exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2022-09-22

Bitbucket Git Command Injection
Posted Sep 22, 2022
Authored by Ron Bowes, Shelby Pace, Jang, TheGrandPew | Site metasploit.com

Various versions of Bitbucket Server and Data Center are vulnerable to an unauthenticated command injection vulnerability in multiple API endpoints. The /rest/api/latest/projects/{projectKey}/repos/{repositorySlug}/archive endpoint creates an archive of the repository, leveraging the git-archive command to do so. Supplying NULL bytes to the request enables the passing of additional arguments to the command, ultimately enabling execution of arbitrary commands.

tags | exploit, arbitrary
advisories | CVE-2022-36804
SHA-256 | b243d8611790a90b192551fc326eb12be22c5ca700eb91be1d60e366f9f665cb
Ubuntu Security Notice USN-5628-1
Posted Sep 22, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5628-1 - It was discovered that etcd incorrectly handled certain specially crafted WAL files. An attacker could possibly use this issue to cause a denial of service. It was discovered that etcd incorrectly handled directory permissions when trying to create a directory that exists already. An attacker could possibly use this issue to obtain sensitive information. It was discovered that etcd incorrectly handled endpoint setup. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2020-15106, CVE-2020-15113, CVE-2020-15114
SHA-256 | 28f2da782ea003139da2e8040d034ae2b2f3198ce124812a6471f98fc2cbaab1
Ubuntu Security Notice USN-5627-1
Posted Sep 22, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5627-1 - It was discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to expose sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2022-1586
SHA-256 | 7aa38649a545af11b9197793106e2db93bfb4933b2a8c062f9b3ded3df35c13e
Red Hat Security Advisory 2022-6681-01
Posted Sep 22, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6681-01 - Red Hat OpenShift Virtualization release 4.9.6 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-0494, CVE-2022-1271, CVE-2022-1353, CVE-2022-1798, CVE-2022-2526, CVE-2022-29154
SHA-256 | 35fe0c51a1e2d8d57b8f5b189f065486839edc6ee7397371f98e2e4d322f3113
Linux Stable 5.4 / 5.10 Use-After-Free / Race Condition
Posted Sep 22, 2022
Authored by Jann Horn, Google Security Research

Linux stable versions 5.4 and 5.10 suffers from a page use-after-free via stale TLB caused by an rmap lock not held during PUD move.

tags | exploit
systems | linux
advisories | CVE-2022-41222
SHA-256 | b9d45dd1409659792dcfd15c2c4781345acb1b7ca05dc637d666213b43252dff
WorkOrder CMS 0.1.0 Cross Site Scripting
Posted Sep 22, 2022
Authored by Chokri Hammedi

WorkOrder CMS version 0.1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8cb65551c6ae83267598a7e09fa1ae7d1fe89f8b73a899df384b74eda241039d
WorkOrder CMS 0.1.0 SQL Injection
Posted Sep 22, 2022
Authored by Chokri Hammedi

WorkOrder CMS version 0.1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 1be273ff725163819b2cfa9a453104d943c26788eac55ddd53d75e0f3feec9d8
Ubuntu Security Notice USN-5626-2
Posted Sep 22, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5626-2 - USN-5626-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker could possibly use this issue to reduce performance, leading to a denial of service.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-2795, CVE-2022-38177
SHA-256 | 5582262f24a0e94484485b69255a623685abc83599ef59c31512503b78e7393c
Red Hat Security Advisory 2022-6535-01
Posted Sep 22, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6535-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.5.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-30629
SHA-256 | 6d3c1ddf774e1588d2f8e92bbdc00d295380ed834dc8b5fd7cc6adb3e7a09baf
Red Hat Security Advisory 2022-6536-01
Posted Sep 22, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6536-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.5.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-20107, CVE-2021-3121, CVE-2022-0391, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-28199, CVE-2022-30629, CVE-2022-34903
SHA-256 | 0c76c344a24ad9f294e5e60b3ecf6b5cbee617962cc0ff63f7cf784cc0666fc0
Red Hat Security Advisory 2022-6531-01
Posted Sep 22, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6531-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.33.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-34177
SHA-256 | c6657749af2aec5a876585445e4bcbd9d3c2a60965b10273bbb9fc304ad6aa9a
Multix 2.4 Cross Site Request Forgery
Posted Sep 22, 2022
Authored by th3d1gger

Multix version 2.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | d804687ad3c71ed52a7465168db79fb1a6b87b78c6e128b3cc988a897cc33cf8
Multix 2.4 Cross Site Scripting
Posted Sep 22, 2022
Authored by th3d1gger

Multix version 2.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | bb2ca11cc842b79877a14838fd8eff43efb418ab7ce31beacd1ccccfae1b0bf7
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close