what you don't know can hurt you
Showing 1 - 25 of 31 RSS Feed

Files Date: 2022-01-13

SonicWall SMA 100 Series Authenticated Command Injection
Posted Jan 13, 2022
Authored by jbaines-r7 | Site metasploit.com

This Metasploit module exploits an authenticated command injection vulnerability in the SonicWall SMA 100 series web interface. Exploitation results in command execution as root. The affected versions are 10.2.1.2-24sv and below, 10.2.0.8-37sv and below, and 9.0.0.11-31sv and below.

tags | exploit, web, root
advisories | CVE-2021-20039
SHA-256 | 0ce8774c4d2bc66ac41f71ecbff4807d4b19a6c901b562b9cc8fa6b0d492c6be
Clam AntiVirus Toolkit 0.104.2
Posted Jan 13, 2022
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Fixed invalid pointer read that may cause a crash. Fixed ability to disable the file size limit with libclamav. Increased the maximum line length for ClamAV config files from 512 bytes to 1024 bytes to allow for longer config option strings.
tags | tool, virus
systems | unix
advisories | CVE-2022-20698
SHA-256 | 3e45e46d9aaeb3a6956ed30376237ab7c4cd9573bc0f5d6fc15c588d30978d9d
Chrome IPC::ChannelAssociatedGroupController Memory Corruption
Posted Jan 13, 2022
Authored by Google Security Research, Glazvunov

Chrome suffers from a memory corruption vulnerability in IPC::ChannelAssociatedGroupController due to interface ID reuse.

tags | exploit
advisories | CVE-2021-4098
SHA-256 | 23b2104d82495d408d6c49e60967e71884e4e77854a1cebb576ccad92a937b92
Microsoft Windows EFSRPC Arbitrary File Upload / Privilege Escalation
Posted Jan 13, 2022
Authored by James Forshaw, Google Security Research

The EFSRPC service on Microsoft Windows Server versions 2019 and 2022 does not prevent a caller specifying a local device path allowing any authenticated user to upload arbitrary files to a server.

tags | exploit, arbitrary, local
systems | windows
advisories | CVE-2021-43893
SHA-256 | 69dcaa165fe62179a42fd16409e133c7034c05be0577fdf672a5a01f4c88b8f8
Apple ColorSync Out-Of-Bounds Read
Posted Jan 13, 2022
Authored by Google Security Research, mjurczyk

Apple ColorSync suffers from out-of-bounds read vulnerabilities due to integer overflows in curve table initialization.

tags | exploit, overflow, vulnerability
systems | apple
advisories | CVE-2021-30942
SHA-256 | 55736f35713879a403e9db74f555530baf0f44d465185f687162ed25742170f4
RLM 14.2 Cross Site Scripting
Posted Jan 13, 2022
Authored by Giulia Melotti Garibaldi

RLM version 14.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-45422
SHA-256 | 57ad193d561637ec4a808f6a4b45a152a2b8d6aad877e9acf2e23d71081e4d74
Ubuntu Security Notice USN-5227-1
Posted Jan 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5227-1 - It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to hang, resulting in a denial of service. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. This issue ony affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-23437, CVE-2021-34552, CVE-2022-22815, CVE-2022-22816, CVE-2022-22817
SHA-256 | e153ce77b95ef84831e401c530f510fa66c280803862ddaf1ee1e621fa43d04f
Online Diagnostic Lab Management System 1.0 Missing Access Control
Posted Jan 13, 2022
Authored by Himash

Online Diagnostic Lab Management System version 1.0 suffers from an account takeover vulnerability.

tags | exploit, bypass
SHA-256 | 8fb255fe4f6dca7bdf67bd7c3822520feadb1c87b5a00b1c36aaadc6d2e79817
Ubuntu Security Notice USN-5224-2
Posted Jan 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5224-2 - USN-5224-1 fixed several vulnerabilities in Ghostscript. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-45944
SHA-256 | fbe64140fc736f1c150a2805ede5f67e63c7be8d7633a318ce81207aaddd2183
Ubuntu Security Notice USN-5223-1
Posted Jan 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5223-1 - It was discovered that Apache Log4j 1.2 was vulnerable to deserialization of untrusted data if the configuration file was editable. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-4104
SHA-256 | 7e6ac7124cb81b224f23e6ce58a4e4ec43fbed1ad62e5886a43476ddc00824af
Red Hat Security Advisory 2022-0124-04
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0124-04 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
SHA-256 | 4fc2ee9b8efa90a3da52ee95cc7f2493d45c7daa885d6f1bd9936371b4a5b0ee
Red Hat Security Advisory 2022-0026-06
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0026-06 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.53. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-39241, CVE-2021-40346, CVE-2021-45105
SHA-256 | 451c409b763f0df46d3dc6e67675c9a195202dd0c8116f0345b2af81afa16600
Online Diagnostic Lab Management System 1.0 Cross Site Scripting
Posted Jan 13, 2022
Authored by Himash

Online Diagnostic Lab Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2b9055b3579475960b1bfce7d826d4704f0a8f8285951e40f9b5ba7f6c36dae4
Red Hat Security Advisory 2022-0125-03
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0125-03 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
SHA-256 | 6b071071b16fa74958c8b3d2e7102ec5df8f0061df267ed887ebb5659ba0835d
Red Hat Security Advisory 2022-0123-02
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0123-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
SHA-256 | 0c89cbb3fde1e7b28129b7dcc3e34b0152695765bd9e524885a375f723157de6
Red Hat Security Advisory 2022-0126-03
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0126-03 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
SHA-256 | 4940f67f07cee5589630f8b2f496da5371c0ec09c6e2b3e50326e11fb4e139a3
Online Diagnostic Lab Management System 1.0 SQL Injection
Posted Jan 13, 2022
Authored by Himash

Online Diagnostic Lab Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d534fae8d3ba7995cb8d2c0f931eb5e90e138b44966628271c1ceb32d3ba6f03
Red Hat Security Advisory 2022-0128-02
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0128-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
SHA-256 | a78c666842f57be8fc5e51a0fa95bd7c8a8345ca6808aaae845e341be462980d
Red Hat Security Advisory 2022-0130-03
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0130-03 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
SHA-256 | f5ebaacb12049b0e71eecab713d3741c143562c209cd5ee4307f953a6bbb4f57
Red Hat Security Advisory 2022-0129-02
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0129-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
SHA-256 | 228a556d1428371d8e7edd4a4b2923110fb2c24419b1ba73143c70fec99fb888
Red Hat Security Advisory 2022-0131-02
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0131-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
SHA-256 | 2079ca35343273aef08a5ac0d4e3aee4327dd85613331e7370a517db74996132
Ubuntu Security Notice USN-5226-1
Posted Jan 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5226-1 - It was discovered that systemd-tmpfiles employed uncontrolled recursion when removing deeply nested directory hierarchies. A local attacker could exploit this to cause systemd-tmpfiles to crash or have other unspecified impacts.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2021-3997
SHA-256 | 9ccdd1577468048ddb8b6be07d369ed84b6bc41eb83db2f6ba7a61c4cc93f83e
Ubuntu Security Notice USN-5210-2
Posted Jan 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5210-2 - USN-5210-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused failures to boot in environments with AMD Secure Encrypted Virtualization enabled. This update fixes the problem.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-26541, CVE-2021-20321, CVE-2021-3760, CVE-2021-4002, CVE-2021-41864, CVE-2021-43056, CVE-2021-43389
SHA-256 | e3346a86e14d19f527583fd7bd863d075a726e9e3b106f07da844d9e99c33e20
WordPress Core 5.8.2 SQL Injection
Posted Jan 13, 2022
Authored by Aryan Chehreghani

WordPress Core version 5.8.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2022-21661
SHA-256 | 290da5cda0c4555d189721910ddbcdad3d2627d4297306b55fc39785acd1346a
Red Hat Security Advisory 2022-0132-03
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0132-03 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
SHA-256 | e5608b86f0cfa7df4351cffa352109de8c259e81d0c72d0502ccbd18da613785
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close