exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files Date: 2022-03-23

Red Hat Security Advisory 2022-0866-01
Posted Mar 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0866-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.56. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2022-0811
SHA-256 | 074786ed947c683e2eed700d99aa184d37f3d83bb72f57c693b498dc966fbbae
ImpressCMS 1.4.2 SQL Injection / Remote Code Execution
Posted Mar 23, 2022
Authored by EgiX | Site karmainsecurity.com

ImpressCMS versions 1.4.2 and below pre-authentication SQL injection to remote code execution exploit. User input passed through the "groups" POST parameter to the /include/findusers.php script is not properly sanitized before being passed to the icms_member_Handler::getUserCountByGroupLink() and icms_member_Handler::getUsersByGroupLink() methods. These methods use the first argument to construct a SQL query without proper validation, and this can be exploited by remote attackers to e.g. read sensitive data from the "users" database table through boolean-based SQL Injection attacks. The application uses PDO as a database driver, which allows for stacked SQL queries, as such this vulnerability could be exploited to e.g. create a new admin user and execute arbitrary PHP code.

tags | exploit, remote, arbitrary, php, code execution, sql injection
advisories | CVE-2021-26598, CVE-2021-26599
SHA-256 | 576e64698cc9d7062dccead415b9bdbbe2c02e4ae86258cd980164b5e56355cc
Red Hat Security Advisory 2022-1029-01
Posted Mar 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1029-01 - A micro version update is now available for Red Hat Camel K that includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include cross site scripting, denial of service, information leakage, and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-15522, CVE-2020-27218, CVE-2020-8908, CVE-2021-20293, CVE-2021-21349, CVE-2021-26291, CVE-2021-28168, CVE-2021-28170, CVE-2021-33813, CVE-2021-3690, CVE-2022-24407
SHA-256 | e1a2e4b551ccd5d032fc05c0712cca1e96b04eea7c46e8e7109f20f450bbd890
Ubuntu Security Notice USN-5343-1
Posted Mar 23, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5343-1 - Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. It was discovered that the aufs file system in the Linux kernel did not properly restrict mount namespaces, when mounted with the non-default allow_userns option set. A local attacker could use this to gain administrative privileges.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-2853, CVE-2016-2854, CVE-2018-5995, CVE-2019-19449, CVE-2020-12655, CVE-2020-25670, CVE-2020-25673, CVE-2020-26139, CVE-2020-26147, CVE-2020-26555, CVE-2020-26558, CVE-2020-36322, CVE-2020-36385, CVE-2021-20292, CVE-2021-20317, CVE-2021-23134, CVE-2021-28688, CVE-2021-28972, CVE-2021-29650, CVE-2021-32399, CVE-2021-33033, CVE-2021-33034, CVE-2021-33098, CVE-2021-34693, CVE-2021-3483, CVE-2021-3506, CVE-2021-3564
SHA-256 | f52b839ff13c30e863d5be66f515f639c4bbf6c3ac1911f54911c3a1db6abad1
Red Hat Security Advisory 2022-0870-01
Posted Mar 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0870-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.45. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2022-0811
SHA-256 | 93130424d32563e2c2dd53848108e26a74919f3ac0aa24524a7f992181731abe
Red Hat Security Advisory 2022-0871-01
Posted Mar 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0871-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.8.35. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2022-0811
SHA-256 | 8c60d330e09868f9c004fdf9cdd2e0430e7b49f37602ccff9799dfddfe2fe30c
Red Hat Security Advisory 2022-1012-01
Posted Mar 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1012-01 - Expat is a C library for parsing XML documents. Issues addressed include code execution and integer overflow vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-25235, CVE-2022-25236, CVE-2022-25315
SHA-256 | 57f82e760b9ff26a89294331c00d89dc12766f4bb95dba6543918b518a6f31d8
Ubuntu Security Notice USN-5340-1
Posted Mar 23, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5340-1 - Kyaw Min Thein discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affects Ubuntu 18.04 LTS. Micha Bentkowski discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-9861, CVE-2020-9281, CVE-2021-32808, CVE-2021-32809, CVE-2021-33829, CVE-2021-37695
SHA-256 | 9cd0120842dd043b5e493d3eb8821794d81f1b61c1e795bb4c60d255fb26b0b3
ProtonVPN 1.26.0 Unquoted Service Path
Posted Mar 23, 2022
Authored by gemreda

ProtonVPN version 1.26.0 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | e21848ef4218212fdffd52292dd2336d076c2389731673c907a9fead149a68a1
Drupal Avatar Upload 7.x-1.0-beta8 Cross Site Scripting
Posted Mar 23, 2022
Authored by Milad Karimi

Drupal Avatar Uploader version 7.x-1.0-beta8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b2390b5f84449f7631d49eaf64401f414a42042133354c3f7488cb219f6ce52b
Red Hat Security Advisory 2022-1013-01
Posted Mar 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1013-01 - Red Hat Integration - Camel Extensions for Quarkus 2.2.1 serves as a replacement for 2.2 and includes security fixes. Issues addressed include code execution, denial of service, deserialization, information leakage, and memory leak vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, memory leak
systems | linux, redhat
advisories | CVE-2020-15522, CVE-2020-8908, CVE-2021-22569, CVE-2021-2471, CVE-2021-26291, CVE-2021-28168, CVE-2021-28170, CVE-2021-30129, CVE-2021-37136, CVE-2021-37137, CVE-2021-40690, CVE-2021-41269, CVE-2021-4178, CVE-2021-42392
SHA-256 | d5cfb7d93bd17d4a300c3574ceea4314e4c04e0e4b82484593f5c02a870e2682
WordPress Amministrazione Aperta 3.7.3 Arbitrary File Read
Posted Mar 23, 2022
Authored by Hassan Khan Yusufzai

WordPress Amministrazione Aperta plugin version 3.7.3 suffers from an arbitrary file read vulnerability.

tags | exploit, arbitrary
SHA-256 | 1af5cdbca2fba34e20952246b62d1c6ea3c147e377bb3da4d6af9bc7e3a8b828
Red Hat Security Advisory 2022-1007-01
Posted Mar 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1007-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2021-2154, CVE-2021-2166, CVE-2021-2372, CVE-2021-2389, CVE-2021-35604, CVE-2021-46657, CVE-2021-46662, CVE-2021-46666, CVE-2021-46667
SHA-256 | ce07462a1501c987a2440081205eb708f1ce719bb26e12f1801968793ad136a6
Red Hat Security Advisory 2022-1010-01
Posted Mar 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1010-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2021-2154, CVE-2021-2166, CVE-2021-2372, CVE-2021-2389, CVE-2021-35604, CVE-2021-46657, CVE-2021-46662, CVE-2021-46666, CVE-2021-46667
SHA-256 | e2f0b3d0237280bfe9ca2b4a1b6982996781f17805ce5490fa8e00a1f172e116
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close