what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2023-09-14

Windows Common Log File System Driver (clfs.sys) Privilege Escalation
Posted Sep 14, 2023
Authored by Ricardo Narvaja, jheysel-r7, Esteban.kazimirow | Site metasploit.com

A privilege escalation vulnerability exists in the clfs.sys driver which comes installed by default on Windows 10 21H2, Windows 11 21H2 and Windows Server 20348 operating systems. This Metasploit module exploit makes use to two different kinds of specially crafted .blf files.

tags | exploit
systems | windows
advisories | CVE-2023-28252
SHA-256 | 9aa5ede2ea03c876775407f0098c013dfd3c503cc4ebb1ee7306284def339699
Ubuntu Security Notice USN-6368-1
Posted Sep 14, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6368-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. It was discovered that Thunderbird did not properly manage memory when handling WebP images. If a user were tricked into opening a malicious WebP image file, an attacker could potentially exploit these to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-4573, CVE-2023-4575, CVE-2023-4581, CVE-2023-4584, CVE-2023-4863
SHA-256 | 8d95e0118cdd19372dc4ff5235aa6a52784eef3641630f31f94c81a7e15db254
Red Hat Security Advisory 2023-5148-01
Posted Sep 14, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5148-01 - Red Hat Integration Camel for Spring Boot 3.20.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2023-20873, CVE-2023-34455
SHA-256 | b0954fc421046b904362a64bc1355a62d0f65f3a440cff6f4d97de9a4d265f11
Debian Security Advisory 5497-1
Posted Sep 14, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5497-1 - A buffer overflow in parsing WebP images may result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2023-4863
SHA-256 | ad3befb7b686c256583e0e50a04e1df3f0429d81b5b6fcaaa703680831a6ed3b
Ubuntu Security Notice USN-6367-1
Posted Sep 14, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6367-1 - It was discovered that Firefox did not properly manage memory when handling WebP images. If a user were tricked into opening a webpage containing malicious WebP image file, an attacker could potentially exploit these to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-4863
SHA-256 | aaf87b74a4a839e647b2f99a873ab024401c6117b83f68855850111b917d2f7d
Red Hat Security Advisory 2023-5147-01
Posted Sep 14, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5147-01 - A security update for Camel for Spring Boot 3.18.3.2 is now available. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-46877, CVE-2023-20873, CVE-2023-33201, CVE-2023-34455
SHA-256 | 66396fdb7f1a3317d1bdabc7a31a25d0e1214a43a1cc54712ba36d28fdcd5a64
Debian Security Advisory 5496-1
Posted Sep 14, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5496-1 - A buffer overflow in parsing WebP images may result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2023-4863
SHA-256 | c82c8662b4cb856cef00c651c37f65322490fdda603a29d98b698d651c861107
iSmile Soft CMS 0.3.0 Add Administrator
Posted Sep 14, 2023
Authored by indoushka

iSmile Soft CMS version 0.3.0 suffers from an add administrator vulnerability.

tags | exploit, add administrator
SHA-256 | 53c61e2d58e402521ca5973de27e7d6a518d7d159c7b44b1ce701814f8336b33
Suricata IDPE 7.0.1
Posted Sep 14, 2023
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: 2 security fixes, 19 bug fixes, 4 optimizations, 4 features, and 2 documentation updates.
tags | tool, intrusion detection
systems | unix
SHA-256 | 6047c75f9e79a9b0cc6d6c7632024a4126812bc212f52acf5d3c813cc7c9fb0b
Ubuntu Security Notice USN-6364-1
Posted Sep 14, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6364-1 - It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-21710, CVE-2020-21890
SHA-256 | 91972b9a30d177eedb72329131d2be05233ba948220bc38cbbe0989077c92a30
Ubuntu Security Notice USN-6366-1
Posted Sep 14, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6366-1 - It was discovered that PostgreSQL incorrectly handled certain extension script substitutions. An attacker having database-level CREATE privileges can use this issue to execute arbitrary code as the bootstrap superuser.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-39417
SHA-256 | 3aafc6d0eb1b6b6af93b8a2e7aa24bd4e2f58041707954910ca902da7600c204
Red Hat Security Advisory 2023-5143-01
Posted Sep 14, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5143-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.122 and .NET Runtime 6.0.22. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-36799
SHA-256 | 495f48e531322a5c8a1c04b837bc279b8e05e57eae2389cec33a9eca0d2fd1d0
Red Hat Security Advisory 2023-5146-01
Posted Sep 14, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5146-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.111 and .NET Runtime 7.0.11. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-36799
SHA-256 | 6c653cd18590bd863de7b041369f8ee0f4d482017e7fbb87aee2193d2bd6ec1f
islamnt CMS 2.1.0 Add Administrator
Posted Sep 14, 2023
Authored by indoushka

islamnt CMS version 2.1.0 suffers from an add administrator vulnerability.

tags | exploit, add administrator
SHA-256 | 459140609c3884d950ad9fe4a6639059bcd27b1966c70c69285c3841c6942e9a
islamnt CMS 2.1.0 Cross Site Scripting
Posted Sep 14, 2023
Authored by indoushka

islamnt CMS version 2.1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9da3ffc464d21e2c887d8241061ae3ce06a1c69cd562b4ab23911bc70287d3e0
Red Hat Security Advisory 2023-4933-01
Posted Sep 14, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4933-01 - Logging Subsystem 5.7.6 addresses an issues where LokiStack authorization is cached too broadly.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-32360, CVE-2023-34969, CVE-2023-3899, CVE-2023-4456
SHA-256 | 502e6e9888a0dfe72ee4bcd30135f5e4960dfba1e0b041541837e1efb9155bc5
Night Club Booking Software 1.0 Cross Site Scripting
Posted Sep 14, 2023
Authored by nu11secur1ty

Night Club Booking Software version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | dff51d8b253d9631dee285face4809594062abc6803e40cbd31f7c69cd6e0641
Red Hat Security Advisory 2023-5142-01
Posted Sep 14, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5142-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.122 and .NET Runtime 6.0.22. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-36799
SHA-256 | da204f6db67c2d7877509d6e9d2faa3fc0c9d20459713b0c68f815790fe3beb1
Ubuntu Security Notice USN-6365-1
Posted Sep 14, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6365-1 - It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SAML token signature verification and perform VMware Tools Guest Operations.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2023-20900
SHA-256 | d61c866c47b627d6cda3352868ce3be2ce4c34eff8c2ce9f61d4d10445262364
Red Hat Security Advisory 2023-5144-01
Posted Sep 14, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5144-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.122 and .NET Runtime 6.0.22. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-36799
SHA-256 | 1b02526e6400583d3514f1555cd490113a1d170eb7fc8fb3f554b604ec518f16
ImgHosting 1.3 Cross Site Scripting
Posted Sep 14, 2023
Authored by indoushka

ImgHosting version 1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8c169afaf39b32fa5c563194367feecff6f19735b337600d64caa7b0f3c6b6a3
Red Hat Security Advisory 2023-5145-01
Posted Sep 14, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5145-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.111 and .NET Runtime 7.0.11. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-36799
SHA-256 | 6dd409e6285b1cd98e843932933a49a0d974aa0f050231f8813b962c3aef7651
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close