exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2023-03-15

Ubuntu Security Notice USN-5952-1
Posted Mar 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5952-1 - Sebastian Poeplau discovered that OpenJPEG incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-15389, CVE-2020-27841, CVE-2020-27845, CVE-2020-6851
SHA-256 | 4be9c939d6c5718150317af06dec9d65e0170abd7bf4406fda3fcb0f764c8904
Debian Security Advisory 5373-1
Posted Mar 15, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5373-1 - Dave McDaniel discovered that the SQLite3 bindings for Node.js were susceptible to the execution of arbitrary JavaScript code if a binding parameter is a crafted object.

tags | advisory, arbitrary, javascript
systems | linux, debian
advisories | CVE-2022-43441
SHA-256 | be782c388a489c999750974e659e9b01cb240c9b62f2c79d5206b4142b32021d
Red Hat Security Advisory 2023-1241-01
Posted Mar 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1241-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 2.2.1 serves as a replacement for Red Hat AMQ Streams 2.2.0, and includes security and bug fixes, and enhancements. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-0833
SHA-256 | ed618e43a99caf808f5a9c584476da99e701b2e08a3182ea9f3714b65fe55e8a
Fortinet FortiNAC keyUpload.jsp Arbitrary File Write
Posted Mar 15, 2023
Authored by jheysel-r7, Zach Hanley, Gwendal Guegniaud | Site metasploit.com

This Metasploit module uploads a payload to the /tmp directory in addition to a cron job to /etc/cron.d which executes the payload in the context of the root user. The core vulnerability is an arbitrary file write issue in /configWizard/keyUpload.jsp which is accessible remotely and without authentication. When you send the vulnerable endpoint a ZIP file, it will extract an attacker controlled file to a directory of the attackers choice on the target system. This issue is exploitable on FortiNAC versions 9.4 prior to 9.4.1, FortiNAC versions 9.2 prior to 9.2.6, FortiNAC versions 9.1 prior to 9.1.8, all versions of FortiNAC 8.8, all versions of FortiNAC 8.7, all versions of FortiNAC 8.6, all versions of FortiNAC 8.5, and all versions of FortiNAC 8.3.

tags | exploit, arbitrary, root
advisories | CVE-2022-39952
SHA-256 | b72056fdc9840a37268bab3325c1941ddb0082c5918cf14fec39001b268b461d
Ubuntu Security Notice USN-5953-1
Posted Mar 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5953-1 - It was discovered that IPython incorrectly processed REST API POST requests. An attacker could possibly use this issue to launch a cross-site request forgery attack and leak user's sensitive information. This issue only affected Ubuntu 14.04 ESM. It was discovered that IPython did not properly manage cross user temporary files. A local attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM.

tags | advisory, arbitrary, local, csrf
systems | linux, ubuntu
advisories | CVE-2015-5607, CVE-2022-21699
SHA-256 | 491c99dac5302ab0b0478161e426746932c4dea52271650ae6aa5cd67871fce7
Ubuntu Security Notice USN-5951-1
Posted Mar 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5951-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-3169, CVE-2022-3424, CVE-2022-3435, CVE-2022-3521, CVE-2022-3545, CVE-2022-3623, CVE-2022-36280, CVE-2022-41218, CVE-2022-4139, CVE-2022-47520, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394
SHA-256 | 5d323e9a21a3485713966ef0df059371a85e0f0291d7700527ffdd48d8df43cb
Red Hat Security Advisory 2023-1158-01
Posted Mar 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1158-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.31. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-21698, CVE-2022-23521, CVE-2022-41903
SHA-256 | a19feccbce0161454f9c6187a8a2db5cc8dbc554c88b7361d92fab7112e0b0fc
WordPress Profile Builder 3.9.0 Missing Authorization
Posted Mar 15, 2023
Authored by Lana Codes | Site wordfence.com

WordPress Profile Builder plugin versions 3.9.0 and below suffer from a missing authorization vulnerability in wppb_toolbox_usermeta_handler().

tags | exploit
advisories | CVE-2023-0814
SHA-256 | 674779c65bb18dfaab0a0fa556d1fd53cb7d2ec2c26b72c39119b97e5ee59e4c
Red Hat Security Advisory 2023-1221-01
Posted Mar 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1221-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-3564, CVE-2022-4269, CVE-2022-4378
SHA-256 | 67033ed311bb77798e7878a53252ab230558d0e05abd31f6ce01c2f1f8d1f1e5
Red Hat Security Advisory 2023-1199-01
Posted Mar 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1199-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include buffer overflow, double free, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2022-4203, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0216, CVE-2023-0217, CVE-2023-0286, CVE-2023-0401
SHA-256 | 4e40b595047797d81adf804c2f45bc97a61c115d639ef1d1e21d8aa98767fd4b
Oracle DB Broken PDB Isolation / Metadata Exposure
Posted Mar 15, 2023
Authored by Emad Al-Mousa

Proof of concept details for Oracle database versions 12.1.0.2, 12.2.0.1, 18c, and 19c that had a PDB isolation vulnerability allowing viewing of metadata for a different database within the same container.

tags | exploit, proof of concept, info disclosure
advisories | CVE-2021-2173
SHA-256 | 7a77b45fcc76d5afb91f7f9e5267626d1904eb000933f05496369762ff8b6fb4
Ubuntu Security Notice USN-5950-1
Posted Mar 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5950-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-3169, CVE-2022-3344, CVE-2022-3435, CVE-2022-3521, CVE-2022-3545, CVE-2022-4139, CVE-2022-4379, CVE-2022-45869, CVE-2022-47518, CVE-2022-47519, CVE-2022-47520, CVE-2022-47521, CVE-2023-0179, CVE-2023-0461
SHA-256 | 1e4f349bdc847921f3cb129b36ff261d904ef30c69ec58ba085d37c2caee0280
Red Hat Security Advisory 2023-1202-01
Posted Mar 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1202-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, integer overflow, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-3564, CVE-2022-4269, CVE-2022-4378, CVE-2022-4379, CVE-2023-0179, CVE-2023-0266
SHA-256 | 81d3d8b27a6fa2c0db23de409ae6c3197b8bebc077e6199e84504e85d6fae24f
Red Hat Security Advisory 2023-1211-01
Posted Mar 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1211-01 - The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Issues addressed include denial of service and use-after-free vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-43519, CVE-2021-44964
SHA-256 | 5396afc103b8ffb5326b7ab62ff38a74445264e3e9eb7ae9126d459719b4a406
Red Hat Security Advisory 2023-1220-01
Posted Mar 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1220-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-3564, CVE-2022-4269, CVE-2022-4378
SHA-256 | e53ffa2eceed586cffecd0faa5f72c6a01b9454118272a764afd09e366e45fd1
Red Hat Security Advisory 2023-1200-01
Posted Mar 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1200-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2023-0361
SHA-256 | fb5b662c33ee92a64bb84971f213cd6f3c7fd87ed32100cc565d248ff7070eaf
Red Hat Security Advisory 2023-1203-01
Posted Mar 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1203-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, integer overflow, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-3564, CVE-2022-4269, CVE-2022-4378, CVE-2022-4379, CVE-2023-0179, CVE-2023-0266
SHA-256 | a3d141685ff20e1c646ed2d89ddee00216895375b045979acf44b06ec5599787
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close