what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2023-02-23

Device Manager Express 7.8.20002.47752 SQL Injection / XSS / Code Execution / Traversal
Posted Feb 23, 2023
Authored by Eric Flokstra

Device Manager Express versions 7.8.20002.47752 and below suffer from code execution, command execution, cross site scripting, remote SQL injection, and traversal vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, sql injection, file inclusion
advisories | CVE-2022-24627, CVE-2022-24628, CVE-2022-24629, CVE-2022-24630, CVE-2022-24631, CVE-2022-24632
SHA-256 | 9f6dbcbbd09678c80d311d3e820d1c82de2bd7a04264742755ac9d8302b00c0f
Froxlor 2.0.6 Remote Command Execution
Posted Feb 23, 2023
Authored by Askar, jheysel-r7 | Site metasploit.com

Froxlor versions 2.0.6 and below suffer from a bug that allows authenticated users to change the application logs path to any directory on the OS level which the user www-data can write without restrictions from the backend which leads to writing a malicious Twig template that the application will render. That leads to remote command execution under the user www-data.

tags | exploit, remote
advisories | CVE-2023-0315
SHA-256 | a4048c5b1f41c4347f4543f9ad125a92d70622eb396c52b2aaf555132f774674
Ubuntu Security Notice USN-5884-1
Posted Feb 23, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5884-1 - Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. Lee Jones discovered that a use-after-free vulnerability existed in the Bluetooth implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-4155, CVE-2022-20566, CVE-2022-41858, CVE-2022-42895, CVE-2023-0045, CVE-2023-23559
SHA-256 | 9fb79a1f43ccc6d619c96a07def2979ca05b8979050b2933267dc0bc2e17d747
Ubuntu Security Notice USN-5882-1
Posted Feb 23, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5882-1 - Gjoko Krstic discovered that DCMTK incorrectly handled buffers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. Omar Ganiev discovered that DCMTK incorrectly handled buffers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-8979, CVE-2019-1010228, CVE-2021-41688, CVE-2021-41689, CVE-2022-2121, CVE-2022-43272
SHA-256 | c5cb6242b728dd849603bd9f7d301fe81cf301245cdd8770323901120e074b6b
Debian Security Advisory 5358-1
Posted Feb 23, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5358-1 - Multiple security vulnerabilities have been discovered in Asterisk, an Open Source Private Branch Exchange. Buffer overflows and other programming errors could be exploited for launching a denial of service attack or the execution of arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2022-23537, CVE-2022-23547, CVE-2022-31031, CVE-2022-37325, CVE-2022-39244, CVE-2022-39269, CVE-2022-42705, CVE-2022-42706
SHA-256 | af27f2dc4d2e27bc3dbab6aae8f01920efe10398bf7112aa8d1bf8bfe6bb6c8c
Debian Security Advisory 5357-1
Posted Feb 23, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5357-1 - yvvdwf found a data exfiltration vulnerability while performing local clone from malicious repository even using a non-local transport. Joern Schneeweisz found a path traversal vulnerability in git-apply that a path outside the working tree can be overwritten as the acting user.

tags | advisory, local
systems | linux, debian
advisories | CVE-2023-22490, CVE-2023-23946
SHA-256 | 1d3b09b9eb94b59ea608248a20c9b4e2bc7dca85f2496bce60579f548dcd692d
Red Hat Security Advisory 2023-0777-01
Posted Feb 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0777-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.56. Issues addressed include bypass, code execution, cross site request forgery, cross site scripting, denial of service, deserialization, and improper authorization vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, csrf
systems | linux, redhat
advisories | CVE-2020-7692, CVE-2022-1471, CVE-2022-2048, CVE-2022-25857, CVE-2022-30946, CVE-2022-30952, CVE-2022-30953, CVE-2022-30954, CVE-2022-34174, CVE-2022-36882, CVE-2022-36883, CVE-2022-36884, CVE-2022-36885, CVE-2022-43401
SHA-256 | 3a8eeb8e8d119d082a4db10c5e51ebd4d57e468c790416e84f2a0365b3436e63
Red Hat Security Advisory 2023-0778-01
Posted Feb 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0778-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.56.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-7692, CVE-2022-1471, CVE-2022-2048, CVE-2022-23521, CVE-2022-25857, CVE-2022-3064, CVE-2022-30946, CVE-2022-30952, CVE-2022-30953, CVE-2022-30954, CVE-2022-34174, CVE-2022-36882, CVE-2022-36883, CVE-2022-36884
SHA-256 | b0f7f8eee987e2e6e2dcaabf7c4fe7bacb12571d25cd64b63d580c759f794a67
Ubuntu Security Notice USN-5883-1
Posted Feb 23, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5883-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-20369, CVE-2022-26373, CVE-2022-2663, CVE-2022-29900, CVE-2022-29901, CVE-2022-3521, CVE-2022-3545, CVE-2022-3628, CVE-2022-3640, CVE-2022-3646, CVE-2022-3649, CVE-2022-39842, CVE-2022-41849, CVE-2022-41850
SHA-256 | 42ecf192cd658944c9911950524453182140573973b7872b42e621102bc1581b
Red Hat Security Advisory 2023-0902-01
Posted Feb 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0902-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include a code execution vulnerability.

tags | advisory, web, code execution
systems | linux, redhat
advisories | CVE-2023-23529
SHA-256 | 41fd94e2b8750df20acb23f9bcf766903e6f027f48fe587fa7a2deddd5f8ad54
Red Hat Security Advisory 2023-0903-01
Posted Feb 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0903-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include a code execution vulnerability.

tags | advisory, web, code execution
systems | linux, redhat
advisories | CVE-2023-23529
SHA-256 | e654eac723ba89308f27ad22d9907fbb419acdd6265aa776349d65a061bbd52a
Yoga Class Registration System 1.0 SQL Injection
Posted Feb 23, 2023
Authored by Ahmed Ismail

Yoga Class Registration System version 1.0 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2023-0981, CVE-2023-0982
SHA-256 | 5cfa2a48930887864eca956544f0d00e2f2bae1b18a0149cfafbab2cdc9c34fe
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close