what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files Date: 2021-11-02

Red Hat Security Advisory 2021-4103-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4103-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.9.0 RPMs. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-15586, CVE-2020-16845, CVE-2021-3114, CVE-2021-31525
SHA-256 | b16c9aa2b8dad7efa4d95e722eb5af9a048a5ff206b58713782979fa88362e44
Ubuntu Security Notice USN-5128-1
Posted Nov 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5128-1 - Goutham Pacha Ravi, Jahson Babel, and John Garbutt discovered that user credentials in Ceph could be manipulated in certain environments. An attacker could use this to gain unintended access to resources. This issue only affected Ubuntu 18.04 LTS. It was discovered that Ceph contained an authentication flaw, leading to key reuse. An attacker could use this to cause a denial of service or possibly impersonate another user. This issue only affected Ubuntu 21.04. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2020-27781, CVE-2021-20288, CVE-2021-3509, CVE-2021-3524, CVE-2021-3531
SHA-256 | 27bb8e3234a0eb6c20785c85e3b051d5fba1fadbce8594e9f21d51168b84a3bf
i3 International Annexxus Cameras Ax-n 5.2.0 Application Logic Flaw
Posted Nov 2, 2021
Authored by LiquidWorm | Site zeroscience.mk

i3 International Annexxus Cameras Ax-n version 5.2.0 does not allow creation of more than one administrator account on the system. This also applies for deletion of the administrative account. The logic behind this restriction can be bypassed by parameter manipulation using dangerous verbs like PUT and DELETE and improper server-side validation. Once a normal account with viewer or operator permissions has been added by the default admin user i3admin, a PUT request can be issued calling the UserPermission endpoint with the ID of created account and set it to admin userType, successfully adding a second administrative account.

tags | exploit
SHA-256 | 3e641781592da07922dd7ee30daf5267b6d7f9b85ed06f3a2968275095a40591
Red Hat Security Advisory 2021-4100-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4100-01 - This release of Red Hat Integration - Service registry 2.0.2.GA serves as a replacement for 2.0.1.GA, and includes the below security fixes. Issues addressed include a cross site scripting vulnerability.

tags | advisory, registry, xss
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2021-20289, CVE-2021-20293
SHA-256 | deae863e269d799eb30005e5bf746b6f54654a78cb414a871c14378bede66a03
Ericsson Network Location MPS GMPC21 Privilege Escalation
Posted Nov 2, 2021
Authored by AkkuS | Site metasploit.com

This Metasploit module exploits a privilege escalation vulnerability in Ericsson Network Location Mobile Positioning Systems.

tags | exploit
SHA-256 | 284aef5590fcc1f10a26e571df512ffa20eb2f3e127bfd58c1acdecd315b6627
Ericsson Network Location MPS GMPC21 Remote Code Execution
Posted Nov 2, 2021
Authored by AkkuS | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in Ericsson Network Location Mobile Positioning Systems. The export feature in various parts of the application is vulnerable. It is a feature made for the information in the tables to be exported to the server and imported later when required. Export operations contain the file_name parameter. This parameter is assigned as a variable between the server commands on the backend side. It allows command injection.

tags | exploit, arbitrary
SHA-256 | 2b48b3265095eafaddacb4ff1e3bd8e6117f37acaa1faaf23e718d815e6acfc9
Red Hat Security Advisory 2021-4097-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4097-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include code execution and use-after-free vulnerabilities.

tags | advisory, web, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-30858
SHA-256 | 758e2b7205b8f672f706d3a22dfa85c8e778e9fc973c8ec8e5f7566dbc67b6c6
Red Hat Security Advisory 2021-4088-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4088-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-36385, CVE-2021-0512, CVE-2021-3656
SHA-256 | a215b64b8f26178237dfbf6dd7cc3e8298fe94f7c33d9ccfc3e6d4fe26168c77
Dynojet Power Core 2.3.0 Unquoted Service Path
Posted Nov 2, 2021
Authored by Pedro Sousa Rodrigues

Dynojet Power Core version 2.3.0 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | e405648225214fe6aeae81bc56b6ea13066748ad49bc03e53362bda9f9d2335c
Red Hat Security Advisory 2021-4089-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4089-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6-FP35.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-2341, CVE-2021-2369
SHA-256 | 9b7ee858f3df67a3a5fd8404cc376ca2c033c2f128adef7cf84ab747fe959b64
EuskalHack Security Congress V Call For Papers
Posted Nov 2, 2021
Site euskalhack.org

EuskalHack Security Congress Fifth Edition is a new proposal from the EuskalHack Computer Security Association, with the aim to promote the community growth and the culture in the digital security field. As usual, in this new edition proximity to our public and technical quality will be our hallmarks. This exclusive conference is shaping up as the most relevant in Basque Country, with an estimated 180 attendees for this fifth edition. The participants include specialized companies, public organisms, state security organizations, professionals, hobbyists and students in the area of security and Information Technology. The date for the conference is the 24th and 25th of June 2022 in the lovely city of Donostia San Sebastian.

tags | paper, conference
SHA-256 | 3afb79f9c5c2ee498a58a508b7a49f8cd57ff1c62f0a23ed7a3954d643223070
Ubuntu Security Notice USN-5121-2
Posted Nov 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5121-2 - USN-5009-1 fixed vulnerabilities in Mailman. This update provides the corresponding updates for Ubuntu 20.04 LTS. It was discovered that Mailman allows arbitrary content injection. An attacker could use this to inject malicious content. It was discovered that Mailman improperly sanitize the MIME content. An attacker could obtain sensitive information by sending a special type of attachment.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-12108, CVE-2020-12137, CVE-2021-42096, CVE-2021-42097
SHA-256 | 3e1981a243b75d6cb9eb3b871c11554d027734dba3c108e22426fdec3c295c82
Employee Record Management System 1.2 SQL Injection
Posted Nov 2, 2021
Authored by Anubhav Singh

Employee Record Management System version 1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 0c76f2497283f3783f806e17c9609a0f2cf663868fd87d134f053f98eac0af5b
Red Hat Security Advisory 2021-4057-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4057-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, python
systems | linux, redhat
advisories | CVE-2021-3733
SHA-256 | 498494042eae465560ec74f9c3db823f41dcb7cc6774fcf32c2be912564c3a6a
Red Hat Security Advisory 2021-4059-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4059-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2021-22946, CVE-2021-22947
SHA-256 | 34daf9a24ea61b47c15ef48c2ee9383ee98eca2dd6a85e453275e6f5eab30c3a
10-Strike Network Inventory Explorer Pro 9.31 Buffer Overflow
Posted Nov 2, 2021
Authored by ro0k

10-Strike Network Inventory Explorer Pro version 9.31 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 09972b36dc351d36ebefa789f38df288d48581c444c7dd781846f17473723aee
WordPress Pie Register 3.7.1.4 Authentication Bypass / Remote Code Execution
Posted Nov 2, 2021
Authored by h00die, Lotfi13-DZ | Site metasploit.com

This Metasploit module uses an authentication bypass vulnerability in Wordpress Pie Register plugin versions 3.7.1.4 and below to generate a valid cookie. With this cookie, hopefully of the admin, it will generate a plugin, pack the payload into it and upload it to a server running WordPress.

tags | exploit, bypass
SHA-256 | 264c63ccfe6e89f9ea56a7b424108e323208432961e4e3c392e667c8ffa32f85
Red Hat Security Advisory 2021-4058-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4058-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-20254
SHA-256 | a133e1fbf93b2e2cb24730dfe145275fb62ad97490d6d60115695fcdfb4f3bc3
Ubuntu Security Notice USN-5127-1
Posted Nov 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5127-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2021-30846
SHA-256 | cdf7796bdd628fef0a58fb146e91c4833857834bda21b0711d447b2898585451
Codiad 2.8.4 Shell Upload
Posted Nov 2, 2021
Authored by P4p4_M4n3

Codiad version 2.8.4 remote reverse shell upload exploit. Original discovery of code execution in this version is attributed to WangYihang in 2018.

tags | exploit, remote, shell, code execution
SHA-256 | edb7153ed233505bbc7bc6f3b4caa69384cf6a58ea0d0e9f192913338883cb82
Red Hat Security Advisory 2021-4060-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4060-01 - The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2021-33928, CVE-2021-33929, CVE-2021-33930, CVE-2021-33938
SHA-256 | 530b7877a913e46da445209101b5efc0c7b5c8616f87dfe71f476e1471c78887
Red Hat Security Advisory 2021-4056-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4056-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-36385, CVE-2021-0512, CVE-2021-3656
SHA-256 | f5630c8273bc84bd86eeae7dc5bd0c1657c5f09e75775d162ffa4ab27e1014a0
Red Hat Security Advisory 2021-4044-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4044-01 - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2021-41133
SHA-256 | 55d1ddda946eec32db73b335758e1b3123b72bb5e123dc4017c3b3478b148474
Kingdia CD Extractor 3.0.2 Buffer Overflow
Posted Nov 2, 2021
Authored by Achilles

Kingdia CD Extractor version 3.0.2 suffers from a SEH buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | cb3d8977e39c23ae718ea6c10d45dadf8ee93192867d57bd1a755c9ffdc3a518
YouTube Video Grabber 1.9.9.1 Buffer Overflow
Posted Nov 2, 2021
Authored by Achilles

YouTube Video Grabber version 1.9.9.1 suffers from a SEH buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 158055c10b5036dbb26fe91c7dd8219f5dfeebc9b50a00e2527a80a7b342d1c0
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close