what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2022-04-15

Asterisk Project Security Advisory - AST-2022-003
Posted Apr 15, 2022
Authored by Joshua Colp, Leandro Dardini | Site asterisk.org

Asterisk suffers from a possible remote SQL injection vulnerability. Some databases can use backslashes to escape certain characters, such as backticks. If input is provided to func_odbc which includes backslashes it is possible for func_odbc to construct a broken SQL query and the SQL query to fail. Asterisk Open Source versions 16.x up to but not including 16.25.2, 18.x up to but not including 18.11.2, and 19.x up to but not including 19.3.2 are affected. Certified Asterisk versions 16.x up to but not including 16.8-cert14 are affected.

tags | advisory, remote, sql injection
advisories | CVE-2022-26651
SHA-256 | edf4f6fe7b4776e5bf9d41e581c5c4269feb931cb02ec2fa3c1c40c0cbad95e5
Asterisk Project Security Advisory - AST-2022-002
Posted Apr 15, 2022
Authored by Ben Ford, Clint Ruoho | Site asterisk.org

Asterisk suffers from a server-side request forgery vulnerability. When using STIR/SHAKEN, it is possible to send arbitrary requests like GET to interfaces such as localhost using the Identity header. Asterisk Open Source versions 16.15.0 up to but not including 16.25.2, 18.x up to but not including 18.11.2, and 19.x up to but not including 19.3.2 are affected.

tags | advisory, arbitrary
advisories | CVE-2022-26499
SHA-256 | 7727f89aa5888d067b6bf9ed78cdb7e6304adf0a733433e0687a3678d88eb17b
Asterisk Project Security Advisory - AST-2022-001
Posted Apr 15, 2022
Authored by Ben Ford | Site asterisk.org

When using STIR/SHAKEN in Asterisk, it is possible to download files that are not certificates. These files could be much larger than what you would expect to download. Asterisk Open Source versions 16.15.0 up to but not including 16.25.2, 18.x up to but not including 18.11.2, and 19.x up to but not including 19.3.2 are affected.

tags | advisory
advisories | CVE-2022-26498
SHA-256 | 1fc78214ca3a80d4d46428ca4fdf01c6fc39ae8d4fd32be3d9c901d7bd98b5b1
Siemens A8000 CP-8050/CP-8031 SICAM WEB Missing File Download / Missing Authentication
Posted Apr 15, 2022
Authored by T. Weber, Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

Siemens A8000 CP-8050/CP-8031 SICAM WEB suffers from denial of service and a missing authentication vulnerability that allows for file download.

tags | exploit, web, denial of service
advisories | CVE-2021-45034, CVE-2022-27480
SHA-256 | 7f0a0ec0c017ac5bb71670246359ab27291e0f6543e3a3b66f3b4ecf9cd874dc
Are You Really Muted? A Privacy Analysis Of Mute Buttons In Video Conferencing Apps
Posted Apr 15, 2022
Authored by George K. Thiruvathukal, Yucheng Yang, Kassem Fawaz, Jack West, Neil Klingensmith | Site wiscprivacy.com

Whitepaper called Are You Really Muted?: A Privacy Analysis of Mute Buttons in Video Conferencing Apps.

tags | paper
SHA-256 | 050dc6588d019c0fec02dfa4d049708c93c8ad0e15fb67374316108e1ab679a3
Backdoor.Win32.NetSpy.10 MVID-2022-0551 Remote Command Execution
Posted Apr 15, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.NetSpy.10 malware suffers from a remote command execution vulnerability.

tags | exploit, remote
systems | windows
SHA-256 | d4e19fff45af9d363192a77fcd76bb3ade5c0132e0f6803f99b2b75499a19cba
Backdoor.Win32.NetCat32.10 MVID-2022-0550 Remote Command Execution
Posted Apr 15, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.NetCat32.10 malware suffers from a remote command execution vulnerability.

tags | exploit, remote
systems | windows
SHA-256 | 1697d2e1a9f601d1fbe3aa95f78b980c8adb17c71abb4e3e0d9fb3228841fc60
Backdoor.Win32.NinjaSpy.c MVID-2022-0552 Authentication Bypass
Posted Apr 15, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.NinjaSpy.c malware suffers from an authentication bypass vulnerability.

tags | exploit, bypass
systems | windows
SHA-256 | 041ec29b699be65bde2accb9306accd03701764098f6d10f41ef363be3214f55
Email-Worm.Win32.Pluto.b MVID-2022-0547 Insecure Permissions
Posted Apr 15, 2022
Authored by malvuln | Site malvuln.com

Email-Worm.Win32.Pluto.b malware suffers from an insecure permissions vulnerability.

tags | exploit, worm
systems | windows
SHA-256 | 68f8fa4d70be3d26a2377d8d622f567429f0b38def84b98132d57cb416f47ae6
Backdoor.Win32.Kilo.016 MVID-2022-0546 Denial Of Service
Posted Apr 15, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Kilo.016 malware suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | windows
SHA-256 | 2d02449aaa96b78888ff4a1ac900a5aed9b8ca0b7f5bb092c3e5069b85184d69
HackTool.Win32.IpcScan.c MVID-2022-0549 Buffer Overflow
Posted Apr 15, 2022
Authored by malvuln | Site malvuln.com

HackTool.Win32.IpcScan.c malware suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
SHA-256 | 9f6c8558b2fd54132bcbc7fb7ec9094dc5480dbb618f8e26e8945badd9b41aa7
Backdoor.Win32.Psychward.03.a MVID-2022-0548 Weak Hardcoded Password
Posted Apr 15, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Psychward.03.a malware suffers from a weak hardcoded password vulnerability.

tags | exploit
systems | windows
SHA-256 | 722b26af34669dea510fb5a4714b9de590b14a85c0973262ca29e298b043e591
Backdoor.Win32.Prorat.cwx MVID-2022-0545 Insecure Permissions
Posted Apr 15, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Prorat.cwx malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | 950762fec2e8818d8cb4267e82687de2de7315dad47e47dbe86f1a16bf9c4349
Backdoor.Win32.MotivFTP.12 MVID-2022-0544 Authentication Bypass
Posted Apr 15, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.MotivFTP.12 malware suffers from an authentication bypass vulnerability.

tags | exploit, bypass
systems | windows
SHA-256 | e993e5fd524fee01d252b9209f7259f7ea9e7d86460076371e0808a99131d1ab
Red Hat Security Advisory 2022-1379-01
Posted Apr 15, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1379-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and business optimization for solving planning problems. It automates business decisions and makes that logic available to the entire business. This asynchronous security patch is an update to Red Hat Decision Manager 7. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2022-22965
SHA-256 | 8742dc923803844fc89249f794ccf78fdacb0e77bfa1999ffc83e938c7bdad8a
Red Hat Security Advisory 2022-1378-01
Posted Apr 15, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1378-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This asynchronous security patch is an update to Red Hat Process Automation Manager 7. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2022-22965
SHA-256 | 61c4d0a3c6914696757b1d47c3264a3dcba3bbcd41fbb6a93da20da46400d0b5
Microsoft HTTP Protocol Stack Denial Of Service
Posted Apr 15, 2022
Authored by polakow | Site github.com

Microsoft HTTP protocol stack denial of service exploit that leverages the vulnerability in CVE-2022-21907.

tags | exploit, web, denial of service, protocol
advisories | CVE-2022-21907
SHA-256 | 0035e8f68394e431f30fc5f6c1453975239fafaabddd9ec475fac32868642729
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close