what you don't know can hurt you
Showing 1 - 23 of 23 RSS Feed

Files Date: 2021-12-16

Ubuntu Security Notice USN-5195-1
Posted Dec 16, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5195-1 - It was discovered that the Mumble client supported websites for public servers with arbitrary URL schemes. If a user were tricked into visiting a malicious website from the public server list, a remote attacker could possibly execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-27229
SHA-256 | 7982db35b5161dab2bbb12bb3966a2883c2de56574256f7851dbc2abd89d0c4e
Red Hat Security Advisory 2021-5106-04
Posted Dec 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5106-04 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-44228, CVE-2021-45046
SHA-256 | 3eae04a0c0d140e6c2880ef3fcf5ffc8a3fa7ad03800bcec38b01dd6d100b835
Chrome NavigationPreloadRequest Site Isolation Bypass
Posted Dec 16, 2021
Authored by Google Security Research, Glazvunov

Chrome suffers from a site isolation bypass vulnerability in NavigationPreloadRequest.

tags | exploit, bypass
advisories | CVE-2021-38010
SHA-256 | c9ae23bee94814ab6b61e9a833062d8e293e2578a25f1bb12700b1b43ab9d235
Chrome ThreadedIconLoader::DecodeAndResizeImageOnBackgroundThread Heap Use-After-Free
Posted Dec 16, 2021
Authored by Google Security Research, Glazvunov

Chrome suffers from a heap use-after-free vulnerability in ThreadedIconLoader::DecodeAndResizeImageOnBackgroundThread.

tags | exploit
advisories | CVE-2021-38005
SHA-256 | 71808e6bb0dde08cb3a27713b43d7dc091dfb113ccf137e1c64ebecc641c8d58
Chrome blink::NativeIOFile::DoRead Heap Use-After-Free
Posted Dec 16, 2021
Authored by Google Security Research, Glazvunov

Chrome suffers from a heap use-after-free vulnerability in blink::NativeIOFile::DoRead.

tags | exploit
advisories | CVE-2021-38006
SHA-256 | c59d2ce9fc476860bcf31c9b55f9ea51508a55eab0465bddfe51b527a15f6556
Red Hat Security Advisory 2021-5148-01
Posted Dec 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5148-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-4104, CVE-2021-44228, CVE-2021-45046
SHA-256 | 02a5b690aa5f3da55df25dda2d010d06447d07d94d25558ea088f3969b67548e
Red Hat Security Advisory 2021-5150-03
Posted Dec 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5150-03 - This release of Red Hat JBoss Enterprise Application Platform 7.3.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.10 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-20289, CVE-2021-3629, CVE-2021-3642, CVE-2021-3717, CVE-2021-37714, CVE-2021-40690
SHA-256 | e85e9000dde17f481a5731cd48390f0fbb11a27b285e3a42bc9ca052fc015555
Cibele Thinfinity VirtualUI 2.5.41.0 User Enumeration
Posted Dec 16, 2021
Authored by Daniel Morales

Cibele Thinfinity VirtualUI version 2.5.41.0 suffers from a user enumeration vulnerability.

tags | exploit
advisories | CVE-2021-44848
SHA-256 | 39d7ffc79ae7397d98788aff90bdfed85b7f4f83119f35bbad17c81f5e26f817
Red Hat Security Advisory 2021-5141-05
Posted Dec 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5141-05 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-4104, CVE-2021-44228, CVE-2021-45046
SHA-256 | d104c2bf92437579cc766d146cc5008946b64edbdda10703332f4b2472913b2e
Ubuntu Security Notice USN-5197-1
Posted Dec 16, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5197-1 - It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. An attacker could use this vulnerability to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2021-44228
SHA-256 | 98b3f5b50a143e8a3a3208e07f10d613b0d893802d8c93bdbe54f46ef75abb9b
Croogo 3.0.2 Shell Upload
Posted Dec 16, 2021
Authored by Enes Ozeser

Croogo version 3.0.2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 3a04ff1dfec3aab098b84715684f0a420cf96ee4839eaacdbdb874ecdbfa4d98
Croogo 3.0.2 Cross Site Scripting
Posted Dec 16, 2021
Authored by Enes Ozeser

Croogo version 3.0.2 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 89c11614f603a17a9123e0d6fe6a54da8e77fee8c5ba7bff8bb73f3367514114
Red Hat Security Advisory 2021-5154-04
Posted Dec 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5154-04 - This release of Red Hat JBoss Enterprise Application Platform 7.3.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.10 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-20289, CVE-2021-3629, CVE-2021-3642, CVE-2021-3717, CVE-2021-37714, CVE-2021-40690
SHA-256 | adfdf251d26cf53c9dac873caa8ba7a73629a880ec6c3afc58caaf6c4485b9b4
Red Hat Security Advisory 2021-5160-04
Posted Dec 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5160-04 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-44716, CVE-2021-44717
SHA-256 | bd22f51652606ba8528084fa69f650aada1f8e8f300276b82b0c22f9cfa5b192
CurveBall Windows CryptoAPI Spoofing
Posted Dec 16, 2021
Authored by Payal Mittal

Whitepaper titled CurveBall Windows CryptoAPI Spoofing that discusses the CVE-2021-0601 vulnerability.

tags | paper, spoof
systems | windows
advisories | CVE-2021-0601
SHA-256 | 728bd43bdaed0560d5327ad21645854d75e4367110b510fd004bcf6753926332
Arunna 1.0.0 Cross Site Request Forgery
Posted Dec 16, 2021
Authored by L_L

Arunna version 1.0.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | d5c890b2168176da3e283b88369cf7533bc55ab6c35b1bcb228e845915ea6560
Red Hat Security Advisory 2021-5151-01
Posted Dec 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5151-01 - This release of Red Hat JBoss Enterprise Application Platform 7.3.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.10 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-20289, CVE-2021-3629, CVE-2021-3642, CVE-2021-3717, CVE-2021-37714, CVE-2021-40690
SHA-256 | 8aced2ea2f3db3ab202ff3a9d45dc61d7c78032e4c5633894e4d48bf4e25409c
Red Hat Security Advisory 2021-5170-01
Posted Dec 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5170-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.10 serves as a replacement for Red Hat Single Sign-On 7.4.9, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include an information leakage vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-20289, CVE-2021-3629, CVE-2021-3642, CVE-2021-3717, CVE-2021-37714, CVE-2021-40690
SHA-256 | 7574e9d9a51e537267bd70407996077232803ce301b3fe0069d0d580ddb38725
Red Hat Security Advisory 2021-5149-05
Posted Dec 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5149-05 - This release of Red Hat JBoss Enterprise Application Platform 7.3.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.10 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-20289, CVE-2021-3629, CVE-2021-3642, CVE-2021-3717, CVE-2021-37714, CVE-2021-40690
SHA-256 | 0e2ab48ce2c381158112e592f0331bf5dc51b8a4262304ef8c1c512c78060894
Untrusted Data Deserialization In Jsoniter
Posted Dec 16, 2021
Authored by Adi Malyanker, Ivan Reyes

Whitepaper discussing untrusted data deserialization in jsoniter. Written in Spanish.

tags | paper
SHA-256 | bfcbc92c461eee304f389597423031549d816389de0416f3fa662b1cb15e3995
Child's Day Care Management System 1.0 SQL Injection
Posted Dec 16, 2021
Authored by nu11secur1ty

Child's Day Care Management System version 1.0 appears to be susceptible to a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2ea94ac978b5aa60a26c4d9bd9eb72c324615fd8a21c32a1d75560e6f8567b12
Polkit CVE-2021-3560 Overview
Posted Dec 16, 2021
Authored by Julio Cesar Baltazar Sainz

Whitepaper that gives an overview of the Polkit vulnerability as discussed in CVE-2021-3560. Written in Spanish.

tags | paper
advisories | CVE-2021-3560
SHA-256 | a41b8393ce5c22e793b28b10b8d6c72d64b22b0b06202998991ab9e195b4ef1c
DNS Spoofing
Posted Dec 16, 2021
Authored by Rodriguez Padilla Luis, Cortes Leyva Carla

This is a whitepaper that discusses DNS spoofing. Written in Spanish.

tags | paper, spoof
SHA-256 | f2ea4bf58281fa68bc973561373c15277c62566c003a2f7a9096cddecd79929e
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close