exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2023-06-23

Debian Security Advisory 5438-1
Posted Jun 23, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5438-1 - A flaw was found in Asterisk, an Open Source Private Branch Exchange. A buffer overflow vulnerability affects users that use PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that this issue is in parsing the query record parse_query(), while the issue in CVE-2022-24793 is in parse_rr(). A workaround is to disable DNS resolution in PJSIP config (by setting nameserver_count to zero) or use an external resolver implementation instead.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2023-27585
SHA-256 | 36f72d3d649edb95df059fb18d510eb21ac8c037e62356c078f3a169cddb0f4c
Red Hat Security Advisory 2023-3614-01
Posted Jun 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3614-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.4.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41723, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0361, CVE-2023-24329, CVE-2023-24540
SHA-256 | 9c2f46c33295c1b0e7ecb18249a60f635ddabddc6a6d5b912f2e4088da5e5897
PHPJabbers Forum Script 3.0 Persistent Cross Site Scripting
Posted Jun 23, 2023
Authored by CraCkEr

PHPJabbers Forum Script version 3.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f4e5ffeaf79c0daafb1b71a6644d88419b69e1fe0a50fcf7dc1b56f73028642a
PHPJabbers Forum Script 3.0 Cross Site Scripting
Posted Jun 23, 2023
Authored by CraCkEr

PHPJabbers Forum Script version 3.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7c7fa0e33bc0473aac31afaf92ccaa826276ae56d152f8c973b054659b1aed19
Red Hat Security Advisory 2023-3612-01
Posted Jun 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3612-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.4. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-41717, CVE-2022-41724, CVE-2022-41725, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24540, CVE-2023-27561
SHA-256 | ea9917b98cd5b9cbd392b57a3ac838f9c1a315a3707d8b46feb8cd1c85c208ee
Debian Security Advisory 5435-2
Posted Jun 23, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5435-2 - Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in information disclosure or denial of service.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2022-47184, CVE-2023-30631, CVE-2023-33933
SHA-256 | c1fcf596ee1cf44b8cea35182003229a26d8a8252f42c3fdec4a778bcd034ed3
MOVEit SQL Injection
Posted Jun 23, 2023
Authored by bwatters-r7, sfewer-r7, rbowes-r7 | Site metasploit.com

This Metasploit module exploits an SQL injection vulnerability in the MOVEit Transfer web application that allows an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker can leverage an information leak be able to upload a .NET deserialization payload.

tags | exploit, web, sql injection
advisories | CVE-2023-34362
SHA-256 | b18ba528cf2f662442aa4037f5ec3d421c3b9cc9530694a34a9b358c25e66927
Ubuntu Security Notice USN-6161-2
Posted Jun 23, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6161-2 - USN-6161-1 fixed vulnerabilities in .NET. The update introduced a regression with regards to how the runtime imported X.509 certificates. This update fixes the problem. It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could possibly use this issue to elevate their privileges.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-24936, CVE-2023-29331, CVE-2023-29337, CVE-2023-32032, CVE-2023-33128
SHA-256 | 67ee7be668513048889aa6b43f011d07bf3cb753ec723bc38e4592358e37c481
PHPJabbers STIVA Blog Script 4.1 Cross Site Scripting
Posted Jun 23, 2023
Authored by CraCkEr

PHPJabbers STIVA Blog Script version 4.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7041d8c30f1fb64eafc1e8a95150416a4545cef4895c1bfcbaf4b5cd4888c47e
Red Hat Security Advisory 2023-3742-02
Posted Jun 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3742-02 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include bypass, denial of service, and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2015-20107, CVE-2018-25032, CVE-2020-10735, CVE-2020-16250, CVE-2020-16251, CVE-2020-17049, CVE-2021-28861, CVE-2021-3765, CVE-2021-3807, CVE-2021-4231, CVE-2021-4235, CVE-2021-4238, CVE-2021-43519, CVE-2021-43998
SHA-256 | 80569651d5cc8033bbdb7f6416fafc8f5509382decbdaab9937ba65ff11a16de
Ubuntu Security Notice USN-6188-1
Posted Jun 23, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6188-1 - Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-2650
SHA-256 | 3e33127cafc3fd6f8d97bd093f3f532861cd023f096611f010ee2d37f3305390
Ubuntu Security Notice USN-6184-1
Posted Jun 23, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6184-1 - It was discovered that CUPS incorrectly handled certain memory operations. An attacker could possibly use this issue to cause CUPS to crash, resulting in a denial of service, or possibly obtain sensitive information.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2023-34241
SHA-256 | d939dfb7a4a8b857fe788402db822e7c8cbd0336516fa86a5332922209c7838b
Advanced ASP Chat 2.0 Database Disclosure
Posted Jun 23, 2023
Authored by indoushka

Advanced ASP Chat version 2.0 suffers from a database disclosure vulnerability.

tags | exploit, asp, info disclosure
SHA-256 | d0759a6a21a6859cc658221b9d3c3eb88a0dccd988e1af4d2a9d075c3eedc50b
Adult Video Script 3.0 File Inclusion
Posted Jun 23, 2023
Authored by indoushka

Adult Video Script version 3.0 suffers from local and remote file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, file inclusion
SHA-256 | e264208c1c42c41c7c3f960f862ab82fde6a4b9793769fd169535d090527b2ec
Adiscon LogAnalyzer 4.1.5 Cross Site Scripting
Posted Jun 23, 2023
Authored by indoushka

Adiscon LogAnalyzer version 4.1.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 879d0a184f8d10f47f9c9425e7e551ed507dbb61347b1b8e4f7f3148039accce
Ubuntu Security Notice USN-6187-1
Posted Jun 23, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6187-1 - William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service. It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-4269, CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1670, CVE-2023-1859, CVE-2023-1998, CVE-2023-25012, CVE-2023-2985
SHA-256 | 89823737d37fd6db3070e194a86809b3c820df253fef685096a594196fd7d2d3
Red Hat Security Advisory 2023-3777-01
Posted Jun 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3777-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. Issues addressed include a bypass vulnerability.

tags | advisory, python, bypass
systems | linux, redhat
advisories | CVE-2023-24329
SHA-256 | eac49ab19a4977a5129c40dcb9ec56c063b8f1781e110306c05c06f444e44d60
PHPJabbers Knowledge Base Builder 3.0 Cross Site Scripting
Posted Jun 23, 2023
Authored by CraCkEr

PHPJabbers Knowledge Base Builder version 3.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 85e042ec2dbd0ef8f9cc0a10d3182794ac492c297c35c8619dbf85ec10b47e2b
Red Hat Security Advisory 2023-3776-01
Posted Jun 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3776-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.

tags | advisory, python, bypass
systems | linux, redhat
advisories | CVE-2023-24329
SHA-256 | d86c3835c48ca3d3ea0b220e1fa2588dff7a2ae26b121b5152184f72cd7a2421
Adapt Inventory Management System 1.0.0 SQL Injection
Posted Jun 23, 2023
Authored by indoushka

Adapt Inventory Management System version 1.0.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 5d82550b4d898820fc65d1b241fcdc0044ee4347681fb99564390a22ce0274e1
Active Newspaper 2.0 HTML Injection
Posted Jun 23, 2023
Authored by indoushka

Active Newspaper version 2.0 suffers from an html injection vulnerability.

tags | exploit
SHA-256 | d7788acd25934e4f336dd671dc9fb07b6d931cf95efc7ba4b66d3b2cb52cd854
Ubuntu Security Notice USN-6186-1
Posted Jun 23, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6186-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-4269, CVE-2023-1380, CVE-2023-1583, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1859, CVE-2023-1989, CVE-2023-1990, CVE-2023-2194, CVE-2023-2235, CVE-2023-2612, CVE-2023-28466, CVE-2023-28866
SHA-256 | 852bc0984d64527371695ee9feac0d312b46b12c591411f7a5be5f0ffb1c93a2
Red Hat Security Advisory 2023-3780-01
Posted Jun 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3780-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. Issues addressed include a bypass vulnerability.

tags | advisory, python, bypass
systems | linux, redhat
advisories | CVE-2023-24329
SHA-256 | bddb6f1e11a6ba9c52be0f94ca826d2448c508019f60d2f892b5aa469b5fe32e
Smart Office Web 20.28 Information Disclosure / Insecure Direct Object Reference
Posted Jun 23, 2023
Authored by Tejas Nitin Pingulkar

Smart Office Web version 20.28 suffers from information disclosure due to an insecure direct object reference vulnerability.

tags | exploit, web, info disclosure
advisories | CVE-2022-47075, CVE-2022-47076
SHA-256 | 0e404965ef5239207c525c44d321cb98b5082332677616c1825d478aca12e3c8
Ubuntu Security Notice USN-6185-1
Posted Jun 23, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6185-1 - It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service. It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1670, CVE-2023-1859, CVE-2023-1998, CVE-2023-25012, CVE-2023-2985
SHA-256 | be2e9478a6761c035541dad4eff6b7f5f36c9c99263510c8055de1ab00fac4e0
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close