what you don't know can hurt you
Showing 1 - 25 of 31 RSS Feed

Files Date: 2021-12-17

RootedCON 2022 Call For Papers
Posted Dec 17, 2021
Site cfp.rootedcon.com

Call For Papers for RootedCON 2022, a technology congress that will be held in Madrid, Spain March 10th through the 12th of 2022. The conference has a capacity of 2,500 to 3,000 people.

tags | paper, conference
MD5 | 1bb9974c8a98c791eb95a1766732b0d1
Ubuntu Security Notice USN-5198-1
Posted Dec 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5198-1 - It was discovered that HTMLDOC improperly handled malformed URIs from an input html file. An attacker could use this to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2021-23180
MD5 | 0e3b76b94fcbfd11235135702c8819f4
Ubuntu Security Notice USN-5199-1
Posted Dec 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5199-1 - It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex with a quadratic worst-case time complexity. Specially crafted traffic from a malicious HTTP server could cause a regular expression denial of service condition for a client. It was discovered that the Python urllib http client could enter into an infinite loop when incorrectly handling certain server responses. Specially crafted traffic from a malicious HTTP server could cause a denial of service condition for a client. Various other issues were also addressed.

tags | advisory, web, denial of service, python
systems | linux, ubuntu
advisories | CVE-2021-3733, CVE-2021-3737
MD5 | 68fee8862226337db247237c2ff2c209
Ubuntu Security Notice USN-5201-1
Posted Dec 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5201-1 - It was discovered that the Python urllib http client could enter into an infinite loop when incorrectly handling certain server responses. Specially crafted traffic from a malicious HTTP server could cause a denial of service condition for a client.

tags | advisory, web, denial of service, python
systems | linux, ubuntu
advisories | CVE-2021-3737
MD5 | 2279f9e48b64d9eeccc95d64d5633552
Ubuntu Security Notice USN-5200-1
Posted Dec 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5200-1 - It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex allowing for catastrophic backtracking. Specially crafted traffic from a malicious HTTP server could cause a regular expression denial of service condition for a client. It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex with a quadratic worst-case time complexity. Specially crafted traffic from a malicious HTTP server could cause a regular expression denial of service condition for a client. Various other issues were also addressed.

tags | advisory, web, denial of service, python
systems | linux, ubuntu
advisories | CVE-2020-8492, CVE-2021-3733, CVE-2021-3737
MD5 | 4251a42c6839da426dea0b52412de128
Apple Security Advisory 2021-12-15-7
Posted Dec 17, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-12-15-7 - Safari 15.2 addresses buffer overflow, code execution, integer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2021-30934, CVE-2021-30936, CVE-2021-30951, CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984
MD5 | 86e819d87393c94686b28bb46d2dbefd
Apple Security Advisory 2021-12-15-6
Posted Dec 17, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-12-15-6 - watchOS 8.3 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2021-30767, CVE-2021-30916, CVE-2021-30926, CVE-2021-30927, CVE-2021-30934, CVE-2021-30936, CVE-2021-30937, CVE-2021-30939, CVE-2021-30942, CVE-2021-30945, CVE-2021-30946, CVE-2021-30947, CVE-2021-30949, CVE-2021-30951, CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30955, CVE-2021-30957, CVE-2021-30958, CVE-2021-30960, CVE-2021-30964, CVE-2021-30966, CVE-2021-30968, CVE-2021-30980, CVE-2021-30984
MD5 | 6b549e9b3569bd1442c4de0b5d8c7f78
Apple Security Advisory 2021-12-15-5
Posted Dec 17, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-12-15-5 - tvOS 15.2 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2021-30916, CVE-2021-30926, CVE-2021-30927, CVE-2021-30934, CVE-2021-30936, CVE-2021-30937, CVE-2021-30939, CVE-2021-30942, CVE-2021-30945, CVE-2021-30947, CVE-2021-30949, CVE-2021-30951, CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30955, CVE-2021-30957, CVE-2021-30958, CVE-2021-30960, CVE-2021-30966, CVE-2021-30968, CVE-2021-30980, CVE-2021-30984, CVE-2021-30993, CVE-2021-30995
MD5 | af22ca647c389e206fa44ce2b35d3308
Apple Security Advisory 2021-12-15-4
Posted Dec 17, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-12-15-4 - Security Update 2021-008 Catalina addresses buffer overflow, bypass, code execution, heap corruption, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2021-30767, CVE-2021-30927, CVE-2021-30929, CVE-2021-30931, CVE-2021-30935, CVE-2021-30937, CVE-2021-30938, CVE-2021-30939, CVE-2021-30940, CVE-2021-30941, CVE-2021-30942, CVE-2021-30945, CVE-2021-30949, CVE-2021-30950, CVE-2021-30958, CVE-2021-30959, CVE-2021-30961, CVE-2021-30963, CVE-2021-30965, CVE-2021-30968, CVE-2021-30969, CVE-2021-30971, CVE-2021-30973, CVE-2021-30975, CVE-2021-30976, CVE-2021-30977
MD5 | 17a333623ca5f21f10e8a090695d94a8
Apple Security Advisory 2021-12-15-3
Posted Dec 17, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-12-15-3 - macOS Big Sur 11.6.2 addresses buffer overflow, bypass, code execution, heap corruption, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2021-30767, CVE-2021-30927, CVE-2021-30929, CVE-2021-30931, CVE-2021-30935, CVE-2021-30937, CVE-2021-30938, CVE-2021-30939, CVE-2021-30940, CVE-2021-30941, CVE-2021-30942, CVE-2021-30945, CVE-2021-30946, CVE-2021-30947, CVE-2021-30949, CVE-2021-30950, CVE-2021-30958, CVE-2021-30959, CVE-2021-30961, CVE-2021-30963, CVE-2021-30965, CVE-2021-30968, CVE-2021-30969, CVE-2021-30970, CVE-2021-30971, CVE-2021-30973
MD5 | e4afda00c1ee8621e8367af8eee361d8
Apple Security Advisory 2021-12-15-2
Posted Dec 17, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-12-15-2 - macOS Monterey 12.1 addresses buffer overflow, bypass, code execution, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2021-30987, CVE-2021-30950, CVE-2021-30960, CVE-2021-30986, CVE-2021-30966, CVE-2021-30926, CVE-2021-30942, CVE-2021-30957, CVE-2021-30958, CVE-2021-30945, CVE-2021-30977, CVE-2021-30939, CVE-2021-30981, CVE-2021-30996, CVE-2021-30982, CVE-2021-30937, CVE-2021-30927, CVE-2021-30980, CVE-2021-30949, CVE-2021-30993, CVE-2021-30955, CVE-2021-30976, CVE-2021-30990, CVE-2021-30971, CVE-2021-30973, CVE-2021-30929
MD5 | 7005b1716635ddff5579534a4c731993
Apple Security Advisory 2021-12-15-1
Posted Dec 17, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-12-15-1 - iOS 15.2 and iPadOS 15.2 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple, ios
advisories | CVE-2021-30987, CVE-2021-30950, CVE-2021-30960, CVE-2021-30986, CVE-2021-30966, CVE-2021-30926, CVE-2021-30942, CVE-2021-30957, CVE-2021-30958, CVE-2021-30945, CVE-2021-30977, CVE-2021-30939, CVE-2021-30981, CVE-2021-30996, CVE-2021-30982, CVE-2021-30937, CVE-2021-30927, CVE-2021-30980, CVE-2021-30949, CVE-2021-30993, CVE-2021-30955, CVE-2021-30976, CVE-2021-30990, CVE-2021-30971, CVE-2021-30973, CVE-2021-30929
MD5 | 246fa48e7e8c7a02b332cfc385214cea
TOR Virtual Network Tunneling Tool 0.4.6.9
Posted Dec 17, 2021
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.

Changes: Tor 0.4.6.2-alpha is the second alpha in its series. It fixes several small bugs in previous releases, and solves other issues that had enabled denial-of-service attacks and affected integration with other tools.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | 6a8bb8f6c6f7c6d80a50de8f9f8be8c4
Android VM_MAYWRITE Access To Shared Zygote JIT Mapping
Posted Dec 17, 2021
Authored by Jann Horn, Google Security Research

This bug report describes a vulnerability in ART that allows normal applications to insert arbitrary code into unused executable memory in zygote and other applications.

tags | exploit, arbitrary
advisories | CVE-2021-0959
MD5 | 8485539d964fd35ecf94557cacb68903
Backdoor.Win32.Mellpon.b Information Disclosure
Posted Dec 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Mellpon.b malware suffers from an information leakage vulnerability.

tags | exploit
systems | windows
MD5 | 9fb1627230f1b16ea76628ed71fca5e9
Backdoor.Win32.BNLite Buffer Overflow
Posted Dec 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.BNLite malware suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
MD5 | 4403592f49298819043548c0dacad82b
Ubuntu Security Notice USN-5192-2
Posted Dec 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5192-2 - USN-5192-1 fixed a vulnerability in Apache Log4j 2. This update provides the corresponding update for Ubuntu 16.04 ESM. Chen Zhaojun discovered that Apache Log4j 2 allows remote attackers to run programs via a special crafted input. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-44228
MD5 | 5df30b04cd149d1c5b52eceef9e3fda9
Ubuntu Security Notice USN-5202-1
Posted Dec 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5202-1 - Varnavas Papaioannou discovered that the FTP client implementation in OpenJDK accepted alternate server IP addresses when connecting with FTP passive mode. An attacker controlling an FTP server that an application connects to could possibly use this to expose sensitive information. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. Markus Loewe discovered that OpenJDK did not properly handle JAR files containing multiple manifest files. An attacker could possibly use this to bypass JAR signature verification. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-2341, CVE-2021-2369, CVE-2021-2388, CVE-2021-35550, CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35564, CVE-2021-35565, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586, CVE-2021-35588, CVE-2021-35603
MD5 | cdc66e132e39c58676f82fd45d1ef4ef
Red Hat Security Advisory 2021-5186-04
Posted Dec 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5186-04 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-4104, CVE-2021-4125
MD5 | ed8f5a5b126dd7bb2052d3ace6b27f54
Red Hat Security Advisory 2021-5183-06
Posted Dec 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5183-06 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-4104, CVE-2021-4125
MD5 | f5e726994f95eb19c8fbe4e45a9ecf3d
Red Hat Security Advisory 2021-5184-04
Posted Dec 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5184-04 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-4104, CVE-2021-4125
MD5 | 1e1b964dc32f2ba9187c5f4ad8121604
Red Hat Security Advisory 2021-5107-06
Posted Dec 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5107-06 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-4104, CVE-2021-43527, CVE-2021-44228, CVE-2021-45046
MD5 | 1a9c460b3666bd013440836e6d08a163
Red Hat Security Advisory 2021-5179-02
Posted Dec 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5179-02 - PostgreSQL is an advanced object-relational database management system. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-23214, CVE-2021-23222, CVE-2021-3677
MD5 | 19f2c0eb51e978d8bc85333c17993480
Red Hat Security Advisory 2021-5176-04
Posted Dec 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5176-04 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-44716, CVE-2021-44717
MD5 | 80b07e4624d5d11a4fc7a5fce249faaa
Red Hat Security Advisory 2021-5195-02
Posted Dec 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5195-02 - Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25719
MD5 | f492c8a415391da01fe6276f5856e382
Page 1 of 2
Back12Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    17 Files
  • 25
    Jan 25th
    34 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close