exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2023-05-11

Debian Security Advisory 5400-1
Posted May 11, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5400-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, spoofing or permission request bypass.

tags | advisory, web, arbitrary, spoof
systems | linux, debian
advisories | CVE-2023-32205, CVE-2023-32206, CVE-2023-32207, CVE-2023-32211, CVE-2023-32212, CVE-2023-32213, CVE-2023-32215
SHA-256 | 7c5ef5930d0fbf4997893acb00779fa26f1743a33f7f65e92685942a1e67fd2f
HouseKit 1.0 Cross Site Scripting
Posted May 11, 2023
Authored by CraCkEr

HouseKit version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2814eacec28ae2a134b74aa1a63579f6003ba0a1502807e22ce849e5ac78e1b5
HouseKit 1.0 SQL Injection
Posted May 11, 2023
Authored by CraCkEr

HouseKit version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 55369d3a582f8effcb97c63db53a2521a23c990dc154aa634920d311c9fa343c
Ubuntu Security Notice USN-6072-1
Posted May 11, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6072-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Lin Ma discovered a race condition in the io_uring subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-0386, CVE-2023-0468, CVE-2023-1829, CVE-2023-1859, CVE-2023-23455, CVE-2023-26545
SHA-256 | 464784fc1b864509cd7743efd768c18ef1040022ac031c3c8fa8e70d3c797def
Windows Kernel CmpDoReDoCreateKey / CmpDoReOpenTransKey Out-Of-Bounds Read
Posted May 11, 2023
Authored by Google Security Research, mjurczyk

The Windows kernel suffers from out-of-bounds read vulnerabilities when operating on invalid registry paths in CmpDoReDoCreateKey / CmpDoReOpenTransKey.

tags | exploit, kernel, registry, vulnerability
systems | windows
advisories | CVE-2023-21776, CVE-2023-28293
SHA-256 | 76ec9aa7a319065af82cafdd465533228021c8f1589b7dfe874c3ed0033910d0
Red Hat Security Advisory 2023-2728-01
Posted May 11, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2728-01 - The Red Hat OpenShift Distributed Tracing 2.8 container images have been updated. CVE-2022-41717 was fixed as part of this release. Users of Red Hat OpenShift Distributed Tracing 2.8 container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs, and add these enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41717, CVE-2023-0361
SHA-256 | e9d087bb7552f09133d7acc445f1351e64dcca989a4ba8b51a3776a303ac5e50
Windows Kernel Uninitialized Memory / Pointer Disclosure
Posted May 11, 2023
Authored by Google Security Research, mjurczyk

The Windows Kernel suffers from a disclosure of kernel pointers and uninitialized memory through registry KTM transaction log files.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-28271
SHA-256 | d28ae7b6f77689b87212fa778ce097dbeda0292d731f4abdb493b75f067884e7
Ubuntu Security Notice USN-6071-1
Posted May 11, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6071-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Lin Ma discovered a race condition in the io_uring subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-2590, CVE-2022-3303, CVE-2022-3586, CVE-2022-40307, CVE-2022-4095, CVE-2022-4662, CVE-2023-0386, CVE-2023-0468, CVE-2023-1829, CVE-2023-1859, CVE-2023-23455, CVE-2023-26545
SHA-256 | a8d674de4142afe5b10e10c26e6abb74259bba061201962b8a068983374d9c79
Pentaho Business Server Authentication Bypass / SSTI / Code Execution
Posted May 11, 2023
Authored by jheysel-r7, dwbzn, Harry Withington | Site metasploit.com

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x is vulnerable to an authentication bypass (CVE-2022-43939) and a Server Side Template Injection (SSTI) vulnerability (CVE-2022-43769) that can be chained together to achieve unauthenticated code execution as the user running the Pentaho Business Analytics Server. The first vulnerability (CVE-2022-43939) is an authentication bypass which stems from a regex that allows any URL that ends in "/", followed by "require", optionally "-js" or "-cfg", any character, and then the string "js" followed optionally by "?" and then any characters of the attacker's choice. The second (CVE-2022-43769) is a server side template injection. This vulnerability allows remote code execution by making a GET request to /api/ldap/config/ldapTreeNodeChildren and setting the url parameter to ThymeLeaf template code. By abusing the ability to execute arbitrary Java classes within Thymeleaf templates, an attacker can execute arbitrary commands as the user running the Pentaho Business Analytics Server.

tags | exploit, java, remote, arbitrary, code execution
advisories | CVE-2022-43769, CVE-2022-43939
SHA-256 | 85e7f9076fc208c9c4ebe24ee580c0390563fe0f0db89e01aa897a906b078801
Shannon Baseband SIP Retry-After Header Heap Buffer Overflow
Posted May 11, 2023
Authored by Ivan Fratric, Google Security Research

There is a heap buffer overflow in Shannon Baseband when processing the Retry-After header in the SIP protocol decoder (IMSPL_SipRetryAfter.c according to the debug strings in the firmware image).

tags | exploit, overflow, protocol
advisories | CVE-2023-29087
SHA-256 | dd3027619afa3f34e33a8c7c8fa273a3caead4344694e68e00f0bf7658948980
Ubuntu Security Notice USN-6070-1
Posted May 11, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6070-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1829, CVE-2023-1872
SHA-256 | fa0504421830ed00c4f6bcbaae386c80766836060ce80dbaed62ec20449f15e7
Shannon Baseband SIP Min-SE Header Stack Buffer Overflow
Posted May 11, 2023
Authored by Ivan Fratric, Google Security Research

There is a stack buffer overflow in Shannon Baseband when processing the Min-SE header in the SIP protocol decoder (IMSPL_SipMinSE.c according to the debug strings in the firmware image).

tags | exploit, overflow, protocol
advisories | CVE-2023-29086
SHA-256 | e0cd48f57c8b65b8d3f033aad592c288cb156a5fc17e43743d268337dab80c20
Shannon Baseband Negative-Size Memcpy / Out-Of-Bounds Read
Posted May 11, 2023
Authored by Ivan Fratric, Google Security Research

There is a negative-size memcpy (heap overflow) when decoding the body of SIP multipart messages. According to debug strings in the modem image, this functionality is implemented in IMSPL_SipFragDecode.

tags | exploit, overflow
advisories | CVE-2023-29089
SHA-256 | 008713e1403417d96115cab8cea235d3b9c02eefab2c7765ee120627abe0c5b3
Red Hat Security Advisory 2023-2110-01
Posted May 11, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2110-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.16. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2022-46146, CVE-2023-0286, CVE-2023-1999, CVE-2023-28617
SHA-256 | 4e216a91a43a7b8927163cc64253bfb9385719276af01ea8051621c425a5d012
Ubuntu Security Notice USN-6069-1
Posted May 11, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6069-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1829
SHA-256 | 682de7dd8a93cc29b474ffb0dd00cf1ad5f678de9bf53e08447bebbfc4f17e3d
Shannon Baseband SIP Session-Expires Header Stack Buffer Overflow
Posted May 11, 2023
Authored by Ivan Fratric, Google Security Research

There is a stack buffer overflow in Shannon Baseband when processing the Session-Expires header in the SIP protocol decoder (IMSPL_SipDecode.c according to the debug strings in the firmware image).

tags | exploit, overflow, protocol
advisories | CVE-2023-29088
SHA-256 | e11bd9abdf4b3c1c338a567873ee29ab281b3106b929fa8c9cb91119afcbc1f7
Shannon Baseband SIP Status Line Stack Buffer Overflow
Posted May 11, 2023
Authored by Ivan Fratric, Google Security Research

There is a stack buffer overflow in Shannon Baseband when processing the status line of a SIP message (this happens in IMSPL_SipStatusLine.c according to the debug strings in the firmware image).

tags | exploit, overflow
advisories | CVE-2023-29085
SHA-256 | 775cec97675cbb8c305fcd017b6eeee470cd0ac86f5bca8f85e29ef9c9c3e283
Shannon Baseband Via Header Decoder Stack Buffer Overflow
Posted May 11, 2023
Authored by Ivan Fratric, Google Security Research

There is a stack buffer overflow in Shannon Baseband when processing the Via header in the SIP protocol decoder (IMSPL_SipDecode.c according to the debug strings in the firmware image).

tags | exploit, overflow, protocol
advisories | CVE-2023-29090
SHA-256 | 0afa5f6ef5d703a73b0521ecca5d80bc302663f045296001e5c9f592b245d7f9
GaanaGawaana 1.0 SQL Injection
Posted May 11, 2023
Authored by CraCkEr

GaanaGawaana version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d2715dfddc3b529d3aa53a931638e0aba5f80d255d380b3ac713bab66edf5ed7
GaanaGawaana 1.0 Cross Site Scripting
Posted May 11, 2023
Authored by CraCkEr

GaanaGawaana version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 027166d5e4a57e561c1b3f4016ed7d4166d5022f430c42c5a136e242eb7e2cc6
Red Hat Security Advisory 2023-2710-01
Posted May 11, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2710-01 - Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services. This erratum releases a new image for Red Hat Single Sign-On 7.6.3 for use within the Red Hat OpenShift Container Platform cloud computing Platform-as-a-Service for on-premise or private cloud deployments, aligning with the standalone product release. Issues addressed include denial of service and information leakage vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-0341, CVE-2022-38752, CVE-2022-41854, CVE-2022-41881, CVE-2022-4492, CVE-2022-45787, CVE-2023-0361, CVE-2023-0482, CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967
SHA-256 | 32e6c9e9b3d4bc81ec1e8c48daa6542acb721b28cca77ce268f937fb1ca5c6e8
Windows Kernel CmpCleanupLightWeightPrepare Use-After-Free
Posted May 11, 2023
Authored by Google Security Research, mjurczyk

In Windows Registry, security descriptors are shared by multiple keys, and thus reference counted via the _CM_KEY_SECURITY.ReferenceCount field. It is critical for system security that the kernel correctly keeps track of the references, so that the sum of the ReferenceCount fields is equal to the number of keys in the hive at all times (with small exceptions for things like transacted and not yet committed operations etc.). If the ReferenceCount of any descriptor drops below the true number of its active references, it may result in a use-after-free condition and memory corruption. Similarly, if the field becomes inadequately large, it may be possible to overflow it and also trigger a use-after-free. A bug of the latter type is described in this report.

tags | exploit, overflow, kernel, registry
systems | windows
advisories | CVE-2023-28248
SHA-256 | 4666052c91d73ebc181951a754ead95069fc09d5df87c094776106c9e9edc90e
Shannon Baseband SIP URI Decoder Stack Buffer Overflow
Posted May 11, 2023
Authored by Ivan Fratric, Google Security Research

There is a stack buffer overflow in Shannon Baseband in the SIP URI decoder. According to the debug strings present in the firmware image, this decoder corresponds to IMSPL_SipUri.c.

tags | exploit, overflow
advisories | CVE-2023-29091
SHA-256 | cef6065d95093542cb22a1a75544960827efff742ba806ef8e0db27ff1a75588
Red Hat Security Advisory 2023-2713-01
Posted May 11, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2713-01 - Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.3 serves as a replacement for Red Hat Single Sign-On 7.6.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include denial of service and information leakage vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-0341, CVE-2022-38752, CVE-2022-41854, CVE-2022-41881, CVE-2022-4492, CVE-2022-45787, CVE-2023-0482
SHA-256 | 88af3c86321419e5c79660ee0a53ad82e769dd62dab681d57ad959632ffa1db1
Red Hat Security Advisory 2023-2029-01
Posted May 11, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2029-01 - The OpenShift Security Profiles Operator v0.7.0 is now available. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-0475, CVE-2023-25173
SHA-256 | 008bf2df386754638ecc3c84d787cc47a38a29c366656c0ad077a162138cdb5c
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close