what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 30 RSS Feed

Files Date: 2021-02-02

YARA 4.0.3 Denial Of Service / Information Disclosure
Posted Feb 2, 2021
Authored by Luis Merino

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA version 4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file.

tags | exploit, denial of service, overflow, info disclosure
SHA-256 | 183f1463a17d86e57cdffc4bbe68da6feacd0ea4ddea585d5da2223c4199d865
Oracle Privilege Escalation / Denial Of Service / Code Execution
Posted Feb 2, 2021
Authored by Harrison Neal

The Oracle CPU dated 2020 Jan 14 included patches for various issues related to database links and gateways ("Oracle Heterogeneous Services"). Two vulnerabilities in particular might lead to privilege escalation, denial of service, or code execution attacks against Oracle databases.

tags | advisory, denial of service, vulnerability, code execution
SHA-256 | a6605ae9ea1c50359727048ada7d1a952d239333c8cbb8a3fb4831930530deb9
Red Hat Security Advisory 2021-0384-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0384-01 - Red Hat Fuse provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat A-MQ is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat Fuse 6.3 and Red Hat A-MQ 6.3. It includes bug fixes, which are documented in the patch notes accompanying the package on the download page. Issues addressed include bypass, code execution, and deserialization vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-13933, CVE-2020-26217, CVE-2021-26117
SHA-256 | e70d5ae1eaa6a5cb189092070364ef86d19097a09c20e848053090b3fb5ef0f0
Red Hat Security Advisory 2021-0383-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0383-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. The Manager is a JBoss Application Server application that provides several interfaces through which the virtual environment can be accessed and interacted with, including an Administration Portal, a VM Portal, and a Representational State Transfer Application Programming Interface.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-35497
SHA-256 | 0f2614491b0f0b407d81f6d78161d6614632dc266413d7b6b5a023c72328c1e9
Red Hat Security Advisory 2021-0381-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0381-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. The Manager is a JBoss Application Server application that provides several interfaces through which the virtual environment can be accessed and interacted with, including an Administration Portal, a VM Portal, and a Representational State Transfer Application Programming Interface. Issues addressed include an XML injection vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25649
SHA-256 | 0326933ac26772d368b4bd4bef05ffbd71afc64484937477309a97415799d61f
Ubuntu Security Notice USN-4467-2
Posted Feb 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4467-2 - USN-4467-1 fixed several vulnerabilities in QEMU. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that the QEMU SD memory card implementation incorrectly handled certain memory operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-13253, CVE-2020-13361, CVE-2020-13362, CVE-2020-13659, CVE-2020-13754, CVE-2020-14364
SHA-256 | 0868d01ddebed6397076e880f2702ccc2a97012fa237ddbde4531198d57bcbee
Red Hat Security Advisory 2021-0338-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0338-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-15436, CVE-2020-35513
SHA-256 | 2eb94323785fefcf457dce3dc7a38c20ec0ab856e6b06144955ba858ec48bef1
Red Hat Security Advisory 2021-0336-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0336-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-15436, CVE-2020-35513
SHA-256 | 7619380b162637f2fa4ceff6aff3bcca659fee3c5189b4f24f9346911791e7d5
Red Hat Security Advisory 2021-0346-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0346-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-16092, CVE-2020-1983
SHA-256 | 8e0f0ba4db19926d5fad0fbcf6b140ce5f82efd2091d53bab5a4bb8a953cb1f4
Red Hat Security Advisory 2021-0347-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0347-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include code execution and out of bounds access vulnerabilities.

tags | advisory, kernel, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-13765, CVE-2020-16092
SHA-256 | 629045a9988f8ef11aa0066652be428a8e30f44446bc1442fc65b77753a7511f
Red Hat Security Advisory 2021-0343-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0343-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include buffer overflow, denial of service, and integer overflow vulnerabilities.

tags | advisory, web, denial of service, overflow, perl, vulnerability
systems | linux, redhat
advisories | CVE-2020-10543, CVE-2020-10878, CVE-2020-12723
SHA-256 | 69e70a7c3cc1600a98fd403dd7ea25532c79c86456dc3b04bea2d87b130791a9
Red Hat Security Advisory 2021-0348-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0348-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include buffer over-read and buffer overflow vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat, osx
advisories | CVE-2019-25013, CVE-2020-10029, CVE-2020-29573
SHA-256 | cef81ff8ec4257da6fdec58d2191db6724579fef2efd89b47732b8c23ece742a
Red Hat Security Advisory 2021-0339-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0339-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-12321
SHA-256 | 598a64219acf234b0246b821b2a99112c5c1053e1dc87d540f54d9efce1ca5e3
Red Hat Security Advisory 2021-0358-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0358-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.

tags | advisory, perl, protocol
systems | linux, redhat
advisories | CVE-2020-15862
SHA-256 | 050aa2d502ee9def1ad488e502ae57bb37e6794fd63299e5616ae1b06a379e45
Red Hat Security Advisory 2021-0292-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0292-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.3.6 serves as a replacement for Red Hat support for Spring Boot 2.3.4, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2020-11996, CVE-2020-25638
SHA-256 | 3c53b89283c4d6ed32a97e562755fa31e592b5ddb2776f643ed96c31f31b1ea4
Red Hat Security Advisory 2021-0354-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0354-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-15436, CVE-2020-1749, CVE-2020-29661
SHA-256 | 61fd5b2885db736fff66a1fa2e6b36667dab7cdf7afd0f360c7b88a7f36ab487
Red Hat Security Advisory 2021-0329-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0329-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.4.6 serves as a replacement for Red Hat AMQ Broker 7.4.5, and includes security and bug fixes, and enhancements.

tags | advisory, protocol
systems | linux, redhat
SHA-256 | 7aebc28bc065820dadc5b2176f08b5730ba0f8fd03662cd92fc29a0eb8178b69
SQLMAP - Automatic SQL Injection Tool 1.5.2
Posted Feb 2, 2021
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Minor release with no notes in the changelog.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
SHA-256 | d567aee3390b39f64215ec7ae53f6b654c28b136b5d2e18629e00b94eb233d06
Apple Security Advisory 2021-02-01-4
Posted Feb 2, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-02-01-4 - watchOS 7.3 addresses bypass, code execution, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple
advisories | CVE-2021-1741, CVE-2021-1743, CVE-2021-1744, CVE-2021-1746, CVE-2021-1747, CVE-2021-1748, CVE-2021-1750, CVE-2021-1757, CVE-2021-1758, CVE-2021-1760, CVE-2021-1761, CVE-2021-1764, CVE-2021-1766, CVE-2021-1769, CVE-2021-1772, CVE-2021-1773, CVE-2021-1776, CVE-2021-1778, CVE-2021-1782, CVE-2021-1783, CVE-2021-1785, CVE-2021-1786, CVE-2021-1787, CVE-2021-1788, CVE-2021-1789, CVE-2021-1791, CVE-2021-1792, CVE-2021-1793
SHA-256 | 10031bf52533df0803ca11c863e02c3a497e43f1d641e66abc9fbfa4c0c7d5a9
Apple Security Advisory 2021-02-01-3
Posted Feb 2, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-02-01-3 - tvOS 14.4 addresses bypass, code execution, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple
advisories | CVE-2021-1741, CVE-2021-1743, CVE-2021-1744, CVE-2021-1746, CVE-2021-1747, CVE-2021-1748, CVE-2021-1750, CVE-2021-1757, CVE-2021-1758, CVE-2021-1759, CVE-2021-1760, CVE-2021-1761, CVE-2021-1764, CVE-2021-1766, CVE-2021-1769, CVE-2021-1772, CVE-2021-1773, CVE-2021-1776, CVE-2021-1778, CVE-2021-1782, CVE-2021-1783, CVE-2021-1785, CVE-2021-1786, CVE-2021-1787, CVE-2021-1788, CVE-2021-1789, CVE-2021-1791, CVE-2021-1792
SHA-256 | fbe3a08a63c1abe19d2be2033373ff94ef573f1952b8d9d9e1776213c10cd5c3
Apple Security Advisory 2021-02-01-2
Posted Feb 2, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-02-01-2 - iOS 14.4 and iPadOS 14.4 addresses buffer overflow, bypass, code execution, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple, ios
advisories | CVE-2021-1741, CVE-2021-1743, CVE-2021-1744, CVE-2021-1745, CVE-2021-1746, CVE-2021-1747, CVE-2021-1748, CVE-2021-1750, CVE-2021-1753, CVE-2021-1756, CVE-2021-1757, CVE-2021-1758, CVE-2021-1759, CVE-2021-1760, CVE-2021-1761, CVE-2021-1762, CVE-2021-1763, CVE-2021-1764, CVE-2021-1766, CVE-2021-1767, CVE-2021-1768, CVE-2021-1769, CVE-2021-1772, CVE-2021-1773, CVE-2021-1776, CVE-2021-1778, CVE-2021-1780, CVE-2021-1781
SHA-256 | 7e9acf48060dbaf1362f207d51c65c18ce30da922734ce3da64519f3c613e437
Apple Security Advisory 2021-02-01-1
Posted Feb 2, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-02-01-1 - macOS Big Sur 11.2, Security Update 2021-001 Catalina, and Security Update 2021-001 Mojave address buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2019-20838, CVE-2020-14155, CVE-2020-15358, CVE-2020-25709, CVE-2020-27904, CVE-2020-27937, CVE-2020-27938, CVE-2020-27945, CVE-2020-29608, CVE-2020-29614, CVE-2020-29633, CVE-2021-1736, CVE-2021-1737, CVE-2021-1738, CVE-2021-1741, CVE-2021-1742, CVE-2021-1743, CVE-2021-1744, CVE-2021-1745, CVE-2021-1746, CVE-2021-1747, CVE-2021-1750, CVE-2021-1751, CVE-2021-1753, CVE-2021-1754, CVE-2021-1757, CVE-2021-1758
SHA-256 | d08f82faad87bb1fffad789ca91a7f4964a516ce03459af1328487caeb8b9185
Ubuntu Security Notice USN-4717-1
Posted Feb 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4717-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct clickjacking attacks, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-23953, CVE-2021-23958, CVE-2021-23963
SHA-256 | 3b9ab52dcc9517ea8c5b891e2e9725b743c07f42e6093380c0ab2a5eeb1a9ddf
Red Hat Security Advisory 2021-0327-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0327-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.5 serves as a replacement for Red Hat Single Sign-On 7.4.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include memory leak and server-side request forgery vulnerabilities.

tags | advisory, web, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-10770, CVE-2020-13956, CVE-2020-25640, CVE-2020-25689, CVE-2020-27782
SHA-256 | 8f81203dda62d0a7764d4abbc2827cd3c4b8751aed3447f09505b8eb649e2c3d
Ubuntu Security Notice USN-4715-2
Posted Feb 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4715-2 - USN-4715-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 14.04 ESM. Wang Baohua discovered that Django incorrectly extracted archive files. A remote attacker could possibly use this issue to extract files outside of their expected location. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-3281
SHA-256 | 6199f66f5209e1c50a292e4f37bada9901ce9f7db9e57739c89d1de4302b47fb
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close