exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Recent Files

Files RSS Feed
Red Hat Security Advisory 2022-5491-01
Posted Jul 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5491-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and privilege escalation vulnerabilities.

tags | advisory, web, overflow, php, vulnerability
systems | linux, redhat
Ubuntu Security Notice USN-5501-1
Posted Jul 4, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5501-1 - It was discovered that Django incorrectly handled certain SQL. An attacker could possibly use this issue to expose sensitive information.

tags | advisory
systems | linux, ubuntu
Ubuntu Security Notice USN-5500-1
Posted Jul 4, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5500-1 - Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. Lin Ma discovered that the NFC Controller Interface implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
Ubuntu Security Notice USN-5493-2
Posted Jul 4, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5493-2 - It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
Ubuntu Security Notice USN-5485-2
Posted Jul 4, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5485-2 - It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
Global Socket 1.4.37
Posted Jul 4, 2022
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: OpenWRT shenanigans.
tags | tool, tcp
systems | unix
Bash / Netcat Reverse Shells
Posted Jul 4, 2022
Authored by Raed Ahsan

This script is a great tool for pentesters needing to create reverse shells using either bash or netcat.

tags | tool, shell, rootkit, bash
systems | unix
Ransom Lockbit 3.0 MVID-2022-0620 Buffer Overflow
Posted Jul 4, 2022
Authored by malvuln | Site malvuln.com

Lockbit ransomware version 3.0 apparently now requires a password to execute as noted by "@vxunderground", but does not properly check bounds for both the -pass and -k arguments. Supplying a long string of characters for either flag will trigger a unicode stack buffer overflow overwriting the ECX register and structured exception handler (SEH).

tags | exploit, overflow
DouPHP 1.2 Release 20141027 SQL Injection
Posted Jul 4, 2022
Authored by indoushka

DouPHP version 1.2 Release 20141027 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Paymoney 3.3 Cross Site Scripting
Posted Jul 4, 2022
Authored by nu11secur1ty

Paymoney version 3.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
Stock Management System 2020 SQL Injection
Posted Jul 4, 2022
Authored by nu11secur1ty

Stock Management System 2020 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
Packet Storm New Exploits For June, 2022
Posted Jul 1, 2022
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 92 exploits added to Packet Storm in June, 2022.

tags | exploit
Carel pCOWeb HVAC BACnet Gateway 2.1.0 Unauthenticated Directory Traversal
Posted Jul 1, 2022
Authored by LiquidWorm | Site zeroscience.mk

Carel pCOWeb HVAC BACnet Gateway version 2.1.0 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the file GET parameter through the logdownload.cgi bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.

tags | exploit, arbitrary, cgi, bash
PHP Library Remote Code Execution
Posted Jul 1, 2022
Authored by Eldar Marcussen

Several PHP compatibility libraries contain a potential remote code execution flaw in their json_decode() function based on having copy pasted existing vulnerable code. Affected components include the WassUp Realtime analytics WordPress plugin, AjaXplorer Core, and more.

tags | exploit, remote, php, code execution
BigBlueButton 2.3 / 2.4.7 Cross Site Scripting
Posted Jul 1, 2022
Authored by Rick Verdoes, Danny de Weille | Site pentests.nl

BigBlueButton versions 2.3, prior to 2.4.8, and prior to 2.5.0 suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
CPSIoTSec 2022 Call For Papers
Posted Jul 1, 2022
Site cpsiotsec2022.github.io

The Call For Papers has been announced for the Workshop on CPS and IoT Security and Privacy (CPSIoTSec 2022). It will be held in Los Angeles, CA, USA on November 7th through the 11th, 2022.

tags | paper, conference
Hardwear.io NL 2022 Call For Papers
Posted Jul 1, 2022
Authored by hardwear.io CFP

The call for papers for Hardwear.io NL 2022 is now open. It will take place October 27th through the 28th, 2021 in the Netherlands.

tags | paper, conference
Red Hat Security Advisory 2022-5483-01
Posted Jul 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5483-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
Red Hat Security Advisory 2022-5481-01
Posted Jul 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5481-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.11 ESR. Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
Red Hat Security Advisory 2022-5245-01
Posted Jul 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5245-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include bypass and password leak vulnerabilities.

tags | advisory, web, vulnerability, protocol
systems | linux, redhat
Red Hat Security Advisory 2022-5475-01
Posted Jul 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5475-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.11. Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
Red Hat Security Advisory 2022-5257-01
Posted Jul 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5257-01 - libinput is a library that handles input devices for display servers and other applications that need to directly deal with input devices. Issues addressed include format string and privilege escalation vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
Red Hat Security Advisory 2022-5439-01
Posted Jul 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5439-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include heap overflow, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
Red Hat Security Advisory 2022-5249-01
Posted Jul 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5249-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, information leakage, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
Red Hat Security Advisory 2022-5251-01
Posted Jul 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5251-01 - The pcre2 package contains a new generation of the Perl Compatible Regular Expression libraries for implementing regular expression pattern matching using the same syntax and semantics as Perl. Issues addressed include an out of bounds read vulnerability.

tags | advisory, perl
systems | linux, redhat
View Older Files →

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close