Showing 1 - 8 of 8

Files Date: 2022-01-11

Ubuntu Security Notice USN-5043-2: Posted Jan 11, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5043-2 - USN-5043-1 fixed vulnerabilities in Exiv2. The update introduced a new regression that could cause a crash in applications using libexiv2. This update fixes the problem. It was discovered that Exiv2 incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service.; tags | advisory, denial of service, vulnerability; systems | linux, ubuntu; advisories | CVE-2021-37620; SHA-256 | 5915ae6df07f3e5e81674a692c53a165f6feb58c6d1ab304bf3991e356fc42ee; Download | Favorite | View

Ubuntu Security Notice USN-5219-1: Posted Jan 11, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5219-1 - It was discovered that the eBPF implementation in the Linux kernel did not properly validate the memory size of certain ring buffer operation arguments. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.; tags | advisory, denial of service, arbitrary, kernel, local; systems | linux, ubuntu; SHA-256 | a7e38a5c770aa6dfa8b743e2b7675254db89dcb3c77592070d5c7db12d6a9887; Download | Favorite | View

Ubuntu Security Notice USN-5218-1: Posted Jan 11, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5218-1 - Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. It was discovered that the eBPF implementation in the Linux kernel did not properly validate the memory size of certain ring buffer operation arguments. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.; tags | advisory, denial of service, arbitrary, kernel, local; systems | linux, ubuntu; advisories | CVE-2021-20321, CVE-2021-3760, CVE-2021-4002, CVE-2021-41864, CVE-2021-43056, CVE-2021-43267, CVE-2021-43389; SHA-256 | f90f83bbcd246c8d673aa082579a0c09cd5de90a6bc0cee2d59e2eed594b9e9a; Download | Favorite | View

Ubuntu Security Notice USN-5217-1: Posted Jan 11, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5217-1 - It was discovered that the NFS server implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the eBPF implementation in the Linux kernel did not properly validate the memory size of certain ring buffer operation arguments. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.; tags | advisory, denial of service, arbitrary, kernel, local; systems | linux, ubuntu; advisories | CVE-2021-4090; SHA-256 | 33416da69c07925753e4dd155ea2d3da8c14e95aa648b39481c4bc7f778617d3; Download | Favorite | View

Faraday 3.19.0: Posted Jan 11, 2022; Authored by Francisco Amato | Site github.com; Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.; Changes: Added v3 bulks endpoints DELETE and EDIT. Added logs of login, logout and log error to main log. Fixed bug in bulk update for m2m fields. Added clear settings command. Added open medium, high and critical vulns histogram. Fixed integrity constraint error on cve update. Fixed static content for react. Added cvss within vulnerability model. Added check to see if workspace name is longer than 250 characters. Added cve to csv export.; tags | tool, rootkit; systems | unix; SHA-256 | a47f3a35df0552c6bd911d289832cfc037127bbe7f6acdd796dcb4c6d8cde2cf; Download | Favorite | View

Backdoor.Win32.Controlit.10 MVID-2022-0449 Code Execution: Posted Jan 11, 2022; Authored by malvuln | Site malvuln.com; Backdoor.Win32.Controlit.10 malware suffers from a code execution vulnerability.; tags | exploit, code execution; systems | windows; SHA-256 | 07b9871a0695ac9e42db05fcbe7fd8354a48ddedd7ca4f6d6bf2baa67c698bbc; Download | Favorite | View

Microsoft Windows Defender / Detection Bypass: Posted Jan 11, 2022; Authored by hyp3rlinx | Site hyp3rlinx.altervista.org; Microsoft Windows Defender suffers from a detection bypass vulnerability due to a sub-par mitigation priorly adopted.; tags | exploit, bypass; systems | windows; SHA-256 | b5337b4ff0ded5ddda0becffc0c9002fdf3288c10396de61b829b2dacbf22ab9; Download | Favorite | View

Microsoft Windows .Reg File Dialog Spoofing / Mitigation Bypass: Posted Jan 11, 2022; Authored by hyp3rlinx | Site hyp3rlinx.altervista.org; Microsoft Windows suffers from a registration file dialog spoofing vulnerability and their last fix to this issue can be bypassed.; tags | exploit, spoof; systems | windows; SHA-256 | 3d0c712557e8ea256ea96f38c4729251ae893ca640831654a5a638e72b4d841e; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days