Backdoor.Win32.Agent.afq malware suffers from a heap corruption vulnerability.
f46ad9d6ff8413bc6b571690fc3661a3308a61b6a2b3b6ba4da2b61e6ce40019
Backdoor.Win32.Agent.afq malware suffers from a directory traversal vulnerability.
c61586efd542ab899a2ca890fdb49d1bd00571af2de1dcbeacaa29cef23b2fdf
Whitepaper called Root Detection Bypass with frida-push and Objection for iOS and Android. Written in Turkish.
45f36c6bf6ed685564a83d35c56a32d92feeddf07e9da89b13871d883ea28671
Red Hat Security Advisory 2021-1407-01 - The etcd packages provide a highly available key-value store for shared configuration. Issues addressed include a denial of service vulnerability.
1f4ea13c0675289defaa946720a34c6979da925604bff0a8ee4064cb8b899470
Release functionality on GitHub.com allows modification of assets within a release by any project collaborator. This can occur after the release is published, and without notification or audit logging accessible in the UI to either the project owners or the public.
a9d09c7f970e183298b90b8052e3412ba79d05b1448bd2d0c9c5ff3dfc4ead5b
Apple Security Advisory 2021-04-26-4 - Security Update 2021-003 Mojave addresses buffer overflow, code execution, denial of service, double free, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
085c6075d838947dd67d434b7dca655198a676e3fba244100c6a5b22d8c8e963
Backdoor.Win32.Agent.afq malware suffers from a missing authentication vulnerability.
66a256be78a2b1d91b956393409c7f0a32d982b983ecafe35a22a1891897363b
Apple Security Advisory 2021-04-26-3 - Security Update 2021-002 Catalina addresses buffer overflow, bypass, code execution, denial of service, double free, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
9fb4794f7521059a8704f973e8f3f52c8d67eaf416db339cd80d4855e58d63e0
Kirby CMS version 3.5.3.1 suffers from a cross site scripting vulnerability.
6df556d967d4440fd3638967713eded85af7415cf01753ccabeda76f5d9fa161
Apple Security Advisory 2021-04-26-2 - macOS Big Sur 11.3 addresses buffer overflow, bypass, code execution, cross site scripting, denial of service, double free, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
680d89257590bf8337b86839a16e2efaa29641b68a2b8ac21e5d767c4ad06b2e
Apple Security Advisory 2021-04-26-1 - iOS 14.5 and iPadOS 14.5 addresses buffer overflow, bypass, code execution, cross site scripting, denial of service, double free, heap corruption, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
ea8e41d625160a596852b1c9512054d71a68887a75de16865154e861b5d5be06
Trojan-Dropper.Win32.Injector.aobl malware suffers from an insecure permissions vulnerability.
800e7ece2ffebba147e3acb7a97f4598aedec2b1c3ab7ca5a0670c4b24acbd71
Trojan-Dropper.Win32.Dycler.vrp malware suffers from an insecure permissions vulnerability.
e23ff9eb541ce52b96443c82874a027faf052548df6f0e76014edf8fbc27f927
Red Hat Security Advisory 2021-1389-01 - OpenLDAP is an open-source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. Issues addressed include a null pointer vulnerability.
63d7bd955c0c0b5f897fedb062b27d303ea02234b1da57fbadca0405295a212e
Ubuntu Security Notice 4926-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, trick the user into disclosing confidential information, or execute arbitrary code. Various other issues were also addressed.
f55c2332782fe26e72bd86b4970020318554061cc3558a83e9597678bbf3463c
Red Hat Security Advisory 2021-1384-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Issues addressed include a denial of service vulnerability.
b9384c51fa1cd1c88848153f7efda1460bd918ed9f161b7e522e2b0b07d65081
Kimai version 1.14 suffers from a CSV injection vulnerability.
afb42232708cf7c479a931df88973a1686f1c2e59c5995bf6636cc24c9b50abf
Red Hat Security Advisory 2021-1230-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution and deserialization vulnerabilities.
c7d10448a5d29916548625e02af2286811c91fe3d47e52579e3a45663d570cc4
This Metasploit module exploits a pre-auth server-side request forgery (CVE-2021-21975) and post-auth file write (CVE-2021-21983) in VMware vRealize Operations Manager to leak admin creds and write/execute a JSP payload. CVE-2021-21975 affects the /casa/nodes/thumbprints endpoint, and CVE-2021-21983 affects the /casa/private/config/slice/ha/certificate endpoint. Code execution occurs as the "admin" Unix user.
8fb3fd3d2660db09b165a788ebbd4aab98bfde09593d01e190121efb5d69716d
Red Hat Security Advisory 2021-1401-01 - This release of Red Hat Fuse 7.8.1 serves as a patch to Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot 2, and includes security fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a bypass vulnerability.
6a37dcbd49aff0b17f539cf95e73580a679208b239007b0e3fe04e49131db793
WordPress WPGraphQL plugin version 1.3.5 suffers from a denial of service vulnerability.
fd8100cf3908043374f8ea4c72265eeed0145c4053e6b5d3a90a8ffba4670edd
Red Hat Security Advisory 2021-1376-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.
240032e93bcb7b4ed0735232f82e3b09c775facff14f3a3bea7b130dd3b6a555
Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests; however, that feature is disabled by default. In Druid versions prior to 0.20.1, an authenticated user can send a specially-crafted request that both enables the JavaScript code-execution feature and executes the supplied code all at once, allowing for code execution on the server with the privileges of the Druid Server process. More critically, authentication is not enabled in Apache Druid by default.
b298c899e38be69b54163c4da54bb4be979f3abb34cca3c04ac527f6a5c92905
Red Hat Security Advisory 2021-1377-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and out of bounds read vulnerabilities.
ef5f189198155a80dd82a4c1ff695427a03a5f6126ff823378ccca72f3fa0f42
Red Hat Security Advisory 2021-1379-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include buffer overflow, denial of service, out of bounds read, and use-after-free vulnerabilities.
39ae052b6e94164d686c089d8de36b2b2bbf67921f14194ffe304415461aaf6a