Multiple Schneider Electric EVlink Charging Stations suffers from authentication bypass and remote code execution vulnerabilities.
261e0a7af24605abbcb498cca0acda8b6897b40daab2471d8fafde95edc1b848
Red Hat Security Advisory 2021-2643-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.38.
41521a1cbdc585ddab55d8b30782095faf6e66d5c607a3909b0027f209a56635
Microsoft Windows has an issue where you can use the CreateProcessWithLogon API to escape a write restricted service and achieve full write access as the service user.
f7fbef38375142a8ef413e304679bb1f30ba17803f5f88f543d793439b06b967
Gentoo Linux Security Advisory 202107-33 - Multiple vulnerabilities have been found in Pillow, the worst of which could result in a Denial of Service condition. Versions less than 8.2.0 are affected.
26dda539c7762b5ab4e6b5ee029356b95a444412d1cf068eadfa5fafec5b0726
XNU suffers from a network stack kernel heap overflow due to an out-of-bounds memmove in 6lowpan. Proof of concept code included.
a1d06d7c40ef5cee75dbfed56b2263d072ffb407a0a5a9ac79847d59421ad896
This is a proof of concept for a Windows TCP/IP denial of service vulnerability due to a NULL dereference in tcpip.sys. This was patched by Microsoft in February 2021. It is triggerable remotely by sending malicious UDP packet over IPv6.
0516b2a0dc860ebf19e63ce4021cd59c81f89b4c0605fd9ecea4c32742d682e0
Proof of concept exploit for an out-of-bounds access vulnerability in the Realtek RTKVHD64.sys, leading to pool corruption.
bb5ee485c5648076add9bf2abf25ea37396550a4e2aa9b60094cc8338c092692
This is a proof of concept for CVE-2021-28476 ("Hyper-V Remote Code Execution Vulnerability"), an arbitrary memory read in vmswitch.sys (network virtualization service provider) patched by Microsoft in May 2021.
48a1cc3a6acb78d90f7e5beca74fe39f754180b4d7a5529002e913fac71d8976
Red Hat Security Advisory 2021-2705-01 - Red Hat OpenShift Serverless 1.16.0 release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6 and 4.7, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section. Issues addressed include a memory exhaustion vulnerability.
08eae3fe4757ace30ec86f5cc2744cf14810094d114320ba3dccf22aa96dce2c
WordPress Current Book plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability.
c5e8aeebe5d859247c0728c436044839727a15a9d9d418df2a4570b241fb76a2
Gentoo Linux Security Advisory 202107-32 - Multiple vulnerabilities have been found in Apache Thrift, the worst of which could result in a Denial of Service condition. Versions less than 0.14.1 are affected.
6b93100b3f1aaaab602748fcb9ee444dd77f2f1b2aaae3e36d4fd3368cecc466
Red Hat Security Advisory 2021-2704-01 - Red Hat OpenShift Serverless Client kn 1.16.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.16.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Issues addressed include a memory exhaustion vulnerability.
df952e770c03be91f26c8dc21a03791097b10d64503502d3f6756a261c503661
Webmin version 1.973 suffers from a cross site request forgery vulnerability.
6584fbea56cb36aed6cf20c070f41684482266289815df1aa41748fc786befa2
Ubuntu Security Notice 5006-2 - USN-5006-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that PHP incorrectly handled certain PHAR files. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.
eedca1a470ded97b0623427c6e5fdcf4bb966c9f811fd215e5d150d46f82e283
UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.
8c81ab72cd7fafd7004f83e330537e3a5d70e4c761505862cbc9593becb430e0