exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2021-07-26 to 2021-07-27

Red Hat Security Advisory 2021-2881-01
Posted Jul 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2881-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.12.0. Issues addressed include man-in-the-middle, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2021-29969, CVE-2021-29970, CVE-2021-29976, CVE-2021-30547
SHA-256 | 1abad6cd034d4e210003aeea49a7aa96a6531d7d8206e2d3653727e7a693a7e0
Gentoo Linux Security Advisory 202107-55
Posted Jul 26, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-55 - Multiple vulnerabilities have been found in libsdl2, the worst of which could result in a Denial of Service condition. Versions less than 2.0.14-r1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2020-14409, CVE-2020-14410
SHA-256 | ce60cb93d4997d55bae33b037ba8280ed4b981765af10c76c95d32a36c5aad1f
WordPress SP Project And Document Remote Code Execution
Posted Jul 26, 2021
Authored by Ron Jost, Yann Castel | Site metasploit.com

This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress SP Project and Document plugin versions prior to 4.22. The security check only searches for lowercase file extensions such as .php, making it possible to upload .pHP files for instance. Finally, the uploaded payload can be triggered by a call to /wp-content/uploads/sp-client-document-manager/<user_id>/<random_payload_name>.php.

tags | exploit, arbitrary, shell, php, file upload
advisories | CVE-2021-24347
SHA-256 | 7d2c3f217f9d96a1b8933d18886edae37099a342dcf9addd2e24438914311c20
Backdoor.Win32.Nbdd.bgz MVID-2021-0309 Buffer Overflow
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Nbdd.bgz malware suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
SHA-256 | 02a6e6b4e7f1ee2a3ee5d1ff17768628f0fd9a6cf9e2fe485ffa062e136c4971
Backdoor.Win32.Bifrose.acci MVID-2021-0308 Buffer Overflow
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Bifrose.acci malware suffers from a buffer overflow vulnerability that can allow for code execution.

tags | exploit, overflow, code execution
systems | windows
SHA-256 | e7ff7beba1447ac3d608179f7dbf177816f920b58076bfc625d74462128d57c3
WordPress Modern Events Calendar Remote Code Execution
Posted Jul 26, 2021
Authored by Ron Jost, Yann Castel, Nguyen Van Khanh | Site metasploit.com

This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress Modern Events Calendar plugin versions prior to 5.16.5. This is due to an incorrect check of the uploaded file extension. Indeed, by using text/csv content-type in a request, it is possible to upload a .php payload as is is not forbidden by the plugin. Finally, the uploaded payload can be triggered by a call to /wp-content/uploads/<random_payload_name>.php.

tags | exploit, arbitrary, shell, php, file upload
advisories | CVE-2021-24145
SHA-256 | 69c7df31917c6908273c697f81d8629ab2b33991a9590623c7646f14dbb26004
Kernel Live Patch Security Notice LSN-0079-1
Posted Jul 26, 2021
Authored by Benjamin M. Romer

It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code. It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2021-33909, CVE-2021-3600
SHA-256 | 85ecff3443cabbbdfd95e276021ce53f9ded3558dc511597031bf1014cb24140
Gentoo Linux Security Advisory 202107-54
Posted Jul 26, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-54 - Multiple vulnerabilities have been found in libyang, the worst of which could result in a Denial of Service condition. Versions less than 1.0.236 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2021-28902, CVE-2021-28903, CVE-2021-28904, CVE-2021-28905, CVE-2021-28906
SHA-256 | 981ee2a45cdbec8d46e060b9a1d8a582b616f5daa93004cafe4da957e87f6d3c
Backdoor.Win32.PsyRat.b MVID-2021-0306 Code Execution
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.PsyRat.b malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
SHA-256 | b94f188d5b72816ba6c6a88047e9b234a8b6e2bf4982245db628b2ec3e188457
NoteBurner 2.35 Denial Of Service
Posted Jul 26, 2021
Authored by Achilles

NoteBurner version 2.35 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | ce941ba2e26208ce754836f68111a875aae6bea508e8f79dbf7827a148fcd779
Backdoor.Win32.PsyRat.b MVID-2021-0307 Denial Of Service
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.PsyRat.b malware suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | windows
SHA-256 | 18baa74565e7118914ef0b230542a315d6f466336949d00462737f4c0ecb232f
Backdoor.Win32.Agent.cu MVID-2021-0305 Code Execution
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.cu malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
SHA-256 | cb6498c6bec099d2379ea17d52876ebbf81804d7c7486de499a91e24bd47624d
Backdoor.Win32.Agent.cu MVID-2021-0304 Man-In-The-Middle
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.cu malware suffers from a man-in-the-middle vulnerability.

tags | exploit
systems | windows
SHA-256 | bfc8d46b65dccc55f4aa9b62ef7da9aa24b50f4baaf5e68e09810c2405eccc91
Red Hat Security Advisory 2021-2883-01
Posted Jul 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2883-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.12.0. Issues addressed include man-in-the-middle, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2021-29969, CVE-2021-29970, CVE-2021-29976, CVE-2021-30547
SHA-256 | e096683e76898d1eaea35357ab1b988bbe72aec2f57378f059c90f0a0adb2d64
XOS Shop 1.0.9 Arbitrary File Deletion
Posted Jul 26, 2021
Authored by faisalfs10x

XOS Shop version 1.0.9 suffers from an authenticated arbitrary file deletion vulnerability.

tags | exploit, arbitrary
SHA-256 | 6f8b017fcb905dadb6bf19edef6c377d8386f4f1960c35cbb20f753ea24da872
Red Hat Security Advisory 2021-2882-01
Posted Jul 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2882-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.12.0. Issues addressed include man-in-the-middle, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2021-29969, CVE-2021-29970, CVE-2021-29976, CVE-2021-30547
SHA-256 | 979c833879e17cecfaecb4a319ffb009ce3014d0ffab398c546dc8b76c33b894
Backdoor.Win32.Agent.cu MVID-2021-0303 Authentication Bypass
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.cu malware suffers from an authentication bypass vulnerability that can lead to code execution.

tags | exploit, code execution, bypass
systems | windows
SHA-256 | 61eda62bb4a6f9929d043aba15017859198331f85695deaccf5ad4b3d7eab803
Leawo Prof. Media 11.0.0.1 Denial Of Service
Posted Jul 26, 2021
Authored by Achilles

Leawo Prof. Media version 11.0.0.1 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | dc71b0a59f379ba636465daebc7ef5fee1d75cfae636e3685417324cc2100f4a
Backdoor.Win32.Mazben.me MVID-2021-0302 Unauthenticated Open Proxy
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Mazben.me malware suffers from an unauthenticated open proxy vulnerability.

tags | exploit
systems | windows
SHA-256 | 54674dcd5128860dc74e2d01a51168f50378f33b7acdb33a6c2da63880a20352
Backdoor.Win32.Hupigon.aaur MVID-2021-0301 Unauthenticated Open Proxy
Posted Jul 26, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.aaur malware suffers from an unauthenticated open proxy vulnerability.

tags | exploit
systems | windows
SHA-256 | 2917f1529a64d063f4a36d2b4856b25b9f6f04e88aa83362d67dd0ff25e6efe1
Elasticsearch ECE 7.13.3 Database Disclosure
Posted Jul 26, 2021
Authored by Joan Martinez

Elasticsearch ECE version 7.13.3 anonymous database dumping exploit.

tags | exploit, info disclosure
advisories | CVE-2021-22146
SHA-256 | fca9927fbaec3c0c7e66a7316f382e0c4a0a308b7deb63b9e0b0e30c13e6579d
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close