what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2023-08-11

Debian Security Advisory 5475-1
Posted Aug 11, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5475-1 - Daniel Moghimi discovered Gather Data Sampling (GDS), a hardware vulnerability for Intel CPUs which allows unprivileged speculative access to data which was previously stored in vector registers. This mitigation requires updated CPU microcode provided in the intel-microcode package. Daniel Trujillo, Johannes Wikner and Kaveh Razavi discovered INCEPTION, also known as Speculative Return Stack Overflow (SRSO), a transient execution attack that leaks arbitrary data on all AMD Zen CPUs. An attacker can mis-train the CPU BTB to predict non-architectural CALL instructions in kernel space and use this to control the speculative target of a subsequent kernel RET, potentially leading to information disclosure via a speculative side-channel.

tags | advisory, overflow, arbitrary, kernel, info disclosure
systems | linux, debian
advisories | CVE-2022-40982, CVE-2023-20569
SHA-256 | 95ac8bf618237ec9a9702db5e01782fb41ac590afd3c1d06d81109f4cc731eeb
Debian Security Advisory 5474-1
Posted Aug 11, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5474-1 - This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2022-40982, CVE-2022-41804, CVE-2023-23908
SHA-256 | 4a22e3b631a399258cd26d74fcd8d2415119e5dababff03ad6715692ca4596f2
Ubuntu Security Notice USN-6278-2
Posted Aug 11, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6278-2 - USN-6278-1 fixed several vulnerabilities in .NET. This update provides the corresponding updates for Ubuntu 22.04 LTS. It was discovered that .NET did properly handle the execution of certain commands. An attacker could possibly use this issue to achieve remote code execution.

tags | advisory, remote, vulnerability, code execution
systems | linux, ubuntu
advisories | CVE-2023-35390, CVE-2023-38178, CVE-2023-38180
SHA-256 | bbe5ad0ccef22ad3d5b80f2a669f69b1767e2bc58e7c496afd4da28a17cdf5c5
Ubuntu Security Notice USN-6277-2
Posted Aug 11, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6277-2 - USN-6277-1 fixed vulnerabilities in Dompdf. This update provides the corresponding updates for Ubuntu 22.04 LTS. It was discovered that Dompdf was not properly validating untrusted input when processing HTML content under certain circumstances. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-3838, CVE-2022-2400
SHA-256 | 55b650e84007cb533cc2bd901cb3161d898f7f8ae6c2010791e5bc8b83edcd28
Ubuntu Security Notice USN-6282-1
Posted Aug 11, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6282-1 - Jackson Henry discovered that Velocity Tools incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-13959
SHA-256 | f5d8dcd9b2dd7d1004589d8aff05de5a8c1772762dcd3a85a846a7c637cfc409
TP-Link Archer AX21 Command Injection
Posted Aug 11, 2023
Authored by Voyag3r

TP-Link Archer AX21 suffers from an unauthenticated remote command injection vulnerability.

tags | exploit, remote
advisories | CVE-2023-1389
SHA-256 | 3a9629d61be6e575bf18f1cc2f133b5c87c5e0b5ced016b0eb855848bbf529bb
systemd 246 Local Root Privilege Escalation
Posted Aug 11, 2023
Authored by Iyaad Luqman K

systemd version 246 suffers from a local root privilege escalation vulnerability.

tags | exploit, local, root
advisories | CVE-2023-26604
SHA-256 | 5c18cab732f4f9e274da14d6344836a1cdf72bc01779fa89312ba4b4814d364b
Maltrail 0.53 Remote Code Execution
Posted Aug 11, 2023
Authored by Iyaad Luqman K

Maltrail version 0.53 suffers from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2023-27163
SHA-256 | 70b042d50fdc203d8e1986d293b79d29dfbe257b66f324c957458fd97107fff0
Request-Baskets 1.2.1 Server-Side Request Forgery
Posted Aug 11, 2023
Authored by Iyaad Luqman K

Request-Baskets version 1.2.1 suffers from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2023-27163
SHA-256 | f32cbf78ec0368d17fe9a3fa63a3bcf777dff16a82a61c9159b7c34f9fef48d4
OutSystems Service Studio 11.53.30 DLL Hijacking
Posted Aug 11, 2023
Authored by Carlo Di Dato

OutSystems Service Studio version 11.53.30 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
advisories | CVE-2022-47636
SHA-256 | a77f3edb50d1e6d881a2ff4679d75b1fbc5bc424de1e7da54048c4da8ca7768a
i2soft CMS 2.0 Insecure Direct Object Reference
Posted Aug 11, 2023
Authored by indoushka

i2soft CMS version 2.0 suffers from an insecure direct object reference vulnerability.

tags | exploit
SHA-256 | 48afd0aeeb59726c12ef1abae5cfcc2036e6d2681d0c5fd0d8cd571736fdbaaf
helloGTX Travel Portal CRM 1.6 Insecure Direct Object Reference
Posted Aug 11, 2023
Authored by indoushka

helloGTX Travel Portal CRM version 1.6 suffers from an insecure direct object reference vulnerability.

tags | exploit
SHA-256 | fa186723eec9812586e497af961b4b5be1cd14d98077f993c3b0b8368f6e71eb
FlatApp Premium Admin Dashboard 1.0 SQL Injection
Posted Aug 11, 2023
Authored by indoushka

FlatApp Premium Admin Dashboard version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | deec843c62adc12e90ea257c3f06b78dcaa25e7c790383dfc05d81a866cdc246
Greeva 2.0 SQL Injection
Posted Aug 11, 2023
Authored by indoushka

Greeva version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | b35f41c4c4a5fde37a02896ee6ff4bdc5b0b9febbb72dbac07c93be400a6311d
Easy Web Portal 2.1.1 Cross Site Scripting
Posted Aug 11, 2023
Authored by indoushka

Easy Web Portal version 2.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
SHA-256 | 6397c61d970ef88574da63ee2eb42632064a20d598a4b4b3b620f6129c055f26
Easy Password Manager 1.1 Information Disclosure
Posted Aug 11, 2023
Authored by indoushka

Easy Password Manager version 1.1 suffers from an administrative information disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 2687e8a418f8f4fc898b49f86c9caa7c95533498c6bc19add0698de463a19d32
Easy Member Pro 3.0 Insecure Direct Object Reference
Posted Aug 11, 2023
Authored by indoushka

Easy Member Pro version 3.0 suffers from an insecure direct object reference vulnerability.

tags | exploit
SHA-256 | 8809a4b95b16a4f5fbf87146e060d190e12ef0c9e56b7c8e91573e4612644856
DigaSell Digital Store PHP Script 1.0.0 Cross Site Scripting
Posted Aug 11, 2023
Authored by indoushka

DigaSell Digital Store PHP Script version 1.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
SHA-256 | f72dfd55d23408ab5429974dee598db6c2f5f4c1ad279051decdd75964ab240b
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close