exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 53 RSS Feed

Files Date: 2022-11-16

Revenue Collection System 1.0 Cross Site Scripting / Authentication Bypass
Posted Nov 16, 2022
Authored by Joe Pollock

Revenue Collection System version 1.0 suffers from a persistent cross site scripting vulnerability allowing an authenticated client user to add an administrative user account to the application then log in as the newly created admin.

tags | exploit, xss, bypass
SHA-256 | c480b839cfd03e90fa43402bbfa8f8ab4dc9db4461d292dd292b3383bf3c5995
Revenue Collection System 1.0 SQL Injection / Remote Code Execution
Posted Nov 16, 2022
Authored by Joe Pollock

Revenue Collection System version 1.0 suffers from an unauthenticated SQL injection vulnerability in step1.php that allows remote attackers to write a malicious PHP file to disk. The resulting file can then be accessed within the /rates/admin/DBbackup directory. This script will write the malicious PHP file to disk, issue a user-defined command, then retrieve the result of that command.

tags | exploit, remote, php, sql injection
SHA-256 | b41c4f6c71ea1156cfd52b2bd3c354cdb2fc0372d5b22d463c64b50c55b777c0
Ubuntu Security Notice USN-5726-1
Posted Nov 16, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5726-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the contents of the addressbar, bypass security restrictions, cross-site tracing or execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2022-40674, CVE-2022-45406, CVE-2022-45407, CVE-2022-45410, CVE-2022-45411, CVE-2022-45412, CVE-2022-45413, CVE-2022-45415, CVE-2022-45416, CVE-2022-45417, CVE-2022-45419, CVE-2022-45420, CVE-2022-45421
SHA-256 | b4c21832ad3bb61ebf8eab2d0d6047f68bee97b1b36d7847b505ddd8697605d5
Red Hat Security Advisory 2022-8494-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8494-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-2601, CVE-2022-3775
SHA-256 | ea8be5e6db748b7db96745edc43d74ec16bc48ce23660f2153448482369ce675
Red Hat Security Advisory 2022-8493-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8493-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a privilege escalation vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2022-42919
SHA-256 | 830e84737049728164089fedffb46a7456defd19bcdcd6e15286d0fe9df4be79
Red Hat Security Advisory 2022-8491-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8491-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include buffer overflow and memory leak vulnerabilities.

tags | advisory, overflow, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2022-3550, CVE-2022-3551
SHA-256 | 3372092786e747dd90937179d7501b29e4b4194e622025b31d20e00e3f05c27c
Red Hat Security Advisory 2022-8492-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8492-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a privilege escalation vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2022-42919
SHA-256 | 6cf3a3fb83078828d12c9df5d5fe73dbfad72c496a535112ea92891acff4047d
Ubuntu Security Notice USN-5625-2
Posted Nov 16, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5625-2 - USN-5625-1 fixed a vulnerability in Mako. This update provides the corresponding updates for Ubuntu 22.10. It was discovered that Mako incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2022-40023
SHA-256 | d0c94eb60f485507cd673ee2a45008fbb6bdc42fdf1dd8d2faebbf24827ab77e
Debian Security Advisory 5281-1
Posted Nov 16, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5281-1 - It was discovered that parsing errors in the mp4 module of Nginx, a high-performance web and reverse proxy server, could result in denial of service, memory disclosure or potentially the execution of arbitrary code when processing a malformed mp4 file.

tags | advisory, web, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2022-41741, CVE-2022-41742
SHA-256 | 2843476468a10f35ec307074aedcd47e5882da638047bde46235c74be4e43662
Debian Security Advisory 5280-1
Posted Nov 16, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5280-1 - Several issues were found in GRUB2's font handling code, which could result in crashes and potentially execution of arbitrary code. These could lead to by-pass of UEFI Secure Boot on affected systems.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2022-2601, CVE-2022-3775
SHA-256 | 3f127fc0be7c3dcc4fd8ba18c8ffe0115d3bbb944d5796670d7d8551cca8e78b
Red Hat Security Advisory 2022-8207-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8207-01 - OpenJPEG is an open source library for reading and writing image files in JPEG2000 format.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1122
SHA-256 | d3364ce9966359b4a16b105a29495d27d4868a167b5f1e57ae354c6e99d30246
Red Hat Security Advisory 2022-8291-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8291-01 - The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Issues addressed include a buffer over-read vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-37434
SHA-256 | fc436e498a53e5c49e1c1a8b09212891e27db5be700b48345aa6a7709f911fa7
Red Hat Security Advisory 2022-8250-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8250-01 - The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1705, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30635, CVE-2022-32148
SHA-256 | 763ca001b832a7eeb70226b1d2de4dd230c6013bc449a144b018b3485f826480
Red Hat Security Advisory 2022-8393-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8393-01 - The logrotate utility simplifies the administration of multiple log files by allowing their automatic rotation, compression, removal, and mailing. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-1348
SHA-256 | 0d82d51165bed738bee4e784350731a383d72c6f8a90f1696f1a99724d742924
Red Hat Security Advisory 2022-8222-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8222-01 - Xwayland is an X server for running X clients under Wayland. Issues addressed include an out of bounds access vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-2319, CVE-2022-2320
SHA-256 | 8b87b190c1dbec56ad75fc32a3e8b9e6c69ea3cddf46662da1c7320f7ec0a101
Red Hat Security Advisory 2022-8162-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8162-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include denial of service and memory leak vulnerabilities.

tags | advisory, denial of service, vulnerability, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-0918, CVE-2022-0996, CVE-2022-2850
SHA-256 | 4dc397ccf924d964d2de315c2bf8ddab8c92565237c1fb2931dcb388d4c43805
Red Hat Security Advisory 2022-8434-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8434-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.100 RC 2 and .NET Runtime 7.0.0 RC 2.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41032
SHA-256 | 3c03db88c3f16f31e6edf6f9f2ec842940b684da1c45853b3a0cd9c1da084532
Red Hat Security Advisory 2022-7955-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7955-01 - The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-20291, CVE-2021-33198
SHA-256 | 4e0707644ecf9e9421cd830bd73cba92844a7435320b5b6a805437f694882ab1
Red Hat Security Advisory 2022-8062-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8062-01 - The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-30698, CVE-2022-30699
SHA-256 | ad9465480ac5831015271d46593c2eb547ef8d26212fe261232dadc6e754d449
Red Hat Security Advisory 2022-8194-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8194-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include buffer overflow, denial of service, and out of bounds read vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-0561, CVE-2022-0562, CVE-2022-0865, CVE-2022-0891, CVE-2022-0908, CVE-2022-0909, CVE-2022-0924, CVE-2022-1354, CVE-2022-1355, CVE-2022-22844
SHA-256 | a7335970eb93f38ec1e86e4d351218867c61ef9c4a022cf6a1b98d5b202225a1
Red Hat Security Advisory 2022-8420-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8420-01 - The zlib packages provide a general-purpose lossless data compression library that is used by many different programs.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-25032
SHA-256 | c0b3e73d14a8917e1e497a91996b09446a57b7c536c3c4925ae9e7c0f4fb5dd5
Red Hat Security Advisory 2022-8431-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8431-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-2989, CVE-2022-2990
SHA-256 | bde63b47a05fa71e76f75535ab11d13194617f32effd054fa1677bd6f9f48500
Red Hat Security Advisory 2022-8008-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8008-01 - The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. Issues addressed include denial of service and information leakage vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-20291, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2022-27191, CVE-2022-2989, CVE-2022-2990
SHA-256 | f27bc3e529f8aa8ebd57f3027862054868818878916e80cbd4d078f8cadc588f
Red Hat Security Advisory 2022-8068-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8068-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2021-25220, CVE-2022-0396
SHA-256 | 78e3d58d4d1eb9466ef6c8b562787c6ffcba6ecbec9891354c2e4d2422922fb6
Red Hat Security Advisory 2022-8098-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8098-01 - Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1705, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632
SHA-256 | 896c52820d29c6247a9c4858eb4c3557cfc4c421ac3dbfbc2b20b4c0e0adbcff
Page 1 of 3
Back123Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close