exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2022-11-17

Gitea Git Fetch Remote Code Execution
Posted Nov 17, 2022
Authored by krastanoel, wuhan005, li4n0 | Site metasploit.com

This Metasploit module exploits the Git fetch command in the Gitea repository migration process to allow for remote command execution on the system. This vulnerability affect Gitea versions prior to 1.16.7.

tags | exploit, remote
advisories | CVE-2022-30781
SHA-256 | dba6b158933e4ec6089f6364c6b953e84d8ade82305acdf446dc098ee940e1dd
Botan C++ Crypto Algorithms Library 2.19.3
Posted Nov 17, 2022
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Changes: Added support for Kyber post-quantum KEM. Support for TLS 1.0, TLS 1.1, and DTLS 1.0 have been removed. Remove many deprecated headers. Many headers which were previously marked as becoming internal in 2.x have now been made internal. Removed several deprecated algorithms including CAST-256, MISTY1, Kasumi, DESX, XTEA, PBKDF1, MCEIES, CBC-MAC and Tiger. A few dozen other updates are also in the release notes.
tags | library
advisories | CVE-2021-24115
SHA-256 | dae047f399c5a47f087db5d3d9d9e8f11ae4985d14c928d71da1aff801802d55
Debian Security Advisory 5283-1
Posted Nov 17, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5283-1 - Several flaws were discovered in jackson-databind, a fast and powerful JSON library for Java.

tags | advisory, java
systems | linux, debian
advisories | CVE-2020-36518, CVE-2022-42003, CVE-2022-42004
SHA-256 | 3065027887bf5fa94d590057f95fc931a26aacb00941c3b82ff32ac74d124ef9
Debian Security Advisory 5279-2
Posted Nov 17, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5279-2 - Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injection, create open redirects, bypass authorization access, or perform Cross-Site Request Forgery (CSRF) or Cross-Site Scripting (XSS) attacks. The wordpress package released in DSA-5279-1 had incorrect dependencies that could not be satisfied in Debian stable. This update corrects the problem.

tags | advisory, remote, web, vulnerability, xss, sql injection, csrf
systems | linux, debian
SHA-256 | 389845c1cb18def69eba66246c35f85df9383c4619ea4cbb54983839e90b7fcb
Ubuntu Security Notice USN-5729-1
Posted Nov 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5729-1 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an out-of-bounds read vulnerability in the x86 JIT compiler. A local attacker could possibly use this to cause a denial of service or expose sensitive information.

tags | advisory, denial of service, x86, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-20422, CVE-2022-2905, CVE-2022-2978, CVE-2022-3028, CVE-2022-3625, CVE-2022-3635, CVE-2022-39190, CVE-2022-40768
SHA-256 | 2ed9de86da2c1e7cc0b4f8970c86b427aa7bf63dcea72f209cebdcce6cd60b19
Ubuntu Security Notice USN-5727-1
Posted Nov 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5727-1 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. It was discovered that the KVM implementation in the Linux kernel did not properly handle virtual CPUs without APICs in certain situations. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-20422, CVE-2022-2153, CVE-2022-2978, CVE-2022-3028, CVE-2022-3635, CVE-2022-36879, CVE-2022-40768
SHA-256 | c5aeb552da277840f0734207a89d8b35a628cfa276057d8cc68659f6540b4287
Ubuntu Security Notice USN-5728-1
Posted Nov 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5728-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-20422, CVE-2022-2153, CVE-2022-2978, CVE-2022-29901, CVE-2022-3028, CVE-2022-3625, CVE-2022-3635, CVE-2022-39188, CVE-2022-40768, CVE-2022-41222, CVE-2022-42703, CVE-2022-42719
SHA-256 | d0a1c25c6eb1d9a7ff69a8217addefb3508ac783bad0f3c1762570c079322a29
Debian Security Advisory 5282-1
Posted Nov 17, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5282-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, spoofing or bypass of the SameSite cookie policy.

tags | advisory, web, arbitrary, spoof, info disclosure
systems | linux, debian
advisories | CVE-2022-45403, CVE-2022-45404, CVE-2022-45405, CVE-2022-45406, CVE-2022-45408, CVE-2022-45409, CVE-2022-45410, CVE-2022-45411, CVE-2022-45412, CVE-2022-45416, CVE-2022-45418, CVE-2022-45420, CVE-2022-45421
SHA-256 | 91034eee5b8fb88c332be0918f4e842a60c55772e39e1a9a1d42dfd92d057459
Red Hat Security Advisory 2022-7435-01
Posted Nov 17, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7435-01 - An update is now available for Logging subsystem for Red Hat OpenShift 5.4. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2016-3709, CVE-2020-35525, CVE-2020-35527, CVE-2020-36518, CVE-2022-1304, CVE-2022-22624, CVE-2022-22628, CVE-2022-22629, CVE-2022-22662, CVE-2022-2509, CVE-2022-26700, CVE-2022-26709, CVE-2022-26710, CVE-2022-26716
SHA-256 | 520d007ced3b26af21d611f8692ea69ba171cc009a4ec3cfe8e04ac728449a31
Red Hat Security Advisory 2022-8502-01
Posted Nov 17, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8502-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-0155, CVE-2022-2805
SHA-256 | a09ce5a2ec66eb964963b5ad5174d464e6f7ba66a1d30a99ea48599832f32351
Red Hat Security Advisory 2022-8506-01
Posted Nov 17, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8506-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include code execution, cross site scripting, denial of service, remote SQL injection, and traversal vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, code execution, xss, sql injection
systems | linux, redhat
advisories | CVE-2021-37136, CVE-2021-37137, CVE-2022-22818, CVE-2022-24836, CVE-2022-25648, CVE-2022-29970, CVE-2022-32209, CVE-2022-34265
SHA-256 | 2d5699b272bf62135c49021ecfc5e70e3ef3e624c94ce2a33e3c23d5cd96ba6d
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close