exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Recent Files

Files RSS Feed
Ubuntu Security Notice USN-6092-1
Posted May 19, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6092-1 - Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information. Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information.

tags | advisory, x86, kernel, local
systems | linux, ubuntu
CiviCRM 5.59.alpha1 Cross Site Scripting
Posted May 19, 2023
Authored by Andrea Intilangelo

CiviCRM version 5.59.alpha1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
Red Hat Security Advisory 2023-3167-01
Posted May 19, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3167-01 - New Red Hat build of Cryostat 2.3.0 on RHEL 8 container images have been released, adding a variety of features and bug fixes. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
ChurchCRM 4.5.4 Cross Site Scripting
Posted May 19, 2023
Authored by Rahad Chowdhury

ChurchCRM version 4.5.4 suffers from a cross site scripting vulnerability. Related CVE number: CVE-2023-31699.

tags | exploit, xss
Ubuntu Security Notice USN-6091-1
Posted May 19, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6091-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, x86, kernel, local
systems | linux, ubuntu
MobileTrans 4.0.11 Weak Service Permissions
Posted May 19, 2023
Authored by Thurein Soe

MobileTrans version 4.0.11 suffers from having a weak service permission vulnerability.

tags | exploit
Red Hat Security Advisory 2023-3229-01
Posted May 19, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3229-01 - An update for openshift-gitops-kam is now available for Red Hat OpenShift GitOps 1.8. Red Hat Product Security has rated this update as having a security impact of Important. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
Filmora 12 Build 1.0.0.7 Unquoted Service Path
Posted May 19, 2023
Authored by Thurein Soe

Filmora version 12 Build 1.0.0.7 suffers from an unquoted service path vulnerability.

tags | exploit
Ubuntu Security Notice USN-6090-1
Posted May 19, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6090-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, x86, kernel, local
systems | linux, ubuntu
Bludit CMS 3.14.1 Cross Site Scripting
Posted May 19, 2023
Authored by Rahad Chowdhury

Bludit CMS version 3.14.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
Ubuntu Security Notice USN-6089-1
Posted May 19, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6089-1 - It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
Red Hat Security Advisory 2023-0584-01
Posted May 19, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0584-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.1. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
Red Hat Security Advisory 2023-3195-01
Posted May 19, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3195-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, cross site scripting, information leakage, and insecure permissions vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
IBM AIX 7.2 inscout Privilege Escalation
Posted May 18, 2023
Authored by Tim Brown, Brendan Coles | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in IBM AIX invscout set-uid root utility present in AIX 7.2 and earlier. The undocumented -rpm argument can be used to install an RPM file; and the undocumented -o argument passes arguments to the rpm utility without validation, leading to command injection with effective-uid root privileges. This module has been tested successfully on AIX 7.2.

tags | exploit, root
systems | aix
WordPress Elementor Lite 5.7.1 Arbitrary Password Reset
Posted May 18, 2023
Authored by Rafie Muhammed | Site wordfence.com

On May 11 2023, Essential Addons for Elementor, a WordPress plugin with over one million active installations, released a patch for a critical vulnerability that made it possible for any unauthenticated user to reset arbitrary user passwords, including user accounts with administrative-level access. Versions 5.7.1 and below are affected.

tags | advisory, arbitrary
Debian Security Advisory 5405-1
Posted May 18, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5405-1 - It was discovered that missing input sanitizing in the implementation of the OIDCStripCookie option in mod_auth_openidc could result in denial of service.

tags | advisory, denial of service
systems | linux, debian
Red Hat Security Advisory 2023-3221-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3221-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.11.0. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
Red Hat Security Advisory 2023-3220-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3220-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.11.0 ESR. Issues addressed include a bypass vulnerability.

tags | advisory, web, bypass
systems | linux, redhat
Red Hat Security Advisory 2023-3223-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3223-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 2.4.0 serves as a replacement for Red Hat AMQ Streams 2.3.0, and includes security and bug fixes, and enhancements. Issues addressed include denial of service, deserialization, information leakage, memory exhaustion, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
Ubuntu Security Notice USN-6087-1
Posted May 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6087-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM.

tags | advisory, denial of service, ruby
systems | linux, ubuntu
Ubuntu Security Notice USN-6088-1
Posted May 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6088-1 - It was discovered that runC incorrectly made /sys/fs/cgroup writable when in rootless mode. An attacker could possibly use this issue to escalate privileges. It was discovered that runC incorrectly performed access control when mounting /proc to non-directories. An attacker could possibly use this issue to escalate privileges. It was discovered that runC incorrectly handled /proc and /sys mounts inside a container. An attacker could possibly use this issue to bypass AppArmor, and potentially SELinux.

tags | advisory
systems | linux, ubuntu
Ubuntu Security Notice USN-6086-1
Posted May 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6086-1 - It was discovered that minimatch incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
Red Hat Security Advisory 2023-1329-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1329-01 - Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built from the edge capabilities of Red Hat OpenShift. MicroShift is an application that is deployed on top of Red Hat Enterprise Linux devices at the edge, providing an efficient way to operate single-node clusters in these low-resource environments. This advisory contains the RPM packages for Red Hat build of MicroShift 4.13.0. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory
systems | linux, redhat
Red Hat Security Advisory 2023-2138-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2138-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the extra low-latency container images for Red Hat OpenShift Container Platform 4.13. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
Red Hat Security Advisory 2023-3205-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3205-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.0 images. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
View Older Files →

Recent News

News RSS Feed
Threat Actor Bypasses Detection, Protections In Microsoft Azure Serial Console
Posted May 18, 2023

tags | headline, hacker, microsoft, flaw
Six Million Patients' Data Feared Stolen From PharMerica
Posted May 18, 2023

tags | headline, privacy, data loss
Polish News Websites Hit By DDoS Attacks
Posted May 18, 2023

tags | headline, denial of service, poland
DOJ Links Iran, China, And Russia To Five IP-Theft Related Cases
Posted May 18, 2023

tags | headline, government, usa, russia, china, data loss, cyberwar, iran
Twitter Sued Over Saudi Spying That Landed User In Prison
Posted May 17, 2023

tags | headline, government, privacy, spyware, saudi arabia, twitter, censorship
Upstart Encryption App Walks Back Privacy Claims, Pulls From Stores After Probe
Posted May 17, 2023

tags | headline, privacy, phone, flaw, cryptography
Malware Turns Home Routers Into Proxies For Chinese Hackers
Posted May 17, 2023

tags | headline, hacker, government, malware, china, cyberwar
Ex-Apple Engineer Accused Of Stealing Self-Driving Car Secrets
Posted May 17, 2023

tags | headline, data loss, apple
Oil And Gas Sectors Lag Behind Other Industries In Gathering Intel
Posted May 17, 2023

tags | headline, hacker, scada
US Charges, Sanctions Russian Ransomware Operator Who Leaked Stolen DC Police Data
Posted May 17, 2023

tags | headline, government, malware, usa, russia, data loss, cyberwar
View More News →

File Archive:

May 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    16 Files
  • 3
    May 3rd
    38 Files
  • 4
    May 4th
    15 Files
  • 5
    May 5th
    35 Files
  • 6
    May 6th
    0 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    8 Files
  • 9
    May 9th
    66 Files
  • 10
    May 10th
    19 Files
  • 11
    May 11th
    27 Files
  • 12
    May 12th
    8 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    1 Files
  • 15
    May 15th
    19 Files
  • 16
    May 16th
    66 Files
  • 17
    May 17th
    28 Files
  • 18
    May 18th
    32 Files
  • 19
    May 19th
    13 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close