what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 64 RSS Feed

Files Date: 2022-10-31

Gentoo Linux Security Advisory 202210-33
Posted Oct 31, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-33 - A vulnerability has been discovered in Libtirpc which could result in denial of service. Versions less than 1.3.2 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2021-46828
SHA-256 | bccd5ffa227dfb527ebd33b9111ae8da5525ed6e94955ec7daa245544ffba101
Debian Security Advisory 5267-1
Posted Oct 31, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5267-1 - Nicky Mouha discovered a buffer overflow in 'sha3', a Python library for the SHA-3 hashing functions.

tags | advisory, overflow, python
systems | linux, debian
advisories | CVE-2022-37454
SHA-256 | d4090d5d01e608bb05f0321bed3147663eb2d627ff27188ec0ba8a82517bcbdd
Leeloo Multipath Authorization Bypass / Symlink Attack
Posted Oct 31, 2022
Authored by Qualys Security Advisory

The Qualys Research Team has discovered authorization bypass and symlink vulnerabilities in multipathd. The authorization bypass was introduced in version 0.7.0 and the symlink vulnerability was introduced in version 0.7.7.

tags | exploit, vulnerability
advisories | CVE-2022-41973, CVE-2022-41974
SHA-256 | 9fd49ad2d42596cc152f6771bcdd491b37e2986a01a0b0cdb2f997469ee1fdec
Gentoo Linux Security Advisory 202210-32
Posted Oct 31, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-32 - An integer overflow has been found in hiredis which could result in arbitrary code execution. Versions less than 1.0.1 are affected.

tags | advisory, overflow, arbitrary, code execution
systems | linux, gentoo
advisories | CVE-2021-32765
SHA-256 | 105db92b690e6764645b296a0295ca4013e47d2ddf3ad5330f67bbaea019da48
Debian Security Advisory 5266-1
Posted Oct 31, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5266-1 - A heap use-after-free vulnerability after overeager destruction of a shared DTD in the XML_ExternalEntityParserCreate function in Expat, an XML parsing C library, may result in denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2022-43680
SHA-256 | 322101dc26693e978fb7c1c772e4722e79ec519d4a8ef492d7c487c1a72f29af
Faraday 4.2.0
Posted Oct 31, 2022
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Added stats param in hosts endpoint. A couple bug fixes. Improved agents logs. Added global commands and summary field in command model.
tags | tool, rootkit
systems | unix
SHA-256 | 5914d14057f73cf7e1ed7f7fe9b68343c80b437ca745b991b1d58229942e0d00
Apple Security Advisory 2022-10-27-15
Posted Oct 31, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-10-27-15 - Safari 16.1 addresses code execution, spoofing, and use-after-free vulnerabilities.

tags | advisory, spoof, vulnerability, code execution
systems | apple
advisories | CVE-2022-32922, CVE-2022-32923, CVE-2022-42799, CVE-2022-42823, CVE-2022-42824
SHA-256 | 7e4afb58dc67e9a414148622643475a8d27c8f60baf2cda25e496eee7f816dfe
Gentoo Linux Security Advisory 202210-31
Posted Oct 31, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-31 - Multiple vulnerabilities have been discovered in OpenEXR, the worst of which could result in arbitrary code execution. Versions less than 3.1.5 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2021-20304, CVE-2021-23169, CVE-2021-3598, CVE-2021-3605, CVE-2021-3933, CVE-2021-3941, CVE-2021-45942
SHA-256 | 742933db53305617f957ea035a21cf86bd376a21134fa31149ac0272c00d2cf1
Simple Cold Storage Management System 1.0 SQL Injection
Posted Oct 31, 2022
Authored by QiaoRui Feng

Simple Cold Storage Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2022-43229
SHA-256 | fb5d717ac9eec8802533869820e2477f518070b4c89dbd42ffbacdd6ba37b3e3
Train Scheduler App 1.0 Insecure Direct Object Reference
Posted Oct 31, 2022
Authored by Rohit Sharma

Train Scheduler App version 1.0 suffers from an insecure direct object reference vulnerability.

tags | exploit
advisories | CVE-2022-3774
SHA-256 | 35e0aca5c12fde1a197fcd41a91aeee4b905c913ce48905a08acc0913c03bbe7
Debian Security Advisory 5265-1
Posted Oct 31, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5265-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2021-43980, CVE-2022-23181, CVE-2022-29885
SHA-256 | edab69c62383a48d7848a4c6c8e38c4841b36fed01d7622dfb98f1e6bc7d88b4
Apple Security Advisory 2022-10-27-14
Posted Oct 31, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-10-27-14 - Safari 16 addresses buffer overflow, code execution, out of bounds read, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability, code execution
systems | apple
advisories | CVE-2022-32868, CVE-2022-32886, CVE-2022-32891, CVE-2022-32892, CVE-2022-32912
SHA-256 | 9e96be57660dbb64494522fb501ab742107a0ac275cc908359b95be12c976690
Gentoo Linux Security Advisory 202210-30
Posted Oct 31, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-30 - Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in remote code execution. Versions less than 21.1.4 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2022-2319, CVE-2022-2320
SHA-256 | 1b2dcbaf25f272c2a1ff1faf91f1b1439b88e53e478cb4ed85dff490e21444ed
wolfSSL Buffer Overflow
Posted Oct 31, 2022
Authored by Maximilian Ammann

In wolfSSL versions prior to 5.5.1, malicious clients can cause a buffer overflow during a resumed TLS 1.3 handshake. If an attacker resumes a previous TLS session by sending a maliciously crafted Client Hello, followed by another maliciously crafted Client Hello. In total 2 Client Hellos have to be sent. One which pretends to resume a previous session and a second one as a response to a Hello Retry Request message.

tags | exploit, overflow
advisories | CVE-2022-39173
SHA-256 | dc47311c0e4409688cd698016d1b6ec4010bff4dbccd63241e107b8a91774b58
Red Hat Security Advisory 2022-7261-01
Posted Oct 31, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7261-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-21698, CVE-2022-34903, CVE-2022-40674
SHA-256 | c7154b769aa8f770385e0062b01dadddba7912b1c640e1d7b6bb390748f4dcca
Apple Security Advisory 2022-10-27-13
Posted Oct 31, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-10-27-13 - watchOS 9 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.

tags | advisory, overflow, spoof, vulnerability, code execution
systems | apple
advisories | CVE-2021-36690, CVE-2022-1622, CVE-2022-32835, CVE-2022-32854, CVE-2022-32858, CVE-2022-32864, CVE-2022-32866, CVE-2022-32870, CVE-2022-32875, CVE-2022-32879, CVE-2022-32881, CVE-2022-32883, CVE-2022-32886, CVE-2022-32888
SHA-256 | 6428e6976f75f88772e191c66ffeca140c9771776368e32addee2afff5b485b6
Gentoo Linux Security Advisory 202210-29
Posted Oct 31, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-29 - Multiple vulnerabilities have been discovered in Net-SNMP, the worst of which could result in denial of service. Versions less than 5.9.2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2022-24805, CVE-2022-24806, CVE-2022-24807, CVE-2022-24808, CVE-2022-24809, CVE-2022-24810
SHA-256 | 7d56d5866d332c28f93f487543c282a7f0d12a991e0ed234055a043d72d0c068
Proxmark3 4.15864 Custom Firmware
Posted Oct 31, 2022
Authored by Christian Herrmann | Site github.com

This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware.

Changes: Bug fixes and NDEF support for MIFARE Classic and MIFARE DESFire.
tags | tool
systems | unix
SHA-256 | 0fb778f238813b3b6fbf3bf6901a6699c2e38cee7cf8d65dc8ec5951e65cc0ea
Apple Security Advisory 2022-10-27-12
Posted Oct 31, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-10-27-12 - watchOS 9.1 addresses code execution, out of bounds write, and spoofing vulnerabilities.

tags | advisory, spoof, vulnerability, code execution
systems | apple
advisories | CVE-2022-32923, CVE-2022-32924, CVE-2022-32926, CVE-2022-32932, CVE-2022-32940, CVE-2022-32944, CVE-2022-32947, CVE-2022-37434, CVE-2022-42798, CVE-2022-42799, CVE-2022-42800, CVE-2022-42801, CVE-2022-42803, CVE-2022-42808
SHA-256 | 8e4f8e41c6c08442c3414a6d6392bded1a9151dda4734d8e9da1a5270584f100
Debian Security Advisory 5264-1
Posted Oct 31, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5264-1 - It was discovered that Apache Batik, a SVG library for Java, allowed attackers to run arbitrary Java code by processing a malicious SVG file.

tags | advisory, java, arbitrary
systems | linux, debian
advisories | CVE-2022-41704, CVE-2022-42890
SHA-256 | 015824ee43f00ca3cb48b1b2b87d4833bfc2511ec7209daa105b61ccafa723a7
Red Hat Security Advisory 2022-7257-01
Posted Oct 31, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7257-01 - A minor version update is now available for Red Hat Camel K that includes CVE fixes in the base images. Details are linked in the References section.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-28169, CVE-2022-30973
SHA-256 | 242111e813446c8e1cb457ecdfa006b517061b1761d35cb5a0433587b7c79d80
Gentoo Linux Security Advisory 202210-28
Posted Oct 31, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-28 - A vulnerability has been discovered in exif which could result in denial of service. Versions less than 0.6.22 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2021-27815
SHA-256 | 0fdc5196e897379a7666fc1110f1fda68d0cdebbff4761d8fb622b6284e16f0b
Gentoo Linux Security Advisory 202210-27
Posted Oct 31, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-27 - A vulnerability has been discovered in open-vm-tools which could allow for local privilege escalation. Versions less than 12.1.0 are affected.

tags | advisory, local
systems | linux, gentoo
advisories | CVE-2022-31676
SHA-256 | ab6cfa3e8463ac3c2bcec1ee105f099a5a51f13505e9c0adeefc386cd174f36e
Red Hat Security Advisory 2022-7191-01
Posted Oct 31, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7191-01 - The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2022-41974
SHA-256 | 13099de012b04e0632ce15256132ec7c87db4de40f438c17def2ae26e1f15784
Apple Security Advisory 2022-10-27-11
Posted Oct 31, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-10-27-11 - tvOS 16 addresses buffer overflow, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.

tags | advisory, overflow, spoof, vulnerability, code execution
systems | apple
advisories | CVE-2021-36690, CVE-2022-1622, CVE-2022-32864, CVE-2022-32866, CVE-2022-32879, CVE-2022-32881, CVE-2022-32886, CVE-2022-32888, CVE-2022-32891, CVE-2022-32903, CVE-2022-32907, CVE-2022-32908, CVE-2022-32911, CVE-2022-32912
SHA-256 | 63c5867db3906364c96b636cc725186f8a902a06bbf76b96d5290afa0a3aa6ea
Page 1 of 3
Back123Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close