what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2022-07-11

Ubuntu Security Notice USN-5507-1
Posted Jul 11, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5507-1 - It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the program to crash, use unexpected values, or execute arbitrary code. It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the corruption of sensitive information, a crash, or arbitrary code execution.

tags | advisory, arbitrary, code execution
systems | linux, ubuntu
advisories | CVE-2022-1897, CVE-2022-1968
SHA-256 | 4e11c29d9f2087162a256b26af4fd6c6c5dd8e6c39e84dc1478d70ad8f3e27b6
Ubuntu Security Notice USN-5479-3
Posted Jul 11, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5479-3 - USN-5479-1 fixed vulnerabilities in PHP. Unfortunately that update for CVE-2022-31625 was incomplete for Ubuntu 18.04 LTS. This update fixes the problem. Charles Fol discovered that PHP incorrectly handled initializing certain arrays when handling the pg_query_params function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Charles Fol discovered that PHP incorrectly handled passwords in mysqlnd. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-31625, CVE-2022-31626
SHA-256 | a15e8d30137eb95d8c8f9128fe3185a5cdd63a4cac161ca59faae5bc79624c15
Ubuntu Security Notice USN-5506-1
Posted Jul 11, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5506-1 - Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7 sequence. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. Ronald Crane discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-22747, CVE-2022-34480
SHA-256 | bfd2a41a0a3fe43a7c0be6e78b0d2c1b21e1b6247f193100dbc3cc678fe8f02f
GNU Privacy Guard 2.3.7
Posted Jul 11, 2022
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: Some new options and quite a few bug fixes in the changelog.
tags | tool, encryption
SHA-256 | ee163a5fb9ec99ffc1b18e65faef8d086800c5713d15a672ab57d3799da83669
GNU Privacy Guard 2.2.36
Posted Jul 11, 2022
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.

Changes: Some new options and quite a few bug fixes in the changelog.
tags | tool, encryption
SHA-256 | bdfe783810fceca9703b9e811817acca63ee9ef0174e616598e8ea6590aa4c9c
Falco 0.32.1
Posted Jul 11, 2022
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: 2 major changes, 8 minor changes, 4 bug fixes, 2 rule changes, and about 2 dozen non-user facing changes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 6683030c0954015fd2437e241b6da7dd2d804b88f55461c0262ad1a5d96f46e9
3DES Shellcode Crypter
Posted Jul 11, 2022
Authored by D7X

This tool is a 3DES shellcode crypter.

tags | shellcode
SHA-256 | 9e6475d7e02bb5bcc0b7670b1ca005b4e4ecb987abc3fd2dcd7a5d44af829d04
WordPress Visual Slide Box Builder 3.2.9 SQL Injection
Posted Jul 11, 2022
Authored by nu11secur1ty

WordPress Visual Slide Box Builder plugin version 3.2.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f6f431664e7cffdce804349fe1630e7178f567a1366a6e9862dff6ce51fe95c6
Sashimi Evil OctoBot Tentacle
Posted Jul 11, 2022
Authored by Samy Younsi, Thomas Knudsen | Site github.com

Sashimi Evil OctoBot Tentacle is a python script that exploits a vulnerability that lies in the Tentacles upload functionality of the cryptocurrency trading bot OctoBot which is designed to be easy to use and customizable. Versions 0.4.0beta3 through 0.4.3 are affected.

tags | exploit, python
advisories | CVE-2021-36711
SHA-256 | 67657fcc4e1e91fdf6687effb98e5e02419480dc043b1f499700a2140f08b47b
Nginx 1.20.0 Denial Of Service
Posted Jul 11, 2022
Authored by Mohammed Alshehri

Nginx version 1.20.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2021-23017
SHA-256 | d5e69479a9c5a46d1cf68eb6f70e5c392f4e2292c4ebd20a8e40b7422c4f6f23
Chrome PaintImage Deserialization Out-Of-Bounds Read
Posted Jul 11, 2022
Authored by Google Security Research, Mark Brand

The code in cc::PaintImageReader::Read (cc::PaintImage*) does not properly check the incoming data when handling embedded image data, resulting in an out-of-bounds copy into the filter bitmap data.

tags | exploit
advisories | CVE-2022-2010
SHA-256 | 3442a632be9dec3260619421059a97062f1e5b5331769ad612a11a97ecf3ec9b
Xen TLB Flush Bypass
Posted Jul 11, 2022
Authored by Jann Horn, Google Security Research

Xen's _get_page_type() contains an ABAC cmpxchg() race, where the code incorrectly assumes that if it reads a specific type_info value, and then later cmpxchg() succeeds, the type_info can't have changed in between.

tags | exploit
advisories | CVE-2022-26362
SHA-256 | 88fe91f31a1fa5b68860cd0112d829c44076320a17d995120f8a3d426cc59af7
Mutt mutt_decode_uuencoded() Memory Disclosure
Posted Jul 11, 2022
Authored by Tavis Ormandy, Google Security Research

In mutt_decode_uuencoded(), the line length is read from the untrusted uuencoded part without validation. This could result in including private memory in replys, for example fragments of other messages, passphrases or keys.

tags | exploit
advisories | CVE-2022-1328
SHA-256 | 1a0da9d9e3bf42ea5367e18954311a408e444a40a4960bbf41e240bbab050a63
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close