This Metasploit module exploits a vulnerability within SharePoint and its .NET backend that allows an attacker to execute commands using specially crafted XOML data sent to SharePoint via the Workflows functionality.
583c7dc9e2c88b3f3622ee79ae7bc09a2e63d8641d172496c3143a024bc22425Linux kernel versions starting at 4.10 and below 5.1.7 PTRACE_TRACEME local root exploit that uses the pkexec technique.
e7f854bf4bfbbd6ef656848e475779ed5d37f0342d90b357fbfff5954374bb40nullscan is a modular framework designed to chain and automate security tests. It parses target definitions from the command line and runs corresponding modules and their nullscan-tools afterwards. It can also take hosts and start nmap first in order to perform a basic portscan and run the modules afterwards. Also, nullscan can parse a given nmap logfile for open tcp and udp ports and again run the modules afterwards. All results will be logged in specified directories with a clean structure and an HTML report can subsequently be generated.
1da37356f0e6207cb790e560e1a98270c3634a6f5b57a81d9d96288dc9cb5be2TP-Link Archer C50 V3 devices before build 200318 release 62209 allow remote attackers to cause a denial of service condition via a crafted HTTP Header containing an unexpected Referer field.
378a49e6c552f29a2bdfb6c0da0141a36b2f87302eae9f5b49385f85650833c7Red Hat Security Advisory 2020-0980-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include a buffer overflow vulnerability.
3273a3aa9f488f9a6122b127bd2f71fa694f8305da572bdc3bf4752bfcb5a7c3Red Hat Security Advisory 2020-0979-01 - The ipmitool packages contain a command-line utility for interfacing with devices that support the Intelligent Platform Management Interface specification. IPMI is an open standard for machine health, inventory, and remote power control. Issues addressed include a buffer overflow vulnerability.
5f005fb3d9d51b8389c3049648809457d03dd104b2c0cb9cd2bf39d30d10b391Red Hat Security Advisory 2020-0978-01 - The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell, but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions, a history mechanism, and more. An issue with insecure dropping of privileges when unsetting PRIVILEGED option was addressed.
2ebf88140942d0891466bcefc1a3814454846f389200f359eaaee3bc6783b795Red Hat Security Advisory 2020-0830-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. An issue was resolved where /etc/passwd was given incorrect privileges.
0eaf39dd07a5017d124e71468f11d4ebc5fe15b13c0d93f31c3260609d8e1b51Red Hat Security Advisory 2020-0964-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include code execution and deserialization vulnerabilities.
0bbc6d0b1340b9e1e77661f6fd3104f23b4bfa6e941e551e8c264a9869530430Red Hat Security Advisory 2020-0975-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. An issue was addressed where kiali had the JWT cookie using a default signing key.
981e31ca881033119e43bb090b5aea6ad3d5c8e3151443271a3f82e889849d5dGentoo Linux Security Advisory 202003-56 - Multiple vulnerabilities have been found in Xen, the worst of which could allow for privilege escalation. Versions less than 4.12.0-r1 are affected.
7959dee17cd4227918a51fda5daa8418f726f545d628a763b80ddbb67566d1ebGentoo Linux Security Advisory 202003-55 - A vulnerability in Zsh might allow an attacker to escalate privileges. Versions less than 5.8 are affected.
0f7abe1bc63f07bfd3eb85a3fb76160fbcca4bef6f4f71996af6fd2971dc9bd5Red Hat Security Advisory 2020-0972-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
0c19a7199d6218eb62f062d1f8ade1bfbe2f37c61c688a8aab120737eef99f31Gentoo Linux Security Advisory 202003-54 - Multiple vulnerabilities have been found in Pure-FTPd, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 1.0.49-r2 are affected.
03a17ed08e74c6de611d02ad78c3b4782dc5362e5813d972a63dd5d1bfb2dff6Gentoo Linux Security Advisory 202003-53 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 80.0.3987.149 are affected.
2a480cb669937d1c725c4aef6a3315f749e435c1409951d6da26173fa50e88bfGentoo Linux Security Advisory 202003-52 - Multiple vulnerabilities have been found in Samba, the worst of which could lead to remote code execution. Versions less than 4.11.6 are affected.
78ecd3bc02b0f10129021084736ee7cc0c9408898c589745d90193370efe75aaGentoo Linux Security Advisory 202003-51 - Multiple vulnerabilities have been found in WeeChat, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 2.7.1 are affected.
f767563f45dfcbcf074efa97a576793d3560569f28388db09faf91a7bace8a5aGentoo Linux Security Advisory 202003-50 - Multiple vulnerabilities were found in Tor, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 0.4.2.7 are affected.
241c5c76e2d1c5739286959f9935cd5faa7214265175db8ac1d957737034f95dGentoo Linux Security Advisory 202003-49 - A vulnerability in BlueZ might allow remote attackers to bypass security restrictions. Versions less than 5.54 are affected.
8c9b059f5d1471771573a0bd716d390cd3a92702773251661a660b868995edcfCentreo version 19.10.8 suffers from a DisplayServiceStatus remote code execution vulnerability.
8a718bebfcc5413c346b04bb287ec94268a6716395780bbb22d8d703a9c80a25
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed