This tool can be used to exploit vulnerable versions of RichFaces. It has payloads for 4 vulnerabilities that have been identified, which can lead to remote code execution via java deserialization and EL injection.
648af6bc429ca530648d01005b86d127e64fe5a21538da847835939211cb2f63Proof of concept crash exploit for pppd versions 2.4.2 through 2.4.8. It leverages a rhostname buffer overflow in the eap_request and eap_response functions in eap.c.
5f3f031504ced5c6e33a19ffcc5762feb18c6704650c050b6b15df49d8a9357dCitrix Gateway versions 11.1, 12.0, and 12.1 suffer from a caching bypass vulnerability.
e66fad2ae92f73fb782b7c631067c3bb1b0caaccc40cc4f59aeef45ae61b351dCitrix Gateway versions 11.1, 12.0, and 12.1 suffer from a cache poisoning vulnerability.
0015b1f67eb00244860fff58d081b6a94b03615ce41aa999c016ebe81945506bUbuntu Security Notice 4297-1 - It was discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount over the /proc directory and escalate privileges. This issue only affected Ubuntu 18.04 LTS. It was discovered that runC incorrectly performed access control. An attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.
4c43616d9540099069bfffeca945a4397bc0aedf5dea591e4a09aacf95b0ff9bRed Hat Security Advisory 2020-0740-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include buffer overflow, denial of service, information leakage, and null pointer vulnerabilities.
d31db65b3895e8334595c65d443915857d2b5811e3d45127f4da9bace5c812d5Red Hat Security Advisory 2020-0738-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.122. Issues addressed include integer overflow, type confusion, and use-after-free vulnerabilities.
1b79ef26a8a98f009093d18517eb0cceabd3fb77654790a1c7483017f10f84a3Citrix Gateway versions 11.1, 12.0, and 12.1 suffer from an information disclosure vulnerability.
aca831367203c586cf693ab95a5e463eeaa4d60eae5b4d5efe517d8da98e9aa8Whitepaper called Windows User Accounts Penetration Testing. Written in Persian.
aa16d878b2cc7b17095ab46abe67abc176d6d800a370a7328337af07b12dd2f860CycleCMS version 2.5.2 suffers from a remote SQL injection vulnerability.
ab2766e0a27285908476df8b9d5bf2715217ed0f4dc6e17b66028ea376218b22A remote iOS / macOS heap corruption issue exists due to insufficient bounds checking in AWDL.
1e68cf9915d34a1e26c5b0144404e1b0fe8b04f018d7bdc8675b27fbd497f2c1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed