exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Recent Files

Files RSS Feed
Red Hat Security Advisory 2023-3363-01
Posted Jun 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3363-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.61. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
Ubuntu Security Notice USN-6144-1
Posted Jun 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6144-1 - It was discovered that LibreOffice did not properly validate the number of parameters passed to the formula interpreter, leading to an array index underflow attack. If a user were tricked into opening a specially crafted spreadsheet file, an attacker could possibly use this issue to execute arbitrary code. Amel Bouziane-Leblond discovered that LibreOffice did not prompt the user before loading the host document inside an IFrame. If a user were tricked into opening a specially crafted input file, an attacker could possibly use this issue to cause information disclosure or execute arbitrary code.

tags | advisory, arbitrary, info disclosure
systems | linux, ubuntu
Ubuntu Security Notice USN-6143-1
Posted Jun 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6143-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Jun Kokatsu discovered that Firefox did not properly validate site-isolated process for a document loaded from a data: URL that was the result of a redirect, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
Debian Security Advisory 5419-1
Posted Jun 7, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5419-1 - Two vulnerabilities were discovered in c-ares, an asynchronous name resolver library.

tags | advisory, vulnerability
systems | linux, debian
Falco 0.35.0
Posted Jun 7, 2023
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.

Changes: Dozens of changes including a breaking change where support for metadata enrichment from Mesos has been removed. 9 bug fixes have also been applied.
tags | tool, intrusion detection
systems | unix
Red Hat Security Advisory 2023-3362-01
Posted Jun 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3362-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.61. Issues addressed include a resource exhaustion vulnerability.

tags | advisory
systems | linux, redhat
Red Hat Security Advisory 2023-3525-01
Posted Jun 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3525-01 - Flask is a lightweight but extensible web development framework for Python based on the Werkzeug WSGI toolkit, and the Jinja 2 template engine.

tags | advisory, web, python
systems | linux, redhat
PaperCut PaperCutNG Authentication Bypass
Posted Jun 7, 2023
Authored by catatonicprime | Site metasploit.com

This Metasploit module leverages an authentication bypass in PaperCut NG. If necessary it updates Papercut configuration options, specifically the print-and-de vice.script.enabled and print.script.sandboxed options to allow for arbitrary code execution running in the builtin RhinoJS engine. This module logs at most 2 events in the application log of papercut. Each event is tied to modification of server settings.

tags | exploit, arbitrary, code execution
Red Hat Security Advisory 2023-3366-01
Posted Jun 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3366-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.2. Issues addressed include a traversal vulnerability.

tags | advisory
systems | linux, redhat
A DIY Guide To Become An Alone Long Time Bughunter For Ordinary People
Posted Jun 7, 2023
Authored by j00sean

Whitepaper called Bughunter's Life-Style: A DIY guide to become an alone long time bughunter for ordinary people. Written in Spanish.

tags | paper
Ubuntu Security Notice USN-6028-2
Posted Jun 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6028-2 - USN-6028-1 fixed vulnerabilities in libxml2. This update provides the corresponding updates for Ubuntu 23.04. It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash.

tags | advisory, vulnerability
systems | linux, ubuntu
Red Hat Security Advisory 2023-3491-01
Posted Jun 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3491-01 - An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
Magento eCommerce 2.4.0 Information Disclosure
Posted Jun 7, 2023
Authored by indoushka

Magento eCommerce version 2.4.0 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
Wizcyb Interactive 2.0 SQL Injection
Posted Jun 7, 2023
Authored by indoushka

Wizcyb Interactive version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
Red Hat Security Advisory 2023-3490-01
Posted Jun 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3490-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
Red Hat Security Advisory 2023-3517-01
Posted Jun 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3517-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
Red Hat Security Advisory 2023-3481-01
Posted Jun 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3481-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
USB Flash Drives Control 4.1.0.0 Unquoted Service Path
Posted Jun 7, 2023
Authored by Jeffrey Bencteux

USB Flash Drives Control version 4.1.0.0 suffers from an unquoted service path vulnerability.

tags | exploit
Red Hat Security Advisory 2023-3489-01
Posted Jun 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3489-01 - Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol server, as well as command-line utilities and Web UI packages for server administration.

tags | advisory, web, protocol
systems | linux, redhat
CloudPanel 2.2.2 Privilege Escalation / Path Traversal
Posted Jun 7, 2023
Authored by EagleEye

CloudPanel versions 2.0.0 through 2.2.2 suffer from a privilege escalation vulnerability when a traversal is leveraged against clpctlWrapper for which all normal users have sudo access.

tags | exploit, file inclusion
Expert Job Portal Management System 1.0 SQL Injection
Posted Jun 7, 2023
Authored by CraCkEr

Expert Job Portal Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
WordPress Updraft 0.6.1 Backup Disclosure
Posted Jun 7, 2023
Authored by indoushka

WordPress Updraft plugin version 0.6.1 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
Ubuntu Security Notice USN-6142-1
Posted Jun 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6142-1 - Gal Goldshtein discovered that nghttp2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
Red Hat Security Advisory 2023-3460-01
Posted Jun 6, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3460-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
Ubuntu Security Notice USN-6141-1
Posted Jun 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6141-1 - Robin Peraglie and Johannes Moritz discovered that xfce4-settings incorrectly parsed quoted input when processed through xdg-open. A remote attacker could possibly use this issue to inject arbitrary arguments into the default browser or file manager.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
View Older Files →

File Archive:

June 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    18 Files
  • 2
    Jun 2nd
    13 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    32 Files
  • 6
    Jun 6th
    39 Files
  • 7
    Jun 7th
    22 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close