what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 44 RSS Feed

Files Date: 2023-04-26

Ubuntu Security Notice USN-6010-3
Posted Apr 26, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6010-3 - USN-6010-1 fixed vulnerabilities and USN-6010-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage fullscreen notifications using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. An attacker could potentially exploit this issue to perform spoofing attacks. Lukas Bernhard discovered that Firefox did not properly manage memory when doing Garbage Collector compaction. An attacker could potentially exploits this issue to cause a denial of service. Zx from qriousec discovered that Firefox did not properly validate the address to free a pointer provided to the memory manager. An attacker could potentially exploits this issue to cause a denial of service. Alexis aka zoracon discovered that Firefox did not properly validate the URI received by the WebExtension during a load request. An attacker could potentially exploits this to obtain sensitive information. Trung Pham discovered that Firefox did not properly validate the filename directive in the Content-Disposition header. An attacker could possibly exploit this to perform reflected file download attacks potentially tricking users to install malware. Ameen Basha M K discovered that Firefox did not properly validate downloads of files ending in .desktop. An attacker could potentially exploits this issue to execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-29533, CVE-2023-29535, CVE-2023-29536, CVE-2023-29538, CVE-2023-29539, CVE-2023-29540, CVE-2023-29541, CVE-2023-29548
SHA-256 | 28a0d5910e512b4af6cca1c5d9dce55d15bf50d2e6d7a0ad119fdafd23d0ddad
Red Hat Security Advisory 2023-2023-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2023-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10735, CVE-2021-28861, CVE-2022-40186, CVE-2022-40897, CVE-2022-4304, CVE-2022-4415, CVE-2022-4450, CVE-2022-45061, CVE-2022-48303, CVE-2023-0215, CVE-2023-0286, CVE-2023-0361, CVE-2023-23916
SHA-256 | c6904d9c5fef64669837a2ad40e8be5c2049a68a8cf769b21ca87ac743de8433
Ubuntu Security Notice USN-6039-1
Posted Apr 26, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6039-1 - It was discovered that OpenSSL was not properly managing file locks when processing policy constraints. If a user or automated system were tricked into processing a certificate chain with specially crafted policy constraints, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. David Benjamin discovered that OpenSSL was not properly performing the verification of X.509 certificate chains that include policy constraints, which could lead to excessive resource consumption. If a user or automated system were tricked into processing a specially crafted X.509 certificate chain that includes policy constraints, a remote attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-3996, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466
SHA-256 | eadba9a6b350964348dfb8cdb88af943d8fef03500b5392c3de74160dd5725ad
qdPM 9.1 Cross Site Scripting
Posted Apr 26, 2023
Authored by Or4nG.M4N

qdPM version 9.1 suffers from a cross site scripting vulnerability. Original discovery of cross site scripting in this version is attributed to Mehmet Emiroglu in 2019.

tags | exploit, xss
SHA-256 | 762c3a099f8808825acab911075c4599d14e0932cf84e755a9b0be0b475e2ba4
Red Hat Security Advisory 2023-1953-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1953-01 - Red Hat OpenShift Logging Subsystem 5.6.5 update. Issues addressed include cross site scripting and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2022-4269, CVE-2022-4378, CVE-2023-0266, CVE-2023-0361, CVE-2023-0386, CVE-2023-27539, CVE-2023-28120
SHA-256 | 1ff111b4a85069401a7dff1ebf454e3f070b0c09625b392292621a537d201e03
Red Hat Security Advisory 2023-1866-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1866-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.58. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2022-42889, CVE-2023-25761, CVE-2023-25762
SHA-256 | 60147a8fdf6c53e7eda20f3e0a6a5e994efa58cd13406e903a89573ee69fa740
PHP Restaurants 1.0 SQL Injection / Cross Site Scripting
Posted Apr 26, 2023
Authored by Or4nG.M4N

PHP Restaurants version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass and a cross site scripting vulnerability. Original discovery of SQL injection in this version is attributed to Nefrit ID in February of 2022.

tags | exploit, remote, php, xss, sql injection
SHA-256 | b586c653e892e2e9c9de6abf89736d9dfbba1db49179b4cfb8634d3641320419
Red Hat Security Advisory 2023-1884-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1884-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | fc9c89b13e312fb5f4fe1200009a9ca763b5f8337fc63c661b1d4617cab984b4
Red Hat Security Advisory 2023-1887-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1887-01 - Multicluster Engine for Kubernetes 2.2.3 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-25881, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0361, CVE-2023-0767, CVE-2023-23916, CVE-2023-29017, CVE-2023-29199, CVE-2023-30547
SHA-256 | c76abde01d9f10b906b82af70f526e5dde9beac6b1dfdb779fcbc3547e91a418
Mars Stealer 8.3 Account Takeover
Posted Apr 26, 2023
Authored by Skoll

Mars Stealer version 8.3 suffers from an account takeover vulnerability.

tags | exploit
SHA-256 | 859ee6c02a290946712e160d9fa6957451e5ff9d3a1ee48e8c136fe88493850a
Red Hat Security Advisory 2023-1911-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1911-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | 9d163bafbf388ac00da9f7a838418d56d00c0139edb7bf0140f06b01dec25a06
Red Hat Security Advisory 2023-1894-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1894-01 - Multicluster Engine for Kubernetes 2.1 hotfix security update for console. Red Hat Product Security has rated this update as having a security impact of Critical.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-29017, CVE-2023-29199, CVE-2023-30547
SHA-256 | a4d5833a20f647432803c36f9d6285067175b734d7b16b4a2022f3008be1d028
Red Hat Security Advisory 2023-1891-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1891-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | a02f2aeb02de3e3cd1ef5581ab62cd830ff7765877fb325a12d70845a136334a
Red Hat Security Advisory 2023-1900-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1900-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | 743fb31e69fd4e0116700449a26a483ff2f843f48be9bae0069191715d14ef4d
Online Book Store 1.0 SQL Injection
Posted Apr 26, 2023
Authored by Or4nG.M4N

Online Book Store version 1.0 suffers from a remote SQL injection vulnerability. This is a variant of the original vulnerability discovered in August of 2020 by Moaaz Taha.

tags | exploit, remote, sql injection
SHA-256 | 28d8290923669351721291a134ab393064c7cf596e562dab8f119516f8343a3a
Red Hat Security Advisory 2023-1909-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1909-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | 3739b37c880d2da2be9d06afde260f6c5c51745b5d9fbe5add364093b8a5cfd1
Red Hat Security Advisory 2023-1895-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1895-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | 7e24dc5c83755b35eac96990fec408a3982ade0da1cf5f6def9808b724814582
Red Hat Security Advisory 2023-1897-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1897-01 - Red Hat Advanced Cluster Management for Kubernetes hotfix security update for console. Red Hat Product Security has rated this update as having a security impact of Critical.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-29017, CVE-2023-29199, CVE-2023-30547
SHA-256 | 2a3f7857ed0c099eda337c2e3470ecbfe3228a7856eccb4fda5999ddd33b2267
Red Hat Security Advisory 2023-1898-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1898-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | c3885a76526f2066fe315bfaba0bbeed59359de09379a9db4645147aa664059c
Windows/x64 Delete File / Dynamic PEB Method NULL-Free Shellcode
Posted Apr 26, 2023
Authored by Nayani

This Windows/x64 shellcode is an implementation of the DeleteFileA Windows API to delete a file in the C:/Windows/Temp/ directory.

tags | shellcode
systems | windows
SHA-256 | 5aec26b7e7e54f4fd6d0132a04967aea1827335f4327596bf01678300a0e46bb
Red Hat Security Advisory 2023-1896-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1896-01 - Red Hat Advanced Cluster Management for Kubernetes hotfix security update for console. Red Hat Product Security has rated this update as having a security impact of Critical.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-29017, CVE-2023-29199, CVE-2023-30547
SHA-256 | 83707081dc1083d6ecc90ebee7b1235456f75dafd9f9d03b26e4f683aa42a9ca
Red Hat Security Advisory 2023-1892-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1892-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | d0fee704ac2e0b904f5b6f7700c6e81698b85814ff5f9575c5fcaec580afd3f5
Red Hat Security Advisory 2023-1890-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1890-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | 475f33b3702899a4789e289b74fb8f0babce8e19a61863ced44976a76bbb2989
Red Hat Security Advisory 2023-1889-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1889-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | 9f78081af1d5884adcd5cbc581deafc1e86b022e83fb9cd4c0f6e9aa196fef43
PaperCut NG/MG 22.0.4 Authentication Bypass
Posted Apr 26, 2023
Authored by MaanVader

PaperCut NG/MG version 22.0.4 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2023-27350
SHA-256 | 95117b4ea6d64465f3bdf0cbe0e494cb29917bc6739c9247641bc9a4924cf832
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close