what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files Date: 2021-05-28

Debian Security Advisory 4899-2
Posted May 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4899-2 - The Dynamic Code Evolution Virtual Machine (DCE VM), an alternative VM for OpenJDK 11 with enhanced class redefinition, has been updated for compatibility with OpenJDK 11.0.11.

tags | advisory
systems | linux, debian
SHA-256 | f70ba620a0f91af5f16feb81d31fee9120de509e3d414a516cbeb63fb061c53c
Debian Security Advisory 4909-1
Posted May 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4909-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2021-25214, CVE-2021-25215, CVE-2021-25216
SHA-256 | cc2264904e48cc7cf43a7849bdc0b950295b34a952297af0c847735cf51a4c53
Debian Security Advisory 4910-1
Posted May 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4910-1 - A vulnerability was discovered in libimage-exiftool-perl, a library and program to read and write meta information in multimedia files, which may result in execution of arbitrary code if a malformed DjVu file is processed.

tags | advisory, arbitrary, perl
systems | linux, debian
advisories | CVE-2021-22204
SHA-256 | 3419aba9a6fab049b77f3b1d22f66ca6cb8054769858407b273adc18f878b239
Debian Security Advisory 4911-1
Posted May 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4911-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2021-21227, CVE-2021-21228, CVE-2021-21229, CVE-2021-21230, CVE-2021-21231, CVE-2021-21232, CVE-2021-21233
SHA-256 | 9deddc747716a9eff5ebd513469e72f12768fb8e205c29e0ae517708389745cb
Debian Security Advisory 4912-1
Posted May 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4912-1 - The Qualys Research Labs reported several vulnerabilities in Exim, a mail transport agent, which could result in local privilege escalation and remote code execution.

tags | advisory, remote, local, vulnerability, code execution
systems | linux, debian
advisories | CVE-2020-28007, CVE-2020-28008, CVE-2020-28009, CVE-2020-28010, CVE-2020-28011, CVE-2020-28012, CVE-2020-28013, CVE-2020-28014, CVE-2020-28015, CVE-2020-28017, CVE-2020-28019, CVE-2020-28021, CVE-2020-28022, CVE-2020-28023
SHA-256 | 986ef7b5faca7b5ab9eda7cfc9036602582d7c35963a2717cb60fd735a20e638
Debian Security Advisory 4913-1
Posted May 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4913-1 - Jemery Galindo discovered an out-of-bounds memory access in Hivex, a library to parse Windows Registry hive files.

tags | advisory, registry
systems | linux, windows, debian
advisories | CVE-2021-3504
SHA-256 | d5975d6183305aa7875bda6e752956e293def2561c07d0ff9a6e81105723d04c
Debian Security Advisory 4914-1
Posted May 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4914-1 - A buffer overflow was discovered in Graphviz, which could potentially result in the execution of arbitrary code when processing a malformed file.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2020-18032
SHA-256 | 5e62c3aecd9f57c1900b6a2895922bf1fbc5c8e2c7146e715c7a80bbfdd3ed22
Debian Security Advisory 4915-1
Posted May 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4915-1 - Multiple security issues have been discovered in the PostgreSQL database system, which could result in the execution of arbitrary code or disclosure of memory content.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2021-32027, CVE-2021-32028, CVE-2021-32029
SHA-256 | 749e89fc19223613bc0b6d01019d6a1ee0542a88c8aab17b2b1997127d5c70d6
Debian Security Advisory 4916-1
Posted May 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4916-1 - Multiple security issues were found in Prosody, a lightweight Jabber/XMPP server, which could result in denial of service or information disclosure.

tags | advisory, denial of service, info disclosure
systems | linux, debian
advisories | CVE-2021-32917, CVE-2021-32918, CVE-2021-32919, CVE-2021-32920, CVE-2021-32921
SHA-256 | cb46dc40512c3421c85d51fd617a841d7e020b87c87e4b6e511a33c6a0457dda
Debian Security Advisory 4916-2
Posted May 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4916-2 - The update for prosody released as DSA 4916-1 introduced a regression in websocket support. Updated prosody packages are now available to correct this issue.

tags | advisory
systems | linux, debian
SHA-256 | dc006cd45dc6b2832b43551e25922ce746feecf07bca993f55194aa3fa68da82
Debian Security Advisory 4917-1
Posted May 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4917-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2021-30506, CVE-2021-30507, CVE-2021-30508, CVE-2021-30509, CVE-2021-30510, CVE-2021-30511, CVE-2021-30512, CVE-2021-30513, CVE-2021-30514, CVE-2021-30515, CVE-2021-30516, CVE-2021-30517, CVE-2021-30518, CVE-2021-30519
SHA-256 | f6da704e89650adf1400be4cf1e03dfd6ea356481e8c080e1b7405b82d00e77e
Debian Security Advisory 4918-1
Posted May 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4918-1 - Improper pathname handling in ruby-rack-cors, a middleware that makes Rack-based apps CORS compatible, may result in access to private resources.

tags | advisory, ruby
systems | linux, debian
advisories | CVE-2019-18978
SHA-256 | aad43033fd2d923343981ed3f9f6cf6e629a5e445a969a1991a2feeb576f243c
Debian Security Advisory 4919-1
Posted May 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4919-1 - Jasper Lievisse Adriaanse reported an integer overflow flaw in lz4, a fast LZ compression algorithm library, resulting in memory corruption.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2021-3520
SHA-256 | 41bb61b640cc01e826c9c253f58731d34427a40e6f793f86f7d008054e749c91
Debian Security Advisory 4920-1
Posted May 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4920-1 - Roman Fiedler reported that missing length validation in various functions provided by libx11, the X11 client-side library, allow to inject X11 protocol commands on X clients, leading to authentication bypass, denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, protocol
systems | linux, debian
advisories | CVE-2021-31535
SHA-256 | 4394a56178b38b24b98deb1792eadb7d5bae57faddf795c0673c26d8cf9b1b4f
Debian Security Advisory 4921-1
Posted May 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4921-1 - Luis Merino, Markus Vervier and Eric Sesterhenn discovered an off-by-one in Nginx, a high-performance web and reverse proxy server, which could result in denial of service and potentially the execution of arbitrary code.

tags | advisory, web, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2021-23017
SHA-256 | 09f330ad84d8d271d1fb4c1e34cc1a82845cc410ad88e9e1ad526b84cb5e3cec
Debian Security Advisory 4922-1
Posted May 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4922-1 - Amir Sarabadani and Kunal Mehta discovered that the import functionality of Hyperkitty, the web user interface to access Mailman 3 archives, did not restrict the visibility of private archives during the import, i.e. that during the import of a private Mailman 2 archive the archive was publicly accessible until the import completed.

tags | advisory, web
systems | linux, debian
advisories | CVE-2021-33038
SHA-256 | 285e96294fff62bc4ef42f9493107e61acf632573049b66584b40c1760babad2
Debian Security Advisory 4923-1
Posted May 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4923-1 - Vulnerabilities have been discovered in the webkit2gtk web engine.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2021-1788, CVE-2021-1844, CVE-2021-1871
SHA-256 | 107386cc474594875c7686aa1fdf20fd6c91795fe2bf2fa5c4f38b265efe74ea
Trixbox 2.8.0.4 Remote Code Execution
Posted May 28, 2021
Authored by Ron Jost

Trixbox version 2.8.0.4 has an OS command injection vulnerability that can be leveraged via shell metacharacters in the lang parameter to /maint/modules/home/index.php.

tags | exploit, shell, php
advisories | CVE-2017-14535
SHA-256 | aaabb057afb92bb25d1dc9037d5a6c0fb333f4768b0c90b7a44651f47b7bcfa7
Trixbox 2.8.0.4 Path Traversal
Posted May 28, 2021
Authored by Ron Jost

Trixbox version 2.8.0.4 has path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php.

tags | exploit, php, file inclusion
advisories | CVE-2017-14537
SHA-256 | fb3bf69481578dad07624872eec1f5d1da61660965e5ddb444e9193956929ed2
PHPFusion 9.03.50 Remote Code Execution
Posted May 28, 2021
Authored by ThienNV, g0ldm45k

PHPFusion version 9.03.50 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-24949
SHA-256 | 0c1ea73a71c985e2370b23c0a29caa04d041fd12d0eccc6de21797149b8536e6
Ubuntu Security Notice USN-4967-2
Posted May 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4967-2 - USN-4967-1 fixed a vulnerability in nginx. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Luis Merino, Markus Vervier, and Eric Sesterhenn discovered that nginx incorrectly handled responses to the DNS resolver. A remote attacker could use this issue to cause nginx to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-23017
SHA-256 | fa9566f11a9fe7fedfd3308556728e7989e3d35072dac1fff279c3e363c3e755
The Game Of Threat Hunting
Posted May 28, 2021
Authored by Akash Sarode

This paper is focused on the various ways in which threat hunting can be performed. It is based on the author's research of semi-automating the entire process by creating a tool based on machine learning and applying analytics.

tags | paper
SHA-256 | 6af7c1449c75828f7976e682efcd001d246afb3c611194a09d283daac934ebe6
QNAP MusicStation / MalwareRemover File Upload / Command Injection
Posted May 28, 2021
Authored by polict | Site shielder.it

QNAP MusicStation and MalwareRemover are affected by arbitrary file upload and command injection vulnerabilities, leading to pre-authentication remote command execution with root privileges on the NAS.

tags | advisory, remote, arbitrary, root, vulnerability, file upload
advisories | CVE-2020-36197, CVE-2020-36198
SHA-256 | dddda20f7202ce5358af06526c5259d1f75a28b841ba2fcc6fd3fd23682bb880
WordPress LifterLMS 4.21.0 Cross Site Scripting
Posted May 28, 2021
Authored by Captain_hook

WordPress LifterLMS plugin version 4.21.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-24308
SHA-256 | 20b27b98b2e22747764f7a39e413c4251aa23f2a701c00e2bc61df557d7309b3
Selenium 3.141.59 Remote Code Execution
Posted May 28, 2021
Authored by Jon Stratton

Selenium version 3.141.59 remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 31a04d36d587ab0a205023d11f001f9667bf27577d83ddca22b7e833833f61a8
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close