exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 55 RSS Feed

Files Date: 2023-02-28

Ubuntu Security Notice USN-5902-1
Posted Feb 28, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5902-1 - It was discovered that PHP incorrectly handled certain invalid Blowfish password hashes. An invalid password hash could possibly allow applications to accept any password as valid, contrary to expectations. It was discovered that PHP incorrectly handled resolving long paths. A remote attacker could possibly use this issue to obtain or modify sensitive information. It was discovered that PHP incorrectly handled a large number of parts in HTTP form uploads. A remote attacker could possibly use this issue to cause PHP to consume resources, leading to a denial of service.

tags | advisory, remote, web, denial of service, php
systems | linux, ubuntu
advisories | CVE-2023-0567, CVE-2023-0568, CVE-2023-0662
SHA-256 | d6874c5afe37c2500fc7824d66b24af765e7c0d843c7aa5688092c11c7e428fe
Osprey Pump Controller 1.0.1 Unauthenticated Remote Code Execution
Posted Feb 28, 2023
Authored by LiquidWorm | Site zeroscience.mk

Osprey Pump Controller version 1.0.1 unauthenticated remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | e3aa8cf09a10153c22c1fea563f19e0486760740b752b12095b5ec99f655864f
Ubuntu Security Notice USN-5821-3
Posted Feb 28, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5821-3 - USN-5821-1 fixed a vulnerability in wheel and pip. Unfortunately, it was missing a commit to fix it properly in pip. Sebastian Chnelik discovered that wheel incorrectly handled certain file names when validated against a regex expression. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2022-40898
SHA-256 | d322c815ee33042be37c615bcc6fe6174cb83b1fdff85530dd694cc79df6a477
WordPress WoodMart Theme 7.1.1 Cross Site Request Forgery
Posted Feb 28, 2023
Authored by fearzzzz

WordPress WoodMart Theme versions 7.1.1 and below suffer from a cross site request forgery vulnerability due to missing nonce validation on the process_form function.

tags | exploit, csrf
SHA-256 | 0f2e9edbc08c03cd7f443a7a62b3cdd260180c0c579854b3c4252462f805ba7b
Red Hat Security Advisory 2023-0945-01
Posted Feb 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0945-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-4378
SHA-256 | c1b7b0f90016de9ec4293a2e975201de63caf2503842f0f0c825afe6df4f947d
Osprey Pump Controller 1.0.1 Cross Site Request Forgery
Posted Feb 28, 2023
Authored by LiquidWorm | Site zeroscience.mk

Osprey Pump Controller version 1.0.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 3ff94000035eb0e3d7750af6a36a24cd3f59ddd0bf32adc49eed8270dae8c139
WordPress Real Estate 7 Theme 3.3.4 Cross Site Scripting
Posted Feb 28, 2023
Authored by fearzzzz

WordPress Real Estate 7 Theme versions 3.3.4 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 06de2ef6e3f65a11f5f3b433ba90619493f56918211d5fd46b33311a0fbd2e57
Osprey Pump Controller 1.0.1 Authentication Bypass
Posted Feb 28, 2023
Authored by LiquidWorm | Site zeroscience.mk

Osprey Pump Controller version 1.0.1 allows an unauthenticated attacker to create an account and bypass authentication, thereby gaining unauthorized access to the system.

tags | exploit
SHA-256 | f96ac6802073d61b8a8224120fbbc475b78857a672615467fe07f5419f23785a
Red Hat Security Advisory 2023-0895-01
Posted Feb 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0895-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include denial of service and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-38561, CVE-2022-23521, CVE-2022-41903
SHA-256 | 7a32d3f62970f0d43a33d17d8aa9612b3eb48e892ab787ada4397f1315d9a773
Debian Security Advisory 5365-1
Posted Feb 28, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5365-1 - Patrick Monnerat discovered that Curl's support for "chained" HTTP compression algorithms was susceptible to denial of service.

tags | advisory, web, denial of service
systems | linux, debian
advisories | CVE-2023-23916
SHA-256 | 2cfddea329a31bcbbff3f27ed3f37c97897bb7bdb2d77df616068add33038c0b
Osprey Pump Controller 1.0.1 Cross Site Scripting
Posted Feb 28, 2023
Authored by LiquidWorm | Site zeroscience.mk

Osprey Pump Controller version 1.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c1bf05288bbed246cc644a8fdb368c0546ebbfbb0723ec8709bda8abbafeddfd
Osprey Pump Controller 1.0.1 eventFileSelected Command Injection
Posted Feb 28, 2023
Authored by LiquidWorm | Site zeroscience.mk

Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the eventFileSelected HTTP GET parameter called by DataLogView.php, EventsView.php and AlarmsView.php scripts.

tags | exploit, web, arbitrary, shell, php
SHA-256 | db0ca77f3b6262f047a41f704f1fbcabf469fa7d9140d8fddf64e48fc5dc7ab1
Ubuntu Security Notice USN-5899-1
Posted Feb 28, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5899-1 - It was discovered that AWStats did not properly sanitize the content of whois responses in the hostinfo plugin. An attacker could possibly use this issue to conduct cross-site scripting attacks.

tags | advisory, xss
systems | linux, ubuntu
advisories | CVE-2022-46391
SHA-256 | 5d72108cc6e645496aa7b0bcd879313446b5beafd830d95fdebed2c98d5399fb
Red Hat Security Advisory 2023-0958-01
Posted Feb 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0958-01 - Vim is an updated and improved version of the vi editor.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-47024
SHA-256 | 99f24c307f09006a609a18d425d14c54640bf4c73d0cb49aeac542afd0025357
Red Hat Security Advisory 2023-0970-01
Posted Feb 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0970-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include HTTP response splitting and out of bounds read vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2006-20001, CVE-2022-36760, CVE-2022-37436
SHA-256 | a1ada839aded658407acda43e1260cdf78ffb16398d1a830e1830abd626eea99
Osprey Pump Controller 1.0.1 userName Command Injection
Posted Feb 28, 2023
Authored by LiquidWorm | Site zeroscience.mk

Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the userName HTTP POST parameter called by index.php script.

tags | exploit, web, arbitrary, shell, php
SHA-256 | 36296eda1780ae0ac70f0164496b08fb374f20a8169546a905c771704b399ab9
Osprey Pump Controller 1.0.1 pseudonym Command Injection
Posted Feb 28, 2023
Authored by LiquidWorm | Site zeroscience.mk

Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the pseudonym HTTP POST parameter called by index.php script.

tags | exploit, web, arbitrary, shell, php
SHA-256 | 54e985965675a39585d65ec988986982607117a47b0151caf9326c6cb4e834f8
Ubuntu Security Notice USN-5901-1
Posted Feb 28, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5901-1 - Hubert Kario discovered that GnuTLS had a timing side-channel when handling certain RSA messages. A remote attacker could possibly use this issue to recover sensitive information.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2023-0361
SHA-256 | a9c617e5a096f4aaab32cbfcc28108db40b5d3024f260c3a3ea6ed1f3e9d60c4
Red Hat Security Advisory 2023-0978-01
Posted Feb 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0978-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include heap overflow and integer overflow vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-23521, CVE-2022-41903
SHA-256 | f9995ae6dacfd02db677646ff8b9b042c67fba6965a6700f58a151fb62f4f238
Red Hat Security Advisory 2023-0977-01
Posted Feb 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0977-01 - Red Hat OpenShift Data Science 1.22.1 security update. Issues addressed include an improper authorization vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-23521, CVE-2022-40303, CVE-2022-40304, CVE-2022-41903, CVE-2022-4415, CVE-2022-47629, CVE-2023-0923
SHA-256 | a878915a7f3ed4aeab08fa389c9615a55546bab6b3649cdfebce0a5bcf1c42d3
Red Hat Security Advisory 2023-0959-01
Posted Feb 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0959-01 - The GNU tar program can save multiple files in an archive and restore files from an archive. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2022-48303
SHA-256 | 01ff8492a1db1b9671d8c3c2081e05b1a683acd8daf655a41e5260bb3247aa1a
Ubuntu Security Notice USN-5896-1
Posted Feb 28, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5896-1 - It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system were tricked into sending a specially crafted multipart POST request to an application using Rack, a remote attacker could possibly use this issue to cause a denial of service. It was discovered that Rack was not properly escaping untrusted data when performing logging operations, which could cause shell escaped sequences to be written to a terminal. If a user or automated system were tricked into sending a specially crafted request to an application using Rack, a remote attacker could possibly use this issue to execute arbitrary code in the machine running the application.

tags | advisory, remote, denial of service, arbitrary, shell
systems | linux, ubuntu
advisories | CVE-2022-30122, CVE-2022-30123
SHA-256 | af959d565a1afe5e24fd2d9a4c8e3f995e944acd8d8d9680416a97273359eee3
WordPress Real Estate 7 Theme 3.3.4 Cross Site Request Forgery
Posted Feb 28, 2023
Authored by fearzzzz

WordPress Real Estate 7 Theme versions 3.3.4 and below suffer from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 71cc0997d47b4237116443379d1643e4dfca225ccadb88dfc2eb6ace59a58348
Ubuntu Security Notice USN-5888-1
Posted Feb 28, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5888-1 - It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. Hamza Avvan discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2015-20107, CVE-2021-28861, CVE-2022-45061
SHA-256 | 3ed05d8a034b8ccbd8a190a2e4579c85ef5adbb3a2f5970087da2e589448bbc5
Red Hat Security Advisory 2023-0944-01
Posted Feb 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0944-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-4378
SHA-256 | 3e3339d1ca3dba78791649f6728aee5dacd42b66bb6cbcf6160835330c3ced9c
Page 1 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close