OSCA-550, OSCA-550A Security Vulnerabilities

CVE-2021-45100

The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs because it sets the SMB2_GLOBAL_CAP_ENCRYPTION flag when using the SMB 3.1.1 protocol, which is a violation of the SMB protocol...

CVE-2021-45100

The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs because it sets the SMB2_GLOBAL_CAP_ENCRYPTION flag when using the SMB 3.1.1 protocol, which is a violation of the SMB protocol...

CVE-2021-45100

The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs because it sets the SMB2_GLOBAL_CAP_ENCRYPTION flag when using the SMB 3.1.1 protocol, which is a violation of the SMB protocol...

Exploit for Uncontrolled Resource Consumption in Apache Log4J

How-to-check-log4j-CVE-2021-44228...

Exploit for Uncontrolled Resource Consumption in Apache Log4J

How-to-check-log4j-CVE-2021-44228...

KaliIntelligenceSuite - Shall Aid In The Fast, Autonomous, Central, And Comprehensive Collection Of Intelligence By Executing Standard Penetration Testing Tools

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by automatically: executing Kali Linux tools (e.g., dnsrecon, gobuster, hydra, nmap, etc.) querying publicly available APIs (e.g., Censys.io, Haveibeenpwned.com, Hunter.io,...

UPchieve: Clickjacking ar https://hackers.upchieve.org/login

I found clickjacking at login page on https://hackers.upchieve.org that can be exploited if the UI overlay can be performed correctly by the attacker. Clickjack test page Website is vulnerable to clickjacking! Click me when you finish :) Impact Its login page so if the UI overlay can...

Xlight FTP 3.9.3.1 - Buffer Overflow Exploit

...

Xlight FTP 3.9.3.1 Buffer Overflow

...

Xlight FTP 3.9.3.1 - Buffer Overflow (PoC)

...

REvil Affiliates Arrested; DOJ Seizes $6M in Ransom

International law enforcement is squeezing REvil affiliates out of hiding, but the underground is shrugging it off: They know that Russia won’t touch a hair on the heads of the Russian-speaking ransomware operators, experts say. On Monday, Europol announced the arrest of a total of seven suspected....

Keeweb - Free Cross-Platform Password Manager Compatible With KeePass

This webapp is a browser and desktop password manager compatible with KeePass databases. It doesn't require any server or additional resources. The app can run either in browser, or as a desktop app. Quick Links Apps: Web, Desktop Timeline: Release Notes, TODO On one page: Features, FAQ Website:...

Inefficient Regular Expression Complexity in terkelg/prompts

✍️ Description The prompts package is vulnerable to ReDoS (regular expression denial of service). An attacker that is able to provide a crafted input to the strip functionality may cause an application to consume an excessive amount of CPU. Below pinned line using vulnerable regex. The ReDOS is...

ROS-2-550

2.550 Remote code execution in nginx(CVE-2021-23017) 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngx_resolver_copy()function when processing DNS responses. A remote...

PYSEC-2021-550

TensorFlow is an end-to-end open source platform for machine learning. It is possible to trigger a null pointer dereference in TensorFlow by passing an invalid input to tf.raw_ops.CompressElement. The implementation was accessing the size of a buffer obtained from the return of a separate function....

Security update for nextcloud (important)

An update that fixes 13 vulnerabilities is now available. Description: This update for nextcloud fixes the following issues: nextcloud was updated to 20.0.11: Fix boo#1188247 - CVE-2021-32678: OCS API response ratelimits are not applied Fix boo#1188248 - CVE-2021-32679: filenames where not...

CVE-2021-20107

There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. The vulnerability allows for unauthenticated kinetic effects and information disclosure on the faucets. It is possible to use the Bluetooth Low...

Stack-based Buffer Overflow in rup0rt/pcapfix

Description A stack over flow was found in pcapfix in function fix_pcap_packets() in pcap.c at line 550 The root cause seem at line 458 , there is an int overflow if filesize-pos-sizeof(packet_hdr) is negative. Test version : 1.1.6 [2fe168e] Test env: gcc 9.3.0 ubuntu 20.04 x86-64 Proof of Concept....

Description of the security update for Outlook 2013: June 8, 2021 (KB5001934)

Description of the security update for Outlook 2013: June 8, 2021 (KB5001934) Summary This security update resolves a Microsoft Outlook Remote Code Execution Vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2021-31949. Note: To apply this....

CVE-2021-31461

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the the...

Type confusion

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the the...

Exploit for Cross-Site Request Forgery (CSRF) in Webmin

..| CVE-2021-31762 |.. Description : Exploiting a...

Description of the security update for Outlook 2013: April 13, 2021 (KB4504733)

Description of the security update for Outlook 2013: April 13, 2021 (KB4504733) Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2021-28452. Note: To apply this....

GitLab: RCE when removing metadata with ExifTool

Summary When uploading image files, GitLab Workhorse passes any files with the extensions jpg|jpeg|tiff through to ExifTool to remove any non-whitelisted tags. An issue with this is that ExifTool will ignore the file extension and try to determine what the file is based on the content, allowing...

Click Here to Kill Everybody Sale

For a limited time, I am selling signed copies of Click Here to Kill Everybody in hardcover for just $6, plus shipping. Note that I have had occasional problems with international shipping. The book just disappears somewhere in the process. At this price, international orders are at the buyer's...

Description of the security update for Outlook 2013: December 8, 2020

Description of the security update for Outlook 2013: December 8, 2020 Summary This security update resolves Microsoft Outlook information disclosure vulnerabilities. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2020-17119. Note To apply this...

Description of the security update for SharePoint Server 2010: November 10, 2020

Description of the security update for SharePoint Server 2010: November 10, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...

KB941203 - MS08-040: Vulnerabilities in Microsoft SQL Server could allow elevation of privilege

Resolves four privately disclosed vulnerabilities. The more serious of the vulnerabilities could allow an attacker to run code and to take complete control of the system.INTRODUCTIONMicrosoft has released security bulletin MS08-040. To view the complete security bulletin, visit one of the...

Description of the security update for Outlook 2013: October 13, 2020

Description of the security update for Outlook 2013: October 13, 2020 Summary This security update resolves a denial of service vulnerability that exists in Microsoft Exchange Server software when the software fails to properly handle objects in memory. To learn more about the vulnerability, see...

Description of the security update for SharePoint Server 2019: October 13, 2020

Description of the security update for SharePoint Server 2019: October 13, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...

CVE-2020-26102

In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM...

Code injection

In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM...

CVE-2020-26102

In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM...

Input validation

In IntelliVue patient monitors MX100, MX400-550, MX600, MX700, MX750, MX800, MX850, MP2-MP90, and IntelliVue X2 and X3 Versions N and prior, the product receives input or data but does not validate or incorrectly validates that the input has the properties required to process the data safely...

Description of the security update for SharePoint Enterprise Server 2013: September 8, 2020

Description of the security update for SharePoint Enterprise Server 2013: September 8, 2020 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Excel if the software does not check the source markup of an application package. To learn more about the....

Description of the security update for SharePoint Server 2010: September 8, 2020

Description of the security update for SharePoint Server 2010: September 8, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...

Digital Education: The cyberrisks of the online classroom

This past spring, as the COVID-19 pandemic took hold, online learning became the new norm as universities and classrooms around the world were forced to close their doors. By April 29, 2020, more than 1.2 billion children across 186 countries were impacted by school closures. Shortly after schools....