exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 47 RSS Feed

Files Date: 2023-08-01

Packet Storm New Exploits For July, 2023
Posted Aug 1, 2023
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 314 exploits added to Packet Storm in July, 2023.

tags | exploit
SHA-256 | 191302f3c23f0570167c8994830ff34d1956d34e1b44695873e223f86dcdd584
Eramba 3.19.1 Remote Command Execution
Posted Aug 1, 2023
Authored by Sergey Makarov | Site trovent.io

Eramba version 3.19.1 suffers from a remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2023-36255
SHA-256 | 498834ba38cae4a4baa030af1b9873d149be69378a63e7ebf05d063e6b0d9df2
Ubuntu Security Notice USN-6266-1
Posted Aug 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6266-1 - Zac Sims discovered that librsvg incorrectly handled decoding URLs. A remote attacker could possibly use this issue to read arbitrary files by using an include element.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-38633
SHA-256 | 06773e26613c1f6604d2287ee6c54aa9a6a94e09a0c9341148dd41b01d3a1f80
Joomla JLex Review 6.0.1 Cross Site Scripting
Posted Aug 1, 2023
Authored by CraCkEr

Joomla JLex Review extension version 6.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f44fe1c411430bac50119a41a22e33e1f6cf7dd5bd1751f609712c8288a08198
Red Hat Security Advisory 2023-4411-01
Posted Aug 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4411-01 - CJose is C library implementing the Javascript Object Signing and Encryption.

tags | advisory, javascript
systems | linux, redhat
advisories | CVE-2023-37464
SHA-256 | dccddcd552f7680d2e72aefb3cffd84471aa6a23a83e150e4d8ca50f00633b60
WordPress Stripe Payment Plugin For WooCommerce 3.7.7 Authentication Bypass
Posted Aug 1, 2023
Authored by Lana Codes | Site wordfence.com

WordPress Stripe Payment Plugin for WooCommerce plugin versions 3.7.7 and below suffer from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2023-3162
SHA-256 | 263a956ca459f42b4b70546f48ac6fceb289d765a400737df8fed883d25f9594
Red Hat Security Advisory 2023-4410-01
Posted Aug 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4410-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-37464
SHA-256 | 962a03700cdaf2b77f70083e13671a7f51883c7dd8caf31e5fcb70c908ba55ca
AIDE 0.18.6
Posted Aug 1, 2023
Authored by Rami Lehti | Site aide.github.io

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Changes: Updated GPG key in SECURITY.md. Fixed double free() during report generation. Improved handling of ACL errors.
tags | tool, intrusion detection
systems | unix
SHA-256 | 8ff36ce47d37d0cc987762d5d961346d475de74bba8a1832fd006db6edd3c10e
OpenSSL Toolkit 3.1.2
Posted Aug 1, 2023
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.1.x series is the current major version of OpenSSL.

Changes: Fixed excessive time spent checking DH q parameter value. Fixed DH_check() excessive time with over sized modulus. No longer ignoring empty associated data entries with AES-SIV. A change has been made to the enable-fips option.
tags | encryption, protocol
systems | unix
advisories | CVE-2023-2975, CVE-2023-3446, CVE-2023-3817
SHA-256 | a0ce69b8b97ea6a35b96875235aa453b966ba3cba8af2de23657d8b6767d6539
OpenSSL Toolkit 3.0.10
Posted Aug 1, 2023
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.

Changes: Fixed excessive time spent checking DH q parameter value. Fixed DH_check() excessive time with over sized modulus. No longer ignoring empty associated data entries with AES-SIV.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2023-2975, CVE-2023-3446, CVE-2023-3817
SHA-256 | 1761d4f5b13a1028b9b6f3d4b8e17feb0cedc9370f6afe61d7193d2cdce83323
OpenSSL Toolkit 1.1.1v
Posted Aug 1, 2023
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide.

Changes: Fixed excessive time spent checking DH q parameter value. Fixed DH_check() excessive time with over sized modulus.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2023-3446, CVE-2023-3817
SHA-256 | d6697e2871e77238460402e9362d47d18382b15ef9f246aba6c7bd780d38a6b0
Uvdesk 1.1.3 Shell Upload
Posted Aug 1, 2023
Authored by Daniel Barros

Uvdesk version 1.1.3 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2023-39147
SHA-256 | 785a58fce3185616f8ebb56cc4c3498d9ba2782170d34b1c487a14564309a3e1
Ubuntu Security Notice USN-6263-1
Posted Aug 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6263-1 - Motoyasu Saburi discovered that OpenJDK incorrectly handled special characters in file name parameters. An attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 11 and OpenJDK 17. Eirik Bjørsnøs discovered that OpenJDK incorrectly handled certain ZIP archives. An attacker could possibly use this issue to cause a denial of service. This issue only affected OpenJDK 11 and OpenJDK 17.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2023-22006, CVE-2023-22036, CVE-2023-22041, CVE-2023-22044, CVE-2023-22045, CVE-2023-22049, CVE-2023-25193
SHA-256 | 2a8710ab7e6491abd98022fbf0e059c14cea84ff8d9b7cf0e64f2f7802428148
General Device Manager 2.5.2.2 Buffer Overflow
Posted Aug 1, 2023
Authored by Ahmet Umit Bayram

General Device Manager version 2.5.2.2 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 4ff81e959ae441d46d55d7766788ad9ce12c3dd769abed1820c344a9346bb6c4
Red Hat Security Advisory 2023-4409-01
Posted Aug 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4409-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-37464
SHA-256 | 40ffbac1f3fe480270dd9f44f9d7529da5cc4f57c4e56941745de21f93adbf30
Online Diagnostic Lab Management 1.0 SQL Injection
Posted Aug 1, 2023
Authored by nu11secur1ty

Online Lab Diagnostic Management version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6f627879ce346fe7312f40f755225ff321e9af175797ec5f2341bde56ba9fde6
Red Hat Security Advisory 2023-4408-01
Posted Aug 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4408-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-37464
SHA-256 | 1efff2ead8b420c3c676224349d5410ab7d79630c905f83d260e8b9095357348
CoolAdmin 1.0 SQL Injection
Posted Aug 1, 2023
Authored by indoushka

CoolAdmin version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | 4c0ce1b7ce0e7e8856b0394425eef60c6c35434570524231315d66316a022b86
Ubuntu Security Notice USN-6242-2
Posted Aug 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6242-2 - USN-6242-1 fixed a vulnerability in OpenSSH. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. It was discovered that OpenSSH incorrectly handled loading certain PKCS#11 providers. If a user forwarded their ssh-agent to an untrusted system, a remote attacker could possibly use this issue to load arbitrary libraries from the user's system and execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-38408
SHA-256 | fb3b87a987324313bce3c73932307702f8e60575e6a91b8babad2eb73b470d39
Red Hat Security Advisory 2023-4416-01
Posted Aug 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4416-01 - Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss.

tags | advisory, udp, tcp
systems | linux, redhat
advisories | CVE-2023-38403
SHA-256 | a0d85338c67b5cc1acd728f595d44342f38d305f92000ec9ceed5be4eaa6004c
Red Hat Security Advisory 2023-4415-01
Posted Aug 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4415-01 - Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss.

tags | advisory, udp, tcp
systems | linux, redhat
advisories | CVE-2023-38403
SHA-256 | 1df7e9c2036865a6060380eb5c7ca9e8bd5becd01d7a38aa0f16083a8dfadd39
Ubuntu Security Notice USN-6264-1
Posted Aug 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6264-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2023-28204, CVE-2023-32439
SHA-256 | 82871fa1fba43d05238c779b70fe1fa4ce8d4ecb76d357fcdd3cc95b927e2b1f
Red Hat Security Advisory 2023-4414-01
Posted Aug 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4414-01 - Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss.

tags | advisory, udp, tcp
systems | linux, redhat
advisories | CVE-2023-38403
SHA-256 | 2866e8455b0d791116299a06f0914095112c844275466eeeaa4752ae29bac0fd
Red Hat Security Advisory 2023-4380-01
Posted Aug 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4380-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-3090, CVE-2023-35788
SHA-256 | 76bfd0b219a147940968b013bcf9113ef82e3d224d1f4bfe49d0f729cfd55716
City Variety LMS 2.2 Cross Site Scripting
Posted Aug 1, 2023
Authored by indoushka

City Variety LMS version 2.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1cbbe0f2970a91c54fd6b773983a7f83c535dbf1c4e56f12913660cbe435877e
Page 1 of 2
Back12Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close