exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 466 RSS Feed

Files Date: 2021-01-01 to 2021-01-31

Ubuntu Security Notice USN-4712-1
Posted Jan 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4712-1 - USN-4576-1 fixed a vulnerability in the overlay file system implementation in the Linux kernel. Unfortunately, that fix introduced a regression that could incorrectly deny access to overlay files in some situations. This update fixes the problem.

tags | advisory, kernel
systems | linux, ubuntu
SHA-256 | afcb997ddb97aa90c4b6a96233d63b5a4eea6a2c13091b557d56b3c6162d4f48
Ubuntu Security Notice USN-4713-1
Posted Jan 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4713-1 - It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2020-28374
SHA-256 | e54c2f7945046a1c9e11fb72df83291b0bc436c5cba66d48d017b06395a959a5
Ubuntu Security Notice USN-4711-1
Posted Jan 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4711-1 - It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data. Kiyin discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2020-25704, CVE-2020-28374
SHA-256 | f4ec8d5e13f6ebabd01ab8ec3a0edd91e652d99a1c9951bea7a7b8fc134c23a1
Ubuntu Security Notice USN-4710-1
Posted Jan 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4710-1 - Kiyin discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2020-25704
SHA-256 | 3f9f38ab4060865d88734c05ff9899a702686eaf27a9c57039f4618d29d60dbd
Red Hat Security Advisory 2021-0290-01
Posted Jan 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0290-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.7.0 ESR. Issues addressed include an information leakage vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | bffb5bf750028028f3f455049af796fe361ba8530eac58936ec1c37fdbfbe166
Red Hat Security Advisory 2021-0289-01
Posted Jan 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0289-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.7.0 ESR. Issues addressed include an information leakage vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | e290b7f9ccbdbd6f4a76d6919cce3dc6f9d21bc2d6f313ef53fe016edb22cc8d
Red Hat Security Advisory 2021-0288-01
Posted Jan 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0288-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.7.0 ESR. Issues addressed include an information leakage vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | 7ee63ff4ca1571f12b3ac6936c5ebc8cc834c5d41ced451a3b66a93dedca5160
Gentoo Linux Security Advisory 202101-35
Posted Jan 28, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-35 - Multiple vulnerabilities have been found in phpMyAdmin, allowing remote attackers to conduct XSS. Versions less than 4.9.6:4.9.6 are affected.

tags | advisory, remote, vulnerability
systems | linux, gentoo
advisories | CVE-2020-26934, CVE-2020-26935
SHA-256 | a00d282583eadfe791d654d1c397ac8815321e7719d32ddd9a847d3f7a0b1fe4
Gentoo Linux Security Advisory 202101-34
Posted Jan 28, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-34 - Multiple vulnerabilities have been found in Telegram, the worst of which could result in information disclosure. Versions less than 2.4.4 are affected.

tags | advisory, vulnerability, info disclosure
systems | linux, gentoo
advisories | CVE-2020-17448, CVE-2020-25824
SHA-256 | 7f3a9895e5d0bc9e65b4fe51d3316bd5304769d37c03a345e9c1a4b7ea129388
WordPress SuperForms 4.9 Shell Upload
Posted Jan 28, 2021
Authored by ABDO10

WordPress SuperForms plugin version 4.9 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | d458dde25704ae9a84a9cb8589e1f0919761a65c226dcceea735075c88a51263
jQuery UI 1.12.1 Denial Of Service
Posted Jan 28, 2021
Authored by Rafael Cintra Lopes

jQuery UI version 1.12.1 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2020-28488
SHA-256 | a55ca73bbc5f68717781c8e410b1c0e9e38ac04872d990743803f483068e5332
Ubuntu Security Notice USN-4709-1
Posted Jan 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4709-1 - It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data. Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2018-13093, CVE-2019-19816, CVE-2020-25669, CVE-2020-28374
SHA-256 | fe94a8f5a2d43d1cda30e40ac4225c3ca772961ef30b275ab465ae19ea4d189e
Ubuntu Security Notice USN-4708-1
Posted Jan 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4708-1 - Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. It was discovered that the btrfs file system implementation in the Linux kernel did not properly validate file system metadata in some situations. An attacker could use this to construct a malicious btrfs image that, when mounted, could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2018-13093, CVE-2019-19816, CVE-2020-25669, CVE-2020-27777
SHA-256 | ee3ba6a5f1ef72c2c85d181889c74ab4b335aa9c49a0f1b94413ecb7a848dc09
Red Hat Security Advisory 2021-0285-01
Posted Jan 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0285-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.7.0 ESR. Issues addressed include an information leakage vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | 7b3b2ab866c32b30678789dd948d1aa9e09f1c6c4cfe64efd123306204623d6d
Ubuntu Security Notice USN-4705-2
Posted Jan 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4705-2 - USN-4705-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue to obtain unintended access to the administrator account. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2021-3156
SHA-256 | c49212b15ccc247d4854bbc03d70b7782b5d16c35cb198deb88dd180603d38b6
CMSUno 1.6.2 Remote Code Execution
Posted Jan 28, 2021
Authored by Alexandre Zanni

CMSUno version 1.6.2 authenticated remote code execution exploit. The original discovery for the vulnerability leveraged is attributed to Fatih Celik in November of 2020.

tags | exploit, remote, code execution
advisories | CVE-2020-25538, CVE-2020-25557
SHA-256 | 2477146e721d33c19e7c9e103dfd83b0cfc4343413f007eb0260e88e64259065
EgavilanMedia PHPCRUD 1.0 Cross Site Scripting
Posted Jan 28, 2021
Authored by Mahendra Purbia

EgavilanMedia PHPCRUD version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 698c586a1a7eeb7ff48dbd8ffc3ab17d4a04e04cb2345f871dc7e60b482e6822
Sifter 11.5
Posted Jan 27, 2021
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Install and run-time fixes added.
tags | tool, remote, local, scanner, vulnerability
systems | unix
SHA-256 | a36cd6110a7e972c4b3d78b016825bb5d151b29feba7e2f6a8e74d347e302088
Sudo Heap-Based Buffer Overflow
Posted Jan 27, 2021
Authored by Qualys Security Advisory

Qualys has released extensive research details regarding a heap-based buffer overflow vulnerability in sudo. The issue was introduced in July 2011 (commit 8255ed69), and affects all legacy versions from 1.8.2 to 1.8.31p2 and all stable versions from 1.9.0 to 1.9.5p1, in their default configuration.

tags | exploit, overflow
advisories | CVE-2021-3156
SHA-256 | 49c51fff2702ea3bb7dc155cf79d48dec6f6a7a00b13a95caf7f36a3f59b319f
STVS ProVision 5.9.10 Cross Site Request Forgery
Posted Jan 27, 2021
Authored by LiquidWorm | Site zeroscience.mk

STVS ProVision version 5.9.10 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | bda8da5ba4074ffde06a720da61629ec99f9e38178e55525b86f31b97249e06a
STVS ProVision 5.9.10 Cross Site Scripting
Posted Jan 27, 2021
Authored by LiquidWorm | Site zeroscience.mk

STVS ProVision version 5.9.10 suffers from an authenticated reflective cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0a9cb640eba6a906669801ecbb7614d41554d0eec07360c9f66358b489afe850
STVS ProVision 5.9.10 File Disclosure
Posted Jan 27, 2021
Authored by LiquidWorm | Site zeroscience.mk

STVS ProVision version 5.9.10 suffers from an authenticated file disclosure vulnerability in archive.rb.

tags | exploit
SHA-256 | 01a27757ea3497d36138ec572cd914a1a6377e2a9a85bff332026c247bfe5acc
Revive Adserver 5.1.0 Cross Site Scripting
Posted Jan 27, 2021
Authored by Matteo Beccati

Revive Adserver versions 5.1.0 and below suffer from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2021-22874, CVE-2021-22875
SHA-256 | 190f88d88bd59a6e458fe50325d73d4011e9b7ef2b33f6962a495f46bb142f9a
Constructor.Win32.SpyNet.a MVID-2021-0056 Remote Password Leak
Posted Jan 27, 2021
Authored by malvuln | Site malvuln.com

Constructor.Win32.SpyNet.a malware suffers from a remote password leak vulnerability.

tags | exploit, remote
systems | windows
SHA-256 | a8647fa25ea94a073c36e5b11757ed872161e6834afb1de8fc29cedd5e1ae2cb
Backdoor.Win32.Wollf.14 MVID-2021-0055 Missing Authentication
Posted Jan 27, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Wollf.14 malware has a backdoor on TCP/7614 that does not require any authentication.

tags | exploit, tcp
systems | windows
SHA-256 | 2f11b22f4a81eedb7df75e8958cdd82cecb3055d43ca8789947305c47f9b576a
Page 2 of 19
Back12345Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close