exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 40 RSS Feed

Files Date: 2022-02-09

Ubuntu Security Notice USN-5279-1
Posted Feb 9, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5279-1 - It was discovered that util-linux incorrectly handled unmounting FUSE filesystems. A local attacker could possibly use this issue to unmount FUSE filesystems belonging to other users.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2021-3995
SHA-256 | 22c0e1c4e12a8c19fd2f2ddd21a472eb36bb20def1ef3c528f3099228f5cc589
Red Hat Security Advisory 2022-0496-01
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0496-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.102 and .NET Runtime 6.0.2. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-219862
SHA-256 | 6d749750c756a41c5b8814d2a354e14884a7e568e10d210022e3ffde1118acf2
Red Hat Security Advisory 2022-0495-01
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0495-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.211 and .NET Runtime 5.0.14. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-219862
SHA-256 | 3b8f5b5635b3a873540b35bc2650adb777d0ceb42e93c51554bccb0c23bba313
GNU Privacy Guard 2.2.34
Posted Feb 9, 2022
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.

Changes: Minor release with updates to dirmngr, gpgconf, and common. 4 new options added, a new command, and many bug fixes and improvements.
tags | tool, encryption
SHA-256 | 562a3350dcf66cb67c5825c67ff2c2904db1e30ec8e1d353adc14efba9abf43f
Red Hat Security Advisory 2022-0482-01
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0482-01 - Red Hat Ansible Tower provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Tower makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-4112
SHA-256 | 28459881165934293900b4a0954054c6415064367de18c25933d5847235a8b75
Red Hat Security Advisory 2022-0475-01
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0475-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, code execution, sql injection
systems | linux, redhat
advisories | CVE-2021-4104, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307
SHA-256 | 6fcbe321b9c2c6ffc4458f721ac3d10377d705e783972cecdec78d04ebaaa6e6
Red Hat Security Advisory 2022-0477-01
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0477-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a traversal vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3521, CVE-2022-24348
SHA-256 | c2f6f6959c2687261189ed0f694c49adcf1a1884ed06355be1e0c16913ce6cc8
Ubuntu Security Notice USN-5267-2
Posted Feb 9, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5267-2 - USN-5267-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused the kernel to freeze when accessing CIFS shares in some situations. This update fixes the problem.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-3640, CVE-2021-3752, CVE-2021-42739
SHA-256 | 1fa802d233f94d6e25c95108667119d85ca0d36cae93f6c46bb286febc0cf8da
Grandstream GXV31XX settimezone Unauthenticated Command Execution
Posted Feb 9, 2022
Authored by Brendan Coles, alhazred, Brendan Scarvell | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in Grandstream GXV31XX IP multimedia phones. The settimezone action does not validate input in the timezone parameter allowing injection of arbitrary commands. A buffer overflow in the phonecookie cookie parsing allows authentication to be bypassed by providing an alphanumeric cookie 93 characters in length. This module was tested successfully on Grandstream models: GXV3175v2 hardware revision V2.6A with firmware version 1.0.1.19; and GXV3140 hardware revision V0.4B with firmware version 1.0.1.27.

tags | exploit, overflow, arbitrary
advisories | CVE-2019-10655
SHA-256 | cc41409b8e7ba0962a39d75e4cae7e60ab281dbc2db437a377040c160691840b
Red Hat Security Advisory 2022-0476-01
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0476-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a traversal vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3521, CVE-2021-3712, CVE-2021-3872, CVE-2021-3984, CVE-2021-4019, CVE-2021-4122, CVE-2021-4192, CVE-2021-4193, CVE-2022-24348
SHA-256 | 929378052a3a411f8efbf9599d884f20c434cba232af8d52e55c49760a05849e
Red Hat Security Advisory 2022-0464-02
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0464-02 - Advanced Intrusion Detection Environment is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2021-45417
SHA-256 | 36b9e07030c8bb693d556dcfde4489a6ee4054518bc93ccfaa1b4f60f2c73a8f
Backdoor.Win32.Freddy.2001 MVID-2022-0486 Authentication Bypass / Command Execution
Posted Feb 9, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Freddy.2001 malware suffers from authentication bypass and remote command execution vulnerabilities.

tags | exploit, remote, vulnerability
systems | windows
SHA-256 | ae40a2e3e2be6a88e4c00022156923fe7885829a0b79aa06eb09b0fa94406799
Red Hat Security Advisory 2022-0467-02
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0467-02 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.6.7 serves as a replacement for Red Hat AMQ Streams 1.6.6, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, code execution, sql injection
systems | linux, redhat
advisories | CVE-2021-4178, CVE-2021-44832, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307
SHA-256 | 977e85296e25b25d4e8c2b15301901fd0c28bc8574a26eb0c97b25ac5633509c
Red Hat Security Advisory 2022-0469-02
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0469-02 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 2.0.1 serves as a replacement for Red Hat AMQ Streams 2.0.0, and includes security and bug fixes, and enhancements. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, code execution, sql injection
systems | linux, redhat
advisories | CVE-2021-4178, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307
SHA-256 | 00345154fae98e662ddfde68110d764664c691cf424033174747002f70323749
Backdoor.Win32.Prexot.a MVID-2022-0484 Authentication Bypass
Posted Feb 9, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Prexot.a malware suffers from a bypass vulnerability.

tags | exploit, bypass
systems | windows
SHA-256 | 4e7996c6fc3ada4901b5349e57479b0fff816c333e5af8b32317bcf2e0dafa65
Red Hat Security Advisory 2022-0472-02
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0472-02 - Advanced Intrusion Detection Environment is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2021-45417
SHA-256 | 62ec9be6c512b12130498c06bd9ff6904f9e846e5855db6cdab3f4a7b7de1f8c
Red Hat Security Advisory 2022-0474-01
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0474-01 - Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-4112
SHA-256 | bcc7f1b018296b35c4f80b89cf17117785974b75dd4439176cf6e69dd49e4651
Atom CMS 2.0 SQL Injection
Posted Feb 9, 2022
Authored by Luca Cuzzolin

Atom CMS version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2022-24223
SHA-256 | a71f1889d3e9ff80c812b4f44e1e3ff6b721dd921e6a40b91d96e46200fae3f0
Red Hat Security Advisory 2022-0473-02
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0473-02 - Advanced Intrusion Detection Environment is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2021-45417
SHA-256 | 8a366f80e00a9b38f3a877defddf1e307764c855dbe516f1ce87a6760c2f1806
Backdoor.Win32.Wdoor.11 MVID-2022-0483 Remote Command Execution
Posted Feb 9, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Wdoor.11 malware suffers from an unauthenticated remote command execution vulnerability.

tags | exploit, remote
systems | windows
SHA-256 | c04727ec467a40ce38e56d44a3c0b5ea1f5b596807e5dad6c38d52b052473235
Red Hat Security Advisory 2022-0442-02
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0442-02 - Log4j is a tool to help the programmer output log statements to a variety of output targets. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, code execution, sql injection
systems | linux, redhat
advisories | CVE-2022-23302, CVE-2022-23305, CVE-2022-23307
SHA-256 | 92402314f90d5d9fb9a8cde6c9494de316a59c76772d810debd66dd50e46fab1
Red Hat Security Advisory 2022-0443-06
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0443-06 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25717, CVE-2021-4034
SHA-256 | ca9dc528ded1afdaa7e298cf15f4b25a18218f66e889607fe57a1570d7ab9296
Red Hat Security Advisory 2022-0444-03
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0444-03 - Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services. This erratum releases a new image for Red Hat Single Sign-On 7.4.10 for use within the OpenShift Container Platform 3.10, OpenShift Container Platform 3.11, and within the OpenShift Container Platform 4.3 cloud computing Platform-as-a-Service for on-premise or private cloud deployments, aligning with the standalone product release. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.

tags | advisory, remote, web, vulnerability, code execution, sql injection
systems | linux, redhat
advisories | CVE-2021-3521, CVE-2021-3872, CVE-2021-3984, CVE-2021-4019, CVE-2021-4104, CVE-2021-4122, CVE-2021-4192, CVE-2021-4193, CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307
SHA-256 | 01d61577c054fdc6811e8c973157ed1965b0a35a1a548c43587e56e55dda446a
Backdoor.Win32.Prexot.a MVID-2022-0485 Man-In-The-Middle
Posted Feb 9, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Prexot.a malware suffers from a man-in-the-middle vulnerability.

tags | exploit
systems | windows
SHA-256 | 6c79019885b946e2c6e504b728dc129113dbb1c450534149961a7c177073b762
Red Hat Security Advisory 2022-0446-02
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0446-02 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.10 serves as a replacement for Red Hat Single Sign-On 7.4.9, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.

tags | advisory, remote, web, vulnerability, code execution, sql injection
systems | linux, redhat
advisories | CVE-2021-4104, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307
SHA-256 | 112783847f941c93219f4cc55e0e028a6ccfced5673c00180094cffce178ae04
Page 1 of 2
Back12Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    15 Files
  • 28
    Jun 28th
    14 Files
  • 29
    Jun 29th
    11 Files
  • 30
    Jun 30th
    7 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close