what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2023-04-20

Ubuntu Security Notice USN-6034-1
Posted Apr 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6034-1 - It was discovered that Dnsmasq was sending large DNS messages over UDP, possibly causing transmission failures due to IP fragmentation. This update lowers the default maximum size of DNS messages to improve transmission reliability over UDP.

tags | advisory, udp
systems | linux, ubuntu
advisories | CVE-2023-28450
SHA-256 | c4992069af8cbbce8803ac455250932b08babf1c097f9d0ca6ff6c63035da835
Red Hat Security Advisory 2023-1888-01
Posted Apr 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1888-01 - Red Hat Advanced Cluster Management for Kubernetes 2.7.3 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2022-25881, CVE-2022-3841, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0361, CVE-2023-23916, CVE-2023-29017, CVE-2023-29199, CVE-2023-30547
SHA-256 | 85bf3b91e2d99c1305171e27e674814c807c9b714eb4635e2b4a16597c700e46
FUXA 1.1.13-1186 Remote Code Execution
Posted Apr 20, 2023
Authored by Rodolfo Mariano

FUXA version 1.1.13-1186 suffers from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | cbb0e89f28ebf1c78fd5850d727c4d515c8b23ab7bfbde50b88b1724076fde8b
Ubuntu Security Notice USN-6033-1
Posted Apr 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6033-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for thisCVE, kernel support for the TCINDEX classifier has been removed. William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-4269, CVE-2023-1032, CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1118, CVE-2023-1583, CVE-2023-1670, CVE-2023-1829, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-25012
SHA-256 | 5a30980fd0cd1ca4d29c020630f7aeac282e7c27dca316f9119d20f043479ba7
WordPress PowerPress 10.0 Cross Site Scripting
Posted Apr 20, 2023
Authored by Alex Thomas | Site wordfence.com

WordPress PowerPress plugin versions 10.0 and below suffer from a persistent cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2023-1917
SHA-256 | 7a161242837503ce4ceb255fa764b0a71fe52922df023f91fdc9de0b31e1b8a1
Red Hat Security Advisory 2023-1899-01
Posted Apr 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1899-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | 51fc840e368ab7cc6efb3fa6881cc77590c05add2b6fc11f9d0ea0758d58cd11
Chitor-CMS 1.1.2 SQL Injection
Posted Apr 20, 2023
Authored by msd0pe

Chitor-CMS version 1.1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c93afd2bb504aca28f00f2bc14a755d2ca6da27f477a579f3bcefc47748d4c43
Ubuntu Security Notice USN-6032-1
Posted Apr 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6032-1 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service. Gerald Lee discovered that the USB Gadget file system implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-36280, CVE-2022-4382, CVE-2023-1074, CVE-2023-1118, CVE-2023-23559, CVE-2023-26605, CVE-2023-26607
SHA-256 | 08e97ef4623b43e166aa41785d752beb4eb1a28c2bfbe6ca623eb62bb0b636f5
ProjeQtOr Project Management System 10.3.2 Shell Upload
Posted Apr 20, 2023
Authored by Mirabbas Agalarov

ProjeQtOr Project Management System version 10.3.2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 11df5bbb884a4e261af2638f8b84e3b3864004d8c896f5c53daabe257a1e2d27
Ubuntu Security Notice USN-6031-1
Posted Apr 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6031-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Integrity Measurement Architecture implementation in the Linux kernel did not properly enforce policy in certain conditions. A privileged attacker could use this to bypass Kernel lockdown restrictions.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-21505, CVE-2022-3903, CVE-2022-41849, CVE-2022-4382, CVE-2023-1074, CVE-2023-1095, CVE-2023-1118, CVE-2023-1281, CVE-2023-23559, CVE-2023-26607
SHA-256 | c49e938c59a6771a19744a8f7a0880c7e6c16e6feae1b07ba02a91e00363d912
Piwigo 13.6.0 Cross Site Scripting
Posted Apr 20, 2023
Authored by Mirabbas Agalarov

Piwigo version 13.6.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6d99fc5a4efc4a7693c6ee974883973affe0bbd8fd7c5de5933e83e56cc4d009
Red Hat Security Advisory 2023-1893-01
Posted Apr 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1893-01 - Red Hat Multicluster Engine Hotfix Security Update for Console. Red Hat Product Security has rated this update as having a security impact of Critical.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-4304, CVE-2022-4415, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-23916, CVE-2023-29017, CVE-2023-29199, CVE-2023-30547
SHA-256 | 5a4b9ba13665b8f454d70a15f3981bf6b5d30070b62cdfc12799e26ac9c36173
Franklin Fueling Systems TS-550 Hash Disclosure / Default Credentials
Posted Apr 20, 2023
Authored by parsa rezaie khiabanloo

Franklin Fueling Systems TS-550 suffers from a password hash disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 5321c2e6d8a5ba0ee798a8ecbc4154af4303cab89fef43786dea99f1de8f6e68
Red Hat Security Advisory 2023-1822-01
Posted Apr 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1822-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-4378
SHA-256 | 07b80dc6b1765b56b75fd3d553640522e17f3538ffa328a4f67f384864e65e91
Ubuntu Security Notice USN-6028-1
Posted Apr 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6028-1 - It was discovered that lixml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-28484, CVE-2023-29469
SHA-256 | 6a9219280ebf42f90de0adb3002cf76e67028bdaf56fc73be1a03ea61e52c77a
Ubuntu Security Notice USN-6030-1
Posted Apr 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6030-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3669, CVE-2022-3424, CVE-2022-36280, CVE-2022-3903, CVE-2022-41218, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394, CVE-2023-1073, CVE-2023-1074, CVE-2023-1281, CVE-2023-23455, CVE-2023-23559
SHA-256 | 2945178b2c10e70e350ccc077d02e94eafd3a32e099949a0c9a5c79bcc51602d
Ubuntu Security Notice USN-6029-1
Posted Apr 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6029-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the infrared transceiver USB driver did not properly handle USB control messages. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-3903, CVE-2023-1073, CVE-2023-1074, CVE-2023-1281, CVE-2023-26545
SHA-256 | f1b0f3adc16cd7f8b3fe2b2f0c71c8c141f48a93e4c9fdc3825271c325dd2624
Swagger UI 4.1.3 Critical Information Misrepresentation
Posted Apr 20, 2023
Authored by Rafael Cintra Lopes

Swagger UI version 4.1.3 user interface misrepresentation of information proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | 74f00a654a2a4d31c2b12b82b8be249256b117d11759bd35353dda66a083ddc7
Lilac-Reloaded For Nagios 2.0.8 Remote Code Execution
Posted Apr 20, 2023
Authored by Zoltan Padanyi

Lilac-Reloaded for Nagios version 2.0.l8 remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 6ffee98c00c5206f12408703ba6c7c3b76964dc70f90d0c5543feb3cd290ca06
Serendipity 2.4.0 Cross Site Scripting
Posted Apr 20, 2023
Authored by Mirabbas Agalarov

Serendipity version 2.4.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f4c1bd2e59f59d1b035097995c6f354cb4a4695c5eb63b2e52d6404a15ad7288
Red Hat Security Advisory 2023-1879-01
Posted Apr 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1879-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | 06d517c97370c59fdc96ca03d3f28b5640a7f91cc4903282bc6b22716ebe8c37
Ubuntu Security Notice USN-6027-1
Posted Apr 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6027-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-3108, CVE-2022-3903, CVE-2022-4129, CVE-2023-1073, CVE-2023-1074, CVE-2023-1281, CVE-2023-26545
SHA-256 | 39f49abc79546dbf0c1c8b9ee0c0ae03dfb6d15515f347f1ec3c32d1c433e8d1
Serendipity 2.4.0 Shell Upload
Posted Apr 20, 2023
Authored by Mirabbas Agalarov

Serendipity version 2.4.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | c7eb220591e15aa7f8416072c527c2edb70d1692e76bd61df36127eed0b03e9f
OpenSSL Security Advisory 20230420
Posted Apr 20, 2023
Site openssl.org

OpenSSL Security Advisory 20230420 - The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to a crash.

tags | advisory
advisories | CVE-2023-1255
SHA-256 | aafe0dcb9955f2ea6be0373a336c5f4cdd6794acce536fbb2b3c3d6df1f2a3bc
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close