sophos UTM WebAdmin SID Command Injection
Posted Oct 28, 2021
Authored by wvu, Justin Kennedy | Site metasploit.com

This Metasploit module exploits an SID-based command injection in Sophos UTM's WebAdmin interface to execute shell commands as the root user.

tags | exploit, shell, root
advisories | CVE-2020-25223
SHA-256 | e60408784254ddfee031c720b657d15c09df5d27e903311833f4a7f181588725
Backdoor.Win32.Prorat.ntz MVID-2021-0382 Weak Hardcoded Password
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Prorat.ntz malware suffers from having a weak hardcoded password.

tags | exploit
systems | windows
SHA-256 | 3242b7623dddcedfdaa1321d459bb30a8fe2211541d728a66a0771f0c38c14e3
Backdoor.Win32.Prorat.ntz MVID-2021-0381 Man-In-The-Middle
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Prorat.ntz malware suffers from a man-in-the-middle vulnerability.

tags | exploit
systems | windows
SHA-256 | b496833c9943b356b5e36c3d403fc166db28d62f58c8ad54909b0349ddab2d12
Microsoft OMI Management Interface Authentication Bypass
Posted Oct 28, 2021
Authored by Spencer McIntyre, wvu, Nir Ohfeld, Shir Tamari | Site metasploit.com

By removing the authentication header, an attacker can issue an HTTP request to the OMI management endpoint that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 (released September 8th 2021).

tags | exploit, web, root
advisories | CVE-2021-38647
SHA-256 | fdef0aef0e912b6be1749a8d91235a8ce5f95d8c64ee36efaa66917951a81206
Apple Security Advisory 2021-10-26-11
Posted Oct 28, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-10-26-11 - tvOS 15 addresses bypass, code execution, denial of service, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple
advisories | CVE-2013-0340, CVE-2021-30808, CVE-2021-30809, CVE-2021-30810, CVE-2021-30814, CVE-2021-30818, CVE-2021-30823, CVE-2021-30831, CVE-2021-30834, CVE-2021-30835, CVE-2021-30836, CVE-2021-30837, CVE-2021-30840, CVE-2021-30841, CVE-2021-30842, CVE-2021-30843, CVE-2021-30846, CVE-2021-30847, CVE-2021-30849, CVE-2021-30850, CVE-2021-30851, CVE-2021-30852, CVE-2021-30854, CVE-2021-30857, CVE-2021-30866, CVE-2021-30884
SHA-256 | ebc2c5586dda25fcb5f1755935d9df8d22fe96d473608b04490304ef6ab1c4c2
Apple Security Advisory 2021-10-26-10
Posted Oct 28, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-10-26-10 - watchOS 8 addresses bypass, code execution, denial of service, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple
advisories | CVE-2013-0340, CVE-2021-30808, CVE-2021-30809, CVE-2021-30810, CVE-2021-30811, CVE-2021-30814, CVE-2021-30818, CVE-2021-30823, CVE-2021-30831, CVE-2021-30834, CVE-2021-30835, CVE-2021-30836, CVE-2021-30837, CVE-2021-30840, CVE-2021-30841, CVE-2021-30842, CVE-2021-30843, CVE-2021-30846, CVE-2021-30847, CVE-2021-30849, CVE-2021-30851, CVE-2021-30852, CVE-2021-30854, CVE-2021-30855, CVE-2021-30857, CVE-2021-30866
SHA-256 | c5261977f132d063b33bfb8ae7574fbc455fc4460c7118b7e500205e5c5300a6
Virus.Win32.Ipamor.c MVID-2021-0380 Unauthenticated Reboot
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Virus.Win32.Ipamor.c malware suffers from an unauthenticated remote system reboot vulnerability.

tags | exploit, remote, virus
systems | windows
SHA-256 | 84db975e201fa02c407f637fb81a3da8c99949352d8dcd96e7019bd77a849227
Backdoor.Win32.Antilam.14.o MVID-2021-0379 Remote Command Execution
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Antilam.14.o malware suffers from an unauthenticated remote command execution vulnerability.

tags | exploit, remote
systems | windows
SHA-256 | e3ec579760331c3311245a4085bc3f661d2fcb2136789fb325b557865cc8541e
Apple Security Advisory 2021-10-26-9
Posted Oct 28, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-10-26-9 - iOS 15 and iPadOS 15 addresses code execution, denial of service, out of bounds read, spoofing, and use-after-free vulnerabilities.

tags | advisory, denial of service, spoof, vulnerability, code execution
systems | apple, ios
advisories | CVE-2013-0340, CVE-2021-30808, CVE-2021-30809, CVE-2021-30810, CVE-2021-30811, CVE-2021-30814, CVE-2021-30815, CVE-2021-30816, CVE-2021-30818, CVE-2021-30819, CVE-2021-30825, CVE-2021-30826, CVE-2021-30831, CVE-2021-30834, CVE-2021-30835, CVE-2021-30836, CVE-2021-30837, CVE-2021-30838, CVE-2021-30840, CVE-2021-30841, CVE-2021-30842, CVE-2021-30843, CVE-2021-30846, CVE-2021-30847, CVE-2021-30848, CVE-2021-30849
SHA-256 | 58d06760b57771902a8c3f6b64d1ccec806b30ce2ef20836de59cb0ce4327904
Apple Security Advisory 2021-10-26-8
Posted Oct 28, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-10-26-8 - Safari 15 addresses bypass, code execution, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2021-30809, CVE-2021-30818, CVE-2021-30823, CVE-2021-30846, CVE-2021-30848, CVE-2021-30849, CVE-2021-30851
SHA-256 | c1e6de671257272645ffee09d3fc62a44e6f863f26b481fc5ada1161911eb119
HEUR.Backdoor.Win32.Generic MVID-2021-0378 Unauthenticated Open Proxy
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

HEUR.Backdoor.Win32.Generic malware suffers from an unauthenticated open proxy vulnerability.

tags | exploit
systems | windows
SHA-256 | 63970f0c1a53eb495ab4fe23cb39480889a373c2b844d7684e1533cf0dc070e3
Backdoor.Win32.Mazben.es MVID-2021-0377 Unauthenticated Open Proxy
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Mazben.es malware suffers from an unauthenticated open proxy vulnerability.

tags | exploit
systems | windows
SHA-256 | 173e6bf535ccd9b1964aaa19cd997d19c2e872f9160e2af34af09f1a13421313
Hostel Management System 2.1 Cross Site Request Forgery / Cross Site Scripting
Posted Oct 28, 2021
Authored by Anubhav Singh

Hostel Management System version 2.1 suffers from cross site request forgery and cross site scripting vulnerabilities. Original discovery of cross site scripting in this version is attributed to Kokn3t in October of 2020.

tags | exploit, vulnerability, xss, csrf
SHA-256 | c25a1cf3e43fddf34b3dba5ae1ca94327edad0924a642a4cba70ea26c887ae6b
Backdoor.Win32.Hupigon.afjk MVID-2021-0376 Authentication Bypass / Code Execution
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.afjk malware suffers from bypass and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
SHA-256 | e88083e56cc22443cfc05356ba29a0167905e994f2e84a847ee2ae8ae05f67e4
Apple Security Advisory 2021-10-26-7
Posted Oct 28, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-10-26-7 - tvOS 15.1 addresses buffer overflow, code execution, cross site scripting, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution, xss
systems | apple
advisories | CVE-2021-30881, CVE-2021-30883, CVE-2021-30886, CVE-2021-30887, CVE-2021-30888, CVE-2021-30889, CVE-2021-30890, CVE-2021-30894, CVE-2021-30895, CVE-2021-30896, CVE-2021-30905, CVE-2021-30906, CVE-2021-30907, CVE-2021-30909, CVE-2021-30910, CVE-2021-30915, CVE-2021-30917, CVE-2021-30919
SHA-256 | afe34c7e18a2cd09d033c4966263d5f779242a387c7c97b8d682a440fffd3e78
Apple Security Advisory 2021-10-26-6
Posted Oct 28, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-10-26-6 - watchOS 8.1 addresses buffer overflow, code execution, cross site scripting, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution, xss
systems | apple
advisories | CVE-2021-30881, CVE-2021-30883, CVE-2021-30886, CVE-2021-30887, CVE-2021-30888, CVE-2021-30889, CVE-2021-30890, CVE-2021-30895, CVE-2021-30896, CVE-2021-30905, CVE-2021-30906, CVE-2021-30907, CVE-2021-30909, CVE-2021-30915, CVE-2021-30917, CVE-2021-30919
SHA-256 | 1ad304279232ddfec9d86b861d672344e79ab63f6240b126163d98fbe088873c
Backdoor.Win32.Hupigon.afjk MVID-2021-0375 Man-In-The-Middle
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.afjk malware suffers from a man-in-the-middle vulnerability.

tags | exploit
systems | windows
SHA-256 | 6b2f003a1b543353ead8da56a0fc62fb2a653d2e3664170784d65781cd8aa71d
Backdoor.Win32.Hupigon.afjk MVID-2021-0374 Directory Traversal
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.afjk malware suffers from a directory traversal vulnerability.

tags | exploit
systems | windows
SHA-256 | 05d61f0a82f4efaed311b1b2abb9498038be8c7827ab8ec304b31ae59c970d88
Backdoor.Win32.Hupigon.acio MVID-2021-0373 Unauthenticated Open Proxy
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.acio malware suffers from an unauthenticated open proxy vulnerability.

tags | exploit
systems | windows
SHA-256 | eb96ad8d71f6c7c5b23f5e004070435ee69ec0fed3803691669fa6154b7986f0
WordPress Supsystic Contact Form 1.7.18 Cross Site Scripting
Posted Oct 28, 2021
Authored by Murat Demirci

WordPress Supsystic Contact Form plugin version 1.7.18 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3323df57b8923efdf98df1404c93ea1e5214d151574ad10b00cb85081bd9cc42
Apple Security Advisory 2021-10-26-5
Posted Oct 28, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-10-26-5 - Security Update 2021-007 Catalina addresses code execution, integer overflow, out of bounds read, and out of bounds write vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2021-30821, CVE-2021-30824, CVE-2021-30834, CVE-2021-30876, CVE-2021-30877, CVE-2021-30879, CVE-2021-30880, CVE-2021-30881, CVE-2021-30892, CVE-2021-30899, CVE-2021-30901, CVE-2021-30905, CVE-2021-30907, CVE-2021-30909, CVE-2021-30910, CVE-2021-30911, CVE-2021-30912, CVE-2021-30915, CVE-2021-30916, CVE-2021-30917, CVE-2021-30919
SHA-256 | a875bea79cc57d5873eed09e410bb1b7743805f2fb64a3692f7e43a5398e8665
Backdoor.Win32.Hupigon.acio MVID-2021-0372 Unquoted Service Path
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.acio malware suffers from an unquoted service path vulnerability.

tags | exploit
systems | windows
SHA-256 | 29b17d8a1dde1549c3b2a9f5bbbd0cadd035ff28ff9aa377cebbe1166a6cdfc7
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close