exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2021-12-14

Ubuntu Security Notice USN-5192-1
Posted Dec 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5192-1 - Chen Zhaojun discovered that Apache Log4j 2 allows remote attackers to run programs via a special crafted input. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-44228
SHA-256 | db8d868faa2e79741f709febd374290428acbc5e94b0ef95edb5b3076e0378b2
Sofico Miles RIA 2020.2 Build 127964T Cross Site Scripting
Posted Dec 14, 2021
Authored by Oualid Lkhaouni | Site sec-consult.com

Sofico Miles RIA version 2020.2 build 127964T suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-41557
SHA-256 | 89ae9e65148be9a737109dbcef8ece7d4d42ee0915265992d90935cdee23a1ff
Ubuntu Security Notice USN-5191-1
Posted Dec 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5191-1 - It was discovered that Flatpak incorrectly handled certain AF_UNIX sockets. An attacker could use this to specially craft a Flatpak application that could escape sandbox confinement.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-41133
SHA-256 | 13e677aac12331d0f18f3c7387254eb1d49ece688d301c5fd764c5a76a7b2a94
Laravel Valet 2.0.3 Privilege Escalation
Posted Dec 14, 2021
Authored by leonjza

Laravel Valet version 2.0.3 local privilege escalation exploit for macOS.

tags | exploit, local
SHA-256 | 2c127d95d2ce5f88d9a84b080c89d8e3adb9a2ae6896312ed14c58295860de08
Red Hat Security Advisory 2021-5086-06
Posted Dec 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5086-06 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include a path sanitization vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-8565, CVE-2021-32803, CVE-2021-32804, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558, CVE-2021-37701, CVE-2021-37712
SHA-256 | 774e5117e6048e40bc0540ccd8f805fad79e574958c9975e3e273b6f6ba3280c
WordPress Typebot 1.4.3 Cross Site Scripting
Posted Dec 14, 2021
Authored by Mansi Singh

WordPress TypeBot plugin version 1.4.3 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 457eb79e4b3780d71d54d7e0f9753d5fe1e7c3cc3c0931ef95a04efdf0bf3a16
meterN 1.2.3 Remote Command Execution
Posted Dec 14, 2021
Authored by LiquidWorm | Site zeroscience.mk

meterN version 1.2.3 suffers from an authenticated remote command execution vulnerability.

tags | exploit, remote
SHA-256 | d03478d19f799c6fe12536a7b5353c838ea40fb8825294f625cab67028553daa
Online Thesis Archiving System 1.0 SQL Injection / Cross Site Scripting
Posted Dec 14, 2021
Authored by Yehia Elghaly

Online Thesis Archiving System version 1.0 suffers from remote SQL injection and persistent cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | b6d330aa862e5b79c6c3d743e169a392714f826da0562f8a704df30f58ccfb0e
Ubuntu Security Notice USN-5174-2
Posted Dec 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5174-2 - USN-5174-1 fixed vulnerabilities in Samba. Some of the changes introduced a regression in Kerberos authentication in certain environments. This update fixes the problem.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-2124, CVE-2020-25717, CVE-2020-25722, CVE-2021-3671
SHA-256 | 94cb64ff0292b0a999aaa0506f608776fc641f072e85a0d0123da728e800bdff
Apache Log4j2 2.14.1 Remote Code Execution
Posted Dec 14, 2021
Authored by z9fr, kozmer, svmorris

Apache Log4j2 versions 2.0-beta-9 and 2.14.1 remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2021-44228
SHA-256 | de62729a1c1d7a301abfc3f60ee8a5248958962c2fdc2b6444dd47cbfe0d4d57
Ticket Booking 1.0 SQL Injection
Posted Dec 14, 2021
Authored by nu11secur1ty

Ticket Booking version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b7eaf0dd796e6b929ff99d0b8034ecc62fa7eca376cbcc212d5572c6ebdac267
Red Hat Security Advisory 2021-5085-08
Posted Dec 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5085-08 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-8565, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558
SHA-256 | 325da42d7e5a8c1c5b8b6859de2f7e82a9ddd3e8d47991938efe79943d4580ae
Zucchetti Axess CLOKI Access Control 1.64 Cross Site Request Forgery
Posted Dec 14, 2021
Authored by LiquidWorm | Site zeroscience.mk

Zucchetti Axess CLOKI Access Control version 1.64 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 5ee851be27389c34fce6b6b8f31ca356b97517cee36216ebce3cf2a59bf0d6a4
Ubuntu Security Notice USN-5142-3
Posted Dec 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5142-3 - USN-5142-1 fixed vulnerabilities in Samba. Some of the upstream changes introduced a regression in Kerberos authentication in certain environments. Please see the following upstream bug for more information: https://bugzilla.samba.org/show_bug.cgi?id=14922 This update fixes the problem. Various other issues were also addressed.

tags | advisory, web, cgi, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-2124, CVE-2020-25717, CVE-2020-25718, CVE-2020-25719, CVE-2020-25721, CVE-2020-25722, CVE-2021-23192, CVE-2021-3671, CVE-2021-3738
SHA-256 | c2c8fcea9831797fd889f4570b8becd0d331cdb36d976a471a6dba4dad44aa41
AbanteCart Arbitrary File Upload / Cross Site Scripting
Posted Dec 14, 2021
Authored by Ian Chong, Daniel Teo | Site sec-consult.com

AbanteCart e-commerce platform versions prior to 1.3.2 suffer from cross site scripting and file upload vulnerabilities.

tags | exploit, vulnerability, xss, file upload
advisories | CVE-2021-42050, CVE-2021-42051
SHA-256 | 1d18e94320294ca7bb9c057c9b6c90c647799d170ceda260890a08b559774f32
Red Hat Security Advisory 2021-5094-01
Posted Dec 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5094-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-44228
SHA-256 | d3ee9dee7d92bf53eec51f04d2d956614195bbc41df538a5533b4921ea778ec2
Booked Scheduler 2.7.5 Shell Upload
Posted Dec 14, 2021
Authored by 0sunday

Booked Scheduler version 2.75 authenticated remote shell upload exploit.

tags | exploit, remote, shell
advisories | CVE-2019-9581
SHA-256 | 30a249dc7b448ed72d443d639b5798fde54c89a9f852aac08948c8e555e291c2
Ubuntu Security Notice USN-5189-1
Posted Dec 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5189-1 - It was discovered that GLib incorrectly handled certain environment variables. An attacker could possibly use this issue to escalate privileges.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-3800
SHA-256 | 4a9f20564d9abf075ed5204b8ae1772ff733d4ab1a1afd1be8714dade03419e9
Apache Log4j2 2.14.1 Information Disclosure
Posted Dec 14, 2021
Authored by leonjza

Apache Log4j2 versions 2.14.1 and below information disclosure exploit.

tags | exploit, info disclosure
advisories | CVE-2021-44228
SHA-256 | ba9d5b07577a6679e74d2298770240a1846d62f9ccc75a77024d3f27444bc52b
VMware Security Advisory 2021-0028
Posted Dec 14, 2021
Authored by VMware | Site vmware.com

VMware Security Advisory 2021-0028 - VMware has released a response to the Apache Log4j remote code execution vulnerability.

tags | advisory, remote, code execution
advisories | CVE-2021-44228
SHA-256 | a056c651a773f7acb1f0214066bb3753e7654e57d372fd888b4c99d5ef667d87
OpenSSL Security Advisory 20211214
Posted Dec 14, 2021
Site openssl.org

OpenSSL Security Advisory 20211214 - Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error (for example out of memory). Such a negative return value is mishandled by OpenSSL and will cause an IO function (such as SSL_connect() or SSL_do_handshake()) to not indicate success and a subsequent call to SSL_get_error() to return the value SSL_ERROR_WANT_RETRY_VERIFY. This return value is only supposed to be returned by OpenSSL if the application has previously called SSL_CTX_set_cert_verify_callback(). Since most applications do not do this the SSL_ERROR_WANT_RETRY_VERIFY return value from SSL_get_error() will be totally unexpected and applications may not behave correctly as a result. The exact behaviour will depend on the application but it could result in crashes, infinite loops or other similar incorrect responses.

tags | advisory
advisories | CVE-2021-4044
SHA-256 | 78db018aae32942c3ccf7373e8c51e9595c7602b17e7724cf67f204ce2089d36
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close