Red Hat Security Advisory 2021-2438-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include bypass, code execution, denial of service, open redirection, resource exhaustion, and remote shell upload vulnerabilities.
dda5a75b5b7fd18f58795ba51eeb6a02TripSpark VEO Transportation suffers from a remote blind SQL injection vulnerability.
189e05e837b3360b20c7fe7a7553e8e5WordPress Social Warfare plugin version 3.5.2 remote code execution exploit. This fully automated exploit is a variation of the original discovery made by Luka Sikic and hash3liZer in May of 2019.
fb7aee67e4e3485ee6bbbc9c8e188cbcThis whitepaper discusses chain session upload progress to remote code execution when taking advantage of local file inclusion.
30b82ecd437ab784ec81665a82576757Zabbix versions 1.x through 5.x suffer from persistent cross site scripting and remote blind SQL injection vulnerabilities.
58a64992a12c020fdfb082f30b1cdfbaMicrosoft SharePoint Server 2019 remote code execution exploit.
d28db781523b61191a7e8e9b07815d64Ubuntu Security Notice 5021-1 - Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled TELNET connections when the -t option was used on the command line. Uninitialized data possibly containing sensitive information could be sent to the remote server, contrary to expectations. Harry Sintonen discovered that curl incorrectly reused connections in the connection pool. This could result in curl reusing the wrong connections. Various other issues were also addressed.
c53bea031dddd5ede7e38a101eca93e4Gentoo Linux Security Advisory 202107-50 - A vulnerability in Singularity could result in remote code execution. Versions less than 3.7.4 are affected.
baaf657ee7eb0abd40c1d1eed06d6346Ubuntu Security Notice 4336-2 - USN-4336-1 fixed several vulnerabilities in GNU binutils. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
299412ebfe15130fcd2ba6fb07826c11Red Hat Security Advisory 2021-2786-01 - The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. Issues addressed include an out of bounds read vulnerability.
956e6704bc672abed71a02163843b1c0News Portal Project version 3.1 suffers from multiple remote time-based SQL injection vulnerabilities.
66485a527d4c4c5e2088f05fc425cfc7Proof of concept code for a time-based blind remote SQL injection vulnerability in Online Shopping Portal version 3.1. This is a variant of the original discovery of SQL injection in this version by Umit Yalcin in July of 2020.
4f65a9a04d5b6e35d86e2c743c2dc565Vehicle Parking Management System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to gh1mau in July of 2020.
0bec78de274f574f3704caf7dc30e908Ubuntu Security Notice 5013-1 - It was discovered that systemd incorrectly handled certain mount paths. A local attacker could possibly use this issue to cause systemd to crash, resulting in a denial of service. Mitchell Frank discovered that systemd incorrectly handled DHCP FORCERENEW packets. A remote attacker could possibly use this issue to reconfigure servers.
7874a80a96e6739b9bcfc28b5e49c853Ubuntu Security Notice 5012-1 - It was discovered that containerd incorrectly handled file permission changes. If a user or automated system were tricked into launching a specially crafted container image, a remote attacker could change permissions on files on the host filesystem and possibly escalate privileges.
a90db0b396dec2e9bda631a3f6a4c6a4Gentoo Linux Security Advisory 202107-43 - Multiple vulnerabilities have been found in RPM, the worst of which could result in remote code execution. Versions less than 4.16.1.3 are affected.
c9c49ec4bae48a4b232b958fe64f4372Backdoor.Win32.IRCBot.gen malware suffers from an unauthenticated remote command execution vulnerability.
83fa4b8dad328c002161627ced60c429WordPress LearnPress plugin versions prior to 3.2.6.8 suffer from a remote time-based blind SQL injection vulnerability.
f0af8b09cd9ef658739008c556a55f25PEEL Shopping version 9.3.0 suffers from a remote SQL injection vulnerability.
c93676b63f536119b675b8cdc6540213ForgeRock Access Manager/OpenAM version 14.6.3 unauthenticated remote code execution exploit.
1d1fbcae84f04d82e6a5edf8685cc9beSeagate BlackArmor NAS version sg2000-2000.1331 remote command injection exploit.
a1e7f946b3541f69c9c897d1c5a65653Aruba Instant (IAP) remote code execution exploit.
4b4c48a01e5850a8203f4162005659d9Gentoo Linux Security Advisory 202107-35 - A buffer overflow in OpenSCAD might allow remote attacker(s) to execute arbitrary code. Versions less than 2021.01 are affected.
e10a556517c15d0238c999f47f5b862fGentoo Linux Security Advisory 202107-34 - A vulnerability was found in FluidSynth that could result in remote code execution. Versions less than 2.2.0 are affected.
305c88af89aa7db757d61a4d04381bd1WordPress Popular Posts plugin version 5.3.2 suffers from a remote shell upload vulnerability.
d260aa6f7a6cdf6bd50085eb8b82c659
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed