exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2021-12-09

Red Hat Security Advisory 2021-5047-02
Posted Dec 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5047-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.4.0. Issues addressed include buffer overflow, bypass, denial of service, and spoofing vulnerabilities.

tags | advisory, denial of service, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-43528, CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546
SHA-256 | 84513c296e1cb665f608c46256ab2a785c7a5175879460d7d82c607fa6b170fe
Red Hat Security Advisory 2021-5036-04
Posted Dec 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5036-04 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3748
SHA-256 | 9d7063a42bd394aa00c0bd3b674e852478b071e64fc87de85a22e8919cbc3c98
Ubuntu Security Notice USN-5183-1
Posted Dec 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5183-1 - Julian Rauchberger discovered that BlueZ incorrectly handled memory when processing SDP attribute requests. A remote attacker could use this issue to cause BlueZ to crash, leading to a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-8922
SHA-256 | 5a8ba523bfe5ef5ece8e5ae5b5396645cd2be1a63fcac8710507aac26ec9ff87
Grafana 8.3.0 Directory Traversal / Arbitrary File Read
Posted Dec 9, 2021
Authored by s1gh

Grafana version 8.3.0 suffers from a directory traversal vulnerability that can allow for arbitrary file reading.

tags | exploit, arbitrary, file inclusion
advisories | CVE-2021-43798
SHA-256 | 9273519e26f2056463537ab66f8628cb91f138407ab75d06184d8d23d07ea50d
Red Hat Security Advisory 2021-5045-02
Posted Dec 9, 2021
Site access.redhat.com

Red Hat Security Advisory 2021-5045-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.4.0. Issues addressed include buffer overflow, bypass, denial of service, and spoofing vulnerabilities.

advisories | CVE-2021-43528, CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546
SHA-256 | 999201abc31c40fe215c9fd3147adcfdee8840b27a3cbba9ac01e6553978ad41
Red Hat Security Advisory 2021-5045-02
Posted Dec 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5045-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.4.0. Issues addressed include buffer overflow, bypass, denial of service, and spoofing vulnerabilities.

tags | advisory, denial of service, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-43528, CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546
SHA-256 | 999201abc31c40fe215c9fd3147adcfdee8840b27a3cbba9ac01e6553978ad41
Red Hat Security Advisory 2021-5048-02
Posted Dec 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5048-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.4.0. Issues addressed include buffer overflow, bypass, denial of service, and spoofing vulnerabilities.

tags | advisory, denial of service, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-43528, CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546
SHA-256 | 52ee01bf4f97804e4815795bc2c04f34e9d1688b14476900aff6d01a8d3e1d87
Mail Information Gathering AppScript
Posted Dec 9, 2021
Authored by Carla Cortes Leyva, Luis David Rodriguez Padilla

Whitepaper called Mail Information Gathering AppScript. This paper contains the exploitation of vulnerabilities for collecting email information using Google utilities via App Script using the Gmail App class. This paper exposes the design of a web application that collects mail information from users with associated Google mail accounts.

tags | paper, web, vulnerability
SHA-256 | bb58e73be8e657614e1304dca838b2c7c09c9f5bf8e0bb733adf4f93ad1f3671
Microsoft MSHTML Remote Code Execution
Posted Dec 9, 2021
Authored by Tanishq Sharma, Shikhar Saxena, Rushil Saxena, Utkarsh Shrivastava

This whitepaper is an overview on the Microsoft MSHTML remote code execution vulnerability recently highlighted in CVE-2021-40444.

tags | paper, remote, code execution
SHA-256 | 087e3d97e374ce1d4b7286735f7a428ab28ea89b53f87246c6b35e526a161c30
Microsoft Office Word MSHTML Remote Code Execution
Posted Dec 9, 2021
Authored by LockedByte, Ramella Sebastien, thesunRider, klezVirus | Site metasploit.com

This Metasploit module creates a malicious docx file that when opened in Word on a vulnerable Windows system will lead to code execution. This vulnerability exists because an attacker can craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine.

tags | exploit, code execution, activex
systems | windows
advisories | CVE-2021-40444
SHA-256 | fcc3f4d138a7fb7352da3e6cb2038a1b4776153656e84bcdef4857dab28eac23
Red Hat Security Advisory 2021-5046-03
Posted Dec 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5046-03 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.4.0. Issues addressed include buffer overflow, bypass, denial of service, and spoofing vulnerabilities.

tags | advisory, denial of service, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-43528, CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546
SHA-256 | ee077d75c706a7539579ac412e98e5621f6c04a089dd2ee6f67bcb62dc92c562
LimeSurvey 5.2.4 Remote Code Execution
Posted Dec 9, 2021
Authored by Y1LD1R1M

LimeSurvey version 5.2.4 remote code execution exploit with a reverse shell.

tags | exploit, remote, shell, code execution
SHA-256 | 236c03647e45f5a7d5c789322bbf472a01c4083719dbb4997d9a4dcaec135f05
TestLink 1.19 Arbitrary File Download
Posted Dec 9, 2021
Authored by Gonzalo Villegas

TestLink versions 1.16 through 1.19 suffer from an arbitrary file download vulnerability.

tags | exploit, arbitrary
SHA-256 | 0d4f2423494cf6a179f394e226b4ffca187f2beaa2d20adb0504a4b550937e84
Red Hat Security Advisory 2021-5038-04
Posted Dec 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5038-04 - Red Hat Advanced Cluster Management for Kubernetes 2.2.10 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console — with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide security fixes, bug fixes and container upgrades. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-20673, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-12762, CVE-2020-13435, CVE-2020-14145, CVE-2020-14155, CVE-2020-16135, CVE-2020-24370, CVE-2020-36385, CVE-2021-20231, CVE-2021-20232, CVE-2021-20266, CVE-2021-20271, CVE-2021-20317, CVE-2021-22876, CVE-2021-22898, CVE-2021-22925, CVE-2021-22946, CVE-2021-22947
SHA-256 | 8c3861dc2826e4a0c7c98f1040e5e156c43227dbe0c19621db0bee3cb77b04e4
Red Hat Security Advisory 2021-5053-03
Posted Dec 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5053-03 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-36385, CVE-2021-43527
SHA-256 | 2ea87822a24cf699b6d07a14d68f62e1a010747706104760534aa1e6d782a460
WordPress Catch Themes Demo Import 1.6.1 Shell Upload
Posted Dec 9, 2021
Authored by Ron Jost

WordPress Catch Themes Demo Import plugin versions 1.6.1 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2021-39352
SHA-256 | aa2a40ca6681466ee19bd0785086d5094e88640579441d6538e0001846a9e1cf
MTPutty 1.0.1.21 SSH Password Disclosure
Posted Dec 9, 2021
Authored by Sedat Ozdemir

MTPutty version 1.0.1 suffers from an SSH password disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 1cca8979b3a05c7e1b8061034264207513e36f95b6cfa17e38cec49b96a6fb88
Red Hat Security Advisory 2021-5030-01
Posted Dec 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5030-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-35556, CVE-2021-35559, CVE-2021-35560, CVE-2021-35564, CVE-2021-35565, CVE-2021-35578, CVE-2021-35586, CVE-2021-41035
SHA-256 | 592a9b07fc0ea6d187ca6b5a4b60ca85429c67357ce211f947d5302a04c9a22a
Chikitsa Patient Management System 2.0.2 Plugin Remote Code Execution
Posted Dec 9, 2021
Authored by 0z09e

Chikitsa Patient Management System version 2.0.2 suffers from a plugin related authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 489db948f2625b95de14f6b6bd50ac312dc13814411d8a0dfb221933ab3b0b95
Chikitsa Patient Management System 2.0.2 Backup Remote Code Execution
Posted Dec 9, 2021
Authored by 0z09e

Chikitsa Patient Management System version 2.0.2 suffers from a backup related authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 38e473d7b8a2dbe92973b8889c127e05eb01d311517e63b3e7fe40f6ee387912
Employees Daily Task Management System 1.0 SQL Injection
Posted Dec 9, 2021
Authored by able403

Employees Daily Task Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 9bdbcc43cce447fc53907c7419cac82a4aa49be6ac74f26d6053b7c7be2527f2
Employees Daily Task Management System 1.0 Cross Site Scripting
Posted Dec 9, 2021
Authored by able403

Employees Daily Task Management System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities. Original discovery of this vulnerability it attributed to Ragavender A G in November of 2021.

tags | exploit, vulnerability, xss
SHA-256 | 463ced96d84f948f456d4f081616df5378882cd7efd73a4f18063523f2f37791
Kabir Alhasan Student Management System 1.0 SQL Injection
Posted Dec 9, 2021
Authored by Enes Ozeser

Kabir Alhasan Student Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
advisories | CVE-2020-23935
SHA-256 | 1db2902795ec0a7bc22ac70241cfddd70f4230a2f9a977a67f4217e6c2d666d0
Raspberry Pi 5.10 Default Credentials
Posted Dec 9, 2021
Authored by netspooky

Raspberry Pi version 5.10 has default credentials of pi/raspberry. This has been a known standard of theirs for a long time but it has been formally given a CVE.

tags | exploit
advisories | CVE-2021-38759
SHA-256 | 1183c7b2472dbbc2e419794c12c09bd7985487323c98c268fe5ab95a48cc15cb
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close