exploit the possibilities
Showing 26 - 50 of 8,997 RSS Feed

Web Files

Tenda HG6 3.3.0 Remote Command Injection
Posted May 3, 2022
Authored by LiquidWorm | Site zeroscience.mk

Tenda HG6 version 3.3.0 suffers from a remote command injection vulnerability. It can be exploited to inject and execute arbitrary shell commands through the pingAddr and traceAddr HTTP POST parameters in formPing, formPing6, formTracert and formTracert6 interfaces.

tags | exploit, remote, web, arbitrary, shell
SHA-256 | 49f6e50dad2f50c5f9bee5f1105d5092b826a6f5ba27d2193fc00498390e1373
Red Hat Security Advisory 2022-1520-01
Posted May 3, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1520-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.6.2 serves as a replacement for Red Hat JBoss Web Server 5.6.1. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2022-0778
SHA-256 | a2e16c97317c6b04676bfc171964ba0987437186c98f1be4d4fd9a3f15579708
Red Hat Security Advisory 2022-1519-01
Posted May 3, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1519-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.6.2 serves as a replacement for Red Hat JBoss Web Server 5.6.1. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2022-0778
SHA-256 | 1d53d951392040b522879983852582df719b34ca59c65ac37ed000f74a24181f
Red Hat Security Advisory 2022-1646-01
Posted May 2, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1646-01 - Twisted is a networking engine written in Python, supporting numerous protocols. It contains a web server, numerous chat clients, chat servers, mail servers and more. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web, protocol, python
systems | linux, redhat
advisories | CVE-2022-24801
SHA-256 | edafd374bc7080d26a801370b03b76f7d43b88ef319ac614fe523e26bd1f10a3
Red Hat Security Advisory 2022-1645-01
Posted Apr 29, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1645-01 - Twisted is a networking engine written in Python, supporting numerous protocols. It contains a web server, numerous chat clients, chat servers, mail servers and more. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web, protocol, python
systems | linux, redhat
advisories | CVE-2022-24801
SHA-256 | 18a104826aa895a03c52b3bcd258ce538f2ba0cb7eb0dbcd17064e049546f4ce
Red Hat Security Advisory 2022-1644-01
Posted Apr 29, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1644-01 - XML-RPC is a remote procedure call protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML. Issues addressed include a code execution vulnerability.

tags | advisory, remote, web, code execution, protocol
systems | linux, redhat
advisories | CVE-2022-25235
SHA-256 | 6411512a574d6fff515bffc7e82e7304682cd0252c57acb85779335db74418bb
Red Hat Security Advisory 2022-1643-01
Posted Apr 29, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1643-01 - XML-RPC is a remote procedure call protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML. Issues addressed include a code execution vulnerability.

tags | advisory, remote, web, code execution, protocol
systems | linux, redhat
advisories | CVE-2022-25235
SHA-256 | f8d15676020a9ab3d565cd4406a7e5da73416bf14c9546ee5307f620eab24745
Ubuntu Security Notice USN-5394-1
Posted Apr 28, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5394-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2022-22624
SHA-256 | 4d28ba4ec65abbd647ce541d3f35e56b233b7e97e1369456b0e2db59766b5636
Ubuntu Security Notice USN-5371-2
Posted Apr 28, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5371-2 - USN-5371-1 fixed several vulnerabilities in nginx. This update provides the fix for CVE-2021-3618 for Ubuntu 22.04 LTS. It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

tags | advisory, web, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-11724, CVE-2020-36309, CVE-2021-3618
SHA-256 | 0312d8395edc75623bc232eb22c356f06f0f1ab5ad2bd86ce88f5fc4a29fe7c0
Red Hat Security Advisory 2022-1628-01
Posted Apr 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1628-01 - Red Hat Gluster Storage Web Administration includes a fully automated setup based on Ansible and provides deep metrics and insights into active Gluster storage pools by using the Grafana platform. Red Hat Gluster Storage Web Administration provides a dashboard view that allows an administrator to get a view of overall gluster health in terms of hosts, volumes, bricks, and other components of GlusterFS.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-44716
SHA-256 | bd3810c82e8a7a890e00175095129c3671c5cd1622b5ec57ba988c6681ab6a22
Red Hat Security Advisory 2022-1540-01
Posted Apr 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1540-01 - XML-RPC is a remote procedure call protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML. Issues addressed include a code execution vulnerability.

tags | advisory, remote, web, code execution, protocol
systems | linux, redhat
advisories | CVE-2022-25235
SHA-256 | 487dc3b2d93eedc2fcb87a4be267ba9c311893cb909e4c7b26d1da9002b99fca
Red Hat Security Advisory 2022-1539-01
Posted Apr 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1539-01 - XML-RPC is a remote procedure call protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML. Issues addressed include a code execution vulnerability.

tags | advisory, remote, web, code execution, protocol
systems | linux, redhat
advisories | CVE-2022-25235
SHA-256 | 277e754c3ed3d2b26c37fd443267b87858fb3e04b24fca3b9a4d3ce2a33ad8a1
Red Hat Security Advisory 2022-1389-01
Posted Apr 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1389-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 11 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10 and includes bug fixes and enhancements. Issues addressed include HTTP request smuggling, buffer overflow, bypass, null pointer, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2021-3516, CVE-2021-3517, CVE-2021-3518, CVE-2021-3537, CVE-2021-3541, CVE-2022-0778, CVE-2022-22720, CVE-2022-23308
SHA-256 | 543450d6c14d4c09bcf5947c484b86e571d3712934810fc7815f183da6554438
Red Hat Security Advisory 2022-1390-01
Posted Apr 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1390-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 11 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10 and includes bug fixes and enhancements. Issues addressed include HTTP request smuggling, buffer overflow, bypass, null pointer, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2021-3516, CVE-2021-3517, CVE-2021-3518, CVE-2021-3537, CVE-2021-3541, CVE-2022-0778, CVE-2022-22720, CVE-2022-23308
SHA-256 | ad0fd16dc55990a0a43914c90f2049b89914071377efc58825ef7d913c3134db
Red Hat Security Advisory 2022-1469-01
Posted Apr 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1469-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.2 serves as a replacement for Red Hat Single Sign-On 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2021-45105
SHA-256 | 1989a8f9d487c3a1064cc5cafb97cf1f0e4ebcec1d13d1c92293737241db656e
Red Hat Security Advisory 2022-1463-01
Posted Apr 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1463-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.2 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2021-45105
SHA-256 | cab797a2ac15ee52c67a0723db572558f460b5f925255de17e7c645f3569c4ae
Red Hat Security Advisory 2022-1462-01
Posted Apr 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1462-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.2 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2021-45105
SHA-256 | 03deb4214a9d8154326adb253d71b220bd4e9668793a94401ccb07c15551cb10
Red Hat Security Advisory 2022-1396-01
Posted Apr 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1396-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2014-3577, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-12762, CVE-2020-13435, CVE-2020-14155, CVE-2020-16135, CVE-2020-24370, CVE-2020-25709, CVE-2020-25710, CVE-2021-0920, CVE-2021-20231, CVE-2021-20232, CVE-2021-21684, CVE-2021-22876, CVE-2021-22898, CVE-2021-22925, CVE-2021-23177, CVE-2021-28153, CVE-2021-31566
SHA-256 | 9c6ace15db6cc4f4efff553e069be87d1d00778ed7287b08bb97673bf221855f
Siemens A8000 CP-8050/CP-8031 SICAM WEB Missing File Download / Missing Authentication
Posted Apr 15, 2022
Authored by T. Weber, Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

Siemens A8000 CP-8050/CP-8031 SICAM WEB suffers from denial of service and a missing authentication vulnerability that allows for file download.

tags | exploit, web, denial of service
advisories | CVE-2021-45034, CVE-2022-27480
SHA-256 | 7f0a0ec0c017ac5bb71670246359ab27291e0f6543e3a3b66f3b4ecf9cd874dc
Microsoft HTTP Protocol Stack Denial Of Service
Posted Apr 15, 2022
Authored by polakow | Site github.com

Microsoft HTTP protocol stack denial of service exploit that leverages the vulnerability in CVE-2022-21907.

tags | exploit, web, denial of service, protocol
advisories | CVE-2022-21907
SHA-256 | 0035e8f68394e431f30fc5f6c1453975239fafaabddd9ec475fac32868642729
Red Hat Security Advisory 2022-1345-01
Posted Apr 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1345-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 2.1.0 serves as a replacement for Red Hat AMQ Streams 2.0.1, and includes security and bug fixes, and enhancements. Issues addressed include HTTP request smuggling and integer overflow vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2021-3520, CVE-2021-43797
SHA-256 | ad7d0a5ea3bd59034ab1fa1bef28c21800f686847ce75f83e41e3e7a012f895f
Ubuntu Security Notice USN-5371-1
Posted Apr 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5371-1 - It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to disclose sensitive information. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

tags | advisory, web
systems | linux, ubuntu
advisories | CVE-2020-11724, CVE-2020-36309, CVE-2021-3618
SHA-256 | 520503052384dbfca1799e58e512e8af33349b154fa6e72f5d874d504e1ff1b2
Red Hat Security Advisory 2022-1179-01
Posted Apr 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1179-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.5.10 serves as a replacement for Red Hat support for Spring Boot 2.4.9, and includes bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-20289, CVE-2021-30640, CVE-2021-33037, CVE-2021-3597, CVE-2021-3629, CVE-2021-3642, CVE-2021-3859, CVE-2021-41079, CVE-2021-42340
SHA-256 | 85b8d4f687468f2d182c49d4c89778120f0a1b9edb98b4a99798cd35870ff9fd
Red Hat Security Advisory 2022-1284-01
Posted Apr 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1284-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.8.0 ESR. Issues addressed include denial of service, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2022-1097, CVE-2022-1196, CVE-2022-24713, CVE-2022-28281, CVE-2022-28282, CVE-2022-28285, CVE-2022-28286, CVE-2022-28289
SHA-256 | cb2a549d5698210be12259221c354b79c4648cc7ebcfee07f85c3e209e203b25
Red Hat Security Advisory 2022-1287-01
Posted Apr 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1287-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.8.0 ESR. Issues addressed include denial of service, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2022-1097, CVE-2022-1196, CVE-2022-24713, CVE-2022-28281, CVE-2022-28282, CVE-2022-28285, CVE-2022-28286, CVE-2022-28289
SHA-256 | b7873e3f8d8428d816d7da8be0edbd5d7bb5a1eae32238c97ddb90f343b5a56f
Page 2 of 360
Back12345Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close