This Metasploit module exploits a Java deserialization vulnerability in Apache OFBiz's unauthenticated SOAP endpoint /webtools/control/SOAPService for versions prior to 17.12.06.
1a3d79d4b32857119cfd6ad9c273dd5c7dfc3e857b95b83ad391b6001cc0de14Ubuntu Security Notice 4902-1 - Dennis Brinkrolf discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwrite files in unexpected directories.
2fb40698adaa4bed99b71e8648084646de91e6b714f5ce5948c518eead6b35f9Ubuntu Security Notice 4561-2 - USN-4561-1 fixed vulnerabilities in Rack. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10. It was discovered that Rack incorrectly handled certain paths. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Various other issues were also addressed.
7a09b2211fedd0005794a55c3262fc89a4e1bc0177de9c41d25064945797a054Red Hat Security Advisory 2021-1072-01 - The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. Issues addressed include an out of bounds read vulnerability.
5978dcc37c36dca4400a5b55238b2fd7d5a777dca1dde1a0f2b24fb7c21af616Red Hat Security Advisory 2021-1073-01 - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.
b20395adb87e56c72759aaaee0b90aed0baeb0ccd36031b5b38b98d100913b24Red Hat Security Advisory 2021-1074-01 - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.
62e283b5d03e97d252f352960ede450fb10d5c8ae579653dea350ab9b7f28926Red Hat Security Advisory 2021-1071-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and out of bounds read vulnerabilities.
8cd7f2abb6410c72c804244553fd7e457a52e483fb44cd1b8e4d9906b954d929Red Hat Security Advisory 2021-1069-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and out of bounds read vulnerabilities.
f24b3a0813a44864a55282c3b14103b15be919bd09844fba460cfc79b81b2c07Red Hat Security Advisory 2021-1068-01 - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.
c79f54c2aaf572800a6888dd0c0daef83ef1af5667996579b0dee112621b0a29Red Hat Security Advisory 2021-1070-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and out of bounds read vulnerabilities.
53c1994fc8e0de5ed7ff5f05a19baca2a2dd5c3a8b2178685005e5cc28d942a7Mini Mouse version 9.3.0 suffers from local file inclusion and path traversal vulnerabilities.
a13bbc09d01e34368193013febfccedbf163b863c3649b83bc09aed75d823c8fRed Hat Security Advisory 2021-1064-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.
71385ea5f74cf6583ac9ee4b32bb4995601e42074f0519470746959a84c06267Trojan-Downloader.Win32.FraudLoad.xevn malware suffers from an insecure permissions vulnerability.
6d8400dbc7fe62fa84181cb55b9caa77c23a40fe072f1f67069bc50c0e474b26A malicious authenticated attacker could abuse some particular services exposed by the SAP JAVA Netweaver allowing them to execute commands in the underlying operating system. SAP Netweaver JAVA versions 7.30 through 7.50 are affected.
528ffe64b495ed8926aeff32580991f15cc9c0d5d7f30f4f1b13100db6bf2e7fA malicious unauthenticated user could abuse the lack of authentication check on SAP Solution Manager User-Experience Monitoring web service, allowing them to remotely execute commands in all hosts connected to the targeted SolMan through these SMD Agents. Affected versions include SAP Solution Manager SP004 Patch 0011 and lower, SP005 Patch 0012 and lower, SP006 Patch 0013 and lower, SP007 Patch 0019 and lower, SP008 Patch 0015 and lower, SP009 Patch 0007 and lower, SP010 Patch 0001 and lower, and SP011 Patch 0003 and lower.
94be7ba8ead02fd704ccc6de5168f891e45a52684ab49fb4c32ac5a07ed7b27c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed