what you don't know can hurt you
Showing 101 - 125 of 369 RSS Feed

Files Date: 2022-01-01 to 2022-01-31

XNU Kernel mach_msg Use-After-Free
Posted Jan 24, 2022
Authored by Google Security Research, ianbeer

The XNU kernel suffers from a use-after-free vulnerability in mach_msg.

tags | exploit, kernel
advisories | CVE-2021-30949
SHA-256 | 2f6301f083bee339053850c19d2a821eb5bf15e94079651382aba5531646e6f1
CVE-2021-44228 Log4Shell Overview
Posted Jan 24, 2022
Authored by Pankaj Jorwal, Neeraj Jayant, Shaifali Yadav

Whitepaper that gives exploitation and overview details on the Log4j vulnerability as noted in CVE-2021-44228.

tags | paper
advisories | CVE-2021-44228
SHA-256 | 1718bbf0d45e1ebf16dbdf6e329a8b2f32b620f142e69ae4db5a2403502ff6ac
Ubuntu Security Notice USN-5243-2
Posted Jan 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5243-2 - USN-5243-1 fixed a vulnerability in aide. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. David Bouman discovered that AIDE incorrectly handled base64 operations. A local attacker could use this issue to cause AIDE to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2021-45417
SHA-256 | 12b8a57423f596d419f639a96d32a12ebdfdfb7da1752d9b72a1df3a19b19a96
Red Hat Security Advisory 2022-0204-04
Posted Jan 24, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0204-04 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-21248, CVE-2022-21277, CVE-2022-21282, CVE-2022-21283, CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365, CVE-2022-21366
SHA-256 | 6111b47584e079b991691672c83a9bb1ec283d806d9882e1a06c6f3bc72726b2
Red Hat Security Advisory 2022-0232-02
Posted Jan 24, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0232-02 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a heap overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2021-4155, CVE-2022-0185
SHA-256 | 1021642cd93d107bd3c68e50bdb465f39863c1f58e9f9dd4d9463294024f05b0
Red Hat Security Advisory 2022-0211-04
Posted Jan 24, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0211-04 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-21248, CVE-2022-21277, CVE-2022-21282, CVE-2022-21283, CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365, CVE-2022-21366
SHA-256 | 4ce14f3eb438b226de3c60089a87af6d69792d0aed8fa73d3694231e01d43b56
Red Hat Security Advisory 2022-0185-03
Posted Jan 24, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0185-03 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-21248, CVE-2022-21277, CVE-2022-21282, CVE-2022-21283, CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365, CVE-2022-21366
SHA-256 | c65766993a3f6e45d1753c58150eb8ee04f8ced9690106f6de78b636d10b994f
Red Hat Security Advisory 2022-0233-02
Posted Jan 24, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0233-02 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-21248, CVE-2022-21277, CVE-2022-21282, CVE-2022-21283, CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365, CVE-2022-21366
SHA-256 | ad227589de97531242ae10f793cacc7c47be2a842ec93d7f68c55efb0747b4fa
Red Hat Security Advisory 2022-0209-02
Posted Jan 24, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0209-02 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-21248, CVE-2022-21277, CVE-2022-21282, CVE-2022-21283, CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365, CVE-2022-21366
SHA-256 | 0bc29c42f81a12c840cf1d83967196697ae8bddb306a1f61560184bf89d6c492
Red Hat Security Advisory 2022-0231-03
Posted Jan 24, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0231-03 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include heap overflow and privilege escalation vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-4154, CVE-2021-4155, CVE-2022-0185
SHA-256 | 57770ee1c33dbd8dba6dacf04547cf9e17773b3c538fd57af340bf40ac1aa736
Ubuntu Security Notice USN-5244-1
Posted Jan 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5244-1 - Daniel Onaca discovered that DBus contained a use-after-free vulnerability, caused by the incorrect handling of usernames sharing the same UID. An attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2020-35512
SHA-256 | eb658d0fae205e9fb1cf3b939c4f2178257b0554ee56bdb3534db4af424f8a00
Red Hat Security Advisory 2022-0230-03
Posted Jan 24, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0230-03 - OpenShift Logging Bug Fix Release. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-27292, CVE-2021-44832
SHA-256 | 741b2c0ef0ede5f4a7576bac2fdb735f258391b34069033c7131ec21ab7a60a4
Ubuntu Security Notice USN-5248-1
Posted Jan 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5248-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, trick a user into accepting unwanted permissions, conduct header splitting attacks, conduct spoofing attacks, bypass security restrictions, confuse the user, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2021-29981, CVE-2021-29987, CVE-2021-29991, CVE-2021-38495, CVE-2021-38497, CVE-2021-38498, CVE-2021-38500, CVE-2021-38502, CVE-2021-38503, CVE-2021-38504, CVE-2021-38508, CVE-2021-38509, CVE-2021-4126, CVE-2021-43528, CVE-2021-43536, CVE-2021-43537, CVE-2021-43541, CVE-2021-43542, CVE-2021-43656, CVE-2021-44538, CVE-2022-22737, CVE-2022-22740, CVE-2022-22741, CVE-2022-22745, CVE-2022-22747
SHA-256 | ee94116ff4e4b3081cc98a796565452f32b9979d45115195dba7be2d4510ee9a
Backdoor.Win32.Wollf.16 MVID-2022-0463 Hardcoded Credential
Posted Jan 21, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Wollf.16 malware suffers from a hardcoded credential vulnerability.

tags | exploit
systems | windows
SHA-256 | f9076b2184f85f721dd50387a040ec73c341239f0ccab4054a4942e7e9981b7d
Backdoor.Win32.Wollf.16 MVID-2022-0462 Authentication Bypass
Posted Jan 21, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Wollf.16 malware suffers from an authentication bypass vulnerability.

tags | exploit, bypass
systems | windows
SHA-256 | 2e7845f3458e647557c69dc7b59653be0dd7eede7e086360768038199d2ba916
Ubuntu Security Notice USN-5249-1
Posted Jan 21, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5249-1 - It was discovered that USBView allowed unprivileged users to run usbview as root. A local attacker could use this vulnerability to gain administrative privileges or cause a denial of service.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2022-23220
SHA-256 | 9f0537ab8d4fdb42da520a867ff3fd738d8c8bca5435596ed0d1ce7b4be39041
Ubuntu Security Notice USN-5246-1
Posted Jan 21, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5246-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct spoofing attacks, bypass security restrictions, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2021-4126, CVE-2021-43528, CVE-2021-43536, CVE-2021-43537, CVE-2021-43541, CVE-2021-43542, CVE-2021-43546, CVE-2021-43656, CVE-2021-44538, CVE-2022-22737, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22751
SHA-256 | bb2e4c8ab0377f822fe6dea499ddee9a3c91b266aa305adc3d5390e4e6812690
Red Hat Security Advisory 2022-0227-04
Posted Jan 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0227-04 - Openshift Logging Bug Fix Release. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-27292, CVE-2021-44832
SHA-256 | 524b9d8e7fae076a0218fa8ec49657291b2e337cf931184a67eff95ddb42d52a
Red Hat Security Advisory 2022-0225-02
Posted Jan 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0225-02 - Openshift Logging Bug Fix Release. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-44832
SHA-256 | c44818445185b5b9eb10bd94b0028919fa20c198b843f36adc8b60109b6edd44
Red Hat Security Advisory 2022-0226-04
Posted Jan 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0226-04 - OpenShift Logging Bug Fix Release. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-27292, CVE-2021-44832
SHA-256 | f45a4daaac33bae7e1100a60c8fb55bb1cbe77c8aa5ef50743cb24022a7380fe
Red Hat Security Advisory 2022-0223-02
Posted Jan 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0223-02 - A minor version update is now available for Red Hat Camel K that includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-44832, CVE-2021-45046, CVE-2021-45105
SHA-256 | af1dffa6e0ac34a66deb47e28f78f747246b426fc1a6679d8adeeaeca095b063
Red Hat Security Advisory 2022-0222-02
Posted Jan 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0222-02 - This update of Red Hat Integration - Camel Extensions for Quarkus serves as a replacement for 2.2 GA. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-44832, CVE-2021-45046, CVE-2021-45105
SHA-256 | 68d13130bc2f69e24bed215494e5bc7bc7e78f76f91132c976acd5299a52c762
Red Hat Security Advisory 2022-0219-03
Posted Jan 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0219-03 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.6.6 serves as a replacement for Red Hat AMQ Streams 1.6.5, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-38153, CVE-2021-45105
SHA-256 | 60756c5ef1b1782c60d1d4b878c5ed8efeaa87d5764bfde35a5046922ada189d
Banco Guayaquil 8.0.0 Cross Site Scripting
Posted Jan 21, 2022
Authored by Taurus Omar

Banco Guayaquil for iOS version 8.0.0 suffers from a script insertion vulnerability where a user can insert malicious code into their own name and could possibly be leveraged for attacks upstream. The security team for Banco Guayaquil contacted Packet Storm on 2022/02/08 to note that the issue has been addressed in new versions of the application.

tags | exploit, xss
systems | ios
SHA-256 | 67fd258d29a5a1f1144f15f1e4bbb69c7f2cb5738a374217e2ed9411f811c80e
Online Project Time Management 1.0 SQL Injection
Posted Jan 21, 2022
Authored by nu11secur1ty

Online Project Time Management version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2593041b2f7cbe7b416b53e5fb5dc472c6a262eeb561f904b5d6d09429a54dac
Page 5 of 15
Back34567Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close