what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 443 RSS Feed

Files Date: 2023-04-01 to 2023-04-30

Ubuntu Security Notice USN-6046-1
Posted Apr 28, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6046-1 - It was discovered that OpenSSL-ibmca incorrectly handled certain RSA decryption. An attacker could possibly use this issue to expose sensitive information.

tags | advisory
systems | linux, ubuntu
SHA-256 | f55ef344d71e201b21b4698faa8ff63c7482b03308bea4929cbee56a381a5abe
ebankIT 6 Denial Of Service
Posted Apr 28, 2023
Authored by Jake Murphy

ebankIT versions prior to 7 suffer from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2023-30455
SHA-256 | 667e017380dd636cee2eeb00041c4e65ca7a482014707822dbdd9e8236100248
ebankIT 6 Cross Site Scripting
Posted Apr 28, 2023
Authored by Jake Murphy

ebankIT versions prior to 7 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2023-30454
SHA-256 | 7931b012672b6d0e59c41ad92350890e7e94c1bf444f21f043305ff4aff364fc
Ubuntu Security Notice USN-6047-1
Posted Apr 28, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6047-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1829
SHA-256 | f5b7c5b414f755f1f1f5aae7b7546519a2ca4d620e65027346a58475baec50ad
Aigital Wireless-N Repeater Mini_Router.0.131229 Remote Command Execution
Posted Apr 28, 2023
Authored by Matteo Mandolini

Aigital Wireless-N Repeater version Mini_Router.0.131229 suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 97edc222e7315d869c1e02817b6e6c4b4c30b0606e2e14225d9e8d4f74decd73
CreativeItem Academy Learning Management System 5.14 Cross Site Scripting
Posted Apr 28, 2023
Authored by CraCkEr

CreativeItem Academy Learning Management System version 5.14 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8dafc026f42d8948de2c7702a63a398acd3ac8d639a74c8228f8c2ee335a2849
Piwigo 13.5.0 SQL Injection
Posted Apr 28, 2023
Authored by Rodolfo Tavares | Site tempest.com.br

Piwigo version 13.5.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2023-26876
SHA-256 | b4b2bf2bd02e5e6e2f24ce835e44e52d016f467252a6d79a30e013c6f3028a74
Ubuntu Security Notice USN-6042-1
Posted Apr 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6042-1 - James Glovich discovered that sensitive data could be exposed in logs. An attacker could use this information to find hashed passwords and possibly escalate their privilege.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2023-1786
SHA-256 | 617d1ac1b19fae7f9e0c8079303d7e381d45f976c17e03a8bd1a7961741ef951
Aigital Wireless-N Repeater Mini_Router.0.131229 Cross Site Scripting
Posted Apr 27, 2023
Authored by Matteo Mandolini

Aigital Wireless-N Repeater version Mini_Router.0.131229 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 94281fa05de5a472379714c6ea982eb1b2cb7c33282f68eb7f5c8014b7e5b07d
Ubuntu Security Notice USN-6045-1
Posted Apr 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6045-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-3586, CVE-2022-4095, CVE-2023-1390, CVE-2023-1670, CVE-2023-1829
SHA-256 | 7f4964a8bbfe00a994ffc5a23ff5b019eb9dba86de5a26b1c7231f029cb97ab6
Red Hat Security Advisory 2023-2041-01
Posted Apr 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2041-01 - Migration Toolkit for Applications 6.1.0 Images. Issues addressed include denial of service, privilege escalation, server-side request forgery, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-4235, CVE-2022-1705, CVE-2022-27664, CVE-2022-2879, CVE-2022-2880, CVE-2022-2995, CVE-2022-30631, CVE-2022-3162, CVE-2022-31690, CVE-2022-3172, CVE-2022-32148, CVE-2022-32189, CVE-2022-32190, CVE-2022-3259
SHA-256 | cdceaf94ffb5f08d7907643b99fcb01c885eb8b1a5f5162002e04ee9e67c6574
Ubuntu Security Notice USN-6044-1
Posted Apr 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6044-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1829, CVE-2023-1872
SHA-256 | 5b839e06eac533ee8f931c1c5769d4b8cd6ee8129c976f2954f2bcb6042ef741
MilleGPG5 5.9.2 Local Privilege Escalation
Posted Apr 27, 2023
Authored by Andrea Intilangelo

MilleGPG5 version 5.9.2 suffers from a local privilege escalation vulnerability due to incorrect access controls.

tags | exploit, local
advisories | CVE-2023-25438
SHA-256 | 170b10b19175444a0ac5f5835ca8fe2bafd6554d1e4df279781d00be46f34722
Ubuntu Security Notice USN-6017-2
Posted Apr 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6017-2 - USN-6017-1 fixed vulnerabilities in Ghostscript. This update provides the corresponding updates for Ubuntu 23.04. Hadrien Perrineau discovered that Ghostscript incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-28879
SHA-256 | 5fdcd4372554a29fabe2932c2cce62f872a1a9eed160f0089423240348d4714a
Red Hat Security Advisory 2023-1948-01
Posted Apr 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1948-01 - OpenStack Compute is open source software designed to provision and manage large networks of virtual machines,creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances, managing networks, and controlling access through users and projects.OpenStack Compute strives to be both hardware and hypervisor agnostic, currently supporting a variety of standard hardware configurations and seven major hypervisors.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-37394
SHA-256 | d94357e5291e25d9b7e2059617f575657ad2c5b0eced88aec72ff581030b93d4
Anomaly Detection In Bank Transactions Using Machine Learning
Posted Apr 27, 2023
Authored by Dr Rachna Jain, Sarthak Deshwal

This whitepaper illustrates different machine learning techniques for anomaly detection relating to bank transactions.

tags | paper
SHA-256 | 7c0d7aa12a9030c384da45dec3261c2fd038115e1291526f413603a7bf272956
Ubuntu Security Notice USN-6043-1
Posted Apr 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6043-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for thisCVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-0386, CVE-2023-1829
SHA-256 | ec0a1a5229c94426fcf24b22b769c5c1af54a44019b5d5ea9430e2216b19db8f
MIMEDefang Email Scanner 3.4
Posted Apr 27, 2023
Authored by Dianne Skoll | Site mimedefang.org

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.

Changes: Added a mimedefang-release program to release a message from quarantine directory. Added email_is_blacklisted to check an email address against an hashbl rbl server. UTF-8 support improvements. Authentication-Results header improvements.
tags | tool
systems | windows, unix
SHA-256 | 6cf72c5f0b4875d9b3fa9dfc1e7d6a36e88448c6d3de3ba2d2d2880ba29e0d7d
ChurchCRM 4.5.3 SQL Injection
Posted Apr 27, 2023
Authored by Iyaad Luqman K

ChurchCRM versions 4.5.3 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2023-24685
SHA-256 | b7e8e8d02c14367cc11b87ca55d24411a5f5c671111953263d92dee6b75436f6
Ubuntu Security Notice USN-6010-3
Posted Apr 26, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6010-3 - USN-6010-1 fixed vulnerabilities and USN-6010-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage fullscreen notifications using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. An attacker could potentially exploit this issue to perform spoofing attacks. Lukas Bernhard discovered that Firefox did not properly manage memory when doing Garbage Collector compaction. An attacker could potentially exploits this issue to cause a denial of service. Zx from qriousec discovered that Firefox did not properly validate the address to free a pointer provided to the memory manager. An attacker could potentially exploits this issue to cause a denial of service. Alexis aka zoracon discovered that Firefox did not properly validate the URI received by the WebExtension during a load request. An attacker could potentially exploits this to obtain sensitive information. Trung Pham discovered that Firefox did not properly validate the filename directive in the Content-Disposition header. An attacker could possibly exploit this to perform reflected file download attacks potentially tricking users to install malware. Ameen Basha M K discovered that Firefox did not properly validate downloads of files ending in .desktop. An attacker could potentially exploits this issue to execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-29533, CVE-2023-29535, CVE-2023-29536, CVE-2023-29538, CVE-2023-29539, CVE-2023-29540, CVE-2023-29541, CVE-2023-29548
SHA-256 | 28a0d5910e512b4af6cca1c5d9dce55d15bf50d2e6d7a0ad119fdafd23d0ddad
Red Hat Security Advisory 2023-2023-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2023-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10735, CVE-2021-28861, CVE-2022-40186, CVE-2022-40897, CVE-2022-4304, CVE-2022-4415, CVE-2022-4450, CVE-2022-45061, CVE-2022-48303, CVE-2023-0215, CVE-2023-0286, CVE-2023-0361, CVE-2023-23916
SHA-256 | c6904d9c5fef64669837a2ad40e8be5c2049a68a8cf769b21ca87ac743de8433
Ubuntu Security Notice USN-6039-1
Posted Apr 26, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6039-1 - It was discovered that OpenSSL was not properly managing file locks when processing policy constraints. If a user or automated system were tricked into processing a certificate chain with specially crafted policy constraints, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. David Benjamin discovered that OpenSSL was not properly performing the verification of X.509 certificate chains that include policy constraints, which could lead to excessive resource consumption. If a user or automated system were tricked into processing a specially crafted X.509 certificate chain that includes policy constraints, a remote attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-3996, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466
SHA-256 | eadba9a6b350964348dfb8cdb88af943d8fef03500b5392c3de74160dd5725ad
qdPM 9.1 Cross Site Scripting
Posted Apr 26, 2023
Authored by Or4nG.M4N

qdPM version 9.1 suffers from a cross site scripting vulnerability. Original discovery of cross site scripting in this version is attributed to Mehmet Emiroglu in 2019.

tags | exploit, xss
SHA-256 | 762c3a099f8808825acab911075c4599d14e0932cf84e755a9b0be0b475e2ba4
Red Hat Security Advisory 2023-1953-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1953-01 - Red Hat OpenShift Logging Subsystem 5.6.5 update. Issues addressed include cross site scripting and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2022-4269, CVE-2022-4378, CVE-2023-0266, CVE-2023-0361, CVE-2023-0386, CVE-2023-27539, CVE-2023-28120
SHA-256 | 1ff111b4a85069401a7dff1ebf454e3f070b0c09625b392292621a537d201e03
Red Hat Security Advisory 2023-1866-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1866-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.58. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2022-42889, CVE-2023-25761, CVE-2023-25762
SHA-256 | 60147a8fdf6c53e7eda20f3e0a6a5e994efa58cd13406e903a89573ee69fa740
Page 1 of 18
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close