what you don't know can hurt you
Showing 1 - 25 of 771 RSS Feed

JavaScript Files

Ubuntu Security Notice USN-5024-1
Posted Jul 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5024-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2021-21775, CVE-2021-30689, CVE-2021-30749, CVE-2021-30799
MD5 | 50a9963ba1903faeab04b47189a80b51
Red Hat Security Advisory 2021-2932-01
Posted Jul 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2932-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, and out of bounds read vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22918, CVE-2021-23362, CVE-2021-27290, CVE-2021-33502
MD5 | 09026fe4bea1368d8dd91241bc564be1
Red Hat Security Advisory 2021-2931-01
Posted Jul 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2931-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, and out of bounds read vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22918, CVE-2021-23362, CVE-2021-27290, CVE-2021-33502
MD5 | 448ca25126020f105c2c282e8f6ed1dd
Postbird 0.8.4 Cross Site Scripting / Local File Inclusion
Posted May 27, 2021
Authored by Debshubra Chakraborty

Postbird version 0.8.4 suffers from a javascript injection vulnerability that allows for cross site scripting and local file inclusion.

tags | exploit, local, javascript, xss, file inclusion
advisories | CVE-2021-33570
MD5 | f2d171b04734775d46bcc4f5dc3a2213
AWS CloudShell Terminal Escape Injection / Remote Code Execution
Posted May 10, 2021
Authored by Google Security Research, Felix Wilhelm

The javascript terminal emulator used by AWS CloudShell handles certain terminal escape codes incorrectly. This can lead to remote code execution if attacker controlled data is displayed in a CloudShell instance.

tags | exploit, remote, javascript, code execution
MD5 | a07ebf4a753f14e46c966e23a4c3cf0b
Ubuntu Security Notice USN-4939-1
Posted May 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4939-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2021-1788
MD5 | af4558d62abbfd5bae4e9822b097ced0
Google Chrome XOR Typer Out-Of-Bounds Access / Remote Code Execution
Posted May 3, 2021
Authored by Niklas Baumstark, Grant Willcox, Rajvardhan Agarwal, Bruno Keith | Site metasploit.com

This Metasploit module exploits an issue in the V8 engine on x86_x64 builds of Google Chrome versions prior to 89.0.4389.128/90.0.4430.72 when handling XOR operations in JIT'd JavaScript code. Successful exploitation allows an attacker to execute arbitrary code within the context of the V8 process. As the V8 process is normally sandboxed in the default configuration of Google Chrome, the browser must be run with the --no-sandbox option for the payload to work correctly.

tags | exploit, arbitrary, javascript
advisories | CVE-2021-21220
MD5 | 63f07081f5cf627d484d2e1962bd0302
Apache Druid 0.20.0 Remote Command Execution
Posted Apr 27, 2021
Authored by Litch1, je5442804, Alibaba Cloud Security Team | Site metasploit.com

Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests; however, that feature is disabled by default. In Druid versions prior to 0.20.1, an authenticated user can send a specially-crafted request that both enables the JavaScript code-execution feature and executes the supplied code all at once, allowing for code execution on the server with the privileges of the Druid Server process. More critically, authentication is not enabled in Apache Druid by default.

tags | exploit, javascript, code execution
advisories | CVE-2021-25646
MD5 | e671822283290890d3b9fa839ab97950
SMASH: Synchronized Many-Sided Rowhammer Attacks From JavaScript
Posted Apr 15, 2021
Authored by Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Pietro Frigo, Emanuele Vannacci, Finn de Ridder

In this paper, the authors show that under realistic assumptions, it is indeed possible to bypass TRR directly from JavaScript, allowing attackers to exploit the resurfaced Rowhammer bug inside the browser. In addition, their analysis reveals new requirements for practical TRR evasion. For instance, they discovered that activating many rows in rapid succession as shown in TRRespass may not always be sufficient to produce bit flips. The scheduling of DRAM accesses also plays an important role.

tags | paper, javascript
MD5 | 836e85101be3fa403bf5501797e73520
Chrome V8 JavaScript Engine Remote Code Execution
Posted Apr 13, 2021
Authored by Rajvardhan Agarwal | Site github.com

Chrome V8 Javascript Engine remote code execution zero day exploit. Google is expected to release an update to their browser on tuesday 04/14/2021 that will address this vulnerability.

tags | exploit, remote, overflow, javascript, code execution
MD5 | a76d90d5f2c12f9efc441081adf2aabe
Ubuntu Security Notice USN-4894-1
Posted Mar 30, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4894-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2020-27918, CVE-2021-1799
MD5 | 4e22d60fd6aa436f1afcb95822fbbce6
Red Hat Security Advisory 2021-0831-01
Posted Mar 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0831-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | e4f76ec6cf5d25f7912b627f5880dffb
Red Hat Security Advisory 2021-0830-01
Posted Mar 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0830-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | e48bc69e2cdfde32b4069248f6d31869
Red Hat Security Advisory 2021-0827-01
Posted Mar 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0827-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | 8eca4f2c7dd986de75875e576747b15d
Sticky Notes Apps Using JavaScript 1.0 Cross Site Scripting
Posted Mar 9, 2021
Authored by Richard Jones

Sticky Notes Apps using JavaScript version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, javascript, xss
MD5 | c34812b56f1fa2ae36a2816630cf1b86
Red Hat Security Advisory 2021-0744-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0744-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | b4b85275703a4c86c931e4a7d0597ee5
Red Hat Security Advisory 2021-0740-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0740-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | 08753a3c634b4606c4b4f6b2da8f95c1
Red Hat Security Advisory 2021-0738-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0738-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | 338f3f3813e0f5c43e7a6e5b5e924917
Red Hat Security Advisory 2021-0741-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0741-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | 1bed23e753213411771ae018c380af64
Red Hat Security Advisory 2021-0739-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0739-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | 2bd6951176f39236faaf38759dd2915e
Red Hat Security Advisory 2021-0735-01
Posted Mar 5, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0735-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | ed843d10c99a39c218154c84cfa07276
Red Hat Security Advisory 2021-0734-01
Posted Mar 5, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0734-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | 8734c89713c54635e678ebd2630e7c7c
Ubuntu Security Notice USN-4739-1
Posted Feb 18, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4739-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2020-13558
MD5 | a5feb8fa066d0c3a1865f6e0f2147384
Red Hat Security Advisory 2021-0549-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0549-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, denial of service, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2019-10746, CVE-2019-10747, CVE-2020-7754, CVE-2020-7788, CVE-2020-8265, CVE-2020-8287
MD5 | d12e31190f42f1146fa898afa1452587
Red Hat Security Advisory 2021-0548-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0548-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, buffer overflow, denial of service, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, overflow, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2020-15095, CVE-2020-15366, CVE-2020-7608, CVE-2020-7754, CVE-2020-7774, CVE-2020-7788, CVE-2020-8116, CVE-2020-8252, CVE-2020-8265, CVE-2020-8287
MD5 | 26e22cd5c2bbda37974b7b609c2a39d4
Page 1 of 31
Back12345Next

File Archive:

July 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    12 Files
  • 3
    Jul 3rd
    1 Files
  • 4
    Jul 4th
    2 Files
  • 5
    Jul 5th
    34 Files
  • 6
    Jul 6th
    21 Files
  • 7
    Jul 7th
    21 Files
  • 8
    Jul 8th
    13 Files
  • 9
    Jul 9th
    6 Files
  • 10
    Jul 10th
    1 Files
  • 11
    Jul 11th
    3 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    19 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    15 Files
  • 16
    Jul 16th
    9 Files
  • 17
    Jul 17th
    2 Files
  • 18
    Jul 18th
    2 Files
  • 19
    Jul 19th
    19 Files
  • 20
    Jul 20th
    21 Files
  • 21
    Jul 21st
    53 Files
  • 22
    Jul 22nd
    14 Files
  • 23
    Jul 23rd
    14 Files
  • 24
    Jul 24th
    1 Files
  • 25
    Jul 25th
    1 Files
  • 26
    Jul 26th
    21 Files
  • 27
    Jul 27th
    8 Files
  • 28
    Jul 28th
    9 Files
  • 29
    Jul 29th
    12 Files
  • 30
    Jul 30th
    9 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close