what you don't know can hurt you
Showing 1 - 25 of 31 RSS Feed

Files Date: 2022-01-13 to 2022-01-14

SonicWall SMA 100 Series Authenticated Command Injection
Posted Jan 13, 2022
Authored by jbaines-r7 | Site metasploit.com

This Metasploit module exploits an authenticated command injection vulnerability in the SonicWall SMA 100 series web interface. Exploitation results in command execution as root. The affected versions are 10.2.1.2-24sv and below, 10.2.0.8-37sv and below, and 9.0.0.11-31sv and below.

tags | exploit, web, root
advisories | CVE-2021-20039
MD5 | 12474fb80ea967b24a4151a18a7ef951
Clam AntiVirus Toolkit 0.104.2
Posted Jan 13, 2022
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Fixed invalid pointer read that may cause a crash. Fixed ability to disable the file size limit with libclamav. Increased the maximum line length for ClamAV config files from 512 bytes to 1024 bytes to allow for longer config option strings.
tags | tool, virus
systems | unix
advisories | CVE-2022-20698
MD5 | ad099675f2c09c07850e36496b06c552
Chrome IPC::ChannelAssociatedGroupController Memory Corruption
Posted Jan 13, 2022
Authored by Google Security Research, Glazvunov

Chrome suffers from a memory corruption vulnerability in IPC::ChannelAssociatedGroupController due to interface ID reuse.

tags | exploit
advisories | CVE-2021-4098
MD5 | 97649e149f12ef8107db4bccd41ca04b
Microsoft Windows EFSRPC Arbitrary File Upload / Privilege Escalation
Posted Jan 13, 2022
Authored by James Forshaw, Google Security Research

The EFSRPC service on Microsoft Windows Server versions 2019 and 2022 does not prevent a caller specifying a local device path allowing any authenticated user to upload arbitrary files to a server.

tags | exploit, arbitrary, local
systems | windows
advisories | CVE-2021-43893
MD5 | afc6cc4bf0749f217e9277351f3b9e94
Apple ColorSync Out-Of-Bounds Read
Posted Jan 13, 2022
Authored by Google Security Research, mjurczyk

Apple ColorSync suffers from out-of-bounds read vulnerabilities due to integer overflows in curve table initialization.

tags | exploit, overflow, vulnerability
systems | apple
advisories | CVE-2021-30942
MD5 | 84c5799cdeb17422cda00d47aa2a035e
RLM 14.2 Cross Site Scripting
Posted Jan 13, 2022
Authored by Giulia Melotti Garibaldi

RLM version 14.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-45422
MD5 | 309a70598def7788b6f26209c2dc9444
Ubuntu Security Notice USN-5227-1
Posted Jan 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5227-1 - It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to hang, resulting in a denial of service. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. This issue ony affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-23437, CVE-2021-34552, CVE-2022-22815, CVE-2022-22816, CVE-2022-22817
MD5 | db56529bad2281e65e46da129c3b52ef
Online Diagnostic Lab Management System 1.0 Missing Access Control
Posted Jan 13, 2022
Authored by Himash

Online Diagnostic Lab Management System version 1.0 suffers from an account takeover vulnerability.

tags | exploit, bypass
MD5 | 9458dac022d741dda9482f50e51c99f4
Ubuntu Security Notice USN-5224-2
Posted Jan 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5224-2 - USN-5224-1 fixed several vulnerabilities in Ghostscript. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-45944
MD5 | 0dc3a1c8c2777da026a8c095e99aab60
Ubuntu Security Notice USN-5223-1
Posted Jan 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5223-1 - It was discovered that Apache Log4j 1.2 was vulnerable to deserialization of untrusted data if the configuration file was editable. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-4104
MD5 | f72345711bcc937d960495cdee7154e8
Red Hat Security Advisory 2022-0124-04
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0124-04 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
MD5 | f306a1d809a68926cab3562392cf584c
Red Hat Security Advisory 2022-0026-06
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0026-06 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.53. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-39241, CVE-2021-40346, CVE-2021-45105
MD5 | c71130d17f61b10a4a55d3f0429ec64c
Online Diagnostic Lab Management System 1.0 Cross Site Scripting
Posted Jan 13, 2022
Authored by Himash

Online Diagnostic Lab Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 35588b27be6d86e8b5952153487f66da
Red Hat Security Advisory 2022-0125-03
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0125-03 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
MD5 | 84b9dbe68be6dcbf73aa59451c707c7e
Red Hat Security Advisory 2022-0123-02
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0123-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
MD5 | 4ddbace72d81790c89b6501cf327846c
Red Hat Security Advisory 2022-0126-03
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0126-03 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
MD5 | 5e57c062f58fa94be60ab30894ffb704
Online Diagnostic Lab Management System 1.0 SQL Injection
Posted Jan 13, 2022
Authored by Himash

Online Diagnostic Lab Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b2cd86f7b349cb7aa7622a19d7cbe538
Red Hat Security Advisory 2022-0128-02
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0128-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
MD5 | 48fbe61eb044781baf32fccccb79cb50
Red Hat Security Advisory 2022-0130-03
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0130-03 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
MD5 | f9405510b29d517566c715a7a665293e
Red Hat Security Advisory 2022-0129-02
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0129-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
MD5 | 897bb53db9fc7a87679d56c70f4bb5dd
Red Hat Security Advisory 2022-0131-02
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0131-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
MD5 | 3d2f5099b606ced1ad4368db567c2191
Ubuntu Security Notice USN-5226-1
Posted Jan 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5226-1 - It was discovered that systemd-tmpfiles employed uncontrolled recursion when removing deeply nested directory hierarchies. A local attacker could exploit this to cause systemd-tmpfiles to crash or have other unspecified impacts.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2021-3997
MD5 | ea6939afbac7e4ee917b957e567b1097
Ubuntu Security Notice USN-5210-2
Posted Jan 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5210-2 - USN-5210-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused failures to boot in environments with AMD Secure Encrypted Virtualization enabled. This update fixes the problem.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-26541, CVE-2021-20321, CVE-2021-3760, CVE-2021-4002, CVE-2021-41864, CVE-2021-43056, CVE-2021-43389
MD5 | 79ba8ed9a2423fc5386cc1761e7e087f
WordPress Core 5.8.2 SQL Injection
Posted Jan 13, 2022
Authored by Aryan Chehreghani

WordPress Core version 5.8.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2022-21661
MD5 | d7d5f48971d62eb48cd036c99568cc99
Red Hat Security Advisory 2022-0132-03
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0132-03 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
MD5 | 78b90237d07fe6126bebed5e5f885167
Page 1 of 2
Back12Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    17 Files
  • 25
    Jan 25th
    34 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close