exploit the possibilities
Showing 1 - 25 of 29,843 RSS Feed

Vulnerability Files

Ubuntu Security Notice USN-5071-2
Posted Sep 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5071-2 - USN-5071-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 20.04 LTS for Ubuntu 18.04 LTS. Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-36311, CVE-2021-22543, CVE-2021-3612, CVE-2021-3653, CVE-2021-3656
MD5 | cf12af9abbb4d82883beda62aa53329a
Ubuntu Security Notice USN-5080-2
Posted Sep 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5080-2 - USN-5080-1 fixed several vulnerabilities in Libgcrypt. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that Libgcrypt incorrectly handled ElGamal encryption. An attacker could possibly use this issue to recover sensitive information.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-33560
MD5 | 260071d69f58b4f7ae80a17219122f52
Ubuntu Security Notice USN-5078-2
Posted Sep 16, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5078-2 - USN-5078-1 fixed several vulnerabilities in Squashfs-Tools. This update provides the corresponding update for Ubuntu 16.04 ESM. Etienne Stalmans discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem. Various other issues were also addressed.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-40153, CVE-2021-41072
MD5 | a588bff99e1ad294d4c0a837675bd039
Ubuntu Security Notice USN-5079-2
Posted Sep 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5079-2 - USN-5079-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Patrick Monnerat discovered that curl incorrectly handled upgrades to TLS. When receiving certain responses from servers, curl would continue without TLS even when the option to require a successful upgrade to TLS was specified. Patrick Monnerat discovered that curl incorrectly handled responses received before STARTTLS. A remote attacker could possibly use this issue to inject responses and intercept communications. Various other issues were also addressed.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-22946, CVE-2021-22947
MD5 | 8dc34c18f171dde2c9ffa8935bcbe7c4
AHSS-PHP 1.0 Cross Site Scripting / SQL Injection
Posted Sep 15, 2021
Authored by nu11secur1ty

AHSS-PHP version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, php, vulnerability, xss, sql injection
MD5 | 00674176fa93d01b22d17bb2c4952741
Red Hat Security Advisory 2021-3490-01
Posted Sep 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3490-01 - An update for python-django20 is now available for Red Hat OpenStack Platform 16.2 (Train). Issues addressed include local file inclusion, remote file inclusion, server-side request forgery, and traversal vulnerabilities.

tags | advisory, remote, local, vulnerability, python, file inclusion
systems | linux, redhat
advisories | CVE-2021-3281, CVE-2021-33203, CVE-2021-33571
MD5 | e7500bc349886d3fb83b1178501b814b
Ubuntu Security Notice USN-5077-2
Posted Sep 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5077-2 - USN-5077-1 fixed several vulnerabilities in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Maik M

tags | advisory, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-3709
MD5 | 9b7c13e0f8c97336957240f068c12cdd
Red Hat Security Advisory 2021-3534-01
Posted Sep 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3534-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.9 serves as a replacement for Red Hat Single Sign-On 7.4.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-28491, CVE-2020-35509, CVE-2021-28170, CVE-2021-29425, CVE-2021-3513, CVE-2021-3597, CVE-2021-3632, CVE-2021-3637, CVE-2021-3644, CVE-2021-3690
MD5 | 1a4a311583d794fea92d4e9497b13887
Kernel Live Patch Security Notice LSN-0081-1
Posted Sep 14, 2021
Authored by Benjamin M. Romer

Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host’s physical memory. Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Various other vulnerabilities were also addressed.

tags | advisory, kernel, vulnerability
systems | linux
advisories | CVE-2021-22555, CVE-2021-33909, CVE-2021-3653, CVE-2021-3656
MD5 | 466908f10276ab3196dea532b09d7715
DMA Softlab Radius Manager 4.4.0 Session Management / Cross Site Scripting
Posted Sep 14, 2021
Authored by bnu1s

DMA Softlab Radius Manager version 4.4.0 chained exploit written in go that exploits session management and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2021-29011, CVE-2021-29012
MD5 | 6ac6bd05cfe91f2b5891d958adfcaf79
Red Hat Security Advisory 2021-3516-01
Posted Sep 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3516-01 - These are CVE issues filed against XP2 releases that have been fixed in the underlying EAP 7.3.x base, so no changes to the EAP XP2 code base. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-28170, CVE-2021-29425, CVE-2021-3597, CVE-2021-3644, CVE-2021-3690
MD5 | 5625353b10b074d21981ec2faff0c93b
Red Hat Security Advisory 2021-3522-01
Posted Sep 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3522-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-8648, CVE-2021-22555, CVE-2021-32399, CVE-2021-3347
MD5 | b86026715e0b9f10acbf968e940ef336
Red Hat Security Advisory 2021-3523-01
Posted Sep 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3523-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-22555, CVE-2021-32399, CVE-2021-3347
MD5 | ca98949ca8a78989b1ae6533ebae6ca1
Men Salon Management System 1.0 Cross Site Scripting / SQL Injection
Posted Sep 11, 2021
Authored by Aryan Chehreghani

Men Salon Management System version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 7250e4f4732c81d5b68cd71a2aa7e396
ECOA Building Automation System Authorization Bypass / Insecure Direct Object Reference
Posted Sep 10, 2021
Authored by Neurogenesia | Site zeroscience.mk

ECOA building automation systems suffer from authorization bypass and insecure direct object reference vulnerabilities. Many versions are affected.

tags | exploit, vulnerability
MD5 | 7beaa133357b5b42cfc93a942d248371
Backdoor.Win32.VB.awm Authentication Bypass / Information Disclosure
Posted Sep 10, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.VB.awm malware suffers from bypass and information leakage vulnerabilities.

tags | exploit, vulnerability
systems | windows
MD5 | 6029cf8023344fff63cf6e0a10d03b58
ECOA Building Automation System Path Traversal / Arbitrary File Upload
Posted Sep 10, 2021
Authored by Neurogenesia | Site zeroscience.mk

ECOA building automation systems suffer from path traversal and arbitrary file upload vulnerabilities. Many versions are affected.

tags | exploit, arbitrary, vulnerability, file upload
MD5 | a455307bd9b613b751ea7966593a494d
Red Hat Security Advisory 2021-3425-01
Posted Sep 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3425-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.3.10 serves as a replacement for Red Hat support for Spring Boot 2.3.6, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service and information leakage vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-27782, CVE-2021-24122, CVE-2021-25122, CVE-2021-25329, CVE-2021-3690
MD5 | 2b69c2ace66d613e0d6a29a7b0445783
Red Hat Security Advisory 2021-3477-01
Posted Sep 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3477-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include code execution, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-22555, CVE-2021-31535, CVE-2021-32399, CVE-2021-3621, CVE-2021-3715
MD5 | dcab14b11a44c1cc2df4cb20d8897f18
Red Hat Security Advisory 2021-3466-01
Posted Sep 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3466-01 - This release of Red Hat JBoss Enterprise Application Platform 7.3.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.9 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-28170, CVE-2021-29425, CVE-2021-3597, CVE-2021-3644, CVE-2021-3690
MD5 | 16ef1f903f9b2f978e5d20fbef5adaf1
Red Hat Security Advisory 2021-3459-01
Posted Sep 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3459-01 - The VDSM service is required by a Virtualization Manager to manage the Linux hosts. VDSM manages and monitors the host's storage, memory and networks as well as virtual machine creation, other host administration tasks, statistics gathering, and log collection. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-28500, CVE-2021-23337
MD5 | df608ef8184c5728590099132a9d33f4
Red Hat Security Advisory 2021-3467-01
Posted Sep 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3467-01 - This release of Red Hat JBoss Enterprise Application Platform 7.3.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.9 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-28170, CVE-2021-29425, CVE-2021-3597, CVE-2021-3644, CVE-2021-3690
MD5 | 7972a6c10e469c69a1af49971cb2d55f
Red Hat Security Advisory 2021-3468-01
Posted Sep 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3468-01 - This release of Red Hat JBoss Enterprise Application Platform 7.3.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.9 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-28170, CVE-2021-29425, CVE-2021-3597, CVE-2021-3644, CVE-2021-3690
MD5 | c5f0224c60cbcaa7edd703e15d3a4f0e
Red Hat Security Advisory 2021-3471-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3471-01 - This release of Red Hat JBoss Enterprise Application Platform 7.3.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.9 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-28170, CVE-2021-29425, CVE-2021-3597, CVE-2021-3644, CVE-2021-3690
MD5 | 6e17f4c64e2dee40e6ba81950a457e26
Red Hat Security Advisory 2021-3446-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3446-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-0512, CVE-2021-3715, CVE-2021-37576
MD5 | 3781a034f8565e89037e08f5c2b6d6cf
Page 1 of 1,194
Back12345Next

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close