exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2022-08-08

Ubuntu Security Notice USN-5553-1
Posted Aug 8, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5553-1 - It was discovered that libjpeg-turbo was not properly handling EOF characters, which could lead to excessive memory consumption through the execution of a large loop. An attacker could possibly use this issue to cause a denial of service. It was discovered that libjpeg-turbo was not properly performing bounds check operations, which could lead to a heap-based buffer overread. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-11813, CVE-2018-14498, CVE-2020-14152, CVE-2020-17541
SHA-256 | 4e135a6155a1d14aa6894601823a2eb064d3b15e7f83a90a56f73977ea7ed49c
Ubuntu Security Notice USN-5554-1
Posted Aug 8, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5554-1 - Pedro Ribeiro discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-46829
SHA-256 | e3627154196feab669778608b18845cbd453c874886a6d8b9162c1db15124694
American Fuzzy Lop plus plus 4.02c
Posted Aug 8, 2022
Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: In afl-cc, an important fix was added for the default pcguard mode when LLVM IR vector selects are produced. frida_mode now works on Android. A few additional bug fixes.
tags | tool, fuzzer
systems | unix
SHA-256 | 55bf55c23ad3af98ba8b098c490b16c7d59a4f5cf7ca284cdbc46d065973c862
Thingsboard 3.3.1 Cross Site Scripting
Posted Aug 8, 2022
Authored by Steffen Langenfeld, Sebastian Biehler

Thingsboard version 3.3.1 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2021-42750, CVE-2021-42751
SHA-256 | ebc19fabae10baaf27a649ed72c78fdc00a6360b84c4b01f5754b78406a8b3c2
Red Hat Security Advisory 2022-5913-01
Posted Aug 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5913-01 - Red Hat Kiali for OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers containers for the release. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-31129
SHA-256 | 31f39c61b76d0128cc72bb607b7be71992bb6ac41ab4b2e78086ea798090f1ce
ManageEngine ADAudit Plus Path Traversal / XML Injection
Posted Aug 8, 2022
Authored by Ron Bowes, Naveen Sunkavally | Site metasploit.com

This Metasploit module exploits CVE-2022-28219, which is a pair of vulnerabilities in ManageEngine ADAudit Plus versions before build 7060. They include a path traversal in the /cewolf endpoint along with a blind XML external entity injection vulnerability to upload and execute a file.

tags | exploit, vulnerability
advisories | CVE-2022-28219
SHA-256 | 19ca84f8e53083cacedb632dc26e16f78047ee8e6573a717d22be7336e613cdb
Ubuntu Security Notice USN-5552-1
Posted Aug 8, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5552-1 - It was discovered that phpLiteAdmin incorrectly handled certain GET requests. An attacker could possibly use this issue to perform cross-site scripting attacks.

tags | advisory, xss
systems | linux, ubuntu
advisories | CVE-2021-46709
SHA-256 | d11c28be54d29888fbcb81900ade5f92a7f9ce5670ae0c80a2bd652530514a01
Red Hat Security Advisory 2022-5915-01
Posted Aug 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5915-01 - Red Hat Kiali for OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers containers for the release. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-31129
SHA-256 | cdcfd73b6cdd2ceb6501ce89d6ca23026e96b2f4590c9e01a20fe55461da72be
Red Hat Security Advisory 2022-5914-01
Posted Aug 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5914-01 - Red Hat Kiali for OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers containers for the release. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-31129
SHA-256 | 6a3d3004097e4b6447c1da23478c8783229589ac01233615a1899107da646231
Nortek Linear eMerge E3-Series Account Takeover
Posted Aug 8, 2022
Authored by Omar Hashim

Nortek Linear eMerge E3-Series version 0.32-07p suffers from a vulnerability where session fixation tied with cross site scripting can allow for account takeover.

tags | exploit, xss
advisories | CVE-2022-31798
SHA-256 | 6a30c71e741d3009dbaf81b18d14a4260f6043c44ce1ca7ff3fc8841c01a990e
Nortek Linear eMerge E3-Series Command Injection
Posted Aug 8, 2022
Authored by Omar Hashim

Nortek Linear eMerge E3-Series version 0.32-09c suffers from a blind OS command injection vulnerability.

tags | exploit
advisories | CVE-2022-31499
SHA-256 | 1b6d5355c3cfb8a305b173bd302a4a64ba695c262235e2d26ec6c0d12c984191
Nortek Linear eMerge E3-Series Credential Disclosure
Posted Aug 8, 2022
Authored by Omar Hashim

Nortek Linear eMerge E3-Series versions 0.32-07p, 0.32-07e, 0.32-07p, 0.32-08f, and 0.32-09c suffer from an administrative credential disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2022-31269
SHA-256 | 307313c2ca8b81c83cd5647ca35cba3eab21050364f124ce96583e8dff6bcfd4
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close