what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files Date: 2023-07-12

Ubuntu Security Notice USN-6220-1
Posted Jul 12, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6220-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information or possibly cause undesired behaviors.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2023-35788
SHA-256 | e3f6ae7b7feaf80a5f0392b1f566c22266ff2458d59396b185290a15a3e54bd9
Red Hat Security Advisory 2023-4038-01
Posted Jul 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4038-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.

tags | advisory, python, bypass
systems | linux, redhat
advisories | CVE-2023-24329
SHA-256 | b42f6272c8c7fddf2249cabdb0bf9b19272c6444286b291de14c13370dc28260
Ubuntu Security Notice USN-6218-1
Posted Jul 12, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6218-1 - A use-after-free was discovered in Firefox when handling workers. An attacker could potentially exploit this to cause a denial of service, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-3600
SHA-256 | 966445a8523204307dc01ff6e07c491cde8da7b283f20acf361db6406cedb1cb
Red Hat Security Advisory 2023-4037-01
Posted Jul 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4037-01 - An update for bind9.16 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-2828
SHA-256 | becb7066d10dfc31d0da91a6b7e02efb6981de67b80f8a84a18ed57190b7c992
jSQL Injection 0.87
Posted Jul 12, 2023
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Auto inject multipart and cookie params. Optimized connection test. Restored issue tracking, translation submit, bug report. Compatibility for Java 18.
tags | tool, scanner, sql injection
systems | linux, unix
SHA-256 | aec4d0bde2e1b17624594a8ea9564e017baab16a62c45a923b69e9410b5db405
Zed Attack Proxy 2.13.0 Cross Platform Package
Posted Jul 12, 2023
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. This is the cross platform package.

Changes: This is a bug fix and enhancement release.
tags | tool, web, vulnerability
SHA-256 | ab6c398a6b60e85afd462af68f301ccef35f60a158cbbdd7e462030178c598b8
WordPress User Registration 3.0.2 Arbitrary File Upload
Posted Jul 12, 2023
Authored by Lana Codes | Site wordfence.com

The User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to a hard-coded encryption key and missing file type validation on the ur_upload_profile_pic function in versions up to, and including, 3.0.2. This makes it possible for authenticated attackers with subscriber-level capabilities or above to upload arbitrary files on the affected site's server which may make remote code execution possible. This was partially patched in version 3.0.2 and fully patched in version 3.0.2.1.

tags | exploit, remote, arbitrary, code execution, file upload
advisories | CVE-2023-3342
SHA-256 | 617e7a31e8613b2fc41dfb20282c61f763065187b026a8188f18e87a77f289a5
Ubuntu Security Notice USN-6217-1
Posted Jul 12, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6217-1 - McKee-Harris, Matt Cotterell, and Jack Moran discovered that .NET did not properly update account lockout maximum failed attempts. An attacker could possibly use this issue to bypass the security feature and attempt to guess more passwords for an account.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2023-33170
SHA-256 | 6848ace880c436072ff79fe03d2c13de4774d3feff0a23f6c2842338b627bf34
Red Hat Security Advisory 2023-4032-01
Posted Jul 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4032-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.

tags | advisory, python, bypass
systems | linux, redhat
advisories | CVE-2023-24329
SHA-256 | 5c73f78766f92a8eb634aca8aadf9dac83904c1c56404db35eca47bdf87d2abf
Frappe Framework 13.4.0 Remote Code Execution
Posted Jul 12, 2023
Authored by Sander Ferdinand

Frappe Framework (ERPNext) version 13.4.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 5a97cac7d4a1e11432f6ce200fb4fffe43db0a0754d90d15a613fa8b05f89ba9
Spring Cloud 3.2.2 Remote Command Execution
Posted Jul 12, 2023
Authored by GatoGamer1155, 0bfxgh0st

Spring Cloud version 3.2.2 suffers from a remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2022-22963
SHA-256 | d181f87e1828ab23231c1663a6b6c2406af8e9283ea467e7f313997dacb282ed
Red Hat Security Advisory 2023-4039-01
Posted Jul 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4039-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2023-31124, CVE-2023-31130, CVE-2023-31147, CVE-2023-32067
SHA-256 | 79c745dae0e4a96887a92346201fafff379f8553e65ad01401ec7cb0436a84c6
Red Hat Security Advisory 2023-4034-01
Posted Jul 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4034-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2023-31124, CVE-2023-31130, CVE-2023-31147, CVE-2023-32067
SHA-256 | 4a5158a0332de2f9544f7ef4fb9f874620df54c370aaefcae4faec249535a8a1
Red Hat Security Advisory 2023-4033-01
Posted Jul 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4033-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2023-31124, CVE-2023-31130, CVE-2023-31147, CVE-2023-32067
SHA-256 | 769605a7ad35f0daf38e521bc2fa72daec355ff0f28a65f5298d1651be8c9b52
Red Hat Security Advisory 2023-4036-01
Posted Jul 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4036-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2023-31124, CVE-2023-31130, CVE-2023-31147, CVE-2023-32067
SHA-256 | 8d61165472772112c3e82bb47d7e6b7af07d15f2baa367f1ea11df1f38d219ba
Red Hat Security Advisory 2023-4035-01
Posted Jul 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4035-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include buffer overflow and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2022-4904, CVE-2023-31124, CVE-2023-31130, CVE-2023-31147, CVE-2023-32067
SHA-256 | b2a625f052f26d493dd20d4b4e6799bb0b54fd62b19e9cf1c70573ba4694f509
Red Hat Security Advisory 2023-3976-01
Posted Jul 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3976-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.24.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-1260
SHA-256 | 19f9a8422cfdc08ebdb690ed21c53a279d57c9e1b4c9561c047f6ae6aaa634ef
Red Hat Security Advisory 2023-4030-01
Posted Jul 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4030-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-3128
SHA-256 | 50fe6b5b36dccdf0e45e4ac232a0ff31b4cf2d557f4bffd2d51c0a6904975387
Banner RotatorCMS 1.0 Database Disclosure
Posted Jul 12, 2023
Authored by indoushka

Banner RotatorCMS version 1.0 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | b27246139e06d65cee5536bab5d85839356bd732a55ae71b5d58cba4d91b2cb3
Avidi Media 2.0 Insecure Settings
Posted Jul 12, 2023
Authored by indoushka

Avidi Media version 2.0 appears to leave default credentials installed after installation.

tags | exploit
SHA-256 | 09cf3e05ccb374c53770542c230cad40b6ee8705d33539b62fa335bbea91d3f6
AtTestimonials CMS 1.2 Missing Authentication
Posted Jul 12, 2023
Authored by indoushka

AtTestimonials CMS version 1.2 suffers from a missing authentication vulnerability.

tags | exploit
SHA-256 | 25d086a35855db7c7da8146896c3e57db3cb50c116ee28a000e75f38a1630bfd
Atom CMS 2.0 Directory Traversal
Posted Jul 12, 2023
Authored by indoushka

Atom CMS version 2.0 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 2976ad9d9a890a4a7e519cdf0c2b48e9b33c256ea38b4aa392ab90ba39e47ee5
Nedal CMS 1.2 SQL Injection
Posted Jul 12, 2023
Authored by indoushka

Nedal CMS version 1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b91d5afa134c3c2ad67707723e8fc7b15b3bf49936c128f5b56c596d7c7fa06c
Asanhamayesh CMS 3.4.6 Directory Traversal
Posted Jul 12, 2023
Authored by indoushka

Asanhamayesh CMS version 3.4.6 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 9ff09660c188f1add4a4ddaf6112383528cc77dedd30e4292cd0e25ad46b4370
ARTISTRY LIMITED LMS 0.5 Insecure Settings
Posted Jul 12, 2023
Authored by indoushka

ARTISTRY LIMITED LMS version 0.5 appears to leave default credentials installed after installation.

tags | exploit
SHA-256 | bf3f3eeffc16bf117b38dd82826882f4821b1a20ceee272a0cf3f270eac98a81
Page 1 of 2
Back12Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close