Multiple Schneider Electric EVlink Charging Stations suffers from authentication bypass and remote code execution vulnerabilities.
261e0a7af24605abbcb498cca0acda8b6897b40daab2471d8fafde95edc1b848Red Hat Security Advisory 2021-2643-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.38.
41521a1cbdc585ddab55d8b30782095faf6e66d5c607a3909b0027f209a56635Microsoft Windows has an issue where you can use the CreateProcessWithLogon API to escape a write restricted service and achieve full write access as the service user.
f7fbef38375142a8ef413e304679bb1f30ba17803f5f88f543d793439b06b967Gentoo Linux Security Advisory 202107-33 - Multiple vulnerabilities have been found in Pillow, the worst of which could result in a Denial of Service condition. Versions less than 8.2.0 are affected.
26dda539c7762b5ab4e6b5ee029356b95a444412d1cf068eadfa5fafec5b0726XNU suffers from a network stack kernel heap overflow due to an out-of-bounds memmove in 6lowpan. Proof of concept code included.
a1d06d7c40ef5cee75dbfed56b2263d072ffb407a0a5a9ac79847d59421ad896This is a proof of concept for a Windows TCP/IP denial of service vulnerability due to a NULL dereference in tcpip.sys. This was patched by Microsoft in February 2021. It is triggerable remotely by sending malicious UDP packet over IPv6.
0516b2a0dc860ebf19e63ce4021cd59c81f89b4c0605fd9ecea4c32742d682e0Proof of concept exploit for an out-of-bounds access vulnerability in the Realtek RTKVHD64.sys, leading to pool corruption.
bb5ee485c5648076add9bf2abf25ea37396550a4e2aa9b60094cc8338c092692This is a proof of concept for CVE-2021-28476 ("Hyper-V Remote Code Execution Vulnerability"), an arbitrary memory read in vmswitch.sys (network virtualization service provider) patched by Microsoft in May 2021.
48a1cc3a6acb78d90f7e5beca74fe39f754180b4d7a5529002e913fac71d8976Red Hat Security Advisory 2021-2705-01 - Red Hat OpenShift Serverless 1.16.0 release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6 and 4.7, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section. Issues addressed include a memory exhaustion vulnerability.
08eae3fe4757ace30ec86f5cc2744cf14810094d114320ba3dccf22aa96dce2cWordPress Current Book plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability.
c5e8aeebe5d859247c0728c436044839727a15a9d9d418df2a4570b241fb76a2Gentoo Linux Security Advisory 202107-32 - Multiple vulnerabilities have been found in Apache Thrift, the worst of which could result in a Denial of Service condition. Versions less than 0.14.1 are affected.
6b93100b3f1aaaab602748fcb9ee444dd77f2f1b2aaae3e36d4fd3368cecc466Red Hat Security Advisory 2021-2704-01 - Red Hat OpenShift Serverless Client kn 1.16.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.16.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Issues addressed include a memory exhaustion vulnerability.
df952e770c03be91f26c8dc21a03791097b10d64503502d3f6756a261c503661Webmin version 1.973 suffers from a cross site request forgery vulnerability.
6584fbea56cb36aed6cf20c070f41684482266289815df1aa41748fc786befa2Ubuntu Security Notice 5006-2 - USN-5006-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that PHP incorrectly handled certain PHAR files. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.
eedca1a470ded97b0623427c6e5fdcf4bb966c9f811fd215e5d150d46f82e283UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.
8c81ab72cd7fafd7004f83e330537e3a5d70e4c761505862cbc9593becb430e0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed