Backdoor.Win32.Agent.uq malware suffers from an insecure permissions vulnerability.
c7b8ee3c06630c2fc636502fdf9e2749bb63f74bb86cf6d24f1ceb25e8b9ebaa
Online Project Time Management System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
c75f16cadf088c31d9c8ffa04cb3ffaac83ff2ab35fbf1914660086b90756a72
Red Hat Security Advisory 2022-0239-02 - Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network.
d81868a5e2e71fa5b6b2567857ad51ea634e921cda98438f96161984eb39b2c8
The H2 Database console suffers from an unauthenticated remote code execution vulnerability.
38d38233251c02d8224ce0fbd8f51482a2b18567e7637d7663f989d06c488631
TYPO3 femanager extension versions 6.0.0 through 6.0.3 and 5.5.0 and below suffer from a persistent cross site scripting vulnerability.
7eb7ca4dba4d4b114124d2c465fdc4c7a42cb7930e3df3d3662fa51a53b359ac
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
52891674347a463ce0fbbf1225cdb61f83c5db412d1c101cb48aa5f88a29e77d
The Ubiquiti UniFi Network Application versions 5.13.29 through 6.5.53 are affected by the Log4Shell vulnerability whereby a JNDI string can be sent to the server via the remember field of a POST request to the /api/login endpoint that will cause the server to connect to the attacker and deserialize a malicious Java object. This results in OS command execution in the context of the server application. This Metasploit module will start an LDAP server that the target will need to connect to.
371aff703a1c6ed83abe19b12644a1663d1052646d88c385fcca8a64bc63db21
Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.
689f3c68b99ef7af7d3c7007c3ff0a55d5674bdbf9c01f69a9f187726d6d4baf
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.
e26e00cfefda64082afdd540d3c537924f645d6a674afed2cd171005deff5560
The XNU kernel suffers from a use-after-free vulnerability in mach_msg.
2f6301f083bee339053850c19d2a821eb5bf15e94079651382aba5531646e6f1
Whitepaper that gives exploitation and overview details on the Log4j vulnerability as noted in CVE-2021-44228.
1718bbf0d45e1ebf16dbdf6e329a8b2f32b620f142e69ae4db5a2403502ff6ac
Ubuntu Security Notice 5243-2 - USN-5243-1 fixed a vulnerability in aide. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. David Bouman discovered that AIDE incorrectly handled base64 operations. A local attacker could use this issue to cause AIDE to crash, resulting in a denial of service, or possibly execute arbitrary code.
12b8a57423f596d419f639a96d32a12ebdfdfb7da1752d9b72a1df3a19b19a96
Red Hat Security Advisory 2022-0204-04 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.
6111b47584e079b991691672c83a9bb1ec283d806d9882e1a06c6f3bc72726b2
Red Hat Security Advisory 2022-0232-02 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a heap overflow vulnerability.
1021642cd93d107bd3c68e50bdb465f39863c1f58e9f9dd4d9463294024f05b0
Red Hat Security Advisory 2022-0211-04 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.
4ce14f3eb438b226de3c60089a87af6d69792d0aed8fa73d3694231e01d43b56
Red Hat Security Advisory 2022-0185-03 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.
c65766993a3f6e45d1753c58150eb8ee04f8ced9690106f6de78b636d10b994f
Red Hat Security Advisory 2022-0233-02 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.
ad227589de97531242ae10f793cacc7c47be2a842ec93d7f68c55efb0747b4fa
Red Hat Security Advisory 2022-0209-02 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.
0bc29c42f81a12c840cf1d83967196697ae8bddb306a1f61560184bf89d6c492
Red Hat Security Advisory 2022-0231-03 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include heap overflow and privilege escalation vulnerabilities.
57770ee1c33dbd8dba6dacf04547cf9e17773b3c538fd57af340bf40ac1aa736
Ubuntu Security Notice 5244-1 - Daniel Onaca discovered that DBus contained a use-after-free vulnerability, caused by the incorrect handling of usernames sharing the same UID. An attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service.
eb658d0fae205e9fb1cf3b939c4f2178257b0554ee56bdb3534db4af424f8a00
Red Hat Security Advisory 2022-0230-03 - OpenShift Logging Bug Fix Release. Issues addressed include code execution and denial of service vulnerabilities.
741b2c0ef0ede5f4a7576bac2fdb735f258391b34069033c7131ec21ab7a60a4
Ubuntu Security Notice 5248-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, trick a user into accepting unwanted permissions, conduct header splitting attacks, conduct spoofing attacks, bypass security restrictions, confuse the user, or execute arbitrary code.
ee94116ff4e4b3081cc98a796565452f32b9979d45115195dba7be2d4510ee9a
Backdoor.Win32.Wollf.16 malware suffers from a hardcoded credential vulnerability.
f9076b2184f85f721dd50387a040ec73c341239f0ccab4054a4942e7e9981b7d
Backdoor.Win32.Wollf.16 malware suffers from an authentication bypass vulnerability.
2e7845f3458e647557c69dc7b59653be0dd7eede7e086360768038199d2ba916
Ubuntu Security Notice 5249-1 - It was discovered that USBView allowed unprivileged users to run usbview as root. A local attacker could use this vulnerability to gain administrative privileges or cause a denial of service.
9f0537ab8d4fdb42da520a867ff3fd738d8c8bca5435596ed0d1ce7b4be39041