what you don't know can hurt you
Showing 76 - 100 of 369 RSS Feed

Files Date: 2022-01-01 to 2022-01-31

Backdoor.Win32.DRA.c MVID-2022-0470 Weak Hardcoded Password
Posted Jan 25, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.DRA.c malware suffers from a weak hardcoded password vulnerability.

tags | exploit
systems | windows
SHA-256 | 8ac6e0f0491c3315cd717405fe701d71e9974b71a446611339cceb86e28e943d
27th ESORICS Call For Papers
Posted Jan 25, 2022
Site esorics2022.compute.dtu.dk

The 27th European Symposium on Research in Computer Security (ESORICS) 2022 call for papers has been announced. It will take place September 26th through the 30th, 2022, in Copenhagen, Denmark.

tags | paper, conference
SHA-256 | d6d561f5decef2aeebfa90197d0283329d02bb79413abb4a528024c02cec78af
Ubuntu Security Notice USN-5250-1
Posted Jan 25, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5250-1 - Zhuowei Zhang discovered that stringSwan incorrectly handled EAP authentication. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly bypass client and server authentication.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-45079
SHA-256 | 71f8b5b0f86bc72d7ae02ec7dbfb0ae317f210f58114b49aedd4361de253aebc
Ametys CMS 4.4.1 Cross Site Scripting
Posted Jan 25, 2022
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

Ametys CMS version 4.4.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 53cfbeebda25093c06c4fc2ed43478b187a9bc4974a56a47c14c2c76d9ad3731
Red Hat Security Advisory 2022-0228-02
Posted Jan 25, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0228-02 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include deserialization and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-21248, CVE-2022-21277, CVE-2022-21282, CVE-2022-21283, CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365, CVE-2022-21366
SHA-256 | dc2544ca79442c3f603f97989f56e68867e4255518b7b315692456349d0c241f
Alps Alpine Touchpad Driver DLL Injection
Posted Jan 25, 2022
Authored by Jason Cao

Alps Alpine Touchpad driver suffers from a dll injection vulnerability.

tags | advisory
advisories | CVE-2021-27971
SHA-256 | 8a5bbdb36c3ba3e4aa67e43c3f7bfe849e35aa3ef02f9a3085254e9bd2a6a77e
Backdoor.Win32.FTP.Lana.01.d MVID-2022-0469 Man-In-The-Middle
Posted Jan 25, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.FTP.Lana.01.d malware suffers from a man-in-the-middle vulnerability.

tags | exploit
systems | windows
SHA-256 | f307eaf87c20e28d8c6500b13506ded27f63a1d83ad0d0e9500a657db816ef48
Online Project Time Management System 1.0 SQL Injection
Posted Jan 25, 2022
Authored by Felipe Alcantara

Online Project Time Management System version 1.0 suffers from an authenticated remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ade515d0c4929c276a3ee1ea165987af8722b6650bbb422e432a423f1f89d1b7
Red Hat Security Advisory 2022-0165-03
Posted Jan 25, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0165-03 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include deserialization and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-21248, CVE-2022-21277, CVE-2022-21282, CVE-2022-21283, CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365, CVE-2022-21366
SHA-256 | 8349f1c28d93710623fdf691c01ffcbea5a8e3831731762ee57a8f116996d58b
Backdoor.Win32.FTP.Lana.01.d MVID-2022-0468 Weak Hardcoded Password
Posted Jan 25, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.FTP.Lana.01.d malware suffers from having a weak hardcoded password.

tags | exploit
systems | windows
SHA-256 | da53a87f6fb918f775f7ca04cab85afb0f8d0d1d3c7f2263a2aca53f629e8ce8
Backdoor.Win32.Hanuman.b MVID-2022-0467 Code Execution
Posted Jan 25, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hanuman.b malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
SHA-256 | ff345597cbe04f8efb611d4df1a9c1a4c94d4c56339b34cb48bddeb8683bdfb4
WebACMS 2.1.0 Cross Site Scripting
Posted Jan 25, 2022
Authored by Patrick Hener, Siva Rajendran

WebACMS version 2.1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-44829
SHA-256 | 6e22d1940828e4c457520ea425676dbc1e4ff812d2bc11a71638f4a102722c6f
PHPIPAM 1.4.4 SQL Injection
Posted Jan 25, 2022
Authored by Rodolfo Tavares

PHPIPAM version 1.4.4 suffers from an authenticated remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2022-23046
SHA-256 | 52735c203f763f807bb821587b48986c8565cba03c4abbab39523388cea432b8
Red Hat Security Advisory 2022-0237-03
Posted Jan 25, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0237-03 - An update for etcd is now available for Red Hat OpenStack Platform 16.2 (Train).

tags | advisory
systems | linux, redhat
advisories | CVE-2021-29923, CVE-2021-34558, CVE-2021-44716
SHA-256 | 5586c4ef1ab06ce7e64b757c74cfe41f017a1237142a7838a1e9449459a01fa7
Backdoor.Win32.FTP99 MVID-2022-0466 Man-In-The-Middle
Posted Jan 25, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.FTP99 malware suffers from a man-in-the-middle vulnerability.

tags | exploit
systems | windows
SHA-256 | 55e883058d32a694d0aee3d73e729b8cca9645cde63e2c4267e18d797892fcac
Backdoor.Win32.FTP99 MVID-2022-0465 Authentication Bypass
Posted Jan 25, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.FTP99 malware suffers from an authentication bypass vulnerability.

tags | exploit, bypass
systems | windows
SHA-256 | 29252c30f67af74a44cb6e42f39b19f589a988a9f20ee03bdd024077917bd2cf
Backdoor.Win32.Agent.uq MVID-2022-0464 Insecure Permissions
Posted Jan 25, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.uq malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | c7b8ee3c06630c2fc636502fdf9e2749bb63f74bb86cf6d24f1ceb25e8b9ebaa
Online Project Time Management System 1.0 Cross Site Scripting
Posted Jan 25, 2022
Authored by Felipe Alcantara

Online Project Time Management System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | c75f16cadf088c31d9c8ffa04cb3ffaac83ff2ab35fbf1914660086b90756a72
Red Hat Security Advisory 2022-0239-02
Posted Jan 25, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0239-02 - Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2022-23094
SHA-256 | d81868a5e2e71fa5b6b2567857ad51ea634e921cda98438f96161984eb39b2c8
H2 Database Console Remote Code Execution
Posted Jan 25, 2022
Authored by Ismail Aydemir

The H2 Database console suffers from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2022-23221
SHA-256 | 38d38233251c02d8224ce0fbd8f51482a2b18567e7637d7663f989d06c488631
TYPO3 femanager 6.3.0 Cross Site Scripting
Posted Jan 25, 2022
Authored by Lukas Eder | Site sec-consult.com

TYPO3 femanager extension versions 6.0.0 through 6.0.3 and 5.5.0 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-36787
SHA-256 | 7eb7ca4dba4d4b114124d2c465fdc4c7a42cb7930e3df3d3662fa51a53b359ac
Lynis Auditing Tool 3.0.7
Posted Jan 24, 2022
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Added OS detection for RHEL 6 and Funtoo Linux and added service manager openrc. Added alias for MariaDB. Added Trend Micro malware agent. Allowed unknown number of spaces in modprobe blacklists. Support added for newer Ubuntu versions. Support added for Garuda Linux and arch-audit. Several improvements for busybox shell. Russian translation of Lynis extended. Various other updates.
tags | tool, scanner
systems | unix
SHA-256 | 52891674347a463ce0fbbf1225cdb61f83c5db412d1c101cb48aa5f88a29e77d
UniFi Network Application Unauthenticated Log4Shell Remote Code Execution
Posted Jan 24, 2022
Authored by Spencer McIntyre, RageLtMan, Nicholas Anastasi | Site metasploit.com

The Ubiquiti UniFi Network Application versions 5.13.29 through 6.5.53 are affected by the Log4Shell vulnerability whereby a JNDI string can be sent to the server via the remember field of a POST request to the /api/login endpoint that will cause the server to connect to the attacker and deserialize a malicious Java object. This results in OS command execution in the context of the server application. This Metasploit module will start an LDAP server that the target will need to connect to.

tags | exploit, java
advisories | CVE-2021-44228
SHA-256 | 371aff703a1c6ed83abe19b12644a1663d1052646d88c385fcca8a64bc63db21
Logwatch 7.6
Posted Jan 24, 2022
Site sourceforge.net

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | 689f3c68b99ef7af7d3c7007c3ff0a55d5674bdbf9c01f69a9f187726d6d4baf
Botan C++ Crypto Algorithms Library 2.19.1
Posted Jan 24, 2022
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Changes: Fixed a compilation problem affecting macOS XCode. Fixed a build problem preventing amalgamation builds in 2.19.0.
tags | library
SHA-256 | e26e00cfefda64082afdd540d3c537924f645d6a674afed2cd171005deff5560
Page 4 of 15
Back23456Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close