what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2021-12-10

Ubuntu Security Notice USN-5186-1
Posted Dec 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5186-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct spoofing attacks, bypass CSP restrictions, or execute arbitrary code. A security issue was discovered with the handling of WebExtension permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to create and install a service worker that wouldn't be uninstalled with the extension. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2021-43536, CVE-2021-43539, CVE-2021-43540, CVE-2021-43541, CVE-2021-43545, CVE-2021-43546
SHA-256 | d44d136059fcda89f1c96e0aa8cb1ab7bc80a28edd13ec2a2a32a862b61d0c3f
nfstream 6.4.0
Posted Dec 10, 2021
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Introduced Windows platform official support. Introduced System Visibility feature. Introduced Python 3.10 official support. nDPI maintenance update. Patched for RPI platforms cores detection.
tags | tool, python
systems | unix
SHA-256 | 369fe89e7da8435660ca7f306819da93d1d4211c8d6d85fd92f2db639a11d021
Red Hat Security Advisory 2021-5070-02
Posted Dec 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5070-02 - An update for python-django20 is now available for Red Hat OpenStack Platform 16.1 (Train). Issues addressed include local file inclusion, remote file inclusion, server-side request forgery, and traversal vulnerabilities.

tags | advisory, remote, local, vulnerability, python, file inclusion
systems | linux, redhat
advisories | CVE-2021-28658, CVE-2021-31542, CVE-2021-3281, CVE-2021-33203, CVE-2021-33571
SHA-256 | ffda29beeea0e12945c6104476712c3a616df43c26b412c9ebce4eee73c3f2a8
OpenCATS 0.9.4 Remote Code Execution
Posted Dec 10, 2021
Authored by Nicholas Ferreira

OpenCATS version 0.9.4 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | e7ff0cc62cfad44e30b93e807a8b4734da83818fcd754cefa8c8cb6c43f7025d
Red Hat Security Advisory 2021-5072-01
Posted Dec 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5072-01 - A highly-available key value store for shared configuration.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-31525, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198
SHA-256 | a2bcb1ef88e5d083f6f1ef9f98208fa1e3794f337bde2fe1a49b21b21ea8c205
Free School Management Software 1.0 Cross Site Scripting
Posted Dec 10, 2021
Authored by fuzzyap1

Free School Management Software version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 879875706e6b66f816720b0afa5a9605962c5bb0774b705d2796e3124ebd666e
Free School Management Software 1.0 Shell Upload
Posted Dec 10, 2021
Authored by fuuzap1

Free School Management Software version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | a810bf3a77fe9f553633332116ee660e8defd82838d449a3d9d018f2c7fc8411
Polkit CVE-2021-3560 Research
Posted Dec 10, 2021
Authored by Tanishq Sharma, Shikhar Saxena, Rushil Saxena

This document covers a vulnerability in policy kit (polkit) used on many Linux distributions, which enables an unprivileged local user to get a privileged shell (root) on the system by manually sending dbus messages to the dbus-daemon, then killing the request before it has been fully processed.

tags | exploit, paper, shell, local, root
systems | linux
advisories | CVE-2021-3560
SHA-256 | ff7bcacb2c7403598821beac18efca74a1f7003754707a0f87aff49223d1293a
Red Hat Security Advisory 2012-5055-03
Posted Dec 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-5055-03 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.4.0. Issues addressed include buffer overflow, bypass, denial of service, and spoofing vulnerabilities.

tags | advisory, denial of service, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-43528, CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546
SHA-256 | 61b4bec841e680bb9a5571f36321dbeaf52b939212f9b957e57c9c5429cb53aa
Red Hat Security Advisory 2021-5071-01
Posted Dec 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5071-01 - Eventlet is a networking library written in Python. It achieves high scalability by using non-blocking io while at the same time retaining high programmer usability by using coroutines to make the non-blocking io operations appear blocking at the source code level. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, python
systems | linux, redhat
advisories | CVE-2021-21419
SHA-256 | 50fe298ac47eb901a386ecd9eb2bc7b0461f012ae16446e85fea898046de6b78
Red Hat Security Advisory 2021-5065-05
Posted Dec 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5065-05 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3930
SHA-256 | 2972402991f09d373980eb4e3eeee23e57db172ad950aeeaa09dfecd2725604e
Apache Log4j2 2.14.1 Remote Code Execution
Posted Dec 10, 2021
Authored by tangxiaofeng7 | Site github.com

Apache Log4j2 versions 2.14.1 and below proof of concept remote code execution exploit. JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.

tags | exploit, remote, arbitrary, code execution, proof of concept
advisories | CVE-2021-44228
SHA-256 | c8d0355e439c74ae436d3c409fe4b1f7b1c6c2d6fb97d2375bbaa49de94f642b
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close