Red Hat Security Advisory 2020-3271-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupdate packages provide a service that allows session software to update device firmware. Issues addressed include buffer overflow, code execution, integer overflow, and use-after-free vulnerabilities.
0c737d94583cf9484cdc1f7bde1829f9Red Hat Security Advisory 2020-3275-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupdate packages provide a service that allows session software to update device firmware. Issues addressed include buffer overflow, code execution, integer overflow, and use-after-free vulnerabilities.
b1c15450274a68d8c6f86e9762996426Umbraco CMS version 7.12.4 authenticated remote code execution exploit.
c6a4a934c6775c455e5e4f225dec66c0OpenEMR versions 5.0.1 and below authenticated remote code execution exploit written in ruby.
0c4b5a66f0b188dd68ac3a5de13961d4Atmail Email Server Appliance version 6.4 exploit toolchain that leverages cross site scripting and cross site request forgery to achieve code execution.
5e8eedf4d9e738503fa65cc3f2f4de89Ubuntu Security Notice 4444-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
41e64fcb2adc18e2a3f8f179c1a36e11Red Hat Security Advisory 2020-3273-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, code execution, integer overflow, and use-after-free vulnerabilities.
0302d0ef02850a9fe8be92b2b6336d8aRed Hat Security Advisory 2020-3227-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupd packages provide a service that allows session software to update device firmware. Issues addressed include buffer overflow, code execution, integer overflow, and use-after-free vulnerabilities.
fa976cb619e24d2d351796191c282d01Red Hat Security Advisory 2020-3223-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupd packages provide a service that allows session software to update device firmware. Issues addressed include buffer overflow, code execution, integer overflow, and use-after-free vulnerabilities.
d0fc26d05115384086fc4a4065fd2e62Red Hat Security Advisory 2020-3217-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupdate packages provide a service that allows session software to update device firmware. Issues addressed include buffer overflow, code execution, integer overflow, and use-after-free vulnerabilities.
8fc53efa0fb476b2f33a9f74f3f9198aRed Hat Security Advisory 2020-3216-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupd packages provide a service that allows session software to update device firmware. Issues addressed include buffer overflow, code execution, integer overflow, and use-after-free vulnerabilities.
70bea9538d5a1da61e92d2182cd8ad0fThis Metasploit module exploits a arbitrary file upload vulnerability within the Baldr stealer malware control panel. Attackers can turn this vulnerability into remote code execution by adding malicious PHP code inside the victim logs ZIP file and registering a new bot to the panel by uploading the ZIP file under the logs directory. On versions 3.0 and 3.1 victim logs are ciphered by a random 4 byte XOR key. This exploit module retrieves the IP specific XOR key from panel gate and registers a new victim to the panel with adding the selected payload inside the victim logs.
3aee05fb3bfa3e3eb0452ce7bbf7bdfbRed Hat Security Advisory 2020-3017-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.1.15 serves as a replacement for Red Hat support for Spring Boot 2.1.13, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include code execution and deserialization vulnerabilities.
ed089b9f127a9e6b933a1b0ece5fe72cRuby On Rails version 5.0.1 remote code execution exploit.
6c0633d8ae026e22f98ff5981cbe2ff4Gentoo Linux Security Advisory 202007-35 - A vulnerability allowing arbitrary code execution was found in ReportLab. Versions less than 3.5.42 are affected.
ef919c9c287d9bc8d5277fef73de3a86Gentoo Linux Security Advisory 202007-34 - Apache Ant uses various insecure temporary files possibly allowing local code execution. Versions less than 1.10.8 are affected.
9af5d653daacf612558125ca61a855e4Gentoo Linux Security Advisory 202007-27 - A flaw in Haml allows arbitrary code execution as a result of improper filtering. Versions less than 5.1.2 are affected.
a887a0eea5aacf49807931a0e1bed49cLibreHealth version 2.0.0 authenticated remote code execution exploit.
c21b4b511f291e76d1d84cb98e90cd06INNEO Startup TOOLS 2018 M040 version 13.0.70.3804 remote code execution exploit.
8b79d9723f77c96bd4418392217b9a99Red Hat Security Advisory 2020-2905-01 - This release of Red Hat build of Thorntail 2.7.0 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section. Issues addressed include bypass, code execution, cross site scripting, memory exhaustion, and traversal vulnerabilities.
967e492d0ac87f72690605873103b03cThis is a modified remote code execution exploit for Online Book Store version 1.0.
18b4b52bcf9e3b89a6851dd7a0a5fe07LibreHealth version 2.0.0 authentication remote code execution exploit that leverages file upload.
fdb429c0607ceadf1536570f0e8ac8d9This Metasploit module exploits an authenticated Python unsafe pickle.load of a Dict file. An authenticated attacker can create a photo library and add arbitrary files to it. After setting the Windows only Plex variable LocalAppDataPath to the newly created photo library, a file named Dict will be unpickled, which causes remote code execution as the user who started Plex. Plex_Token is required, to get it you need to log-in through a web browser, then check the requests to grab the X-Plex-Token header. See info -d for additional details. If an exploit fails, or is cancelled, Dict is left on disk, a new ALBUM_NAME will be required as subsequent writes will make Dict-1, and not execute.
41eb0c77f9b7de3ab74e8c47a61a86c3Red Hat Security Advisory 2020-2989-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated version is .NET Core Runtime 2.1.20 and SDK 2.1.516. Issues addressed include a code execution vulnerability.
14077e694a12aa5ff8591c8a4e152415Apple Security Advisory 2020-07-15-5 - Safari 13.1.2 is now available and addresses bypass, code execution, cross site scripting, out of bounds read, and use-after-free vulnerabilities.
fae2dd75505f460f265a5bb0c506f1b7
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed