Backdoor.Win32.Agent.afq malware suffers from a heap corruption vulnerability.
f46ad9d6ff8413bc6b571690fc3661a3308a61b6a2b3b6ba4da2b61e6ce40019Backdoor.Win32.Agent.afq malware suffers from a directory traversal vulnerability.
c61586efd542ab899a2ca890fdb49d1bd00571af2de1dcbeacaa29cef23b2fdfWhitepaper called Root Detection Bypass with frida-push and Objection for iOS and Android. Written in Turkish.
45f36c6bf6ed685564a83d35c56a32d92feeddf07e9da89b13871d883ea28671Red Hat Security Advisory 2021-1407-01 - The etcd packages provide a highly available key-value store for shared configuration. Issues addressed include a denial of service vulnerability.
1f4ea13c0675289defaa946720a34c6979da925604bff0a8ee4064cb8b899470Release functionality on GitHub.com allows modification of assets within a release by any project collaborator. This can occur after the release is published, and without notification or audit logging accessible in the UI to either the project owners or the public.
a9d09c7f970e183298b90b8052e3412ba79d05b1448bd2d0c9c5ff3dfc4ead5bApple Security Advisory 2021-04-26-4 - Security Update 2021-003 Mojave addresses buffer overflow, code execution, denial of service, double free, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
085c6075d838947dd67d434b7dca655198a676e3fba244100c6a5b22d8c8e963Backdoor.Win32.Agent.afq malware suffers from a missing authentication vulnerability.
66a256be78a2b1d91b956393409c7f0a32d982b983ecafe35a22a1891897363bApple Security Advisory 2021-04-26-3 - Security Update 2021-002 Catalina addresses buffer overflow, bypass, code execution, denial of service, double free, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
9fb4794f7521059a8704f973e8f3f52c8d67eaf416db339cd80d4855e58d63e0Kirby CMS version 3.5.3.1 suffers from a cross site scripting vulnerability.
6df556d967d4440fd3638967713eded85af7415cf01753ccabeda76f5d9fa161Apple Security Advisory 2021-04-26-2 - macOS Big Sur 11.3 addresses buffer overflow, bypass, code execution, cross site scripting, denial of service, double free, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
680d89257590bf8337b86839a16e2efaa29641b68a2b8ac21e5d767c4ad06b2eApple Security Advisory 2021-04-26-1 - iOS 14.5 and iPadOS 14.5 addresses buffer overflow, bypass, code execution, cross site scripting, denial of service, double free, heap corruption, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
ea8e41d625160a596852b1c9512054d71a68887a75de16865154e861b5d5be06Trojan-Dropper.Win32.Injector.aobl malware suffers from an insecure permissions vulnerability.
800e7ece2ffebba147e3acb7a97f4598aedec2b1c3ab7ca5a0670c4b24acbd71Trojan-Dropper.Win32.Dycler.vrp malware suffers from an insecure permissions vulnerability.
e23ff9eb541ce52b96443c82874a027faf052548df6f0e76014edf8fbc27f927Red Hat Security Advisory 2021-1389-01 - OpenLDAP is an open-source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. Issues addressed include a null pointer vulnerability.
63d7bd955c0c0b5f897fedb062b27d303ea02234b1da57fbadca0405295a212eUbuntu Security Notice 4926-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, trick the user into disclosing confidential information, or execute arbitrary code. Various other issues were also addressed.
f55c2332782fe26e72bd86b4970020318554061cc3558a83e9597678bbf3463cRed Hat Security Advisory 2021-1384-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Issues addressed include a denial of service vulnerability.
b9384c51fa1cd1c88848153f7efda1460bd918ed9f161b7e522e2b0b07d65081Kimai version 1.14 suffers from a CSV injection vulnerability.
afb42232708cf7c479a931df88973a1686f1c2e59c5995bf6636cc24c9b50abfRed Hat Security Advisory 2021-1230-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution and deserialization vulnerabilities.
c7d10448a5d29916548625e02af2286811c91fe3d47e52579e3a45663d570cc4This Metasploit module exploits a pre-auth server-side request forgery (CVE-2021-21975) and post-auth file write (CVE-2021-21983) in VMware vRealize Operations Manager to leak admin creds and write/execute a JSP payload. CVE-2021-21975 affects the /casa/nodes/thumbprints endpoint, and CVE-2021-21983 affects the /casa/private/config/slice/ha/certificate endpoint. Code execution occurs as the "admin" Unix user.
8fb3fd3d2660db09b165a788ebbd4aab98bfde09593d01e190121efb5d69716dRed Hat Security Advisory 2021-1401-01 - This release of Red Hat Fuse 7.8.1 serves as a patch to Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot 2, and includes security fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a bypass vulnerability.
6a37dcbd49aff0b17f539cf95e73580a679208b239007b0e3fe04e49131db793WordPress WPGraphQL plugin version 1.3.5 suffers from a denial of service vulnerability.
fd8100cf3908043374f8ea4c72265eeed0145c4053e6b5d3a90a8ffba4670eddRed Hat Security Advisory 2021-1376-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.
240032e93bcb7b4ed0735232f82e3b09c775facff14f3a3bea7b130dd3b6a555Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests; however, that feature is disabled by default. In Druid versions prior to 0.20.1, an authenticated user can send a specially-crafted request that both enables the JavaScript code-execution feature and executes the supplied code all at once, allowing for code execution on the server with the privileges of the Druid Server process. More critically, authentication is not enabled in Apache Druid by default.
b298c899e38be69b54163c4da54bb4be979f3abb34cca3c04ac527f6a5c92905Red Hat Security Advisory 2021-1377-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and out of bounds read vulnerabilities.
ef5f189198155a80dd82a4c1ff695427a03a5f6126ff823378ccca72f3fa0f42Red Hat Security Advisory 2021-1379-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include buffer overflow, denial of service, out of bounds read, and use-after-free vulnerabilities.
39ae052b6e94164d686c089d8de36b2b2bbf67921f14194ffe304415461aaf6a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed