exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2023-09-04

Red Hat Security Advisory 2023-4910-01
Posted Sep 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4910-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.4 serves as a replacement for Red Hat JBoss Web Server 5.7.3. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References section. Issues addressed include denial of service, information leakage, integer overflow, and out of bounds write vulnerabilities.

tags | advisory, java, web, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-24963, CVE-2022-28331, CVE-2023-24998, CVE-2023-28708, CVE-2023-28709
SHA-256 | eb75438ef29d3419f6725183bfbeb51f52079fcb4b05c04f5a9dab7196252540
Red Hat Security Advisory 2023-4909-01
Posted Sep 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4909-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.4 serves as a replacement for Red Hat JBoss Web Server 5.7.3. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References section. Issues addressed include denial of service, information leakage, and integer overflow vulnerabilities.

tags | advisory, java, web, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-24963, CVE-2023-24998, CVE-2023-28708, CVE-2023-28709
SHA-256 | 42d63a53d46500f97ac09efb36b14aeae78e4c4154a0783587555b21ea3cde1c
Ubuntu Security Notice USN-6335-1
Posted Sep 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6335-1 - It was discovered that BusyBox incorrectly handled certain malformed gzip archives. If a user or automated system were tricked into processing a specially crafted gzip archive, a remote attacker could use this issue to cause BusyBox to crash, resulting in a denial of service, or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. It was discovered that BusyBox did not properly validate user input when performing certain arithmetic operations. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to cause BusyBox to crash, resulting in a denial of service, or execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-28831, CVE-2022-48174
SHA-256 | ce6cd273a2adefd9dc9d4b39d27ed6ba12c30e3105c870f8b4e96eaa14d28bc3
Ubuntu Security Notice USN-6334-1
Posted Sep 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6334-1 - Peter Wang discovered that atftp did not properly manage certain inputs. A remote attacker could send a specially crafted tftp request to the server to cause a crash. Andreas B. Mundt discovered that atftp did not properly manage certain inputs. A remote attacker could send a specially crafted tftp request to the server to cause a crash. Johannes Krupp discovered that atftp did not properly manage certain inputs. A remote attacker could send a specially crafted tftp request to the server and make the server to disclose /etc/group data.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-6097, CVE-2021-41054, CVE-2021-46671
SHA-256 | 3bdd531c8758e85af1a9dc219bf472e81e0cf00af872e44aefe3ded2b15188f4
Ubuntu Security Notice USN-6333-1
Posted Sep 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6333-1 - Junsung Lee discovered that Thunderbird did not properly validate the text direction override unicode character in filenames. An attacker could potentially exploits this issue by spoofing file extension while attaching a file in emails. Max Vlasov discovered that Thunderbird Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy.

tags | advisory, spoof
systems | linux, ubuntu
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056
SHA-256 | de1cdeefaa54cbd5ac2ba23369fd0091cdef1507fcdebab7399ef5c6b2b74e13
Debian Security Advisory 5488-1
Posted Sep 4, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5488-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2023-4573, CVE-2023-4574, CVE-2023-4575, CVE-2023-4581, CVE-2023-4584
SHA-256 | c4b9ef34e56f966dc628297fcd9a209fc6e8f676919d45454be8a2f6a9cac139
jSQL Injection 0.92
Posted Sep 4, 2023
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Added Multibit strategy. Added Preference to disable strategies. Replaced Boolean size queries with trail query. Optimized SQLite calibrator. Added vulnweb, juice.shop, hackthebox URLs to Scan. Fixed i18n managers tabs. Optimized Boolean false positive detection.
tags | tool, scanner, sql injection
systems | linux, unix
SHA-256 | c2fbf8bf0a47c670fad1bee18fdc18a0b6b5257d83d819dce0dc4303a17f79e8
Linux 6.4 Use-After-Free / Race Condition
Posted Sep 4, 2023
Authored by Jann Horn, Google Security Research

There is a race between mbind() and VMA-locked page faults in the Linux 6.4 kernel, leading to a use-after-free condition.

tags | exploit, kernel
systems | linux
SHA-256 | 78b0a4905933278287d325ebef0bf5c144a4c579eaaf4874daf17a797f5aa2b7
NVClient 5.0 Stack Buffer Overflow
Posted Sep 4, 2023
Authored by Ahmet Umit Bayram

NVClient version 5.0 suffers from a stack buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | abd3909daaf63482eae8d1670f83664e68a0dc2a1099d512a7df9789899192c7
CSZ CMS 1.3.0 Cross Site Scripting
Posted Sep 4, 2023
Authored by Daniel Gonzalez

CSZ CMS version 1.3.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 9b94dac81267b78ab87830aff4334c9f75589fa563e0c0d8dac51942e11ccd07
nullcon Goa 2023 Live Bug Hunting
Posted Sep 4, 2023
Site nullcon.net

nullcon Goa 2023 will be having a live bug hunting competition to win money. Registration deadline is September 7, 2023. The conference will be held September 22nd through the 24th, 2023.

tags | paper, conference
SHA-256 | 1cd891b4b4f7b63a38bb73250b01e63e89e37a5c67f9dcf2487b0a4a3db90a52
AdminLTE PiHole Broken Access Control
Posted Sep 4, 2023
Authored by kv1to

AdminTLE PiHole versions prior to 5.18 suffer from a broken access control vulnerability.

tags | exploit
advisories | CVE-2022-23513
SHA-256 | 9b8c890163587c6b86432ce2b114aa227620678fe2ad0b6011239c3105f1be06
Ivanti Avalance Remote Code Execution
Posted Sep 4, 2023
Authored by Robel Campbell

Ivanti Avalanche versions prior to 6.4.0.0 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2023-32560
SHA-256 | fbb31ff5f38dd146b12a471e205d680b8205fc2fdb41ac774f03201dcb313808
ImpressionTech CMS 1.4 SQL Injection
Posted Sep 4, 2023
Authored by indoushka

ImpressionTech CMS version 1.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7032b1e074d75927ade21c93b6ef6a9107eb57b2322cb16a4880374746b827ae
Impress CMS 1.3.9 Open Redirection
Posted Sep 4, 2023
Authored by indoushka

Impress CMS version 1.3.9 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | e2fcf8fc68a8d805a84ed27217308849c526fd9c890e5ac538f4522ab18908e7
ImgHosting 1.3 HTML Injection
Posted Sep 4, 2023
Authored by indoushka

ImgHosting version 1.3 suffers from a html injection vulnerability.

tags | exploit
SHA-256 | 191405965601ade0d4bd0ce91b2f3150036b54e91e9ed959a9c38087ce9f2322
Humhub 1.3.13 Shell Upload
Posted Sep 4, 2023
Authored by indoushka

Humhub version 1.3.13 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 7a715a33400e2add27f596f876eb05f01d21b959756f68afee12e2b91ef7ac46
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close