exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 447 RSS Feed

Files Date: 2021-05-01 to 2021-05-31

Pandora FMS 6.0SP3 Cross Site Scripting
Posted May 27, 2021
Authored by nu11secur1ty

Pandora FMS version 6.0SP3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-0527
SHA-256 | 3b6f367e28fda80ee9013841f4548d6f8dac15f5ef5c2407f7565d83c29588af
QT PNG ICC Processing Out-Of-Bounds Read
Posted May 27, 2021
Authored by Google Security Research, natashenka

The QImage class can read out-of-bounds when reading a specially-crafted PNG file, where a tag byte offset goes out of bounds. This could potentially allow an attacker to determine values in memory based on the QImage pixels, if QT is used to process untrusted images.

tags | exploit
SHA-256 | f89e3b09d6fb627d5b5269e3b5d3b0c770cd2aefc3bbd97c7b659ae459e07be2
Postbird 0.8.4 Cross Site Scripting / Local File Inclusion
Posted May 27, 2021
Authored by Debshubra Chakraborty

Postbird version 0.8.4 suffers from a javascript injection vulnerability that allows for cross site scripting and local file inclusion.

tags | exploit, local, javascript, xss, file inclusion
advisories | CVE-2021-33570
SHA-256 | a50f986fffa593ec901590f6e7af89c7caa33805339e420f6058a47850eb4854
nginx 1.20.0 DNS Resolver Off-By-One Heap Write
Posted May 26, 2021
Authored by Markus Vervier, Eric Sesterhenn, Luis Merino

An off-by-one error in ngx_resolver_copy() while processing DNS responses allows a network attacker to write a dot character ('.', 0x2E) out of bounds in a heap allocated buffer. The vulnerability can be triggered by a DNS response in reply to a DNS request from nginx when the resolver primitive is configured. A specially crafted packet allows overwriting the least significant byte of next heap chunk metadata with 0x2E. A network attacker capable of providing DNS responses to a nginx server can achieve Denial-of-Service and likely remote code execution. Due to the lack of DNS spoofing mitigations in nginx and the fact that the vulnerable function is called before checking the DNS Transaction ID, remote attackers might be able to exploit this vulnerability by flooding the victim server with poisoned DNS responses in a feasible amount of time.

tags | exploit, remote, spoof, code execution
advisories | CVE-2021-23017
SHA-256 | 3dfbbfc75ab8248919c960e6279f4525444e77d8b1532e2dc80da38820b690c4
Unicorn 1.0.3
Posted May 26, 2021
Authored by Nguyen Anh Quynh | Site unicorn-engine.org

Unicorn is a lightweight multi-platform, multi-architecture CPU emulator framework.

Changes: Fixed some building issues. Fixed some issues in the core. Arm BE8 mode now supported. Various other updates.
tags | tool
systems | unix
SHA-256 | 64fba177dec64baf3f11c046fbb70e91483e029793ec6a3e43b028ef14dc0d65
Gentoo Linux Security Advisory 202105-15
Posted May 26, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202105-15 - Multiple vulnerabilities have been found in Prosŏdy IM, the worst of which could result in a Denial of Service condition. Versions less than 0.11.9 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2021-32917, CVE-2021-32918, CVE-2021-32919, CVE-2021-32920, CVE-2021-32921
SHA-256 | f08be14d04709fb2b80d149bb91ae9406334d8659f93c161e700edfa779b129c
Apple Security Advisory 2021-05-25-6
Posted May 26, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-05-25-6 - watchOS 7.5 addresses buffer overflow, code execution, cross site scripting, denial of service, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, xss
systems | apple
advisories | CVE-2021-21779, CVE-2021-30677, CVE-2021-30681, CVE-2021-30682, CVE-2021-30685, CVE-2021-30686, CVE-2021-30687, CVE-2021-30689, CVE-2021-30697, CVE-2021-30700, CVE-2021-30701, CVE-2021-30704, CVE-2021-30705, CVE-2021-30707, CVE-2021-30710, CVE-2021-30715, CVE-2021-30720, CVE-2021-30724, CVE-2021-30727, CVE-2021-30734, CVE-2021-30736, CVE-2021-30737, CVE-2021-30740, CVE-2021-30744, CVE-2021-30749
SHA-256 | bf5980198ddb010accfb5c43551d1ca9d78cd0ef77f89bcf61101d0efc901f78
Apple Security Advisory 2021-05-25-2
Posted May 26, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-05-25-2 - macOS Big Sur 11.4 addresses buffer overflow, bypass, code execution, cross site scripting, denial of service, information leakage, null pointer, out of bounds read, out of bounds write, path sanitization, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, xss
systems | apple
advisories | CVE-2020-36221, CVE-2020-36222, CVE-2020-36223, CVE-2020-36224, CVE-2020-36225, CVE-2020-36226, CVE-2020-36227, CVE-2020-36228, CVE-2020-36229, CVE-2020-36230, CVE-2021-21779, CVE-2021-23841, CVE-2021-30668, CVE-2021-30669, CVE-2021-30671, CVE-2021-30673, CVE-2021-30676, CVE-2021-30677, CVE-2021-30678, CVE-2021-30679, CVE-2021-30680, CVE-2021-30681, CVE-2021-30682, CVE-2021-30683, CVE-2021-30684, CVE-2021-30685
SHA-256 | b7bacb029f8caaf126c79185f04a21c9db5d08fb8a900666c62f076ff293a421
Apple Security Advisory 2021-05-25-7
Posted May 26, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-05-25-7 - tvOS 14.6 addresses buffer overflow, code execution, cross site scripting, denial of service, integer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, xss
systems | apple
advisories | CVE-2021-21779, CVE-2021-30663, CVE-2021-30665, CVE-2021-30677, CVE-2021-30682, CVE-2021-30685, CVE-2021-30686, CVE-2021-30687, CVE-2021-30689, CVE-2021-30697, CVE-2021-30700, CVE-2021-30701, CVE-2021-30704, CVE-2021-30705, CVE-2021-30707, CVE-2021-30710, CVE-2021-30715, CVE-2021-30720, CVE-2021-30724, CVE-2021-30727, CVE-2021-30734, CVE-2021-30736, CVE-2021-30737, CVE-2021-30740, CVE-2021-30744, CVE-2021-30749
SHA-256 | 6b67770482452432db54af4fb639291beaebdb13d5e2b7ae9a7eda93e3bac1cd
Apple Security Advisory 2021-05-25-5
Posted May 26, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-05-25-5 - Safari 14.1.1 addresses code execution, cross site scripting, denial of service, integer overflow, null pointer, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, xss
systems | apple
advisories | CVE-2021-21779, CVE-2021-23841, CVE-2021-30663, CVE-2021-30682, CVE-2021-30689, CVE-2021-30698, CVE-2021-30720, CVE-2021-30734, CVE-2021-30744, CVE-2021-30749
SHA-256 | 3d0b1ff9f9087dd22ccc46998ca1a15f487dcd05f2741f6bb0b94f8700702959
Apple Security Advisory 2021-05-25-1
Posted May 26, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-05-25-1 - iOS 14.6 and iPadOS 14.6 addresses buffer overflow, code execution, cross site scripting, denial of service, information leakage, null pointer, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, xss
systems | apple, ios
advisories | CVE-2021-21779, CVE-2021-23841, CVE-2021-30667, CVE-2021-30674, CVE-2021-30677, CVE-2021-30681, CVE-2021-30682, CVE-2021-30685, CVE-2021-30686, CVE-2021-30687, CVE-2021-30689, CVE-2021-30691, CVE-2021-30692, CVE-2021-30693, CVE-2021-30694, CVE-2021-30695, CVE-2021-30697, CVE-2021-30698, CVE-2021-30699, CVE-2021-30700, CVE-2021-30701, CVE-2021-30704, CVE-2021-30705, CVE-2021-30707, CVE-2021-30708, CVE-2021-30709
SHA-256 | a1a282793028ec06e5f187d3b8d87c8c66f3eec9577f0d3ba5404d89d30ba9e0
Apple Security Advisory 2021-05-25-8
Posted May 26, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-05-25-8 - Boot Camp 6.1.14* addresses a memory corruption vulnerability.

tags | advisory
systems | apple
advisories | CVE-2021-30675
SHA-256 | 2d6182e0fb300bfa3438190b3e0dec62383acb53f48b65342d40f43ab4dc8c77
Apple Security Advisory 2021-05-25-3
Posted May 26, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-05-25-3 - Security Update 2021-004 Mojave addresses bypass, code execution, denial of service, heap corruption, information leakage, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple
advisories | CVE-2020-36221, CVE-2020-36222, CVE-2020-36223, CVE-2020-36224, CVE-2020-36225, CVE-2020-36226, CVE-2020-36227, CVE-2020-36228, CVE-2020-36229, CVE-2020-36230, CVE-2021-1883, CVE-2021-1884, CVE-2021-30669, CVE-2021-30676, CVE-2021-30678, CVE-2021-30679, CVE-2021-30681, CVE-2021-30683, CVE-2021-30687, CVE-2021-30690, CVE-2021-30691, CVE-2021-30692, CVE-2021-30693, CVE-2021-30694, CVE-2021-30695, CVE-2021-30697
SHA-256 | 776008bfbdb46c0bcd65cacb835a4914ca1905855f39711dfc2b2c16dd497aa5
Apple Security Advisory 2021-05-25-4
Posted May 26, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-05-25-4 - Security Update 2021-003 Catalina addresses bypass, code execution, denial of service, heap corruption, information leakage, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple
advisories | CVE-2020-36221, CVE-2020-36222, CVE-2020-36223, CVE-2020-36224, CVE-2020-36225, CVE-2020-36226, CVE-2020-36227, CVE-2020-36228, CVE-2020-36229, CVE-2020-36230, CVE-2021-1883, CVE-2021-1884, CVE-2021-30669, CVE-2021-30671, CVE-2021-30673, CVE-2021-30676, CVE-2021-30678, CVE-2021-30679, CVE-2021-30681, CVE-2021-30683, CVE-2021-30684, CVE-2021-30685, CVE-2021-30687, CVE-2021-30691, CVE-2021-30692, CVE-2021-30693
SHA-256 | 9524a5dad710311e201032f67e048422d6a0e4bebce049e523c4d25baffbb535
Ubuntu Security Notice USN-4967-1
Posted May 26, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4967-1 - Luis Merino, Markus Vervier, and Eric Sesterhenn discovered that nginx incorrectly handled responses to the DNS resolver. A remote attacker could use this issue to cause nginx to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-23017
SHA-256 | 0f814519864a2c1f00e089303aebba070126d095871ca25d8c1a1514b228d000
Gentoo Linux Security Advisory 202105-37
Posted May 26, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202105-37 - A vulnerability in Nextcloud Desktop Client could allow a remote attacker to execute arbitrary commands. Versions less than 3.1.3 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2021-22879
SHA-256 | b152488d796e5fc2713054994c35b5fab00df97783c99fa4f788739f5fb6348b
Gentoo Linux Security Advisory 202105-36
Posted May 26, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202105-36 - Multiple vulnerabilities have been found in cURL, the worst of which could result in the arbitrary execution of code. Versions less than 7.77.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2021-22876, CVE-2021-22890, CVE-2021-22898, CVE-2021-22901
SHA-256 | 27d653e9c404fce8a51dc5b8eb56846b8d6b8bc2c806dad855056460e4cd9d0d
Red Hat Security Advisory 2021-2119-01
Posted May 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2119-01 - An update for tripleo-ansible is now available for Red Hat OpenStack Platform 16.1 (Train). It addresses an issue where the ansible.log file is visible to unprivileged users.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-31918
SHA-256 | 4c1f0f5af2ff1bf54d5a0ecacd6cacae52354736bf520cc6bcbb4403243e1ebe
i-doit 1.15.2 Cross Site Scripting
Posted May 26, 2021
Authored by nu11secur1ty

i-doit version 1.15.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-3151
SHA-256 | 09bd54a79a7ea10a4acbf9651b08d12b5e851f8d241bfd83921b1cd5c24df50a
Red Hat Security Advisory 2021-2116-01
Posted May 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2116-01 - A comprehensive HTTP client library that supports many features left out of other HTTP libraries. Issues addressed include crlf injection and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-11078, CVE-2021-21240
SHA-256 | 7eeaefaee72148562bb4d3175050940306bca66918bb6c30a908a5c2c7253ce6
VMware Security Advisory 2021-0010
Posted May 26, 2021
Authored by VMware | Site vmware.com

VMware Security Advisory 2021-0010 - VMware vCenter Server updates address remote code execution and authentication vulnerabilities.

tags | advisory, remote, vulnerability, code execution
advisories | CVE-2021-21985, CVE-2021-21986
SHA-256 | 9473c522fcfc58e375d2311352f05cc6387a78f24adb7026fa22312412e8647c
Gentoo Linux Security Advisory 202105-35
Posted May 26, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202105-35 - Multiple vulnerabilities have been found in OpenSSH, the worst of which could allow a remote attacker to execute arbitrary code. Versions less than 8.5_p1 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-14145, CVE-2021-28041
SHA-256 | 413dc6d65484348ed8a8bc7d9dc7836eed4d1ab01a507465800675315b632f77
Gentoo Linux Security Advisory 202105-34
Posted May 26, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202105-34 - A vulnerability in Bash may allow users to escalate privileges. Versions less than 5.0_p11-r1 are affected.

tags | advisory, bash
systems | linux, gentoo
advisories | CVE-2019-18276
SHA-256 | d14b7a6c79dcafc423e08f9754342a9daaccb7c5435a66a2f26302075f56dfe8
Gentoo Linux Security Advisory 202105-33
Posted May 26, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202105-33 - Multiple vulnerabilities have been found in containerd, the worst of which could result in privilege escalation. Versions less than 1.4.4 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2020-15257, CVE-2021-21334
SHA-256 | 464048d530e7c8af9bee99459ab4f508fe39be7c1ab8c788da356d06da5b1652
Gentoo Linux Security Advisory 202105-32
Posted May 26, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202105-32 - Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in information disclosure. Versions less than 13.2 are affected.

tags | advisory, vulnerability, info disclosure
systems | linux, gentoo
advisories | CVE-2021-20229, CVE-2021-3393
SHA-256 | cc32b4339b5e18669d87f1bda3ed4c5784dfb313e6f4b605d313817028ddbe72
Page 2 of 18
Back12345Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close