Cisco SD-WAN vManage version 19.2.2 remote root shell proof of concept exploit that leverages multiple vulnerabilities.
a4bd588c350b9a327fc445d03fadab85Red Hat Security Advisory 2021-2230-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, denial of service, information leakage, and insecure permissions vulnerabilities.
e3874da2921faf9eb845a84c5bf2d476Red Hat Security Advisory 2021-2243-01 - Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, the cargo-vendor plugin, and required libraries. This enhancement update adds the rust-toolset-1.49 packages to Red Hat Developer Tools. Issues addressed include double free and use-after-free vulnerabilities.
777df082ece18a624d2ead49dd5cb7ddRed Hat Security Advisory 2021-2239-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, denial of service, and integer overflow vulnerabilities.
365f1ad26e6efd06364c29b4976ba110Red Hat Security Advisory 2021-2210-01 - These are CVE issues filed against XP1 releases that have been fixed in the underlying EAP 7.3.x base, so no changes to the EAP XP1 code base. Issues addressed include bypass, code execution, and information leakage vulnerabilities.
a23516211312cbc119ab1026f0d46c4fRed Hat Security Advisory 2021-2185-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, integer overflow, and use-after-free vulnerabilities.
9e3afd1d3d1cf4e5b7f53aec9f841ab1Seo Panel version 4.8.0 suffers from multiple cross site scripting vulnerabilities.
f29cbc15c279c29991670ff09c9c1cdaRed Hat Security Advisory 2021-2190-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, integer overflow, and use-after-free vulnerabilities.
dc54ea4001a5a98a2bdd0b49ce8540b7Multiple Korenix products are affected by unauthenticated device administration, backdoor accounts, cross site request forgery, unauthenticated tftp actions, and command injection vulnerabilities. Products affected include JetNet 5428G-20SFP, JetNet 5810G, JetNet 4706F, JetNet 4706, JetNet 4706, JetNet 4510, JetNet 5010, JetNet 5310, and JetNet 6095.
5a94a925fe67c1c0e0e3e86198346de4Red Hat Security Advisory 2021-2179-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Issues addressed include code execution and denial of service vulnerabilities.
3b2571652fa1f07f89942a26a893e7cbCHIYU IoT devices suffer from multiple cross site scripting vulnerabilities. Versions affected include BF-430, BF-431, BF-450M, BF-630, BF631-W, BF830-W, Webpass, BF-MINI-W, and SEMAC.
be521ba12f3652a10a9d3371e8b27108Red Hat Security Advisory 2021-2164-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, integer overflow, out of bounds write, and use-after-free vulnerabilities.
96cf174709ad79f0be3bf448f7fef8d2Red Hat Security Advisory 2021-2122-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.13. Issues addressed include XML injection, cross site request forgery, and denial of service vulnerabilities.
84a2ec1e8466418476244b0646671715Postbird version 0.8.4 suffers from cross site scripting, local file inclusion, and insecure data storage vulnerabilities. Included in this archive is a whitepaper and proof of concept exploit.
f60c4ad77076831e6c6210dffcd07d54Backdoor.Win32.NerTe.772 malware suffers from bypass and code execution vulnerabilities.
685dc3b6d0abd438b7bf5c0e69d6cf54QNAP MusicStation and MalwareRemover are affected by arbitrary file upload and command injection vulnerabilities, leading to pre-authentication remote command execution with root privileges on the NAS.
e0f4de64c7524a918a49796c1ab9986eRed Hat Security Advisory 2021-2139-01 - Red Hat Data Grid is a distributed, in-memory data store. This release of Red Hat Data Grid 8.2.0 serves as a replacement for Red Hat Data Grid 8.1.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, code execution, denial of service, information leakage, and server-side request forgery vulnerabilities.
4a1406b6c27819468f880503f534b265Gentoo Linux Security Advisory 202105-39 - Multiple vulnerabilities have been found in Ceph, the worst of which could result in privilege escalation. Versions less than 14.2.21 are affected.
d9c394d2cb2d7f6645bb6b9ed70f12a0Gentoo Linux Security Advisory 202105-15 - Multiple vulnerabilities have been found in Prosŏdy IM, the worst of which could result in a Denial of Service condition. Versions less than 0.11.9 are affected.
2fb5b2806e5584578493331cc98bb794Apple Security Advisory 2021-05-25-6 - watchOS 7.5 addresses buffer overflow, code execution, cross site scripting, denial of service, out of bounds read, and use-after-free vulnerabilities.
3cd4c0cfce27f37f04dda1c891c9ea99Apple Security Advisory 2021-05-25-2 - macOS Big Sur 11.4 addresses buffer overflow, bypass, code execution, cross site scripting, denial of service, information leakage, null pointer, out of bounds read, out of bounds write, path sanitization, and use-after-free vulnerabilities.
b9a849994de75b7dce8b3885c7a72252Apple Security Advisory 2021-05-25-7 - tvOS 14.6 addresses buffer overflow, code execution, cross site scripting, denial of service, integer overflow, out of bounds read, and use-after-free vulnerabilities.
d9eb4414124ac37a56edf4f8e06c1938Apple Security Advisory 2021-05-25-5 - Safari 14.1.1 addresses code execution, cross site scripting, denial of service, integer overflow, null pointer, and use-after-free vulnerabilities.
9fa41237cf71be5a16d0cecc22eee6a9Apple Security Advisory 2021-05-25-1 - iOS 14.6 and iPadOS 14.6 addresses buffer overflow, code execution, cross site scripting, denial of service, information leakage, null pointer, out of bounds read, and use-after-free vulnerabilities.
ad3930f3a391477bc3455e19d4698cd0Apple Security Advisory 2021-05-25-3 - Security Update 2021-004 Mojave addresses bypass, code execution, denial of service, heap corruption, information leakage, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
9f936b7ea6f4d01395ac99418dd1cef7
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed