exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 52 RSS Feed

Files Date: 2022-10-17

Gentoo Linux Security Advisory 202210-09
Posted Oct 17, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-9 - Multiple vulnerabilities have been discovered in Rust, the worst of which could result in denial of service. Versions less than 1.63.0-r1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2021-28875, CVE-2021-28876, CVE-2021-28877, CVE-2021-28878, CVE-2021-28879, CVE-2021-29922, CVE-2021-31162, CVE-2021-36317, CVE-2021-36318, CVE-2021-42574, CVE-2021-42694, CVE-2022-21658, CVE-2022-36113, CVE-2022-36114
SHA-256 | dca09c9b5b67deda3afc4870bdc944f1d4ebba1aeff4e66d52165c1fe960a28d
Ubuntu Security Notice USN-5682-1
Posted Oct 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5682-1 - It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-4159, CVE-2022-20369, CVE-2022-2318, CVE-2022-26365, CVE-2022-26373, CVE-2022-3176, CVE-2022-33740, CVE-2022-33742, CVE-2022-33744, CVE-2022-36879
SHA-256 | 290d766370dff052f65510abe2bf8c1d9c4f1ae1e64f9589a9ec5f7dbb24a319
MiniDVBLinux 5.4 Arbitrary File Read
Posted Oct 17, 2022
Authored by LiquidWorm | Site zeroscience.mk

MiniDVBLinux versions 5.4 and below suffer from an arbitrary file disclosure vulnerability.

tags | exploit, arbitrary
SHA-256 | 69d96731d3c498b5f426e741af91e8e43bfa7a49c2a0925103aa5d80b98b0065
Gentoo Linux Security Advisory 202210-08
Posted Oct 17, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-8 - Multiple vulnerabilities have been discovered in Tcpreplay, the worst of which could result in denial of service. Versions less than 4.4.2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2021-45386, CVE-2021-45387, CVE-2022-27416, CVE-2022-27418, CVE-2022-27939, CVE-2022-27940, CVE-2022-27941, CVE-2022-27942, CVE-2022-28487, CVE-2022-37047, CVE-2022-37048, CVE-2022-37049
SHA-256 | 6de73fba1f8439fdfa0979c1912b936ddba014a8650724a965d873e4bd8137bb
WordPress Photo Gallery 1.8.0 Cross Site Scripting
Posted Oct 17, 2022
Authored by CraCkEr

WordPress Photo Gallery plugin version 1.8.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 840e13a4028153ee403a099b9ac40a4ad96f345c2e3249f313e1613d9523cfac
RRX IOB LP 1.0 DNS Cache Snooping
Posted Oct 17, 2022
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

RRX IOB LP version 1.0 suffers from a DNS cache snooping vulnerability.

tags | advisory
SHA-256 | 8ce8187c58d781a05f73a88067a5f2b17db6d4d2ce1c9052996ce4507f3266d3
Ubuntu Security Notice USN-5680-1
Posted Oct 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5680-1 - It was discovered that gThumb did not properly managed memory when processing certain image files. If a user were tricked into opening a specially crafted JPEG file, an attacker could possibly use this issue to cause gThumb to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that gThumb did not properly handled certain malformed image files. If a user were tricked into opening a specially crafted JPEG file, an attacker could possibly use this issue to cause gThumb to crash, resulting in a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-20326, CVE-2020-36427
SHA-256 | 2296132fc57a5ff5ae5b2832f8103907ff5a45d5ab443a11fb2ede151d9ae141
MiniDVBLinux 5.4 Remote Root Command Execution
Posted Oct 17, 2022
Authored by LiquidWorm | Site zeroscience.mk

MiniDVBLinux version 5.4 suffers from an OS command execution vulnerability. This can be exploited to execute arbitrary commands as root through the command GET parameter in /tpl/commands.sh.

tags | exploit, arbitrary, root
SHA-256 | 2bb4ce0464a822e38ee9bcc20631bf3ad836836ac2e15053b5a69988dda50ce9
WiFi File Transfer 1.0.8 Cross Site Scripting
Posted Oct 17, 2022
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

WiFi File Transfer version 1.0.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 53ca229935553f0c6352490f9ec2709e2f8825793664588aa14a50245b6969d1
Backdoor.Win32.Redkod.d MVID-2022-0649 Hardcoded Credential
Posted Oct 17, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Redkod.d malware suffers from a hardcoded credential vulnerability.

tags | exploit
systems | windows
SHA-256 | c8a2b863479547ba380b48a0438c4767f9701d170eaab936769fe27a7277e3d9
MiniDVBLinux 5.4 Remote Root Command Injection
Posted Oct 17, 2022
Authored by LiquidWorm | Site zeroscience.mk

MiniDVBLinux version 5.4 suffers from an OS command injection vulnerability. This can be exploited to execute arbitrary commands with root privileges.

tags | exploit, arbitrary, root
SHA-256 | e19e04d5e5328c8f948b2f62f7f2a2d8c6c3b2ef2b324f8e880e61bc0db1f5c1
GNU Privacy Guard 2.3.8
Posted Oct 17, 2022
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: Some new options and quite a few bug fixes in the changelog. New gpg-auth tool for authentication.
tags | tool, encryption
SHA-256 | 540b7a40e57da261fb10ef521a282e0021532a80fd023e75fb71757e8a4969ed
GNU Privacy Guard 2.2.40
Posted Oct 17, 2022
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.

Changes: 9 bug fixes and updates added.
tags | tool, encryption
SHA-256 | 1164b29a75e8ab93ea15033300149e1872a7ef6bdda3d7c78229a735f8204c28
pfSense pfBlockerNG 2.1.4_26 Shell Upload
Posted Oct 17, 2022
Authored by IHTeam, jheysel-r7 | Site metasploit.com

This Metasploit module leverages a remote shell upload vulnerability in pfSense pfBlockerNG plugin versions 2.1.4_26 and below. Note that version 3.x is unaffected.

tags | exploit, remote, shell
advisories | CVE-2022-31814
SHA-256 | 4189e967b6b81ffffd850d9ece99fb550a29985985f2bcf2dcb9de105fffe02c
Spring Cloud Gateway 3.1.0 Remote Code Execution
Posted Oct 17, 2022
Authored by ayantaker | Site metasploit.com

This Metasploit module exploits an unauthenticated remote code execution vulnerability in Spring Cloud Gateway versions 3.0.0 through 3.0.6 and 3.1.0. The vulnerability can be exploited when the Gateway Actuator endpoint is enabled, exposed and unsecured. An unauthenticated attacker can use SpEL expressions to execute code and take control of the victim machine.

tags | exploit, remote, code execution
advisories | CVE-2022-22947
SHA-256 | 21645b3916729fad4fc93eb22039c634ac8ba5e477c97ca0844e7968d2668c3d
Gentoo Linux Security Advisory 202210-07
Posted Oct 17, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-7 - A vulnerability has been found in Deluge which could result in XSS. Versions less than 2.1.1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2021-3427
SHA-256 | f083f61b7864d2689e552b76ba553bb35f5751285fca73919a13f5101c821176
Webile 1.0.1 Directory Traversal
Posted Oct 17, 2022
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

Webile version 1.0.1 suffers from a directory traversal vulnerability.

tags | exploit
SHA-256 | be201e06202d8b7ce2a067fee03f183bf011c8c95cb3b8d3eaaf2175c03b1382
MiniDVBLinux 5.4 Unauthenticated Stream Disclosure
Posted Oct 17, 2022
Authored by LiquidWorm | Site zeroscience.mk

MiniDVBLinux versions 5.4 and below suffer from an unauthenticated live stream disclosure when /tpl/tv_action.sh is called and generates a snapshot in /var/www/images/tv.jpg through the Simple VDR Protocol (SVDRP).

tags | exploit, protocol
SHA-256 | 7a02e7cf0734c411e5e95eff4c56fee10e23d22efe0169ff42aae7db5349ec0e
Gentoo Linux Security Advisory 202210-06
Posted Oct 17, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-6 - Multiple vulnerabilities have been discovered in libvirt, the worst of which could result in denial of service. Versions less than 8.2.0 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2020-14339, CVE-2020-25637, CVE-2021-3631, CVE-2021-3667, CVE-2022-0897
SHA-256 | efaa17b0f41687b0bceb00f211741b1f061350c0afeaa73b3795aab7e864c8ca
Nullcon Berlin 2023 Call For Papers
Posted Oct 17, 2022
Site nullcon.net

The Nullcon Berlin 2023 Call For Papers is open. It will take place March 9th through the 10th, 2023 in Berlin, Germany.

tags | paper, conference
SHA-256 | fe1cb7a63d18537e4b4b907db517cecd2187c370eebe4852d306e3dc81a202d3
Gentoo Linux Security Advisory 202210-05
Posted Oct 17, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-5 - Multiple vulnerabilities have been discovered in virglrenderer, the worst of which could result in remote code execution. Versions less than 0.10.1 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2022-0135, CVE-2022-0175
SHA-256 | b254071064779769b613f8607d262dd9e3d4f0df15818f4a7f56b45b878cbaa1
Backdoor.Win32.DarkSky.23 MVID-2022-0648 Buffer Overflow
Posted Oct 17, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.DarkSky.23 malware suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
SHA-256 | ccfdc5120ab2daf0c23bd4df3097f4eb8bff39aa1e7887bbd6954a2132619c04
Ubuntu Security Notice USN-5683-1
Posted Oct 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5683-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33655, CVE-2022-1882, CVE-2022-2318, CVE-2022-26365, CVE-2022-26373, CVE-2022-3176, CVE-2022-33740, CVE-2022-33742, CVE-2022-33743, CVE-2022-33744, CVE-2022-34495, CVE-2022-36879, CVE-2022-36946, CVE-2022-39189
SHA-256 | 2f714311a2bf42767fd2c040e5e7b4c70e5d9ee2315aaccde091a713f4953e03
MiniDVBLinux 5.4 Change Root Password
Posted Oct 17, 2022
Authored by LiquidWorm | Site zeroscience.mk

MiniDVBLinux versions 5.4 and below root password changing proof of concept exploit.

tags | exploit, root, proof of concept
SHA-256 | 0517758916f5224ee0d63a86e0026b8a9d83c177f294a5ec74c5a0938e44fc11
MiniDVBLinux 5.4 SVDRP Control
Posted Oct 17, 2022
Authored by LiquidWorm | Site zeroscience.mk

MiniDVBLinux versions 5.4 and below allows the usage of the SVDRP protocol/commands to be sent by a remote attacker to manipulate and/or remotely control the TV.

tags | exploit, remote, protocol
SHA-256 | 6ca45864b59b9bfcfbf2d0155585603457973998837abe6c8927faea25e9ab5c
Page 1 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close