exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 442 RSS Feed

Files Date: 2023-01-01 to 2023-01-31

Debian Security Advisory 5334-1
Posted Jan 30, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5334-1 - Martin van Kervel Smedshammer discovered that varnish, a state of the art, high-performance web accelerator, is prone to a HTTP/2 request forgery vulnerability.

tags | advisory, web
systems | linux, debian
advisories | CVE-2022-45060
SHA-256 | 252078af082c9fffe4f816b645478a49bd303397f4456b2a82cf40274f3aa196
Broadcast Signal Intrusion - Hacking Radio Stations
Posted Jan 30, 2023
Authored by LiquidWorm | Site zeroscience.mk

This paper goes over common components of broadcast systems, how hackers take advantage of them, and discusses some of the vulnerabilities discovered.

tags | exploit, paper, vulnerability
SHA-256 | 1467a96747d9321ba7a659e074789337bc6efc1d4621b6ec26b5fdf38e1ca678
Ubuntu Security Notice USN-5811-3
Posted Jan 30, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5811-3 - USN-5811-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has permission to use the sudoedit command could possibly use this issue to edit arbitrary files.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2023-22809
SHA-256 | f1dcb425e05dbefdeb5273307dd7c4045c531a34effb1aeaf896da8bb14e6bc0
Proxmark3 4.16191 Custom Firmware
Posted Jan 30, 2023
Authored by Christian Herrmann | Site github.com

This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware.

Changes: Two new standalone modes, improved iso15693 slix commands, and bug fixes.
tags | tool
systems | unix
SHA-256 | cd97f7cdbba3c3d6519ce90cec806a0c72ef39f4aa8861403339b64668b768cd
Red Hat Security Advisory 2022-9096-01
Posted Jan 30, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-9096-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat, windows
advisories | CVE-2021-25749, CVE-2021-46848, CVE-2022-21698, CVE-2022-27191, CVE-2022-35737
SHA-256 | 373043494f5cbb3f8008959a5209879cea681b15be2c38e210b4ba4e9687c4a9
OpenStego Free Steganography Solution 0.8.6
Posted Jan 30, 2023
Authored by Samir Vaidya | Site github.com

OpenStego is a tool implemented in Java for generic steganography, with support for password-based encryption of the data. It supports plugins for various steganographic algorithms (currently, only Least Significant Bit algorithm is supported for images).

Changes: Follow XDG spec to store openstego configuration file.
tags | tool, java, encryption, steganography
systems | unix
SHA-256 | 6eb7d1a1e6eb294ab3d2ef38d3c4e0c321b4f9e4a92c209eec86af3c6cbe2668
Debian Security Advisory 5332-1
Posted Jan 30, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5332-1 - Multiple issues were found in Git, a distributed revision control system. An attacker may trigger remote code execution, cause local users into executing arbitrary commands, leak information from the local filesystem, and bypass restricted shell.

tags | advisory, remote, arbitrary, shell, local, code execution
systems | linux, debian
advisories | CVE-2022-23521, CVE-2022-24765, CVE-2022-29187, CVE-2022-39253, CVE-2022-39260, CVE-2022-41903
SHA-256 | da3283ba137fd88f874430e108ec655e6a4a13b1797054b92dadf3a00e03641d
PHPJabbers Car Park Booking System 2.0 Cross Site Scripting
Posted Jan 30, 2023
Authored by CraCkEr

PHPJabbers Car Park Booking System version 2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 692a826df097e4229d209944d70fe7f7799c532b5e037c41aba1f0ba9bebb91b
Ubuntu Security Notice USN-5823-3
Posted Jan 30, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5823-3 - USN-5823-1 fixed vulnerabilities in MySQL. Unfortunately, 8.0.32 introduced a regression in MySQL Router preventing connections from PyMySQL. This update reverts most of the changes in MySQL Router to 8.0.31 until a proper fix can be found.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | b8ac95e55ea3957072052db22cac0e9634cab9125d40797d3c5c360bd6df4ac5
Zstore 6.6.0 Cross Site Scripting
Posted Jan 30, 2023
Authored by nu11secur1ty

Zstore version 6.6.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 653905fd4efa9030f79aa84e990c72cb875f0be6933e755e36678f4aa2c9a0c8
Debian Security Advisory 5333-1
Posted Jan 30, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5333-1 - Several buffer overflow, divide by zero or out of bounds read/write vulnerabilities were discovered in tiff, the Tag Image File Format (TIFF) library and tools, which may cause denial of service when processing a crafted TIFF image.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, debian
advisories | CVE-2022-1354, CVE-2022-1355, CVE-2022-1622, CVE-2022-1623, CVE-2022-2056, CVE-2022-2057, CVE-2022-2058, CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-2867, CVE-2022-2868, CVE-2022-2869, CVE-2022-2953
SHA-256 | e8e33bb105428cea88e46086e63362e8bad0286aef80d357f8678c42d5b9f9b6
PHPJabbers Event Ticketing System Script 1.0 Cross Site Scripting
Posted Jan 30, 2023
Authored by CraCkEr

PHPJabbers Event Ticketing System Script version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8fab16cdc74a1a2eec65f585cba5d399670dcb6b308f9255fea72f9fbd84df1a
Debian Security Advisory 5331-1
Posted Jan 30, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5331-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or spoofing.

tags | advisory, java, denial of service, spoof, vulnerability
systems | linux, debian
advisories | CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628, CVE-2022-39399, CVE-2023-21835, CVE-2023-21843
SHA-256 | 6cb75512f22c4b10076ab44d7a5c8a9b721c51a7afe86c31ff28c113d4b380f1
PHPJabbers Travel Tours Script 1.0 SQL Injection
Posted Jan 30, 2023
Authored by CraCkEr

PHPJabbers Travel Tours Script version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ca11533d20acd6bee2a211d4e3de4c988afb414b29686bd6473042b4b019f864
Ubuntu Security Notice USN-5831-1
Posted Jan 30, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5831-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-3643, CVE-2022-42896, CVE-2022-4378, CVE-2022-45934
SHA-256 | b293ed3b171badbd869822b922ca5fe2bc5f7cdd18d474068ad2b6b97a51bc5f
PHPJabbers Travel Tours Script 1.0 Cross Site Scripting
Posted Jan 30, 2023
Authored by CraCkEr

PHPJabbers Travel Tours Script version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0a7f5b626d6393bcc255133a21566a6f163578785f29510c84d73418a28fd1fe
Debian Security Advisory 5330-1
Posted Jan 30, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5330-1 - Two vulnerabilities were discovered in Curl, an easy-to-use client-side URL transfer library, which could result in denial of service or information disclosure.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2022-32221, CVE-2022-43552
SHA-256 | c6fc6848e50216229db276b6a61ea17d23706f3f9aadd8dd9c2779ef72f1c34e
PHPJabbers Property Listing Script 3.1 SQL Injection
Posted Jan 30, 2023
Authored by CraCkEr

PHPJabbers Property Listing Script version 3.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a31fd6b56b7d7115984b30a6505b1ddcaee6cb5274d5e467b5411856220a7fd9
PHPJabbers Property Listing Script 3.1 Cross Site Scripting
Posted Jan 30, 2023
Authored by CraCkEr

PHPJabbers Property Listing Script version 3.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 302f3f53c1a0e807af0b328668c5cb8b327fd8eb8e22a11b9af1c012ac5056ca
Ubuntu Security Notice USN-5830-1
Posted Jan 30, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5830-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-3643, CVE-2022-42896, CVE-2022-43945, CVE-2022-45934
SHA-256 | 6e68f50f18b8299b6053e750db628304a61fb6f1ccf4186312d8814b9ac32cfd
Debian Security Advisory 5328-1
Posted Jan 27, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5328-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2023-0471, CVE-2023-0472, CVE-2023-0473, CVE-2023-0474
SHA-256 | 91c35b4374630099df6e3e88101b38be86922f1f9a29a741ff7a332e18ff8403
Razer Synapse 3.7.0731.072516 Local Privilege Escalation
Posted Jan 27, 2023
Authored by Dr. Oliver Schwarz | Site syss.de

Razer Synapse version 3.7.0731.072516 suffers from a local privilege escalation due to a DLL hijacking vulnerability.

tags | exploit, local
systems | windows
advisories | CVE-2022-47632
SHA-256 | b44857059280bd0c0f9219f18143442834c6560bf766c7639b847e7be7cb3329
Red Hat Security Advisory 2023-0483-01
Posted Jan 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0483-01 - This asynchronous update patches Red Hat Fuse 7.11.1 on Karaf and Red Hat Fuse 7.11.1 on Spring Boot and several includes security fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a server-side request forgery vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-36437, CVE-2022-46363, CVE-2022-46364
SHA-256 | 8f9316d84695f7a1de0a7f1c9e9cbe4e5d4794f1300c5e7d3e5f1914195b8252
OpenSCAP Libraries 1.3.7
Posted Jan 27, 2023
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: Maintenance and bug fix release. Some improvements include a fixed error when processing OVAL filters, made epoch comparison less strict for dpkg, now generates graphs when creating Doxygen documentation, fixed some compiler warnings, and more.
tags | protocol, library
systems | unix
SHA-256 | d31527afa2a315ceba02e2ca7e2d5dbd07c4113febaed60752affef4c79f7233
Ubuntu Security Notice USN-5822-2
Posted Jan 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5822-2 - USN-5822-1 fixed vulnerabilities in Samba. The update for Ubuntu 20.04 LTS introduced regressions in certain environments. Pending investigation of these regressions, this update temporarily reverts the security fixes. It was discovered that Samba incorrectly handled the bad password count logic. It was discovered that Samba supported weak RC4/HMAC-MD5 in NetLogon Secure Channel. Greg Hudson discovered that Samba incorrectly handled PAC parsing. Joseph Sutton discovered that Samba could be forced to issue rc4-hmac encrypted Kerberos tickets.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-20251, CVE-2022-3437, CVE-2022-38023, CVE-2022-42898, CVE-2022-45141
SHA-256 | f718e90d7add248ca99e3552b0f274b6f861ca5ceefde619cf3bde7fa83d130a
Page 1 of 18
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close