exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2022-04-13

WordPress Elementor 3.6.2 Remote Code Execution
Posted Apr 13, 2022
Authored by Ramuel Gall | Site wordfence.com

WordPress Elementor versions 3.6.0 through 3.6.2 suffer from a remote code execution vulnerability.

tags | advisory, remote, code execution
advisories | CVE-2022-1329
SHA-256 | 6eaed5370d47ef1831e0129aff2a7f1d6e7a9d7ab393c20f0bed1962b0cecff2
Red Hat Security Advisory 2022-1373-01
Posted Apr 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1373-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-0920, CVE-2021-4028, CVE-2021-4083, CVE-2022-22942
SHA-256 | f57c5b22cef3163af1c33c2e82dbe6b00782a303fe5a5f924bc6584e6a35967b
Ubuntu Security Notice USN-5378-4
Posted Apr 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5378-4 - USN-5378-1 fixed a vulnerability in Gzip. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Cleemy Desu Wayo discovered that Gzip incorrectly handled certain filenames. If a user or automated system were tricked into performing zgrep operations with specially crafted filenames, a remote attacker could overwrite arbitrary files.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-1271
SHA-256 | 3d8ed5f8d8d58bef0e066a69f6a4a45a720333c3ec7430f8977c97f31eb7cafc
Ubuntu Security Notice USN-5378-3
Posted Apr 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5378-3 - USN-5378-2 fixed a vulnerability in XZ Utils. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Cleemy Desu Wayo discovered that Gzip incorrectly handled certain filenames. If a user or automated system were tricked into performing zgrep operations with specially crafted filenames, a remote attacker could overwrite arbitrary files.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-1271
SHA-256 | 562b3c6c5e22e5ec8d75a8bae64ee251136ebdc4a763b5bf11fb05d151ee9f97
Red Hat Security Advisory 2022-1361-01
Posted Apr 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1361-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-36221, CVE-2021-43565, CVE-2021-44716, CVE-2021-44717
SHA-256 | 5818a5d64c87796caf994d40794b91e5dd4d080ba38ffb6ca57fd1aee083f9c4
Red Hat Security Advisory 2022-1345-01
Posted Apr 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1345-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 2.1.0 serves as a replacement for Red Hat AMQ Streams 2.0.1, and includes security and bug fixes, and enhancements. Issues addressed include HTTP request smuggling and integer overflow vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2021-3520, CVE-2021-43797
SHA-256 | ad7d0a5ea3bd59034ab1fa1bef28c21800f686847ce75f83e41e3e7a012f895f
Red Hat Security Advisory 2022-1248-01
Posted Apr 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1248-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.48. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2022-25173, CVE-2022-25174, CVE-2022-25175, CVE-2022-25176, CVE-2022-25177, CVE-2022-25178, CVE-2022-25179, CVE-2022-25180, CVE-2022-25181, CVE-2022-25182, CVE-2022-25183, CVE-2022-25184
SHA-256 | 8faa35073c4259895c452a9fd34a62acf47daf1b345d86827aa7d20acbc26a58
Red Hat Security Advisory 2022-1360-01
Posted Apr 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1360-01 - This release of Red Hat Fuse 7.10.2 serves as a replacement for Red Hat Fuse 7.10.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-22965
SHA-256 | 8b802a8601feecd53c3be8f32936359e55d1332e1b8488cb9c96cc10a7ebf943
Red Hat Security Advisory 2022-1354-01
Posted Apr 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1354-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-22876, CVE-2021-22924, CVE-2021-22946, CVE-2021-22947
SHA-256 | ebde07dce286b9dea0985f0dc954ffea909c665c9cd6016197d8bcb497e1f4f9
Spring4Shell Code Execution
Posted Apr 13, 2022
Authored by Mike Pickard | Site github.com

Python exploit for CVE-2022-22965 that provides a prompt to the user in the style of an ssh session. The script is designed to be easy to understand and execute, with both readability and accessibility - depending on the user's choice. Designed for exploiting the vulnerability on tomcat servers. The fileDateFormat field on the server will be set and unset as part of the script which allows the exploit to be run multiple times. Cleanup may be required. It leverages a vulnerability found in the java spring framework before version 5.2, as well as in versions 5.3.0-17 an d 5.2.0-19 and running on a version of the Java Development Kit greater than or equal to 9.

tags | exploit, java, python
advisories | CVE-2022-22965
SHA-256 | e7ba2016200c7a9f35557d8d8cb81a7016d22df9517f54de7239d50738638502
Verizon 4G LTE Network Extender 0.4.038.2131 Weak Credential Algorithm
Posted Apr 13, 2022
Authored by LiquidWorm | Site zeroscience.mk

Verizon's 4G LTE Network Extender is utilizing a weak default admin password generation algorithm. The password is generated using the last 4 values from device's MAC address which is disclosed on the main webUI login page to an unauthenticated attacker. The values are then concatenated with the string LTEFemto resulting in something like LTEFemtoD080 as the default Admin password. Versions GA4.38 through 0.4.038.2131 are affected.

tags | exploit
SHA-256 | 59ce4ad0a80db9115ae14b1ebb563c934a8d4e694bb93586a6f38b338e1ab98d
Ubuntu Security Notice USN-5378-1
Posted Apr 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5378-1 - Cleemy Desu Wayo discovered that Gzip incorrectly handled certain filenames. If a user or automated system were tricked into performing zgrep operations with specially crafted filenames, a remote attacker could overwrite arbitrary files.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-1271
SHA-256 | c06bc23fc0b9e5b321a705c29c11ab72912461f71c79ca116dd9b258c9180a2b
Ubuntu Security Notice USN-5378-2
Posted Apr 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5378-2 - Cleemy Desu Wayo discovered that XZ Utils incorrectly handled certain filenames. If a user or automated system were tricked into performing xzgrep operations with specially crafted filenames, a remote attacker could overwrite arbitrary files.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-1271
SHA-256 | 0946bc9bbce122e9fe240c23d4c5e5ba7a5911e1931089b31138728386bf15b8
Ubuntu Security Notice USN-5371-1
Posted Apr 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5371-1 - It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to disclose sensitive information. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

tags | advisory, web
systems | linux, ubuntu
advisories | CVE-2020-11724, CVE-2020-36309, CVE-2021-3618
SHA-256 | 520503052384dbfca1799e58e512e8af33349b154fa6e72f5d874d504e1ff1b2
Ubuntu Security Notice USN-5377-1
Posted Apr 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5377-1 - It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-28711, CVE-2021-28715, CVE-2021-4135, CVE-2021-43976, CVE-2021-44733, CVE-2021-45095, CVE-2021-45469, CVE-2021-45480, CVE-2022-0435, CVE-2022-0492, CVE-2022-1055, CVE-2022-27666
SHA-256 | 7e8bb3e3236447d1446aec7cdf4a4e028e781bb1a791ee70ba7d1d4a0e3b9b7b
Red Hat Security Advisory 2022-1179-01
Posted Apr 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1179-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.5.10 serves as a replacement for Red Hat support for Spring Boot 2.4.9, and includes bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-20289, CVE-2021-30640, CVE-2021-33037, CVE-2021-3597, CVE-2021-3629, CVE-2021-3642, CVE-2021-3859, CVE-2021-41079, CVE-2021-42340
SHA-256 | 85b8d4f687468f2d182c49d4c89778120f0a1b9edb98b4a99798cd35870ff9fd
Red Hat Security Advisory 2022-1333-01
Posted Apr 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1333-01 - A micro version update is now available for Red Hat Camel K that includes CVE fixes in the base images, which are documented in the Release Notes document linked in the References section.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-22965
SHA-256 | 84e3b3e03146ec3ba0a8f461d400dfce1432660b1bb8dd1e467123d498398499
Ubuntu Security Notice USN-5376-1
Posted Apr 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5376-1 - 俞晨东 discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could possibly use this issue to run arbitrary commands.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-24765
SHA-256 | 3b2b24b2e408dd5b955b1779628e7854a08ca7ba76b3490af417073560f489cd
Ubuntu Security Notice USN-5372-1
Posted Apr 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5372-1 - Evgeny Kotkov discovered that Subversion servers did not properly follow path-based authorization rules in certain cases. An attacker could potentially use this issue to retrieve information about private paths. Thomas Wei

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-28544, CVE-2022-24070
SHA-256 | 08104af0d1f1e2fa5f194fd298e0636966ca88e7c1580c0aaba11dbc4d9cc087
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close