exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 125,129 RSS Feed

Files

Ubuntu Security Notice USN-5968-1
Posted Mar 22, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5968-1 - It was discovered that GitPython did not properly sanitize user inputs for remote URLs in the clone command. By injecting a maliciously crafted remote URL, an attacker could possibly use this issue to execute arbitrary commands on the host.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-24439
SHA-256 | 8f3a54575d7096992b3d3c81d82c2304712210afd399ea0e5c2c33f7df845437
Zyxel Unauthenticated LAN Remote Code Execution
Posted Mar 22, 2023
Authored by Stefan Viehboeck, T. Weber, Gerhard Hechenberger, Steffen Robertz | Site metasploit.com

This Metasploit module exploits a buffer overflow in the zhttpd binary (/bin/zhttpd). It is present on more than 40 Zyxel routers and CPE devices. The code execution vulnerability can only be exploited by an attacker if the zhttp webserver is reachable. No authentication is required. After exploitation, an attacker will be able to execute any command as root, including downloading and executing a binary from another host.

tags | exploit, overflow, root, code execution
SHA-256 | fc9419af3871336277cafde42125966d876812e4e57c8b48da3a83050219381f
MyBB Export User 2.0 Cross Site Scripting
Posted Mar 22, 2023
Authored by 0xB9

MyBB Export User plugin version 2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2023-27890
SHA-256 | 0f727d240d596072a9f1163413ddf43f29204849be9ee9b048371ea0547009e6
WCC 2023 Call For Participation
Posted Mar 22, 2023
Authored by WorldCryptologicCompetition | Site worldcryptologiccompetition.github.io

The World Cryptologic Competition (WCC) 2023 is a fully-online and open competition using GitHub. The language of the competition is English. The WCC 2023 has a total duration of 295 days, from Sunday January 1st 2023 to Monday October 23rd 2023. Teams and Judges must complete registration before Wednesday June 1st.

tags | paper, conference
SHA-256 | 12848db5eecde474ede8125eed53f5c8e8e8198f50e1cd86053ead35891713eb
Python CGI Documentation Cross Site Scripting
Posted Mar 22, 2023
Authored by Georgi Guninski

The documentation for the python CGI module suffers from a cross site scripting vulnerability.

tags | exploit, cgi, xss, python
SHA-256 | 12070a3cded8397a9c1036c6ffa17c97d5ef5a584b91e3216867995ff23654e8
Ubuntu Security Notice USN-5904-2
Posted Mar 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5904-2 - USN-5904-1 fixed vulnerabilities in SoX. It was discovered that the fix for CVE-2021-33844 was incomplete. This update fixes the problem. Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-13590, CVE-2021-33844, CVE-2022-31651
SHA-256 | 9eb608d1d81df98a62419fb66e125f081ea979dfda8e237aabfad17285322c4d
Ubuntu Security Notice USN-5965-1
Posted Mar 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5965-1 - It was discovered that TigerVNC mishandled TLS certificate exceptions. An attacker could use this vulnerability to impersonate any server after a client had added an exception and obtain sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-26117
SHA-256 | e166ae752951bf18e75b2cf377be8ae567407cff980379c3476eb2f4f4c8d8c9
Ubuntu Security Notice USN-5806-3
Posted Mar 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5806-3 - USN-5806-1 fixed vulnerabilities in Ruby. This update fixes the problem for Ubuntu 20.04 LTS. Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications which generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application.

tags | advisory, web, cgi, vulnerability, ruby
systems | linux, ubuntu
advisories | CVE-2021-33621
SHA-256 | 2946affe6446c720209e8c8a6781b9e746e6210d18a5a939af4608b1e97f3dfd
Debian Security Advisory 5376-1
Posted Mar 21, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5376-1 - Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response splitting or denial of service.

tags | advisory, web, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2006-20001, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522
SHA-256 | e7656527650776cefd2ce56651b8e7692943c0d30562f0041bf42d1330f3c976
Red Hat Security Advisory 2023-1337-01
Posted Mar 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1337-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | 01685704d18bf8183e32963ac3cb4e6e6ada557566263ae85054a1685e47ea16
Red Hat Security Advisory 2023-1332-01
Posted Mar 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1332-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-0767
SHA-256 | 389776e27aab442848dfbc6c1d3f0a64eb1abedeb09467048a5e0f49955dc09d
OpenSSL Toolkit 3.1.0
Posted Mar 21, 2023
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.1.x series is the current major version of OpenSSL.

Changes: SSL 3, TLS 1.0, TLS 1.1, and DTLS 1.0 only work at security level 0. Performance enhancements and new platform support including new assembler code algorithm implementations. Deprecated LHASH statistics functions. FIPS 140-3 compliance changes.
tags | tool, encryption, protocol
systems | unix
SHA-256 | aaa925ad9828745c4cad9d9efeb273deca820f2cdcf2c3ac7d7c1212b7c497b4
Red Hat Security Advisory 2023-1333-01
Posted Mar 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1333-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | 11bf472412d2db2d3f57abb184b5ce07a20f6a34d31fd9acb63e37142f3833e5
Red Hat Security Advisory 2023-1335-01
Posted Mar 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1335-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2023-0286
SHA-256 | c19faea4c59d909ca8beaca05918d75fc00f5d844d3606a7b7c52cb073698fba
CentOS Stream 9 Missing Kernel Security Fixes
Posted Mar 21, 2023
Authored by Jann Horn, Google Security Research

The kernel tree of CentOS Stream 9 suffers from multiple use-after-free conditions that were already patched in upstream stable trees.

tags | advisory, kernel
systems | linux, centos
advisories | CVE-2023-0590, CVE-2023-1249, CVE-2023-1252
SHA-256 | a5f94e90c58a4d65e7349c5ac6abff2cbc680f758ae71b7d0bf35a8ec6642057
Red Hat Security Advisory 2023-1336-01
Posted Mar 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1336-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | c7cd62e9be26e368dcce7e0d1976e0a8615ec3f69dfadaf4a6825860dca8fda7
Ubuntu Security Notice USN-5964-1
Posted Mar 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5964-1 - Harry Sintonen discovered that curl incorrectly handled certain TELNET connection options. Due to lack of proper input scrubbing, curl could pass on user name and telnet options to the server as provided, contrary to expectations. Harry Sintonen discovered that curl incorrectly handled special tilde characters when used with SFTP paths. A remote attacker could possibly use this issue to circumvent filtering.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27538
SHA-256 | 7303af9763b09b697c1acbc39214d51f90dd82cd2f8e2e8bd2040d6a4b2ec3e8
Ubuntu Security Notice USN-5963-1
Posted Mar 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5963-1 - It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-47024, CVE-2023-0049, CVE-2023-0051, CVE-2023-0054, CVE-2023-0288, CVE-2023-1264
SHA-256 | 373740425cdce8362111cf4caef765a5938b71e36b30145ab757004e4a8b3cb8
Ubuntu Security Notice USN-5960-1
Posted Mar 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5960-1 - Yebo Cao discovered that Python incorrectly handled certain URLs. An attacker could possibly use this issue to bypass blocklisting methods by supplying a URL that starts with blank characters.

tags | advisory, python
systems | linux, ubuntu
advisories | CVE-2023-24329
SHA-256 | 727432be8aaebcbbf1e8da1308a8110c3c6dc6fb3ff312a8e8e10aae1adc194b
Red Hat Security Advisory 2023-1303-01
Posted Mar 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1303-01 - Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale. Data Grid 7.3.10 replaces Data Grid 7.3.9 and includes security fixes. Issues addressed include code execution and deserialization vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-39144
SHA-256 | c62443ed1f58111e5bcbad07381e2b4e325eed22780a41853e581f1fe837f762
MyBB External Redirect Warning 1.3 Cross Site Scripting
Posted Mar 20, 2023
Authored by 0xB9

MyBB External Redirect Warning plugin version 1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2022-28353
SHA-256 | 30648b0a86ff796492c571bdf536801d2869613474a695f71e4142c2ef8f81e5
MyBB Active Threads 1.3.0 Cross Site Scripting
Posted Mar 20, 2023
Authored by 0xB9

MyBB Active Threads plugin version 1.3.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2022-28354
SHA-256 | efde58a58fcaee1af61de2dc0406e8406e2498067e290b0e69c2c859fce1b6a9
101+ News Portal 1.0 SQL Injection
Posted Mar 20, 2023
Authored by Abdulhakim Oner

101+ News Portal version 1.0 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3fe8bd04f55dfecfb3d191adee5c41eba6df99f6a1c15639bda4682d062a7e22
Shannon Baseband NrSmPcoCodec Intra-Object Overflow
Posted Mar 20, 2023
Authored by Ivan Fratric, Google Security Research

There is an intra-object overflow in Shannon Baseband, inside the 5G SM protocol implementation (NrSmMsgCodec as it is called in Shannon according to debug strings), when decoding the Extended protocol configuration options message (IEI = 0x7B).

tags | exploit, overflow, protocol
advisories | CVE-2023-26076
SHA-256 | fbcb90e472d2e3ece0a5999daefccbac91cb16b93b5bdde7163bb7f5b46c8021
Red Hat Security Advisory 2023-1286-01
Posted Mar 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1286-01 - Migration Toolkit for Runtimes 1.0.2 Images. Issues addressed include denial of service, privilege escalation, and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-46848, CVE-2022-2056, CVE-2022-2057, CVE-2022-2058, CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-2867, CVE-2022-2868, CVE-2022-2869, CVE-2022-2953, CVE-2022-31690, CVE-2022-35737, CVE-2022-40303
SHA-256 | b6aeb9fcd298c51ea745ab2408444b545077335be2e3494910e6f630ad0116c8
Page 1 of 5,006
Back12345Next

File Archive:

March 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    13 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    31 Files
  • 8
    Mar 8th
    16 Files
  • 9
    Mar 9th
    13 Files
  • 10
    Mar 10th
    9 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    10 Files
  • 14
    Mar 14th
    6 Files
  • 15
    Mar 15th
    17 Files
  • 16
    Mar 16th
    22 Files
  • 17
    Mar 17th
    13 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    16 Files
  • 21
    Mar 21st
    13 Files
  • 22
    Mar 22nd
    5 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close