exploit the possibilities
Showing 1 - 25 of 29,442 RSS Feed

Vulnerability Files

Cockpit CMS 0.11.1 NoSQL Injection / Remote Command Execution
Posted Apr 21, 2021
Authored by h00die, Nikita Petrov | Site metasploit.com

This Metasploit module exploits two NoSQL injection vulnerabilities to retrieve the user list and password reset tokens from the system. Next, the USER is targeted to reset their password. Then, a command injection vulnerability is used to execute the payload. While it is possible to upload a payload and execute it, the command injection provides a no disk write method which is more stealthy. Cockpit CMS versions 0.10.0 through 0.11.1, inclusive, contain all the necessary vulnerabilities for exploitation.

tags | exploit, vulnerability, sql injection
advisories | CVE-2020-35846, CVE-2020-35847
MD5 | 02bc0b645077ffa131dc1c08b1a388bf
Adtran Personal Phone Manager 10.8.1 Cross Site Scripting
Posted Apr 21, 2021
Authored by 3ndG4me

Adtran Personal Phone Manager version 10.8.1 suffers from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2021-25680
MD5 | cdd9f40da8151e74ebdd4f89396bce22
RemoteClinic 2 Cross Site Scripting
Posted Apr 21, 2021
Authored by nu11secur1ty

RemoteClinic 2 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2021-30044
MD5 | 313dc5b3719b6be34109213eee086a71
Red Hat Security Advisory 2021-1295-01
Posted Apr 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1295-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-27364, CVE-2021-27365, CVE-2021-3347
MD5 | 5689d716efb7e1028211b4aae7416a96
Red Hat Security Advisory 2021-1289-01
Posted Apr 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1289-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and out of bounds read vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
MD5 | 0fdeefa2ddf9eeb1621da28b8405174d
Red Hat Security Advisory 2021-1288-01
Posted Apr 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1288-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, denial of service, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-29661, CVE-2021-20265, CVE-2021-27364, CVE-2021-27365
MD5 | 6602dc03aef32e6967a9fac4041d5606
Ubuntu Security Notice USN-4918-2
Posted Apr 20, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4918-2 - USN-4918-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to cause ClamAV to hang, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-1252, CVE-2021-1404, CVE-2021-1405
MD5 | a978daa8988afdecf7791da9b48c7983
Red Hat Security Advisory 2021-1272-01
Posted Apr 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1272-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-27363, CVE-2021-27364, CVE-2021-27365, CVE-2021-3347
MD5 | d8727197ed9740775d56d47e2d2234af
Red Hat Security Advisory 2021-1279-01
Posted Apr 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1279-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-27363, CVE-2021-27364, CVE-2021-27365, CVE-2021-3347
MD5 | 30b51a879589e5daec1e7b2575333cfb
Red Hat Security Advisory 2021-1266-01
Posted Apr 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1266-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include buffer overflow, denial of service, and integer overflow vulnerabilities.

tags | advisory, web, denial of service, overflow, perl, vulnerability
systems | linux, redhat
advisories | CVE-2020-10543, CVE-2020-10878, CVE-2020-12723
MD5 | f97b03a9545f11491b1cf08b54df658c
Fibaro Home Center MITM / Missing Authentication / Code Execution
Posted Apr 20, 2021
Authored by Marton Illes, USER | Site iot-inspector.com

Fibaro Home Center Light and Fibaro Home Center 2 versions 4.600 and below suffer from man-in-the-middle, missing authentication, remote command execution, and missing encryption vulnerabilities.

tags | exploit, remote, vulnerability
advisories | CVE-2021-20989, CVE-2021-20990, CVE-2021-20991, CVE-2021-20992
MD5 | 6c5c5d340dde64001a1195e30ca2a6f1
Red Hat Security Advisory 2021-1267-01
Posted Apr 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1267-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-14351, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
MD5 | 75a91f52f2f9f4b14e2b4601ae5a0948
WordPress Photo Gallery 1.5.69 Cross Site Scripting
Posted Apr 19, 2021
Authored by ThuraMoeMyint

WordPress Photo Gallery plugin versions 1.5.69 and below suffer from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | b5c0688f0cda1e2a8251928650a32477
Red Hat Security Advisory 2021-1202-01
Posted Apr 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1202-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 12 serves as a replacement for Red Hat JBoss Web Server 3.1.11, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, java, web, vulnerability
systems | linux, redhat
advisories | CVE-2021-3449, CVE-2021-3450
MD5 | a9eb97ddf71ce9ca727565fce2c101b9
Red Hat Security Advisory 2021-1203-01
Posted Apr 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1203-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 12 serves as a replacement for Red Hat JBoss Web Server 3.1.11, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, java, web, vulnerability
systems | linux, redhat
advisories | CVE-2021-3449, CVE-2021-3450
MD5 | 729f47d6be380b2965ef0599a9540c25
Red Hat Security Advisory 2021-1200-01
Posted Apr 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1200-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 7 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 6 and includes bug fixes and enhancements. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2021-3449, CVE-2021-3450
MD5 | b8a6f25dd58376a43f4f40a29517284b
Red Hat Security Advisory 2021-1199-01
Posted Apr 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1199-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 7 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 6 and includes bug fixes and enhancements. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2021-3449, CVE-2021-3450
MD5 | 442a2f818780d73acd032f6e46273fae
Red Hat Security Advisory 2021-1195-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1195-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, java, web, vulnerability
systems | linux, redhat
advisories | CVE-2021-3449, CVE-2021-3450
MD5 | dacb6d6c13c5d9b7be6d35069dad438d
Webmail Edition 5.2.22 XSS / Remote Code Execution
Posted Apr 14, 2021
Authored by nu11secur1ty, Ventsislav Varbanovski, Alex Birnberg

Webmail Edition version 5.2.22 suffers from remote code execution and cross site scripting vulnerabilities via the Horde_Text_Filter library.

tags | exploit, remote, vulnerability, code execution, xss
advisories | CVE-2021-26929
MD5 | dd1588866001ae370f23e0d6ec8d2f71
Red Hat Security Advisory 2021-1196-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1196-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, java, web, vulnerability
systems | linux, redhat
advisories | CVE-2021-3449, CVE-2021-3450
MD5 | 1e20b1d3fa25aae80ecbb9ca2aa74000
Red Hat Security Advisory 2021-1169-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1169-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2019-20921, CVE-2020-25657, CVE-2020-28458, CVE-2020-28477
MD5 | f30c28086eb6756954fbbebcf8322ae6
Red Hat Security Advisory 2021-1189-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1189-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2021-3449, CVE-2021-3450
MD5 | 35e740aea2aba5046d28139bf1b9ca72
Red Hat Security Advisory 2021-1171-01
Posted Apr 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1171-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and out of bounds read vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
MD5 | fd7794f9e030733f853b32bf9bf1cdfb
Red Hat Security Advisory 2021-1173-01
Posted Apr 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1173-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and out of bounds read vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-27364, CVE-2021-27365
MD5 | 29a39411f8522d68c66a87c24114b782
Red Hat Security Advisory 2021-1168-01
Posted Apr 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1168-01 - Red Hat Advanced Cluster Management for Kubernetes 2.2.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console-with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and security issues. Issues addressed include code execution, denial of service, integer overflow, and null pointer vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-0466, CVE-2020-14040, CVE-2020-27152, CVE-2020-28374, CVE-2020-28500, CVE-2020-28851, CVE-2020-28852, CVE-2020-29529, CVE-2021-21321, CVE-2021-21322, CVE-2021-23337, CVE-2021-23840, CVE-2021-23841, CVE-2021-26708, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365, CVE-2021-3121, CVE-2021-3347, CVE-2021-3449, CVE-2021-3450
MD5 | b9e0eefcc48c75875a38dd990028dd1a
Page 1 of 1,178
Back12345Next

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    15 Files
  • 14
    Apr 14th
    27 Files
  • 15
    Apr 15th
    19 Files
  • 16
    Apr 16th
    7 Files
  • 17
    Apr 17th
    1 Files
  • 18
    Apr 18th
    1 Files
  • 19
    Apr 19th
    19 Files
  • 20
    Apr 20th
    18 Files
  • 21
    Apr 21st
    30 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close