exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Recent Files

Files RSS Feed
Gentoo Linux Security Advisory 202407-09
Posted Jul 2, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202407-9 - A vulnerability has been discovered in OpenSSH, which can lead to remote code execution with root privileges. Versions greater than or equal to 9.7_p1-r6 are affected.

tags | advisory, remote, root, code execution
systems | linux, gentoo
WordPress FooGallery 2.4.16 Cross Site Scripting
Posted Jul 2, 2024
Authored by tmrswrr

WordPress FooGallery plugin version 2.4.16 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
WordPress Gallery 2.3.6 Cross Site Scripting
Posted Jul 2, 2024
Authored by tmrswrr

WordPress Gallery version 2.3.6 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
Ubuntu Security Notice USN-6851-2
Posted Jul 2, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6851-2 - USN-6851-1 fixed vulnerabilities in Netplan. The update lead to the discovery of a regression in netplan which caused systemctl enable to fail on systems without dbus. This update fixes the problem.

tags | advisory, vulnerability
systems | linux, ubuntu
Ubuntu Security Notice USN-6844-2
Posted Jul 2, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6844-2 - USN-6844-1 fixed vulnerabilities in the CUPS package. The update lead to the discovery of a regression in CUPS with regards to how the cupsd daemon handles Listen configuration directive. This update fixes the problem. Rory McNamara discovered that when starting the cupsd server with a Listen configuration item, the cupsd process fails to validate if bind call passed. An attacker could possibly trick cupsd to perform an arbitrary chmod of the provided argument, providing world-writable access to the target.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
Red Hat Security Advisory 2024-4212-03
Posted Jul 2, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4212-03 - An update for golang is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
Red Hat Security Advisory 2024-4211-03
Posted Jul 2, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4211-03 - An update for kernel is now available for Red Hat Enterprise Linux 8. Issues addressed include double free, memory leak, null pointer, spoofing, and use-after-free vulnerabilities.

tags | advisory, kernel, spoof, vulnerability, memory leak
systems | linux, redhat
Red Hat Security Advisory 2024-4210-03
Posted Jul 2, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4210-03 - An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.9 for RHEL 8. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
Red Hat Security Advisory 2024-4209-03
Posted Jul 2, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4209-03 - An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.2 for RHEL 8. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
PowerVR Driver Missing Sanitization
Posted Jul 2, 2024
Authored by Jann Horn, Google Security Research

The PowerVR driver does not sanitize ZS-Buffer / MSAA scratch firmware addresses.

tags | exploit
Ubuntu Security Notice USN-6859-1
Posted Jul 1, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6859-1 - It was discovered that OpenSSH incorrectly handled signal management. A remote attacker could use this issue to bypass authentication and remotely access systems without proper credentials.

tags | advisory, remote
systems | linux, ubuntu
Debian Security Advisory 5724-1
Posted Jul 1, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5724-1 - The Qualys Threat Research Unit (TRU) discovered that OpenSSH, an implementation of the SSH protocol suite, is prone to a signal handler race condition. If a client does not authenticate within LoginGraceTime seconds (120 by default), then sshd's SIGALRM handler is called asynchronously and calls various functions that are not async-signal-safe. A remote unauthenticated attacker can take advantage of this flaw to execute arbitrary code with root privileges. This flaw affects sshd in its default configuration.

tags | advisory, remote, arbitrary, root, protocol
systems | linux, debian
Gentoo Linux Security Advisory 202407-08
Posted Jul 1, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202407-8 - Multiple vulnerabilities have been discovered in GNU Emacs and Org Mode, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 26.3-r16:26 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
Gentoo Linux Security Advisory 202407-07
Posted Jul 1, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202407-7 - A vulnerability has been discovered in cpio, which can lead to arbitrary code execution. Versions greater than or equal to 2.13-r1 are affected.

tags | advisory, arbitrary, code execution
systems | linux, gentoo
Packet Storm New Exploits For June, 2024
Posted Jul 1, 2024
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 65 exploits added to Packet Storm in June, 2024.

tags | exploit
OpenSSH Server regreSSHion Remote Code Execution
Posted Jul 1, 2024
Authored by Qualys Security Advisory | Site blog.qualys.com

Qualys has discovered a a signal handler race condition vulnerability in OpenSSH's server, sshd. If a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously, but this signal handler calls various functions that are not async-signal-safe - for example, syslog(). This race condition affects sshd in its default configuration.

tags | exploit, advisory, paper
OpenSSH 9.8p1
Posted Jul 1, 2024
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release contains fixes for two security problems, one critical and one minor.
tags | tool, encryption
systems | linux, unix, openbsd
Ubuntu Security Notice USN-6858-1
Posted Jul 1, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6858-1 - It was discovered that eSpeak NG did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
Gentoo Linux Security Advisory 202407-06
Posted Jul 1, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202407-6 - Multiple vulnerabilities have been discovered in cryptography, the worst of which could lead to a denial of service. Versions greater than or equal to 42.0.4 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
Gentoo Linux Security Advisory 202407-05
Posted Jul 1, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202407-5 - A vulnerability has been discovered in SSSD, which can lead to arbitrary code execution. Versions greater than or equal to 2.5.2-r1 are affected.

tags | advisory, arbitrary, code execution
systems | linux, gentoo
Simple Laboratory Management System 1.0 SQL Injection
Posted Jul 1, 2024
Authored by Smitha Bhabal

Simple Laboratory Management System version 1.0 suffers from a remote time-based SQL injection vulnerability.

tags | exploit, remote, sql injection
Ubuntu Security Notice USN-6855-1
Posted Jul 1, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6855-1 - Mansour Gashasbi discovered that libcdio incorrectly handled certain memory operations when parsing an ISO file, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
Gentoo Linux Security Advisory 202406-06
Posted Jul 1, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202406-6 - Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution. Versions greater than or equal to 1.22.11-r1 are affected.

tags | advisory, vulnerability, code execution
systems | linux, gentoo
Azon Dominator Affiliate Marketing Script SQL Injection
Posted Jul 1, 2024
Authored by Buğra Enis Dönmez

Azon Dominator Affiliate Marketing Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Gentoo Linux Security Advisory 202407-02
Posted Jul 1, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202407-2 - A vulnerability has been discovered in SDL_ttf, which can lead to arbitrary memory writes. Versions greater than or equal to 2.20.0 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
View Older Files →

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close