what you don't know can hurt you
Showing 1 - 25 of 369 RSS Feed

Files Date: 2022-01-01 to 2022-01-31

CarolinaCon Online 2 Call For Papers
Posted Jan 28, 2022
Site carolinacon.org

CarolinaCon Online 2 will be hosted April 29th to May 1st, 2022. The conference will be virtual and submitted talks will be live streamed.

tags | paper, conference
SHA-256 | fff7bbd7db49ebd9315d7d680ff911339bafb26146b0e7b53c22f7e97b628388
Fetch Softworks Fetch FTP Client 5.8 Denial Of Service
Posted Jan 28, 2022
Authored by LiquidWorm | Site zeroscience.mk

Fetch Softworks Fetch FTP Client version 5.8 suffers from a remote CPU consumption denial of service vulnerability.

tags | exploit, remote, denial of service
SHA-256 | 39661448198dd708a96b67957a59b551619e612105aace960d22e309d08ca49d
Red Hat Security Advisory 2022-0317-03
Posted Jan 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0317-03 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include deserialization and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365
SHA-256 | cc53e6cf6223ea8632f56d8c3fd92a4c94307152ba39cbbaf50f61949886abf0
Red Hat Security Advisory 2022-0321-03
Posted Jan 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0321-03 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include deserialization and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat, windows
advisories | CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365
SHA-256 | f0fa5d4b126da0021b1a83b558d1dd672619ab456756b85c4f7eb64190c49c6e
Ubuntu Security Notice USN-5064-2
Posted Jan 28, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5064-2 - USN-5064-1 fixed vulnerabilities in GNU cpio. This update provides the corresponding updates for Ubuntu 16.04 ESM. Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled certain pattern files. A remote attacker could use this issue to cause cpio to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-38185
SHA-256 | dca19316cf7eca3e16b0999725db9e6e0898ebb5b48144f1e778715761f44a73
Ubuntu Security Notice USN-5255-1
Posted Jan 28, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5255-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2021-30934, CVE-2021-30953
SHA-256 | 8d9f50ee756368237221df9d2473d2e4bd63249ac9535dc0b637761d5e147186
Red Hat Security Advisory 2022-0304-02
Posted Jan 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0304-02 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365
SHA-256 | 2fbab738d2fbb222ca91c0f107d3231ebc290da71d78f4ed6ceeb6b47d53c8e4
Red Hat Security Advisory 2022-0305-02
Posted Jan 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0305-02 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365
SHA-256 | 5ef830b76363e63cb210ad6430c78b70eb6b48046505b2ad0ce4186e704c1a6c
Red Hat Security Advisory 2022-0306-02
Posted Jan 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0306-02 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365
SHA-256 | e49c5e8561512072041f10e5d1e1969706a6098a8abcbb9592f05d8fbdd31ef5
Red Hat Security Advisory 2022-0308-10
Posted Jan 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0308-10 - The OpenShift Container Storage solution provides persistent storage service for OpenShift Containers and OpenShift Infrastructure services.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3114, CVE-2021-31525
SHA-256 | 4e60816333a7ea941ad58a15ac8a56079a3d3b548e5578d446d25484f27fe847
Red Hat Security Advisory 2022-0312-02
Posted Jan 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0312-02 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365
SHA-256 | 819701f865e2854a8fb9438edcafc576f16d64e054736ef57fad78bdfa07f6c2
Red Hat Security Advisory 2022-0310-04
Posted Jan 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0310-04 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR5.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-35556, CVE-2021-35559, CVE-2021-35564, CVE-2021-35565, CVE-2021-35586, CVE-2021-41035
SHA-256 | 953a8a9fad6f6b144269e37f9415d4642ed74c65588f41c62c37a40c44b8e46f
Red Hat Security Advisory 2022-0318-06
Posted Jan 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0318-06 - An update is now available for Red Hat Openshift distributed tracing 2.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-12762, CVE-2020-13435, CVE-2020-14155, CVE-2020-16135, CVE-2020-24370, CVE-2021-20231, CVE-2021-20232, CVE-2021-20266, CVE-2021-22876, CVE-2021-22898, CVE-2021-22925, CVE-2021-27645, CVE-2021-28153, CVE-2021-29923, CVE-2021-3200, CVE-2021-33560, CVE-2021-33574, CVE-2021-3426, CVE-2021-3445
SHA-256 | 95488ca2caa7c12ad10f5f7f0dc4422f0de507352639644a064fa20f4e8371c8
Red Hat Security Advisory 2022-0307-03
Posted Jan 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0307-03 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365
SHA-256 | 7ba4e2c4165f2f8345a1cbddee11dcf1dc9630434812b1a5d29ed117217aed0a
Ubuntu Security Notice USN-5254-1
Posted Jan 28, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5254-1 - It was discovered that shadow incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or expose sensitive information. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that shadow incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2017-12424, CVE-2018-7169
SHA-256 | 858b88ea3ec43f6082b7cd185a60cc2aa9521c63ecf08ddb13038428d330f54b
Zeek 4.2.0
Posted Jan 27, 2022
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: 1 breaking change, 17 new functionality additions, and 9 modifications.
tags | tool, intrusion detection
systems | unix
SHA-256 | 8d9a028ca9fec7ad4a9e48a763e296052384cf402ea4cd371577bff183c27451
Ubuntu Security Notice USN-5247-1
Posted Jan 27, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5247-1 - It was discovered that vim incorrectly handled parsing of filenames in its search functionality. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. This issue only affected Ubuntu 21.10. It was discovered that vim incorrectly handled memory when opening and searching the contents of certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.10.

tags | advisory, denial of service, code execution
systems | linux, ubuntu
advisories | CVE-2021-3973, CVE-2021-3974, CVE-2021-3984, CVE-2021-4019, CVE-2021-4069
SHA-256 | 0f31c723fcf492f4c599406b080fe0688ba5d8d947f3a76dd2aeb25ec43c83f6
American Fuzzy Lop plus plus 4.00c
Posted Jan 27, 2022
Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Dozens of changesincluding a complete documentation restructuring, changes to unicorn_mode, afl-fuzz, and more.
tags | tool, fuzzer
systems | unix
SHA-256 | f427294ed674e37d34a1b756a2190de17937e046ef21abb3ae37bba018a760f1
Gentoo Linux Security Advisory 202201-01
Posted Jan 27, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202201-1 - A vulnerability in polkit could lead to local root privilege escalation. Versions less than 0.120-r2 are affected.

tags | advisory, local, root
systems | linux, gentoo
advisories | CVE-2021-4034
SHA-256 | d11426713b556943aaabfa3a7507c7905257729200bd39fec54ff2e0f803eb1f
SAP Enterprise Portal XSLT Injection
Posted Jan 27, 2022
Authored by Yvan Genuer | Site onapsis.com

SAP Enterprise Portal with ENGINEAPI versions 7.10, 7.30, 7.31, 7.40, and 7.50 suffers from an XSLT injection vulnerability.

tags | advisory
advisories | CVE-2021-37531
SHA-256 | da6ac9ab738f2080b02cc97608aef6a101c7d751b2f8886505ca291243379d5f
Red Hat Security Advisory 2022-0181-05
Posted Jan 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0181-05 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.54. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2019-14866, CVE-2020-36322, CVE-2021-44832
SHA-256 | 73d36f9fbdaf2a788f122df40acc17a5801dd1fdfc2fd2a62a7fab55f3bdda30
SAP CommonCryptoLib Null Pointer Dereference
Posted Jan 27, 2022
Authored by Yvan Genuer | Site onapsis.com

SAP CommonCryptoLib suffers from a null pointer dereference vulnerability. An unauthenticated attacker without specific knowledge of the system can send a specially crafted packet over a network which will trigger an internal error causing the system to crash and remain unavailable.

tags | advisory
advisories | CVE-2021-38177
SHA-256 | 4e1a256c3f431f4168136d27f62d96f748180dc8bdcac0d78e7fd1c23eb39487
SAP Enterprise Portal Open Redirect
Posted Jan 27, 2022
Authored by Yvan Genuer | Site onapsis.com

SAP Enterprise Portal with EP-RUNTIME component versions 7.30, 7.31, 7.40, and 7.50 suffer from an open redirection vulnerability.

tags | advisory
advisories | CVE-2021-33707
SHA-256 | 31e789c3fc612f938cd56d5fab9f4d359a5679a1c9bc3ae446b98afd67ad0c83
Red Hat Security Advisory 2022-0303-02
Posted Jan 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0303-02 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow
systems | linux, redhat
advisories | CVE-2021-44790
SHA-256 | 102f97515e84e14f93a9cd7b93098bdf0b40749fe342b272ebee131d1de43286
WordPress RegistrationMagic V 5.0.1.5 SQL Injection
Posted Jan 27, 2022
Authored by Ron Jost

WordPress RegistrationMagic V plugin versions 5.0.1.5 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2021-24862
SHA-256 | fc704ca5ead8ef607cb727b84f02e144261f21080490cda78592accedd147834
Page 1 of 15
Back12345Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close