what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 26 RSS Feed

Files Date: 2023-02-15

Debian Security Advisory 5349-1
Posted Feb 15, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5349-1 - Hubert Kario discovered a timing side channel in the RSA decryption implementation of the GNU TLS library.

tags | advisory
systems | linux, debian
advisories | CVE-2023-0361
SHA-256 | 529cabf89a74ffee339c76aaa209fcc4e84d4aa2cdcce805499cec41c0385567
B&R Systems Diagnostics Manager Cross Site Scripting
Posted Feb 15, 2023
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

B&R Systems Diagnostics Manager versions above or equal to 3.00 and below or equal to C4.93 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2022-4286
SHA-256 | 73c092297c794cf9f02f7442ef627100dbeb5b3e8758091b6d6bf2c262200495
Ubuntu Security Notice USN-5872-1
Posted Feb 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5872-1 - Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7 sequence. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. Ronald Crane discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-22747, CVE-2022-34480
SHA-256 | de3eb59d3c62619fa7c1f1b9d8e86595187b3ae424b2453806af525f6ce5427e
WordPress Quiz And Survey Master 8.0.8 Cross Site Request Forgery
Posted Feb 15, 2023
Authored by Julien Ahrens | Site rcesecurity.com

WordPress Quiz and Survey Master plugin versions 8.0.8 and below suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2023-0292
SHA-256 | 078ea2f052b0bdbecbdbb86ff5abadf7af3ecef36acd21e345034b86b58c3b8e
WordPress Quiz And Survey Master 8.0.8 Media Deletion
Posted Feb 15, 2023
Authored by Julien Ahrens | Site rcesecurity.com

WordPress Quiz and Survey Master plugin versions 8.0.8 and below suffer from a missing authentication vulnerability that allows an attacker to delete media from the WordPress instance.

tags | exploit
advisories | CVE-2023-0291
SHA-256 | 45afa719cdeb338f8d0beb9b6c68e717ebfe472417ebe348bbc34459b0250c7c
Ubuntu Security Notice USN-5870-1
Posted Feb 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5870-1 - Ronald Crane discovered that APR-util did not properly handled memory when encoding or decoding certain input data. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-25147
SHA-256 | 661dd734bd3528dd32e900e26ba6bbf81244f1fdb73f913d44a8a516a0377c50
GitLab GitHub Repo Import Deserialization Remote Code Execution
Posted Feb 15, 2023
Authored by Heyder Andrade, William Bowling, RedWay Security | Site metasploit.com

An authenticated user can import a repository from GitHub into GitLab. If a user attempts to import a repo from an attacker-controlled server, the server will reply with a Redis serialization protocol object in the nested default_branch. GitLab will cache this object and then deserialize it when trying to load a user session, resulting in remote code execution.

tags | exploit, remote, code execution, protocol
advisories | CVE-2022-2992
SHA-256 | 01b86153e9b59cbce82f32a07b24098f2267f0bddf0bec3fcf3243c9d0b7d820
Red Hat Security Advisory 2023-0651-01
Posted Feb 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0651-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution esigned for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-4238, CVE-2022-47629
SHA-256 | 2dc2bf0f696c9442d10afefd4210d1c179d8ee45c8c762ce2c9f61999a7cb0ab
Red Hat Security Advisory 2023-0652-01
Posted Feb 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0652-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.27. Issues addressed include denial of service and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-38561, CVE-2022-21698, CVE-2022-47629
SHA-256 | 7373618c8908434160feecfaaf515407448e4e5e9fa6fef9425fc021ee78de7e
Kernel Live Patch Security Notice LSN-0091-1
Posted Feb 15, 2023
Authored by Benjamin M. Romer

It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Sonke Huster discovered that a use-after-free vulnerability existed in the WiFi driver stack in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2022-41222, CVE-2022-42719
SHA-256 | a0d81d94905e121dcfc30d932d20767e962d7e2b238090a1a35620768e76e04a
Korenix JetWave Command Injection / Denial Of Service
Posted Feb 15, 2023
Authored by T. Weber, S. Dietz | Site cyberdanube.com

Multiple versions of Korenix JetWave suffer from authenticated command injection and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
SHA-256 | 855f389543c13d74be1ffa1c20556605349c2e7c25c9e761aad4692ec6b41a9d
OX App Suite Cross Site Scripting / Server-Side Request Forgery
Posted Feb 15, 2023
Authored by Martin Heiland

OX App Suite suffers from cross site scripting and server-side request forgery vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2022-37306, CVE-2022-42889, CVE-2022-43696, CVE-2022-43697, CVE-2022-43698, CVE-2022-43699
SHA-256 | 5da321216ffd148c932f83887a1cd3f3515a69d20e80fbfd6a71cda91af29547
Apple Security Advisory 2023-02-13-3
Posted Feb 15, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-02-13-3 - Safari 16.3.1 addresses a code execution vulnerability.

tags | advisory, code execution
systems | apple
advisories | CVE-2023-23529
SHA-256 | 9498cee58c1019eeed0d5adc044ca79c9cc1d10dff76bd3358878893d9cd0285
Arris Router Firmware 9.1.103 Remote Code Execution
Posted Feb 15, 2023
Authored by Yerodin Richards

Arris Router Firmware version 9.1.103 authenticated remote code execution exploit that has been tested against the TG2482A, TG2492, and SBG10 models.

tags | exploit, remote, code execution
advisories | CVE-2022-45701
SHA-256 | c888a848e11678625335a5e6746925d5f7f030e21217d0ca2ec6555b03d7a881
Red Hat Security Advisory 2023-0758-01
Posted Feb 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0758-01 - This release of Red Hat build of Quarkus 2.13.7 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include code execution, denial of service, deserialization, and information leakage vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-1471, CVE-2022-41881, CVE-2022-41946, CVE-2022-45047, CVE-2023-0044
SHA-256 | 8b9c35c270302dba0c57430b447b9409f09807e208b11e539efb27db51a88a2a
Microsoft Windows UTF-8 Buffer Overruns
Posted Feb 15, 2023
Authored by Stefan Kanthak

When Microsoft released UTF-8 support for the -A interfaces of the Windows API, it appears to have introduced buffer overrun conditions.

tags | advisory, overflow
systems | windows
SHA-256 | fd54b53140cb0a9c16fc5520fcb15b03b3915d1e37bb7f97c426270dfbc79e9b
Debian Security Advisory 5348-1
Posted Feb 15, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5348-1 - Two vulnerabilities were discovered in HAProxy, a fast and reliable load balancing reverse proxy, which may result in denial of service, or bypass of access controls and routing rules via specially crafted requests.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2023-0056, CVE-2023-25725
SHA-256 | 224c181c90aebaf2cd3e11e055ffe407758e1f0eb58fbbf8a28fa2e8deb2729f
Clam AntiVirus Toolkit 1.0.1
Posted Feb 15, 2023
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. This is the LTS source code release.

Changes: Fixed a possible remote code execution vulnerability in the HFS+ file parser. Issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Fixed a possible remote information leak vulnerability in the DMG file parser. Issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Fixed allmatch detection issue with the preclass bytecode hook. Updated vendored libmspack library to version 0.11alpha.
tags | tool, virus
systems | unix
advisories | CVE-2023-20032, CVE-2023-20052
SHA-256 | 0872dc1b82ff4cd7e8e4323faf5ee41a1f66ae80865d05429085b946355d86ee
Apple Security Advisory 2023-02-13-2
Posted Feb 15, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-02-13-2 - macOS Ventura 13.2.1 addresses code execution and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2023-23514, CVE-2023-23522, CVE-2023-23529
SHA-256 | fdbefbd17eb97af76730b608dc7d442a50002fb2dd4e009a1e21cb028cd5c6ea
Ubuntu Security Notice USN-5871-1
Posted Feb 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5871-1 - It was discovered that Git incorrectly handled certain repositories. An attacker could use this issue to make Git uses its local clone optimization even when using a non-local transport. Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwrite a patch outside the working tree.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2023-22490, CVE-2023-23946
SHA-256 | 128cb1e7502d2d61fdd1584602c087a1f5064941c47244e330913b10810fc2ea
Red Hat Security Advisory 2023-0759-01
Posted Feb 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0759-01 - PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-41946
SHA-256 | 3a013aeebb819c40241eb21209dadcee7a0a0e72fc7a6f0edd34cc1a1875f4a7
BMC Control M SQL Injection / Denial Of Service
Posted Feb 15, 2023
Authored by Guillaume Jacques | Site synacktiv.com

BMC Control M versions prior to 9.0.20.214 suffer from SQL injection, denial of service, and information leaks.

tags | advisory, denial of service, sql injection
SHA-256 | 663462fd5f2483f44a7d0a8af7ced5264562e74d1760e52757133faa7d990a6d
Red Hat Security Advisory 2023-0632-01
Posted Feb 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0632-01 - Logging Subsystem 5.4.11 - Red Hat OpenShift.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-23521, CVE-2022-30123, CVE-2022-40303, CVE-2022-40304, CVE-2022-41717, CVE-2022-41903, CVE-2022-44617, CVE-2022-46285, CVE-2022-47629, CVE-2022-4883, CVE-2023-21835, CVE-2023-21843
SHA-256 | bf899bbd419fd54940c09ac833ba4df8f15db322208d5ebc4b227f46fff13a7d
Ubuntu Security Notice USN-5869-1
Posted Feb 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5869-1 - Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg, and Harvey Tuch discovered that HAProxy incorrectly handled empty header names. A remote attacker could possibly use this issue to manipulate headers and bypass certain authentication checks and restrictions.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2023-25725
SHA-256 | 4d5cc84dd53bab0941517013678604e3f03fdf2945096e2e25cce662ca9fa8b8
Apple Security Advisory 2023-02-13-1
Posted Feb 15, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-02-13-1 - iOS 16.3.1 and iPadOS 16.3.1 addresses code execution and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, ios
advisories | CVE-2023-23514, CVE-2023-23529
SHA-256 | d89152ee8fb2142c43e87cd45bf4ef1e261abf40b7070b01da9441c3fc5c8a33
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close