exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2023-04-14

Ubuntu Security Notice USN-6021-1
Posted Apr 14, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6021-1 - It was discovered that Chromium did not properly manage memory in several components. A remote attacker could possibly use this issue to corrupt memory via a crafted HTML page, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that Chromium could be made to access memory out of bounds in WebHID. A remote attacker could possibly use this issue to corrupt memory via a malicious HID device, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-1528, CVE-2023-1529, CVE-2023-1531, CVE-2023-1532, CVE-2023-1533, CVE-2023-1534, CVE-2023-1810, CVE-2023-1811, CVE-2023-1813, CVE-2023-1814, CVE-2023-1815, CVE-2023-1816, CVE-2023-1820, CVE-2023-1821
SHA-256 | faee70205285f8a8eea1bdb1c67f4cfd98cea70644374972723c122737ddaafd
Ubuntu Security Notice USN-6020-1
Posted Apr 14, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6020-1 - It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service. It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3669, CVE-2022-2196, CVE-2022-4382, CVE-2023-23559
SHA-256 | 9f8a525bced3457cbb2ffef2d4c8ab52e3e2a9ca5102fcd46297cebb9d8ad5bd
Ubuntu Security Notice USN-6018-1
Posted Apr 14, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6018-1 - Chen Lu, Lei Wang, and YiQi Sun discovered a privilege escalation vulnerability in apport-cli when viewing crash reports and unprivileged users are allowed to run sudo less. A local attacker on a specially configured system could use this to escalate their privilege.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2023-1326
SHA-256 | a2ab38b1ea2440929f757f965c0d178ce1dba9f6d4528d4b595a40f0c633f0c7
Ubuntu Security Notice USN-6019-1
Posted Apr 14, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6019-1 - It was discovered that Flask-CORS did not properly escape paths before evaluating resource rules. An attacker could possibly use this to expose sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-25032
SHA-256 | 12e1c98e648293f1b66a4d11e12c17b778a10e2da4d45986da8978a1f8da0a77
Debian Security Advisory 5388-1
Posted Apr 14, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5388-1 - It was reported that HAProxy, a fast and reliable load balancing reverse proxy, does not properly initialize connection buffers when encoding the FCGI_BEGIN_REQUEST record. A remote attacker can take advantage of this flaw to cause an information leak.

tags | advisory, remote
systems | linux, debian
advisories | CVE-2023-0836
SHA-256 | b6c11ab5bb87b337ebbaed8f8330591ab80b9bb08c699ec66294fce4540dec2b
Debian Security Advisory 5387-1
Posted Apr 14, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5387-1 - David Marchard discovered that Open vSwitch, a software-based Ethernet virtual switch, is susceptible to denial of service via malformed IP packets.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2023-1668
SHA-256 | 82a5b3a701e6d9d96e91e26773ef14cfb1515c5e42ade293fed2ce433bd1f0c0
I2P 2.2.1
Posted Apr 14, 2023
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Fixed missing Java options in docker/rootfs/startapp.sh. Added fix to detect when running in Podman instead of regular Docker. Updated Tor Browser User-Agent String. Updated local GeoIP database. Removed invalid signing keys from old installs. Updated Tomcat version in Ubuntu Lunar and Debian Sid.
tags | tool
systems | unix
SHA-256 | f53f34fbe23a8762e3786572751b301befb28288efb6b1042d4fc64c6610784f
Ubuntu Security Notice USN-6017-1
Posted Apr 14, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6017-1 - Hadrien Perrineau discovered that Ghostscript incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-28879
SHA-256 | 8a359cbdab74e99b960cd11f68d30ea4b17fdb818e2b6bac32b5fd878cb98b28
Suricata IDPE 6.0.11
Posted Apr 14, 2023
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: 1 security fix and a couple dozen bug fixes along with a feature and a task.
tags | tool, intrusion detection
systems | unix
SHA-256 | 4da5e4e91e49992633a6024ce10afe6441255b2775a8f20f1ef188bd1129ac66
Ubuntu Security Notice USN-6016-1
Posted Apr 14, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6016-1 - It was discovered that thenify incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-7677
SHA-256 | cffd640c08f6a5d8c5818ed9a4d1a5454a2911c1167dac162cd1bcfe3b5e93ab
Microsoft Word Remote Code Execution
Posted Apr 14, 2023
Authored by nu11secur1ty

Microsoft Word appears to suffer from a remote code execution vulnerability when a user load a malicious file that reaches out to an attacker-controller server to get a hostile payload.

tags | exploit, remote, code execution
advisories | CVE-2023-28311
SHA-256 | 8ab600383b2980700b22b249418126bff6776fde4672ab8d2e1bbd8b3c50a7f2
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close