exploit the possibilities
Showing 1 - 25 of 25 RSS Feed

Files Date: 2021-11-02

Red Hat Security Advisory 2021-4103-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4103-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.9.0 RPMs. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-15586, CVE-2020-16845, CVE-2021-3114, CVE-2021-31525
MD5 | c6337bf5be0c2bcd76a59777fed90bcb
Ubuntu Security Notice USN-5128-1
Posted Nov 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5128-1 - Goutham Pacha Ravi, Jahson Babel, and John Garbutt discovered that user credentials in Ceph could be manipulated in certain environments. An attacker could use this to gain unintended access to resources. This issue only affected Ubuntu 18.04 LTS. It was discovered that Ceph contained an authentication flaw, leading to key reuse. An attacker could use this to cause a denial of service or possibly impersonate another user. This issue only affected Ubuntu 21.04. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2020-27781, CVE-2021-20288, CVE-2021-3509, CVE-2021-3524, CVE-2021-3531
MD5 | 2995b9f052f1682434589f2a69919ada
i3 International Annexxus Cameras Ax-n 5.2.0 Application Logic Flaw
Posted Nov 2, 2021
Authored by LiquidWorm | Site zeroscience.mk

i3 International Annexxus Cameras Ax-n version 5.2.0 does not allow creation of more than one administrator account on the system. This also applies for deletion of the administrative account. The logic behind this restriction can be bypassed by parameter manipulation using dangerous verbs like PUT and DELETE and improper server-side validation. Once a normal account with viewer or operator permissions has been added by the default admin user i3admin, a PUT request can be issued calling the UserPermission endpoint with the ID of created account and set it to admin userType, successfully adding a second administrative account.

tags | exploit
MD5 | eafb74027eb4cf01b77d7062a478cdb1
Red Hat Security Advisory 2021-4100-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4100-01 - This release of Red Hat Integration - Service registry 2.0.2.GA serves as a replacement for 2.0.1.GA, and includes the below security fixes. Issues addressed include a cross site scripting vulnerability.

tags | advisory, registry, xss
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2021-20289, CVE-2021-20293
MD5 | 754feedd1a70604cce602b17c7604884
Ericsson Network Location MPS GMPC21 Privilege Escalation
Posted Nov 2, 2021
Authored by AkkuS | Site metasploit.com

This Metasploit module exploits a privilege escalation vulnerability in Ericsson Network Location Mobile Positioning Systems.

tags | exploit
MD5 | f3794288d5cda3036fe8fcf79e3e9f4b
Ericsson Network Location MPS GMPC21 Remote Code Execution
Posted Nov 2, 2021
Authored by AkkuS | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in Ericsson Network Location Mobile Positioning Systems. The export feature in various parts of the application is vulnerable. It is a feature made for the information in the tables to be exported to the server and imported later when required. Export operations contain the file_name parameter. This parameter is assigned as a variable between the server commands on the backend side. It allows command injection.

tags | exploit, arbitrary
MD5 | 33c2bf115966799ca72fea364d6ceb66
Red Hat Security Advisory 2021-4097-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4097-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include code execution and use-after-free vulnerabilities.

tags | advisory, web, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-30858
MD5 | 811723fee6cd0ac7390b83b26d8cd14f
Red Hat Security Advisory 2021-4088-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4088-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-36385, CVE-2021-0512, CVE-2021-3656
MD5 | f93e783891fe2ae84895230c0a7b00e5
Dynojet Power Core 2.3.0 Unquoted Service Path
Posted Nov 2, 2021
Authored by Pedro Sousa Rodrigues

Dynojet Power Core version 2.3.0 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | 8d1b3777c74464300d95339f69d16531
Red Hat Security Advisory 2021-4089-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4089-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6-FP35.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-2341, CVE-2021-2369
MD5 | cf700712fff2010fae2a7a28361f6ad4
EuskalHack Security Congress V Call For Papers
Posted Nov 2, 2021
Site euskalhack.org

EuskalHack Security Congress Fifth Edition is a new proposal from the EuskalHack Computer Security Association, with the aim to promote the community growth and the culture in the digital security field. As usual, in this new edition proximity to our public and technical quality will be our hallmarks. This exclusive conference is shaping up as the most relevant in Basque Country, with an estimated 180 attendees for this fifth edition. The participants include specialized companies, public organisms, state security organizations, professionals, hobbyists and students in the area of security and Information Technology. The date for the conference is the 24th and 25th of June 2022 in the lovely city of Donostia San Sebastian.

tags | paper, conference
MD5 | 68885ff707c91f8d3a593e10a1b02a56
Ubuntu Security Notice USN-5121-2
Posted Nov 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5121-2 - USN-5009-1 fixed vulnerabilities in Mailman. This update provides the corresponding updates for Ubuntu 20.04 LTS. It was discovered that Mailman allows arbitrary content injection. An attacker could use this to inject malicious content. It was discovered that Mailman improperly sanitize the MIME content. An attacker could obtain sensitive information by sending a special type of attachment.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-12108, CVE-2020-12137, CVE-2021-42096, CVE-2021-42097
MD5 | 3a567963a1873ad7347c1ff42ff0b087
Employee Record Management System 1.2 SQL Injection
Posted Nov 2, 2021
Authored by Anubhav Singh

Employee Record Management System version 1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 64c5ee572d52c8d1569579c8a9efcc19
Red Hat Security Advisory 2021-4057-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4057-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, python
systems | linux, redhat
advisories | CVE-2021-3733
MD5 | 39c23ecee2e539fa8f746c5d051985d5
Red Hat Security Advisory 2021-4059-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4059-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2021-22946, CVE-2021-22947
MD5 | 66ea7847ec869ef49cda5af4f7b46de9
10-Strike Network Inventory Explorer Pro 9.31 Buffer Overflow
Posted Nov 2, 2021
Authored by ro0k

10-Strike Network Inventory Explorer Pro version 9.31 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 6f85da51b5b5e3e9bd5019a35ddd5bc7
WordPress Pie Register 3.7.1.4 Authentication Bypass / Remote Code Execution
Posted Nov 2, 2021
Authored by h00die, Lotfi13-DZ | Site metasploit.com

This Metasploit module uses an authentication bypass vulnerability in Wordpress Pie Register plugin versions 3.7.1.4 and below to generate a valid cookie. With this cookie, hopefully of the admin, it will generate a plugin, pack the payload into it and upload it to a server running WordPress.

tags | exploit, bypass
MD5 | 46210089a3df2c00df7886dadf56127c
Red Hat Security Advisory 2021-4058-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4058-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-20254
MD5 | dbb88b7284ebc4060465373ad5ac43bb
Ubuntu Security Notice USN-5127-1
Posted Nov 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5127-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2021-30846
MD5 | a8ca846c0d89b6b12173bca5adbf9593
Codiad 2.8.4 Shell Upload
Posted Nov 2, 2021
Authored by P4p4_M4n3

Codiad version 2.8.4 remote reverse shell upload exploit. Original discovery of code execution in this version is attributed to WangYihang in 2018.

tags | exploit, remote, shell, code execution
MD5 | 221c2c5e5a6e53dff35451f35d9e550e
Red Hat Security Advisory 2021-4060-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4060-01 - The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2021-33928, CVE-2021-33929, CVE-2021-33930, CVE-2021-33938
MD5 | 0d603cfe14f6d2d902541f8049223aa2
Red Hat Security Advisory 2021-4056-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4056-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-36385, CVE-2021-0512, CVE-2021-3656
MD5 | 2ac6ae83cce2ceae9c8d61aeafc07d9d
Red Hat Security Advisory 2021-4044-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4044-01 - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2021-41133
MD5 | 01a625e47e4091db3ec9bb015adf3bbb
Kingdia CD Extractor 3.0.2 Buffer Overflow
Posted Nov 2, 2021
Authored by Achilles

Kingdia CD Extractor version 3.0.2 suffers from a SEH buffer overflow vulnerability.

tags | exploit, overflow
MD5 | bf2495b755a53c53f975a1282de15c6f
YouTube Video Grabber 1.9.9.1 Buffer Overflow
Posted Nov 2, 2021
Authored by Achilles

YouTube Video Grabber version 1.9.9.1 suffers from a SEH buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 72f2981d1522b349926255593fc3cc29
Page 1 of 1
Back1Next

File Archive:

December 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    18 Files
  • 2
    Dec 2nd
    11 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close