what you don't know can hurt you
Showing 1 - 25 of 31 RSS Feed

Files Date: 2021-12-17 to 2021-12-18

RootedCON 2022 Call For Papers
Posted Dec 17, 2021
Site cfp.rootedcon.com

Call For Papers for RootedCON 2022, a technology congress that will be held in Madrid, Spain March 10th through the 12th of 2022. The conference has a capacity of 2,500 to 3,000 people.

tags | paper, conference
SHA-256 | 6494ed735b857e402c7c71ec3ad563f3512c3a165f5484d32389022c1d1f3f1d
Ubuntu Security Notice USN-5198-1
Posted Dec 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5198-1 - It was discovered that HTMLDOC improperly handled malformed URIs from an input html file. An attacker could use this to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2021-23180
SHA-256 | d9b5ed1b5fa62ede8dda7d2bd6503ef9d2c7a3023d07428cfd1f99918a8b7a1c
Ubuntu Security Notice USN-5199-1
Posted Dec 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5199-1 - It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex with a quadratic worst-case time complexity. Specially crafted traffic from a malicious HTTP server could cause a regular expression denial of service condition for a client. It was discovered that the Python urllib http client could enter into an infinite loop when incorrectly handling certain server responses. Specially crafted traffic from a malicious HTTP server could cause a denial of service condition for a client. Various other issues were also addressed.

tags | advisory, web, denial of service, python
systems | linux, ubuntu
advisories | CVE-2021-3733, CVE-2021-3737
SHA-256 | e86e38e0b9b633e7b95fa55ad292060af6dfd4ee2f4b514fc7b7010bdd95c697
Ubuntu Security Notice USN-5201-1
Posted Dec 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5201-1 - It was discovered that the Python urllib http client could enter into an infinite loop when incorrectly handling certain server responses. Specially crafted traffic from a malicious HTTP server could cause a denial of service condition for a client.

tags | advisory, web, denial of service, python
systems | linux, ubuntu
advisories | CVE-2021-3737
SHA-256 | 166ac08c6ee9a3867cba31876bc061600a3dc4369f9ead2dc6536bcc4f3783fc
Ubuntu Security Notice USN-5200-1
Posted Dec 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5200-1 - It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex allowing for catastrophic backtracking. Specially crafted traffic from a malicious HTTP server could cause a regular expression denial of service condition for a client. It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex with a quadratic worst-case time complexity. Specially crafted traffic from a malicious HTTP server could cause a regular expression denial of service condition for a client. Various other issues were also addressed.

tags | advisory, web, denial of service, python
systems | linux, ubuntu
advisories | CVE-2020-8492, CVE-2021-3733, CVE-2021-3737
SHA-256 | 729bc78597e4fd0f17e876cb9c891d709d4ad254691f0fa2f4c7241f79beb5f0
Apple Security Advisory 2021-12-15-7
Posted Dec 17, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-12-15-7 - Safari 15.2 addresses buffer overflow, code execution, integer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2021-30934, CVE-2021-30936, CVE-2021-30951, CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984
SHA-256 | dcec9f0b30618e604ca73400b05ece50348b0a958ba1c87cb1fb73a70aab2a1e
Apple Security Advisory 2021-12-15-6
Posted Dec 17, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-12-15-6 - watchOS 8.3 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2021-30767, CVE-2021-30916, CVE-2021-30926, CVE-2021-30927, CVE-2021-30934, CVE-2021-30936, CVE-2021-30937, CVE-2021-30939, CVE-2021-30942, CVE-2021-30945, CVE-2021-30946, CVE-2021-30947, CVE-2021-30949, CVE-2021-30951, CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30955, CVE-2021-30957, CVE-2021-30958, CVE-2021-30960, CVE-2021-30964, CVE-2021-30966, CVE-2021-30968, CVE-2021-30980, CVE-2021-30984
SHA-256 | 16734459ccf5603b55ab6de1c466fe6ca194e99bee9e30add5c137663e2d5460
Apple Security Advisory 2021-12-15-5
Posted Dec 17, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-12-15-5 - tvOS 15.2 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2021-30916, CVE-2021-30926, CVE-2021-30927, CVE-2021-30934, CVE-2021-30936, CVE-2021-30937, CVE-2021-30939, CVE-2021-30942, CVE-2021-30945, CVE-2021-30947, CVE-2021-30949, CVE-2021-30951, CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30955, CVE-2021-30957, CVE-2021-30958, CVE-2021-30960, CVE-2021-30966, CVE-2021-30968, CVE-2021-30980, CVE-2021-30984, CVE-2021-30993, CVE-2021-30995
SHA-256 | a4ce1053635316b535504f3bc2938fc42d21609ab1912530b8e91ad7790ddd37
Apple Security Advisory 2021-12-15-4
Posted Dec 17, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-12-15-4 - Security Update 2021-008 Catalina addresses buffer overflow, bypass, code execution, heap corruption, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2021-30767, CVE-2021-30927, CVE-2021-30929, CVE-2021-30931, CVE-2021-30935, CVE-2021-30937, CVE-2021-30938, CVE-2021-30939, CVE-2021-30940, CVE-2021-30941, CVE-2021-30942, CVE-2021-30945, CVE-2021-30949, CVE-2021-30950, CVE-2021-30958, CVE-2021-30959, CVE-2021-30961, CVE-2021-30963, CVE-2021-30965, CVE-2021-30968, CVE-2021-30969, CVE-2021-30971, CVE-2021-30973, CVE-2021-30975, CVE-2021-30976, CVE-2021-30977
SHA-256 | 8efd8f704f05fb66910dfb72b01bbb18445a18870cd273c4b689bf66a637b13c
Apple Security Advisory 2021-12-15-3
Posted Dec 17, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-12-15-3 - macOS Big Sur 11.6.2 addresses buffer overflow, bypass, code execution, heap corruption, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2021-30767, CVE-2021-30927, CVE-2021-30929, CVE-2021-30931, CVE-2021-30935, CVE-2021-30937, CVE-2021-30938, CVE-2021-30939, CVE-2021-30940, CVE-2021-30941, CVE-2021-30942, CVE-2021-30945, CVE-2021-30946, CVE-2021-30947, CVE-2021-30949, CVE-2021-30950, CVE-2021-30958, CVE-2021-30959, CVE-2021-30961, CVE-2021-30963, CVE-2021-30965, CVE-2021-30968, CVE-2021-30969, CVE-2021-30970, CVE-2021-30971, CVE-2021-30973
SHA-256 | f859ba0f5d35ff7103f9f011448f4006aa131071acc92547bad572fcfa4bcb44
Apple Security Advisory 2021-12-15-2
Posted Dec 17, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-12-15-2 - macOS Monterey 12.1 addresses buffer overflow, bypass, code execution, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2021-30987, CVE-2021-30950, CVE-2021-30960, CVE-2021-30986, CVE-2021-30966, CVE-2021-30926, CVE-2021-30942, CVE-2021-30957, CVE-2021-30958, CVE-2021-30945, CVE-2021-30977, CVE-2021-30939, CVE-2021-30981, CVE-2021-30996, CVE-2021-30982, CVE-2021-30937, CVE-2021-30927, CVE-2021-30980, CVE-2021-30949, CVE-2021-30993, CVE-2021-30955, CVE-2021-30976, CVE-2021-30990, CVE-2021-30971, CVE-2021-30973, CVE-2021-30929
SHA-256 | be830b09dbdba7300e3495f5eda04972aea6c928d35dc126580d10d5aab73c59
Apple Security Advisory 2021-12-15-1
Posted Dec 17, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-12-15-1 - iOS 15.2 and iPadOS 15.2 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple, ios
advisories | CVE-2021-30987, CVE-2021-30950, CVE-2021-30960, CVE-2021-30986, CVE-2021-30966, CVE-2021-30926, CVE-2021-30942, CVE-2021-30957, CVE-2021-30958, CVE-2021-30945, CVE-2021-30977, CVE-2021-30939, CVE-2021-30981, CVE-2021-30996, CVE-2021-30982, CVE-2021-30937, CVE-2021-30927, CVE-2021-30980, CVE-2021-30949, CVE-2021-30993, CVE-2021-30955, CVE-2021-30976, CVE-2021-30990, CVE-2021-30971, CVE-2021-30973, CVE-2021-30929
SHA-256 | 6c38fa3489f9bbd4ca8ebf0319e37798e0be437a126d76e4a131f8a53307d3cc
TOR Virtual Network Tunneling Tool 0.4.6.9
Posted Dec 17, 2021
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.

Changes: Tor 0.4.6.2-alpha is the second alpha in its series. It fixes several small bugs in previous releases, and solves other issues that had enabled denial-of-service attacks and affected integration with other tools.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | c7e93380988ce20b82aa19c06cdb2f10302b72cfebec7c15b5b96bcfc94ca9a9
Android VM_MAYWRITE Access To Shared Zygote JIT Mapping
Posted Dec 17, 2021
Authored by Jann Horn, Google Security Research

This bug report describes a vulnerability in ART that allows normal applications to insert arbitrary code into unused executable memory in zygote and other applications.

tags | exploit, arbitrary
advisories | CVE-2021-0959
SHA-256 | 0b76a7bc1be55f6a0ca439ea53194142e663f42e1e49261458b945a5c953244c
Backdoor.Win32.Mellpon.b MVID-2021-0430 Information Disclosure
Posted Dec 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Mellpon.b malware suffers from an information leakage vulnerability.

tags | exploit
systems | windows
SHA-256 | 761ceb8f508d6adbdde19c1cce59fa938edd0d4afe1594bd485de400ed400385
Backdoor.Win32.BNLite MVID-2021-0429 Buffer Overflow
Posted Dec 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.BNLite malware suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
SHA-256 | 01bbd555cf9dca685c3ed68fd11fa393896d1ba2c6714e8b296fcfdf331a2623
Ubuntu Security Notice USN-5192-2
Posted Dec 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5192-2 - USN-5192-1 fixed a vulnerability in Apache Log4j 2. This update provides the corresponding update for Ubuntu 16.04 ESM. Chen Zhaojun discovered that Apache Log4j 2 allows remote attackers to run programs via a special crafted input. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-44228
SHA-256 | af21e945a7ab434223e99bdb3bbc6b8178d5ddae08d33a0c9378383000666b73
Ubuntu Security Notice USN-5202-1
Posted Dec 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5202-1 - Varnavas Papaioannou discovered that the FTP client implementation in OpenJDK accepted alternate server IP addresses when connecting with FTP passive mode. An attacker controlling an FTP server that an application connects to could possibly use this to expose sensitive information. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. Markus Loewe discovered that OpenJDK did not properly handle JAR files containing multiple manifest files. An attacker could possibly use this to bypass JAR signature verification. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-2341, CVE-2021-2369, CVE-2021-2388, CVE-2021-35550, CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35564, CVE-2021-35565, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586, CVE-2021-35588, CVE-2021-35603
SHA-256 | 8d16582a2ede922c1e80ae93b16d8afa5e31ee481062df75eef99fc73ebfea3a
Red Hat Security Advisory 2021-5186-04
Posted Dec 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5186-04 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-4104, CVE-2021-4125
SHA-256 | 232ebdf5346d180c9063e468e78854f701bf48e0dd42bd730c38d39c71cd5cf2
Red Hat Security Advisory 2021-5183-06
Posted Dec 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5183-06 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-4104, CVE-2021-4125
SHA-256 | c7480f16ec7e93b0d69eecf909261fa89eba0ea837c42ef433edbae109b3c0f5
Red Hat Security Advisory 2021-5184-04
Posted Dec 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5184-04 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-4104, CVE-2021-4125
SHA-256 | 8d0ce6e023848276356152987705f988227aed92317afdb500cf4af0f192ca84
Red Hat Security Advisory 2021-5107-06
Posted Dec 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5107-06 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-4104, CVE-2021-43527, CVE-2021-44228, CVE-2021-45046
SHA-256 | 8e6f91b111dc9af75d98ab70a4b877ecdcb76fcbbc86e88c66e6dd5a73b05cb0
Red Hat Security Advisory 2021-5179-02
Posted Dec 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5179-02 - PostgreSQL is an advanced object-relational database management system. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-23214, CVE-2021-23222, CVE-2021-3677
SHA-256 | fbf7a744d4fc746da253ea8eba425272215a926f6a8f342b19a7c3a34a96baf8
Red Hat Security Advisory 2021-5176-04
Posted Dec 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5176-04 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-44716, CVE-2021-44717
SHA-256 | 88301ad828b949cd98103a1a36718710233ac30d7040dfe93388fb98ad22ece8
Red Hat Security Advisory 2021-5195-02
Posted Dec 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5195-02 - Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25719
SHA-256 | 0ed2408f1eae9e07da202972528fdf0bb11c1542698d7d931dbc2efb9e080a55
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close