what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files Date: 2021-03-25 to 2021-03-26

Red Hat Security Advisory 2021-0992-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0992-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Issues addressed include a spoofing vulnerability.

tags | advisory, web, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
SHA-256 | 0beb2ace97462de39ed1d992b5064e7d5d9f84b509aa66a9eb5aec5241490152
Ubuntu Security Notice USN-4890-1
Posted Mar 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4890-1 - Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly compute a speculative execution limit on pointer arithmetic in some situations. A local attacker could use this to expose sensitive information. Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly apply speculative execution limits on some pointer types. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-27170, CVE-2020-27171
SHA-256 | b25993fe5d12873c32c2eaf455cfa3c641110f1b5ba08a35d185354f593c26a3
Red Hat Security Advisory 2021-0996-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0996-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
SHA-256 | 230cb77f45733ad34db897a0b588ca5ab5c53732b2700c3f65cb69dd3b978695
FortiLogger Arbitrary File Upload
Posted Mar 25, 2021
Authored by Berkan Er | Site metasploit.com

This Metasploit module exploits an unauthenticated arbitrary file upload in FortiLogger via an insecure POST request. It has been tested on versions prior to 5.2.0 in Windows 10 Enterprise.

tags | exploit, arbitrary, file upload
systems | windows
advisories | CVE-2021-3378
SHA-256 | a85e9f5cba1f6749154173a1eef48254ac7c27865cfb1fbb2408dc5b6a948e6b
Ubuntu Security Notice USN-4889-1
Posted Mar 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4889-1 - Adam Nichols discovered that heap overflows existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Adam Nichols discovered that the iSCSI subsystem in the Linux kernel did not properly restrict access to iSCSI transport handles. A local attacker could use this to cause a denial of service or expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
SHA-256 | 653279eb941dc520055abdba149fa888738b66335b33c06e2165860bcea77fd4
OpenSSL Toolkit 1.1.1k
Posted Mar 25, 2021
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed a problem with verifying a certificate chain when using the X509_V_FLAG_X509_STRICT flag. Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2021-3449, CVE-2021-3450
SHA-256 | 892a0875b9872acd04a9fde79b1f943075d5ea162415de3047c327df33fbaee5
Linksys EA7500 2.0.8.194281 Cross Site Scripting
Posted Mar 25, 2021
Authored by MiningOmerta

Linksys EA7500 version 2.0.8.194281 suffers from a cross site scripting vulnerability due to an old jQuery version.

tags | exploit, xss
advisories | CVE-2012-6708
SHA-256 | ed64587e6af38672498f31d0fd4d09d6a672715c905304f9cc64acecea858861
Backdoor.Win32.DarkKomet.gozu MVID-2021-0145 Insecure Permissions
Posted Mar 25, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.DarkKomet.gozu malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | 30aaeed5c03bdce64c2f92bda1a8989f75842881fccafe66f500629b72c897c9
Ubuntu Security Notice USN-4888-1
Posted Mar 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4888-1 - Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain LDAP attributes. A remote attacker could possibly use this issue to cause the LDAP server to crash, resulting in a denial of service. Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain DN strings. A remote attacker could use this issue to cause the LDAP server to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-27840, CVE-2021-20277
SHA-256 | 546850352f9f20cc004c3cc1ad61cf5b2e6f883387eba7f8b259cb8c44df3503
Red Hat Security Advisory 2021-0991-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0991-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Issues addressed include a spoofing vulnerability.

tags | advisory, web, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
SHA-256 | 86846d2863092b129999a9295fec81227ed067d13cdd36bd10bf20ccb17aa1bc
Red Hat Security Advisory 2021-0994-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0994-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
SHA-256 | 92f592dcd962e5398522f1c3e77119df9ed4cc5f6bdd64edcdd0925207a42fa5
Genexis Platinum-4410 P4410-V2-1.31A Cross Site Scripting
Posted Mar 25, 2021
Authored by Jithin KS

Genexis Platinum-4410 version P4410-V2-1.31A suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d105035438c6e505eec8d6a6830b6e875b2ee08bc4f3242cbb504fdcc480338d
Worm.Win32.Ngrbot.acno MVID-2021-0144 Insecure Permissions
Posted Mar 25, 2021
Authored by malvuln | Site malvuln.com

Worm.Win32.Ngrbot.acno malware suffers from an insecure permissions vulnerability.

tags | exploit, worm
systems | windows
SHA-256 | 528bccfbfca4aab52d36b43bc4c73536ba55b93cc43938c28a413a4b1123c9be
Red Hat Security Advisory 2021-0989-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0989-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Issues addressed include a spoofing vulnerability.

tags | advisory, web, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
SHA-256 | 7cf8093a6f80ac1bc05fe0300de9409c8d3cd88b64b5412d3a49eda9f88728a8
Red Hat Security Advisory 2021-0993-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0993-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
SHA-256 | 0a0d78d27867982bbb669a8ab8b155eb15bef29ef1ff4cfce92375ca16cab6fe
Exploiting XXE Via File Uploads
Posted Mar 25, 2021
Authored by Neha Gupta

Whitepaper that discusses XXE exploitation via file uploads.

tags | paper, file upload
SHA-256 | 7c6849a41692d2abfdae193b26658ffc1ed539af111174b955d5ba020dc87949
Worm.Win32.Recyl.dp MVID-2021-0143 Insecure Permissions
Posted Mar 25, 2021
Authored by malvuln | Site malvuln.com

Worm.Win32.Recyl.dp malware suffers from an insecure permissions vulnerability.

tags | exploit, worm
systems | windows
SHA-256 | 45e7cf195f3d257485b2ae78f2db65b9214cece48c4a5d9f106b825317fb6835
Red Hat Security Advisory 2021-0995-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0995-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
SHA-256 | 65c3fb96861a5095748a61811fa91692556423c606441e5ff1405d3b8e13070e
Red Hat Security Advisory 2021-0990-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0990-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Issues addressed include a spoofing vulnerability.

tags | advisory, web, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
SHA-256 | 971c6830932725382e9e107349182a7519e5712cda26ef895c57c3cfb73fa216
Red Hat Security Advisory 2021-0988-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0988-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2015-8011, CVE-2020-14349, CVE-2020-14350
SHA-256 | b1c9760f913a9f1a467e7a016d1241c6bac0c51884cdffd0dafc4297e5a49a74
Ovidentia 6 SQL Injection
Posted Mar 25, 2021
Authored by Felipe Prates Donato

Ovidentia version 6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b0ed7025e88391ed5c11b59e9b8a85a5fe3a1950079c930a090a9073e7eb6ecf
Red Hat Security Advisory 2021-0833-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0833-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.404. Issues addressed include denial of service and integer overflow vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-27813
SHA-256 | 718c3d22997cb29c7fd7fbb6462ab5f80471579aa3b8679a0e023787589a4c18
Dolibarr ERP/CRM 11.0.4 Bypass / Code Execution
Posted Mar 25, 2021
Authored by Andrea Gonzalez

Dolibarr ERP/CRM version 11.0.4 authenticated file upload restrictions bypass exploit that achieves remote code execution.

tags | exploit, remote, code execution, bypass, file upload
advisories | CVE-2020-14209
SHA-256 | f58dbb30223078b60e2c591a9796c22c1a7783555278cad42361cd544f71b096
Red Hat Security Advisory 2021-0986-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0986-01 - The release of Red Hat AMQ Online 1.7.0 serves as a replacement for earlier AMQ Online releases, and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. Issues addressed include information leakage and traversal vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2021-20218, CVE-2021-21290, CVE-2021-21295
SHA-256 | 23990e2f898aef17b77d80cf4cd02c8a28de9443759dcc3226d9242052bb06f8
OpenSSL Security Advisory 20210325
Posted Mar 25, 2021
Site openssl.org

OpenSSL Security Advisory 20210325 - The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Other issues were also addressed.

tags | advisory
advisories | CVE-2021-3449, CVE-2021-3450
SHA-256 | 55d25269ba150b01444f96b032ec37fee3669c70ad7324bb78b23f604cf1aed7
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close