exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files Date: 2022-03-01

Packet Storm New Exploits For February, 2022
Posted Mar 1, 2022
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 159 exploits added to Packet Storm in February, 2022.

tags | exploit
SHA-256 | c5a335ca98f983dd4a352b4d6bcfb1d53435b53de1f0eaa23926a056e7ae3e20
Firefox MCallGetProperty Write Side Effects Use-After-Free
Posted Mar 1, 2022
Authored by timwr, maxpl0it, 360 ESG Vulnerability Research Institute | Site metasploit.com

This Metasploit modules exploits CVE-2020-26950, a use-after-free exploit in Firefox. The MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This exploit uses a somewhat novel technique of spraying ArgumentsData structures in order to construct primitives. The shellcode is forced into executable memory via the JIT compiler, and executed by writing to the JIT region pointer. This exploit does not contain a sandbox escape, so firefox must be run with the MOZ_DISABLE_CONTENT_SANDBOX environment variable set, in order for the shellcode to run successfully. This vulnerability affects Firefox versions prior to 82.0.3, Firefox ESR versions prior to 78.4.1, and Thunderbird versions prior to 78.4.2, however only Firefox versions up to 79 are supported as a target. Additional work may be needed to support other versions such as Firefox 82.0.1.

tags | exploit, shellcode
advisories | CVE-2020-26950
SHA-256 | c5497acbfe1516edccf2f8747d261489391c42dfa92ad82028efc92b075df944
Red Hat Security Advisory 2022-0687-01
Posted Mar 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0687-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-29482, CVE-2021-3521, CVE-2021-41190, CVE-2021-4122
SHA-256 | 2d3f8766f4f08c404e5c5f3eabe6435b0dbdde93b6a4a7e79ad278062cd70ff5
Red Hat Security Advisory 2022-0655-01
Posted Mar 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0655-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.23. Issues addressed include a memory exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-39293
SHA-256 | 3e043d2935f40660cdd00df903b9330458addc092fa78100d8433379125b23a7
Red Hat Security Advisory 2022-0708-01
Posted Mar 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0708-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, denial of service, and spoofing vulnerabilities.

tags | advisory, denial of service, spoof, vulnerability, code execution, ruby
systems | linux, redhat
advisories | CVE-2020-36327, CVE-2021-31799, CVE-2021-31810, CVE-2021-32066, CVE-2021-41817, CVE-2021-41819
SHA-256 | f83547ba4736bf0787d355efe1d9f8bfeb8c4feba15c83208f06fc61783cd7d3
Ubuntu Security Notice USN-5309-1
Posted Mar 1, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5309-1 - It was discovered that virglrenderer incorrectly handled memory. An attacker inside a guest could use this issue to cause virglrenderer to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that virglrenderer incorrectly initialized memory. An attacker inside a guest could possibly use this issue to obtain sensitive host information.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-0135, CVE-2022-0175
SHA-256 | ab9f417bca8301a1ebf7d28154f0b01717304bdddbffd6ad6764daabe360354a
Rufus 3.17.1846 DLL Hijacking
Posted Mar 1, 2022
Authored by James Tsz Ko Yeung

Rufus version 3.17.1846 suffers from a dll hijacking vulnerability for both the executable and portable executable versions.

tags | exploit
systems | windows
SHA-256 | d5c50574ec9e0f5579247719f6faf1cc6bf3536d7b71f8e8de08c12524f9a640
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    15 Files
  • 28
    Jun 28th
    14 Files
  • 29
    Jun 29th
    11 Files
  • 30
    Jun 30th
    7 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close