what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Recent Files

Files RSS Feed
Flowmon Unauthenticated Command Injection
Posted May 29, 2024
Authored by Dave Yesland | Site metasploit.com

This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Flowmon versions before v12.03.02.

tags | exploit
Ubuntu Security Notice USN-6797-1
Posted May 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6797-1 - It was discovered that some 3rd and 4th Generation Intel® Xeon® Processors did not properly restrict access to certain hardware features when using Intel® SGX or Intel® TDX. This may allow a privileged local user to potentially further escalate their privileges on the system. This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. It was discovered that some Intel® Atom® Processors did not properly clear register state when performing various operations. A local attacker could use this to obtain sensitive information via a transient execution attack. This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS.

tags | advisory, local
systems | linux, ubuntu
Ubuntu Security Notice USN-6787-1
Posted May 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6787-1 - It was discovered that Jinja2 incorrectly handled certain HTML attributes that were accepted by the xmlattr filter. An attacker could use this issue to inject arbitrary HTML attribute keys and values to potentially execute a cross-site scripting attack.

tags | advisory, arbitrary, xss
systems | linux, ubuntu
Ubuntu Security Notice USN-6779-2
Posted May 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6779-2 - USN-6779-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Jan-Ivar Bruaroey discovered that Firefox did not properly manage memory when audio input connected with multiple consumers. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. Thomas Rinsma discovered that Firefox did not properly handle type check when handling fonts in PDF.js. An attacker could potentially exploit this issue to execute arbitrary javascript code in PDF.js. Irvan Kurniawan discovered that Firefox did not properly handle certain font styles when saving a page to PDF. An attacker could potentially exploit this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary, javascript, vulnerability
systems | linux, ubuntu
GRR 3.4.7.4
Posted May 29, 2024
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: YARA memory scanning improvements. Three additions and eleven removals.
tags | tool, remote, web, forensics
systems | unix
Ubuntu Security Notice USN-6795-1
Posted May 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6795-1 - Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
jSQL Injection 0.96
Posted May 29, 2024
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Fixed bug in cookie processing. Improved mysql dios. Upgraded dependencies version. Improved javadoc.
tags | tool, scanner, sql injection
systems | linux, unix
Ubuntu Security Notice USN-6794-1
Posted May 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6794-1 - It was discovered that FRR incorrectly handled certain malformed BGP and OSPF packets. A remote attacker could use this issue to cause FRR to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
Ubuntu Security Notice USN-6792-1
Posted May 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6792-1 - Naom Moshe discovered that Flask-Security incorrectly validated URLs. An attacker could use this issue to redirect users to arbitrary URLs.

tags | advisory, arbitrary
systems | linux, ubuntu
Proxmark3 4.18589 Custom Firmware
Posted May 29, 2024
Authored by Christian Herrmann | Site github.com

This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware. This release is nicknamed "Aurora".

Changes: Major updates include hitag2 crack implementations, plot window can manipulate trace data, multiple bugs related to memory leaks, and new compiler version support.
tags | tool
systems | unix
Red Hat Security Advisory 2024-3464-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3464-03 - An update for glibc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include buffer overflow, code execution, null pointer, and out of bounds write vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
Red Hat Security Advisory 2024-3462-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3462-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
Red Hat Security Advisory 2024-3461-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3461-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
Red Hat Security Advisory 2024-3460-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3460-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
Red Hat Security Advisory 2024-3433-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3433-03 - An update for protobuf is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

tags | advisory
systems | linux, redhat
Red Hat Security Advisory 2024-3431-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3431-03 - An update for pcs is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
Red Hat Security Advisory 2024-3428-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3428-03 - An update for the rust-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

tags | advisory
systems | linux, redhat
Red Hat Security Advisory 2024-3427-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3427-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
Red Hat Security Advisory 2024-3426-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3426-03 - An update for the varnish:6 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
Red Hat Security Advisory 2024-3423-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3423-03 - An update for glibc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include buffer overflow, null pointer, and out of bounds write vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
Red Hat Security Advisory 2024-3422-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3422-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

tags | advisory
systems | linux, redhat
Red Hat Security Advisory 2024-3421-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3421-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
Red Hat Security Advisory 2024-3418-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3418-03 - An update for rust is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

tags | advisory
systems | linux, redhat
Red Hat Security Advisory 2024-3417-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3417-03 - An update for mod_http2 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
Red Hat Security Advisory 2024-3414-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3414-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
View Older Files →

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    18 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    12 Files
  • 29
    May 29th
    31 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close