exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files Date: 2023-07-27

Ubuntu Security Notice USN-6259-1
Posted Jul 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6259-1 - Jos Wetzels, Stanislav Dashevskyi, and Amine Amri discovered that Open-iSCSI incorrectly handled certain checksums for IP packets. An attacker could possibly use this issue to expose sensitive information. Jos Wetzels, Stanislav Dashevskyi, Amine Amri discovered that Open-iSCSI incorrectly handled certain parsing TCP MSS options. An attacker could possibly use this issue to cause a crash or cause unexpected behavior.

tags | advisory, tcp
systems | linux, ubuntu
advisories | CVE-2020-13987, CVE-2020-13988, CVE-2020-17437
SHA-256 | 11add8b04ad913d8a0d55bdb51820f2c3df6cc99cc46d3fb35aa47446b9c769f
Ubuntu Security Notice USN-6260-1
Posted Jul 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6260-1 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48502, CVE-2023-2640, CVE-2023-3090, CVE-2023-31248, CVE-2023-3141, CVE-2023-32629, CVE-2023-3389, CVE-2023-3390, CVE-2023-35001
SHA-256 | a4384a0d58c965d16d9a12fe71bc79afb9b36f12a4660d6419a9dae8338f976a
Red Hat Security Advisory 2023-4226-01
Posted Jul 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4226-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.6.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41723, CVE-2022-46663, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-1255, CVE-2023-1260, CVE-2023-24329, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-25173
SHA-256 | ce4492864dcb382a006d5197438c039f97330f652c6c8aed7cc631262735dfe7
Red Hat Security Advisory 2023-4225-01
Posted Jul 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4225-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.6.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41723, CVE-2023-1260, CVE-2023-24329, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-27561, CVE-2023-2828, CVE-2023-29400, CVE-2023-3089
SHA-256 | 1ee5cc88afc05f04f8cab5e69c08e0c0eb450ca34081c1800b05f30e7d89899b
Debian Security Advisory 5460-1
Posted Jul 27, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5460-1 - It was discovered that Curl performed incorrect file path handling when saving cookies to files, which could lead to the creation or overwriting of files.

tags | advisory
systems | linux, debian
advisories | CVE-2023-32001
SHA-256 | 6e2f994d08396a20ab9a51c73c0d306c696b60020ddc145cb1423220ed1abd2b
TOR Virtual Network Tunneling Tool 0.4.7.14
Posted Jul 27, 2023
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.

Changes: This version contains several minor fixes and one major bugfix affecting vanguards (onion service).
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | a5ac67f6466380fc05e8043d01c581e4e8a2b22fe09430013473e71065e65df8
Ubuntu Security Notice USN-5193-3
Posted Jul 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5193-3 - USN-5193-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 ESM. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain inputs. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code and escalate privileges.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-4008
SHA-256 | 1eb1ddb27fbb758f427c0bf5ea4ee429be3e11990390a1e22ded9d1a9f2be38e
Ubuntu Security Notice USN-6258-1
Posted Jul 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6258-1 - It was discovered that LLVM Toolchain did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted MLIR file, an attacker could possibly use this issue to cause LLVM Toolchain to crash, resulting in a denial of service. It was discovered that LLVM Toolchain did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted MLIR file, an attacker could possibly use this issue to cause LLVM Toolchain to crash, resulting in a denial of service. This issue only affected llvm-toolchain-15.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2023-29932, CVE-2023-29933, CVE-2023-29934, CVE-2023-29939
SHA-256 | 15c885edb7e0ba7f4983c7a40211df4b440b82848835df91fc7c1e82a2b8501a
XLAgenda 4.4 Cross Site Request Forgery
Posted Jul 27, 2023
Authored by indoushka

XLAgenda version 4.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | b32d86f04f194dce3c7ff53cbf3caca6972b63541fb6d557a75d1b79c5076778
WonderCMS 0.6-Beta Password Disclosure
Posted Jul 27, 2023
Authored by indoushka

WonderCMS version 0.6-Beta suffers from a password disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 7730fce6db7c8209b7f075de09ab07291b78604414042879ee1427de2ab0f527
xForUp Simple File Uploader 1.0 SQL Injection
Posted Jul 27, 2023
Authored by indoushka

xForUp Simple File Uploader version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection, file upload
SHA-256 | 361651b4acd30ddc2f3f044531153e1a0b18342e97aaf21d8d9a9cdeebb3c58c
Ubuntu Security Notice USN-6257-1
Posted Jul 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6257-1 - It was discovered that Open VM Tools incorrectly handled certain authentication requests. A fully compromised ESXi host can force Open VM Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2023-20867
SHA-256 | 9874c20b43c69ee280343a66768f47a879830a6aa5d20f830e0e79427463ade2
Ubuntu Security Notice USN-6256-1
Posted Jul 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6256-1 - Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-3108, CVE-2022-3707, CVE-2022-3903, CVE-2022-4129, CVE-2023-0458, CVE-2023-0459, CVE-2023-1073, CVE-2023-1074, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1078, CVE-2023-1079, CVE-2023-1118
SHA-256 | 53c2946b5d19f257334d1182e7199b58771f576b4b09ca7d1fb73edd8b8401a3
B-OBEC V.092019 SQL Injection
Posted Jul 27, 2023
Authored by indoushka

B-OBEC version V.092019 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5a322b9d3bddaaa850e7f2eb9c8fa01c12d8bc7f0f77059234b6bbe521e18c21
BMIT BMS 2.1 SQL Injection
Posted Jul 27, 2023
Authored by indoushka

BMIT BMS version 2.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 6c44b20654cc1ac0bd5815441e8f32129376fb466e937a80b8c808e94f6eee08
Ubuntu Security Notice USN-6255-1
Posted Jul 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6255-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Mingi Cho discovered that the netfilter subsystem in the Linux kernel did not properly validate the status of a nft chain while performing a lookup by id, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2023-3090, CVE-2023-31248, CVE-2023-3389, CVE-2023-3390, CVE-2023-3439, CVE-2023-35001
SHA-256 | b92e45b5821cbc38a01a9f4fad300b0ca630b46f0b15c730d3315c01259ea4d7
Red Hat Security Advisory 2023-4290-01
Posted Jul 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4290-01 - OpenShift sandboxed containers 1.4.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-24736, CVE-2021-46848, CVE-2022-1271, CVE-2022-1304, CVE-2022-2509, CVE-2022-28805, CVE-2022-34903, CVE-2022-35737, CVE-2022-36227, CVE-2022-3715, CVE-2022-40303, CVE-2022-40304, CVE-2022-47629, CVE-2023-0464
SHA-256 | 1e2b8ec0277e95d223b5e93c67cebd05ba8613dd04c6a60f215d9837febfb0b2
Red Hat Security Advisory 2023-4293-01
Posted Jul 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4293-01 - The Migration Toolkit for Containers (MTC) 1.7.11 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-24736, CVE-2022-41723, CVE-2023-1667, CVE-2023-2283, CVE-2023-24329, CVE-2023-24539, CVE-2023-26125, CVE-2023-26604, CVE-2023-29400, CVE-2023-29401
SHA-256 | a6c7962adce03ec3f046c6f9917c53d0076af524b7a7d3efc40bc00d003762f8
Ubuntu Security Notice USN-6254-1
Posted Jul 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6254-1 - Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information. It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-0458, CVE-2023-1611, CVE-2023-2124, CVE-2023-2162, CVE-2023-2513, CVE-2023-3090, CVE-2023-3141, CVE-2023-3159, CVE-2023-3161, CVE-2023-3268, CVE-2023-3390, CVE-2023-35001
SHA-256 | 0faaa1a4c904d2777eb8f39748a9d767eddb9f41659d19079b8dcbea4f5d81ef
AMSS++ 5.21.09 SQL Injection
Posted Jul 27, 2023
Authored by indoushka

AMSS++ version 5.21.09 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d6eff57f5ad369547a8526cb80208127f9e3dca31c5ffa7cd2842cd831b083a6
AMS Logistics 2.2 SQL Injection
Posted Jul 27, 2023
Authored by indoushka

AMS Logistics version 2.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c055825a498e3cdbb7ec70ab1ea8dd878ae30e419ded9bd11a3d50cac6ee442a
Red Hat Security Advisory 2023-4286-01
Posted Jul 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4286-01 - Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-24736, CVE-2022-36227, CVE-2022-48281, CVE-2023-1667, CVE-2023-22006, CVE-2023-22036, CVE-2023-22041, CVE-2023-22045, CVE-2023-22049, CVE-2023-2283, CVE-2023-25193, CVE-2023-26604, CVE-2023-27535, CVE-2023-28466
SHA-256 | d5d35601175060e7441b9a1481c61970c832969895ba21bcfab1b55787d9e0f1
Red Hat Security Advisory 2023-4287-01
Posted Jul 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4287-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-24736, CVE-2023-1667, CVE-2023-2283, CVE-2023-24329, CVE-2023-26604, CVE-2023-3089
SHA-256 | a75172f933e219fbd1aa1cf9b0907e6aa8d24bc3d9ee8ea4185026c5823cbd75
Aicte India LMS 3.0 SQL Injection
Posted Jul 27, 2023
Authored by indoushka

Aicte India LMS version 3.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 291c97f85e73d82a9c9afa4293289afa389b5c4dfb9e3199019c3c6d954331a9
Buzzy News Viral Lists Polls And Videos 2.5.1 Insecure Settings
Posted Jul 27, 2023
Authored by indoushka

Buzzy News Viral Lists Polls and Videos version 2.5.1 appears to leave default credentials installed after installation.

tags | exploit
SHA-256 | 5ed91b51bdf7efaa67ae9bf7fba6a1066c2ab71217d47b8a8ad0b9d7d469dbaa
Page 1 of 2
Back12Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    8 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close