Red Hat Security Advisory 2021-3559-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
3bcafc3afe5aa4e9f4251126406b75530da9675dfa4bf6acc6bf586fe9b6c45eThis article discusses the CVE-2021-40444 vulnerability and an alternative path that reduces the lines of JS code to trigger the issue and does not require CAB archives.
78527c30f8b16f6de1e16c3cf93b1aaa4506bde934637509d7046e6e1fd8681bBSides SF is soliciting papers and presentations for the 2022 annual BSidesSF conference. It will be located at City View at the Metreon in downtown San Francisco February 5th through the 6th, 2022.
116913a94e74b59af467e5522f2a4c08f2434469de79a58f7d2653633b1bb6cbT-Soft E-Commerce version 4 suffers from a cross site request forgery vulnerability.
c6b8e63ffe9cd49eeb60a1fb0927f605b76c7e0f0c0526db27887b5438211ac3This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware.
c92fb48f14d7428b9b06b9a2b966278ae9ada469b80f0eba1cc5bc001df86db6Church Management System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to Murat Demirci in July of 2021.
4199016530736f105e8824a08b5eff23db37a15fbbd61143196e3b11c5893e32litefuzz is a multi-platform fuzzer for poking at userland binaries and servers.
f25a4127aa0a0332f8898ed435abea7ff3f6fdf48ec55273a12cb50f97f07dd3Budget and Expense Tracker System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
5082e4f1ec4d69ca15809b642c62ff171a84e1a04effddf2ab8137afaa03a7beZeroPeril Ltd has discovered two issues inside the amdpsp.sys (v4.13.0.0) kernel driver module that ships with the AMD Chipset Drivers package for multiple AMD chipsets. The first issue is an information disclosure type security vulnerability and the second is a memory leak type bug due to insufficient releasing of all associated allocated resources upon request. The researchers have verified both in the latest Revision Number (2.13.27.501) of the package that was released the 4th of February 2021.
d827c9bf70e10c8aa6de32322ba69539b034444015352799b800c077dfa9a502Apple Security Advisory 2021-09-13-5 - Safari 14.1.2 addresses code execution and use-after-free vulnerabilities.
abffb8c6ccaf9c49c31a987a949797bd3a53dd7b12deb3ece0898cc5a594092cOnline Food Ordering System version 2.0 remote shell upload exploit.
992602dfabb61a530e543a5ce526d518edacf217e96cba728fe2cb15bf7c9a2fChurch Management System version 1.0 remote shell upload exploit.
cf7ec4a23cc71651ef6f4cf80b9753b0960ab62b0258a3e224ef9b17f65d40d2WordPress version 5.7 suffers from a Media Library XML external entity injection vulnerability.
f4d5079185c7b7a82974659421942eaed8b4ed45e1818b1ece7631fe12e92485Positive Technologies Maxpatrol 8 and Xspider appears to suffer from a denial of service vulnerability.
802743455581c562ac5cea9a7be4796be744ae990586e0dc1a85d37e24081569
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed