what you don't know can hurt you
Showing 1 - 24 of 24 RSS Feed

Files Date: 2021-12-09

Red Hat Security Advisory 2021-5047-02
Posted Dec 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5047-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.4.0. Issues addressed include buffer overflow, bypass, denial of service, and spoofing vulnerabilities.

tags | advisory, denial of service, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-43528, CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546
MD5 | 5add48efa2636bfbe6496a47345a6db1
Red Hat Security Advisory 2021-5036-04
Posted Dec 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5036-04 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3748
MD5 | 94801381fc1caece5ede27946dd9349a
Ubuntu Security Notice USN-5183-1
Posted Dec 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5183-1 - Julian Rauchberger discovered that BlueZ incorrectly handled memory when processing SDP attribute requests. A remote attacker could use this issue to cause BlueZ to crash, leading to a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-8922
MD5 | a234da3acdba27985d86e55366a94ecb
Grafana 8.3.0 Directory Traversal / Arbitrary File Read
Posted Dec 9, 2021
Authored by s1gh

Grafana version 8.3.0 suffers from a directory traversal vulnerability that can allow for arbitrary file reading.

tags | exploit, arbitrary, file inclusion
advisories | CVE-2021-43798
MD5 | 6c5e75e53691c8f37a2a3aa15b286cca
Red Hat Security Advisory 2021-5045-02
Posted Dec 9, 2021
Site access.redhat.com

Red Hat Security Advisory 2021-5045-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.4.0. Issues addressed include buffer overflow, bypass, denial of service, and spoofing vulnerabilities.

advisories | CVE-2021-43528, CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546
MD5 | 57ff8ec38b916b39bae3871375856f75
Red Hat Security Advisory 2021-5045-02
Posted Dec 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5045-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.4.0. Issues addressed include buffer overflow, bypass, denial of service, and spoofing vulnerabilities.

tags | advisory, denial of service, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-43528, CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546
MD5 | 57ff8ec38b916b39bae3871375856f75
Red Hat Security Advisory 2021-5048-02
Posted Dec 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5048-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.4.0. Issues addressed include buffer overflow, bypass, denial of service, and spoofing vulnerabilities.

tags | advisory, denial of service, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-43528, CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546
MD5 | a92c0c5210a60e2b9181008231f536fa
Mail Information Gathering AppScript
Posted Dec 9, 2021
Authored by Carla Cortes Leyva, Luis David Rodriguez Padilla

Whitepaper called Mail Information Gathering AppScript. This paper contains the exploitation of vulnerabilities for collecting email information using Google utilities via App Script using the Gmail App class. This paper exposes the design of a web application that collects mail information from users with associated Google mail accounts.

tags | paper, web, vulnerability
MD5 | 2a97ced0b87d5a5d037a7ddd5fa3969f
Microsoft MSHTML Remote Code Execution
Posted Dec 9, 2021
Authored by Tanishq Sharma, Shikhar Saxena, Rushil Saxena, Utkarsh Shrivastava

This whitepaper is an overview on the Microsoft MSHTML remote code execution vulnerability recently highlighted in CVE-2021-40444.

tags | paper, remote, code execution
MD5 | 894754e7467d4a5ae3ac2f47e0fef738
Microsoft Office Word MSHTML Remote Code Execution
Posted Dec 9, 2021
Authored by LockedByte, Ramella Sebastien, thesunRider, klezVirus | Site metasploit.com

This Metasploit module creates a malicious docx file that when opened in Word on a vulnerable Windows system will lead to code execution. This vulnerability exists because an attacker can craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine.

tags | exploit, code execution, activex
systems | windows
advisories | CVE-2021-40444
MD5 | 950d0214377d16512d5d7d9de198ebbc
Red Hat Security Advisory 2021-5046-03
Posted Dec 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5046-03 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.4.0. Issues addressed include buffer overflow, bypass, denial of service, and spoofing vulnerabilities.

tags | advisory, denial of service, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-43528, CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546
MD5 | 2b8747a537a8298f32aa54a0eb83430b
LimeSurvey 5.2.4 Remote Code Execution
Posted Dec 9, 2021
Authored by Y1LD1R1M

LimeSurvey version 5.2.4 remote code execution exploit with a reverse shell.

tags | exploit, remote, shell, code execution
MD5 | e1d52ecb79962786241142f3afd2820c
TestLink 1.19 Arbitrary File Download
Posted Dec 9, 2021
Authored by Gonzalo Villegas

TestLink versions 1.16 through 1.19 suffer from an arbitrary file download vulnerability.

tags | exploit, arbitrary
MD5 | 662aeacc4ee54a2b4a00f029b7ef1784
Red Hat Security Advisory 2021-5038-04
Posted Dec 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5038-04 - Red Hat Advanced Cluster Management for Kubernetes 2.2.10 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console — with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide security fixes, bug fixes and container upgrades. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-20673, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-12762, CVE-2020-13435, CVE-2020-14145, CVE-2020-14155, CVE-2020-16135, CVE-2020-24370, CVE-2020-36385, CVE-2021-20231, CVE-2021-20232, CVE-2021-20266, CVE-2021-20271, CVE-2021-20317, CVE-2021-22876, CVE-2021-22898, CVE-2021-22925, CVE-2021-22946, CVE-2021-22947
MD5 | 27e7585e0a77fc04e670310f078fb124
Red Hat Security Advisory 2021-5053-03
Posted Dec 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5053-03 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-36385, CVE-2021-43527
MD5 | c23b5fb872e243031160cb17d1196083
WordPress Catch Themes Demo Import 1.6.1 Shell Upload
Posted Dec 9, 2021
Authored by Ron Jost

WordPress Catch Themes Demo Import plugin versions 1.6.1 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2021-39352
MD5 | 77bc8d74fffb95e311d4b76492ed6bdc
MTPutty 1.0.1.21 SSH Password Disclosure
Posted Dec 9, 2021
Authored by Sedat Ozdemir

MTPutty version 1.0.1 suffers from an SSH password disclosure vulnerability.

tags | exploit, info disclosure
MD5 | ae8afd1fb39130d84c7242ec85b59b8c
Red Hat Security Advisory 2021-5030-01
Posted Dec 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5030-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-35556, CVE-2021-35559, CVE-2021-35560, CVE-2021-35564, CVE-2021-35565, CVE-2021-35578, CVE-2021-35586, CVE-2021-41035
MD5 | 3b998439cd6030eb1c56021e4b0f09cd
Chikitsa Patient Management System 2.0.2 Plugin Remote Code Execution
Posted Dec 9, 2021
Authored by 0z09e

Chikitsa Patient Management System version 2.0.2 suffers from a plugin related authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | ef6db80175b703f905621cde401d57b9
Chikitsa Patient Management System 2.0.2 Backup Remote Code Execution
Posted Dec 9, 2021
Authored by 0z09e

Chikitsa Patient Management System version 2.0.2 suffers from a backup related authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 27d9f9022be23e17e9a61b08c1278e0a
Employees Daily Task Management System 1.0 SQL Injection
Posted Dec 9, 2021
Authored by able403

Employees Daily Task Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | dc63668edab1dc7baf530ffbbb4e5ba0
Employees Daily Task Management System 1.0 Cross Site Scripting
Posted Dec 9, 2021
Authored by able403

Employees Daily Task Management System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities. Original discovery of this vulnerability it attributed to Ragavender A G in November of 2021.

tags | exploit, vulnerability, xss
MD5 | 6fc995fe3a8f875d3903262a6b49e9b6
Kabir Alhasan Student Management System 1.0 SQL Injection
Posted Dec 9, 2021
Authored by Enes Ozeser

Kabir Alhasan Student Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
advisories | CVE-2020-23935
MD5 | 380cb8cbd93f5ec166d4924702670db5
Raspberry Pi 5.10 Default Credentials
Posted Dec 9, 2021
Authored by netspooky

Raspberry Pi version 5.10 has default credentials of pi/raspberry. This has been a known standard of theirs for a long time but it has been formally given a CVE.

tags | exploit
advisories | CVE-2021-38759
MD5 | d93ec1f954595b314818e65b203e583c
Page 1 of 1
Back1Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    17 Files
  • 25
    Jan 25th
    34 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close