Ubuntu Security Notice 5028-1 - It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service.
dba5658953443b6709c23256bc159bd79f6473606df84bd873f4595f0e7be5a8
Red Hat Security Advisory 2021-2989-01 - The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of SAML-based federations and provides bindings for multiple languages.
72a844e3eb1105fa18f0cede61296be4ff9d37cf95a64005be09bafcae42b026
Red Hat Security Advisory 2021-2988-01 - Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up.
89ff05b805aa4d600b12c56694dd0bb166e8f7a5f4353daf984714a69480276f
Ubuntu Security Notice 5026-2 - USN-5026-1 fixed several vulnerabilities in QPDF. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to consume resources, resulting in a denial of service. It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
25968ce5fe1807da8a632ab50111c460d20e2ed2e3a49e7f44744017e7471d1f
This archive contains all of the 177 exploits added to Packet Storm in July, 2021.
1fdcdcb3bc9a8d854ad1cfa355d3b4aa25406c916a2b4fee1228b83fc44e31c7
sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
a4302858bcf7791334e8f7165885369898330aa547888db0e73576b53f96771d
Online Hotel Reservation System version 1.0 suffers from multiple cross site scripting vulnerabilities. Original discovery of cross site scripting in this version is attributed to Mesut Cetin in January of 2021.
b2be84a53742b87a7a35e2ec2515c317476c8375ab22e0123a5142e8f44333d2