Red Hat Security Advisory 2021-2694-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.8 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a cross site scripting vulnerability.
182d8c7206dd938e39e41e290e4cd6a338d031ef0d9174ec5787a46121cef39c
Gentoo Linux Security Advisory 202107-31 - A vulnerability in polkit could lead to local root privilege escalation. Versions less than 0.119 are affected.
a0c2061f382ef67106608fe19136f3b3a8828926ea491fade8034d45af8f6b4b
This Metasploit module exploits Java unsafe reflection and SSRF in the VMware vCenter Server Virtual SAN Health Check plugin's ProxygenController class to execute code as the vsphere-ui user. See the vendor advisory for affected and patched versions. Tested against VMware vCenter Server 6.7 Update 3m (Linux appliance
bdb3128591e803fa1beff81827096bb294a0b4124989ab73f3593b99e35faca8
This Metasploit module leverages a pre-authentication remote code execution vulnerability in the OpenAM identity and access management solution. The vulnerability arises from a Java deserialization flaw in OpenAM's implementation of the Jato framework and can be triggered by a simple one-line GET or POST request to a vulnerable endpoint. Successful exploitation yields code execution on the target system as the service user. This vulnerability also affects the ForgeRock identity platform which is built on top of OpenAM and thus is susceptible to the same issue.
7ab7e165e1eabb4c0774d5b02fa501308e44a10ac91af40c1b4ed6a62fc60ca6
Red Hat Security Advisory 2021-2692-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.8 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a cross site scripting vulnerability.
50ade74599cb1230ee646568de9051265f883647e4d34d15b7eb13f0a3f5248b
Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.
5bbc850a274b933a4e8b0ac7d5bc8b0527c3eddbaee7f8a9389c284f27a6fe14
Red Hat Security Advisory 2021-2693-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.8 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a cross site scripting vulnerability.
cb33e2a011b4eb661fb9b4003f8a03f9d124b688c2850a6591807e59ec8532ed
VirTool.Win32.Afix malware suffers from buffer overflow and code execution vulnerabilities.
9dad98cd006c23a0bb59030a700ae55c9ea6d472fd3acf470174319320d92a52
Red Hat Security Advisory 2021-2696-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.8 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a cross site scripting vulnerability.
7261e658c9514c8017a4dc0c8a17b8993110cc1fbcc5571a4d01993d01611bde
Invoice System version 1.0 suffers from a persistent cross site scripting vulnerability.
37dcc00e015cfbcb00bad2618b0a4096b2cdead048157b4db268dfdc894e6487
Backdoor.Win32.Surila.j malware suffers from a denial of service vulnerability.
b2db80b143b4ee0f73c819e5d7e3a13dfaa2bfd7552f8d75728042b819676203
Red Hat Security Advisory 2021-2689-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.8.2 serves as a replacement for Red Hat AMQ Broker 7.8.1, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service, information leakage, and resource exhaustion vulnerabilities.
797ae866913245376a53ab9b2027c144a57e156f08fb0901e02b9cb20c189fda
Red Hat Security Advisory 2021-2683-01 - XStream is a Java XML serialization library to serialize objects to and deserialize object from XML.
d8ea8ce278e94ab6b02669838c9fe309951257f38518183717b830aa7b4f5ad4
Garbage Collection Management System version 1.0 shell upload exploit that leverages a SQL injection vulnerability.
362cc75fef4a9b5814055f74ae47affd8cf33fdb77b55369eaaead43fbec7bb1
Gentoo Linux Security Advisory 202107-30 - Multiple vulnerabilities have been found in Xen, the worst of which could result in privilege escalation. Versions less than 4.15.0-r1 are affected.
36d5f476b51c23defc6f7d17ba7518ef98181a7154a78a23daa94e2802513ab7
Gentoo Linux Security Advisory 202107-29 - A buffer overflow in ConnMan might allow remote attacker(s) to execute arbitrary code. Versions less than 1.40 are affected.
8fcff86608431d98ad7fc9a103d42f3e7a49758999950a65a0023225172d3b4f
WordPress WPFront Notification Bar plugin version 1.9.1.04012 suffers from a persistent cross site scripting vulnerability.
126c894e7f7c15d9b752ef230951b2336e52a29bd77c4c18cf9ce658c7b05840
VirTool.Win32.Afix malware suffers from buffer overflow and code execution vulnerabilities.
2a97b3a15f0108112f1924c5e453996fd2098a215da172e302c635af319d9b41
OpenEMR version 5.0.1.3 authenticated remote shell upload exploit that leverages a vulnerability discovered in 2018.
c870808a4f9a9a137fcb679a6a3037401a0616eb79f037981dc723adf1f8b701