what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2022-11-01

Ubuntu Security Notice USN-5710-1
Posted Nov 1, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5710-1 - It was discovered that OpenSSL incorrectly handled certain X.509 Email Addresses. If a certificate authority were tricked into signing a specially-crafted certificate, a remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. The default compiler options for affected releases reduce the vulnerability to a denial of service. It was discovered that OpenSSL incorrectly handled applications creating custom ciphers via the legacy EVP_CIPHER_meth_new function. This issue could cause certain applications that mishandled values to the function to possibly end up with a NULL cipher and messages in plaintext.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-3358
SHA-256 | 7b62b4888702cab45aeeaeff8c5ec0500b30513d208729751998d56e5717a938
Ubuntu Security Notice USN-5708-1
Posted Nov 1, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5708-1 - Soenke Huster discovered that an integer overflow vulnerability existed in the WiFi driver stack in the Linux kernel, leading to a buffer overflow. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Soenke Huster discovered that a use-after-free vulnerability existed in the WiFi driver stack in the Linux kernel. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722
SHA-256 | bc5ae1b8d6bf34e31266725c8c1caffc9378c22de4a12756aae131eae3a95052
Ubuntu Security Notice USN-5709-1
Posted Nov 1, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5709-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. It was discovered that Firefox saved usernames to a plaintext file. A local user could potentially exploit this to obtain sensitive information.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2022-42927, CVE-2022-42928, CVE-2022-42929, CVE-2022-42931
SHA-256 | 22fb1de6370e876fd1532ba4ae21c288f4fca5714d04f96592e871e0107d0ec9
Packet Storm New Exploits For October, 2022
Posted Nov 1, 2022
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 88 exploits added to Packet Storm in October, 2022.

tags | exploit
SHA-256 | c21b38d9d78edc23f247def809698cb8d90a9dc7b607e5439052b9721f209a48
Gentoo Linux Security Advisory 202210-42
Posted Nov 1, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-42 - A buffer overflow in zlib might allow an attacker to cause remote code execution. Versions less than 1.2.12-r3 are affected.

tags | advisory, remote, overflow, code execution
systems | linux, gentoo
advisories | CVE-2018-25032, CVE-2022-37434
SHA-256 | c46b3f01897b3c08e7d9420246ac8f8a67021ea56c97c1d6e882c833059e27c5
Red Hat Security Advisory 2022-7268-01
Posted Nov 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7268-01 - An update for openvswitch2.11 is now available for Red Hat OpenStack Platform 13 (Queens). Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-2132
SHA-256 | 0bc126bf49d1dbdfa265f40f93ce137daf40a6b306bb26a5150e57be6fa31acd
Gentoo Linux Security Advisory 202210-41
Posted Nov 1, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-41 - Multiple vulnerabilities have been found in android-tools, the worst of which could result in arbitrary code execution. Versions less than 33.0.3 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2022-20128, CVE-2022-3168
SHA-256 | 6ac83363adac2fb77ee74f4402115fe665b780144e68874982a341b23f1102b0
Gentoo Linux Security Advisory 202210-40
Posted Nov 1, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-40 - Multiple vulnerabilities have been found in SQLite, the worst of which could result in arbitrary code execution. Versions less than 3.39.2 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2021-20227, CVE-2022-35737
SHA-256 | 5b2191817bd7acb1c25282d23f73f9d7d3bf2f4c6dd0da4b0bca234c442351ae
Gentoo Linux Security Advisory 202210-39
Posted Nov 1, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-39 - Multiple vulnerabilities have been found in libxml2, the worst of which could result in arbitrary code execution. Versions less than 2.10.3 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2022-40303, CVE-2022-40304
SHA-256 | eb76ff227f6707fc36ffea6738ca4ca8a92054b8d1099d0905485fa94b733780
Gentoo Linux Security Advisory 202210-38
Posted Nov 1, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-38 - A vulnerability has been found in Expat which could result in denial of service. Versions less than 2.5.0 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2022-43680
SHA-256 | 148a459d1873a4978eb1ea1f4339444a55cc9512a48cd671db16503252f74090
Gentoo Linux Security Advisory 202210-34
Posted Nov 1, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-34 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in arbitrary code execution. Versions less than 102.4.0:esr are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2022-42927, CVE-2022-42928, CVE-2022-42929, CVE-2022-42930, CVE-2022-42931, CVE-2022-42932
SHA-256 | a01f6fbbe4d15c718fb0e43be5d457c1184fcc2971d80329f0cefdb956adef05
Gentoo Linux Security Advisory 202210-35
Posted Nov 1, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-35 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in arbitrary code execution. Versions less than 102.4.0 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2022-39236, CVE-2022-39249, CVE-2022-39250, CVE-2022-39251, CVE-2022-42927, CVE-2022-42928, CVE-2022-42929, CVE-2022-42932
SHA-256 | cef704b7d2a92ba31e76f035d832531b2e8eb941f3e99d7e941c4a0371a0061e
Ubuntu Security Notice USN-5707-1
Posted Nov 1, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5707-1 - It was discovered that Libtasn1 did not properly perform bounds checking. An attacker could possibly use this issue to cause a crash.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-46848
SHA-256 | ae356df93fe432eec4cdb8260d56630605796cce3c23c95aa8498741f628bc53
Gentoo Linux Security Advisory 202210-36
Posted Nov 1, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-36 - A vulnerability has been found in libjxl which could result in denial of service. Versions less than 0.7.0_pre20220825 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2022-34000
SHA-256 | b7835513fa3f6ee1c655d0d380bb54c120c16fbc1b7853c20164ea0bd0a1ca7a
Gentoo Linux Security Advisory 202210-37
Posted Nov 1, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-37 - Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. Versions less than 2.12.1 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2021-32686, CVE-2021-37706, CVE-2021-41141, CVE-2021-43804, CVE-2021-43845, CVE-2022-21722, CVE-2022-21723, CVE-2022-23608, CVE-2022-24754, CVE-2022-24763, CVE-2022-24764, CVE-2022-24786, CVE-2022-24792, CVE-2022-24793
SHA-256 | 0283ae0c45529cc645d6e34ea884fdbdff80a46da788bbb3271840ecfe2a7e46
OpenSSL Security Advisory 20221101
Posted Nov 1, 2022
Site openssl.org

OpenSSL Security Advisory 20221101 - A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Other issues were also addressed.

tags | advisory, remote, denial of service, overflow, code execution
advisories | CVE-2022-3602, CVE-2022-3786
SHA-256 | f5b2b5456475218f21e11c204399e21895e40c447a1a4638df485d020701c36b
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    0 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close