exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 42 RSS Feed

Files Date: 2023-10-26

GRR 3.4.7.1
Posted Oct 26, 2023
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: Additions include a flow for collecting an identifier of the CrowdStrike agent, a Podman-based zero-setup development environment, and StatMultipleFiles and HashMultipleFiles flows to be used in UIv2. There are also 3 other changes and 9 removals.
tags | tool, remote, web, forensics
systems | unix
SHA-256 | eb469beefd85c359a4bae77d5f87adae7f1f584269b4e85902037bde0a694cd2
Clam AntiVirus Toolkit 1.2.1
Posted Oct 26, 2023
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. This is the LTS source code release.

Changes: Eliminated security warning about unused atty dependency. Upgraded the bundled UnRAR library to version 6.2.12. Fixed link error in build system with Clang/LLVM/LLD version 17. Fixed alert-exceeds-max feature.
tags | tool, virus
systems | unix
SHA-256 | 9a14fe870cbb8f5f79f668b789dca0f25cc6be22abe32f4f7d3677e4ee3935b0
TEM Opera Plus FM Family Transmitter 35.45 Cross Site Request Forgery
Posted Oct 26, 2023
Authored by LiquidWorm | Site zeroscience.mk

TEM Opera Plus FM Family Transmitter version 35.45 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | a52528a06358c03567dd7250e46dc164be44ddfb510fb4bf6804baef2e55864d
TEM Opera Plus FM Family Transmitter 35.45 Remote Code Execution
Posted Oct 26, 2023
Authored by LiquidWorm | Site zeroscience.mk

TEM Opera Plus FM Family Transmitter version 35.45 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 7ade5447ba45d88833961d63cfdb8a3c4c9ce12a9bb50b6bc86aa17b24bdd65c
WordPress AI ChatBot 4.8.9 SQL Injection / Traversal / File Deletion
Posted Oct 26, 2023
Authored by Marco Wotschka | Site wordfence.com

WordPress AI ChatBot plugin versions 4.8.9 and below suffer from arbitrary file deletion, remote SQL injection, and directory traversal vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, sql injection, file inclusion
advisories | CVE-2023-5204, CVE-2023-5212, CVE-2023-5241
SHA-256 | 3c8bd183a8149e978aa13cbebd94a03b1f13fab6fc7a36a3dae48595fdb56856
Ringzer0 BOOTSTRAP24 Austin Call For Papers
Posted Oct 26, 2023

BOOTSTRAP24, a hacker conference with that is heavy with hands-on participation, will take play February 24, 2024 in Austin, Texas, USA. The prior evening will be a mixer.

tags | paper, conference
SHA-256 | b1f9172e7f5d4b6075f403a3456e89348d944d9a2ffa74762c3f4765a53d55f8
Ubuntu Security Notice USN-6454-1
Posted Oct 26, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6454-1 - Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service. Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of-bounds write vulnerability. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-42756, CVE-2023-4881, CVE-2023-4921, CVE-2023-5197
SHA-256 | d496df8580c32d3610aea45f97ad9ed2cffc6b3f9cd4a3249fb589e2059e7b59
Ubuntu Security Notice USN-6446-3
Posted Oct 26, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6446-3 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-34319, CVE-2023-4244, CVE-2023-42752, CVE-2023-42753, CVE-2023-42755, CVE-2023-42756, CVE-2023-4622, CVE-2023-4623, CVE-2023-4881, CVE-2023-4921, CVE-2023-5197
SHA-256 | 484ebd5fb48372ba1a85bd65fdc24bc439655586fb452d16cfa2fba3c7f9088e
Gentoo Linux Security Advisory 202310-16
Posted Oct 26, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202310-16 - A vulnerability has been discovered in unifi where bundled log4j can facilitate a remote code execution Versions greater than or equal to 6.5.55 are affected.

tags | advisory, remote, code execution
systems | linux, gentoo
advisories | CVE-2021-4104, CVE-2021-45046
SHA-256 | 5602a819c766f09b96f00fbf929733dc41ef5cd1fb0f160a5790513002ec5cc2
Gentoo Linux Security Advisory 202310-15
Posted Oct 26, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202310-15 - A vulnerability has been discovered in usbview where certain users can trigger a privilege escalation. Versions greater than or equal to 2.2 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2022-23220
SHA-256 | 796b49734da74b36645d8ab739c147eb78d0b82c807b60ce80b728a234da6383
Gentoo Linux Security Advisory 202310-14
Posted Oct 26, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202310-14 - A vulnerability has been discovered in libinput where an attacker may run malicious code by exploiting a format string vulnerability. Versions greater than or equal to 1.20.1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2022-1215
SHA-256 | 0ebf808b8996c3c18696d3972d6cbf308f2f415ee102585081826a134c0d7dd2
Apple Security Advisory 10-25-2023-9
Posted Oct 26, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 10-25-2023-9 - Safari 17.1 addresses code execution and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2023-40447, CVE-2023-41976, CVE-2023-41983, CVE-2023-42852
SHA-256 | 2251bfd41d7fc7f6e2e69a1259628ec764522d0973b3d0dd07145571575adaa4
Apple Security Advisory 10-25-2023-5
Posted Oct 26, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 10-25-2023-5 - macOS Ventura 13.6.1 addresses bypass and code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2023-38403, CVE-2023-40401, CVE-2023-40413, CVE-2023-40416, CVE-2023-40421, CVE-2023-40423, CVE-2023-40449, CVE-2023-41077, CVE-2023-41254, CVE-2023-41975, CVE-2023-42841, CVE-2023-42844, CVE-2023-42849, CVE-2023-42854
SHA-256 | a2c2733223e93949b6d84fa8d3c5646d45e31ef6b840d551e467d95c213ee0a1
Apple Security Advisory 10-25-2023-8
Posted Oct 26, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 10-25-2023-8 - watchOS 10.1 addresses bypass, code execution, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2023-40408, CVE-2023-40413, CVE-2023-40447, CVE-2023-41254, CVE-2023-41976, CVE-2023-41982, CVE-2023-41988, CVE-2023-41997, CVE-2023-42846, CVE-2023-42849, CVE-2023-42852
SHA-256 | 543c46bca4e1568ab10dccf6676cd603de0f4692e1ab6bf2db00a79cd77f0200
Apple Security Advisory 10-25-2023-4
Posted Oct 26, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 10-25-2023-4 - macOS Sonoma 14.1 addresses bypass, code execution, spoofing, and use-after-free vulnerabilities.

tags | advisory, spoof, vulnerability, code execution
systems | apple
advisories | CVE-2023-30774, CVE-2023-38403, CVE-2023-40404, CVE-2023-40405, CVE-2023-40408, CVE-2023-40413, CVE-2023-40416, CVE-2023-40421, CVE-2023-40423, CVE-2023-40444, CVE-2023-40447, CVE-2023-40449, CVE-2023-41072, CVE-2023-41254
SHA-256 | f650b7ad1c92dcc1b9e72b17fbfcf176684b167fafc174bb8900abf386d6c484
Apple Security Advisory 10-25-2023-2
Posted Oct 26, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 10-25-2023-2 - iOS 16.7.2 and iPadOS 16.7.2 addresses bypass, code execution, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, ios
advisories | CVE-2023-32359, CVE-2023-40408, CVE-2023-40413, CVE-2023-40416, CVE-2023-40423, CVE-2023-40447, CVE-2023-40449, CVE-2023-41254, CVE-2023-41976, CVE-2023-41977, CVE-2023-41982, CVE-2023-41983, CVE-2023-41997, CVE-2023-42841
SHA-256 | 25bfc1484ba4a937676a331cd81e95658bf54a0f125680d59828d353e09e49db
Apple Security Advisory 10-25-2023-7
Posted Oct 26, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 10-25-2023-7 - tvOS 17.1 addresses code execution and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2023-40447, CVE-2023-41976, CVE-2023-42846, CVE-2023-42852
SHA-256 | e6e370dc1107ab721341128ee65d1e18c24044882ffe4852f47cfb5dfda0729a
Apple Security Advisory 10-25-2023-6
Posted Oct 26, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 10-25-2023-6 - macOS Monterey 12.7.1 addresses bypass and code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2023-40413, CVE-2023-40416, CVE-2023-40421, CVE-2023-40423, CVE-2023-40425, CVE-2023-40449, CVE-2023-41975, CVE-2023-42844, CVE-2023-42849, CVE-2023-42854, CVE-2023-42856
SHA-256 | 9d1c7434d247989eedebc03d290828fbfa13d85114508a85c4d35e00175ef82c
Apple Security Advisory 10-25-2023-3
Posted Oct 26, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 10-25-2023-3 - iOS 15.8 and iPadOS 15.8 addresses code execution and integer overflow vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple, ios
advisories | CVE-2023-32434
SHA-256 | d210c4bac12498daf5761e87b11269c18d0ed50c2f7f2817ef671224dbffdcc3
Apple Security Advisory 10-25-2023-1
Posted Oct 26, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 10-25-2023-1 - iOS 17.1 and iPadOS 17.1 addresses bypass, code execution, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, ios
advisories | CVE-2023-40408, CVE-2023-40413, CVE-2023-40416, CVE-2023-40423, CVE-2023-40445, CVE-2023-40447, CVE-2023-40449, CVE-2023-41072, CVE-2023-41254, CVE-2023-41976, CVE-2023-41982, CVE-2023-41983, CVE-2023-41988, CVE-2023-41997
SHA-256 | 7832276135d08171c0df06d4589a559f62878263e78c652e2c5fcc5aaa293eda
Ubuntu Security Notice USN-6452-1
Posted Oct 26, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6452-1 - It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04. It was discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that Vim contained an arithmetic overflow. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-3896, CVE-2023-4734, CVE-2023-4738, CVE-2023-4751, CVE-2023-4781, CVE-2023-5441
SHA-256 | 1a8b44fa68c21a437bcfb4fad849fa26fe1f1755392b83354cf2fc5b72176b4c
Debian Security Advisory 5535-1
Posted Oct 26, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5535-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, clickjacking, spoofing or information leaks.

tags | advisory, web, arbitrary, spoof
systems | linux, debian
advisories | CVE-2023-5721, CVE-2023-5724, CVE-2023-5725, CVE-2023-5728, CVE-2023-5730, CVE-2023-5732
SHA-256 | 31326e3bd72b90ad6621e9d37862b27a7cad328df1c95186a8f867b22ff92361
Ubuntu Security Notice USN-6453-1
Posted Oct 26, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6453-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled prepending values to certain properties. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. Sri discovered that the X.Org X Server incorrectly handled destroying windows in certain legacy multi-screen setups. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges.

tags | advisory, arbitrary
systems | linux, windows, ubuntu
advisories | CVE-2023-5367, CVE-2023-5380
SHA-256 | c2c6ee124f31fc5cfe2f269fc319393d122f370639f673b1bfb2bbba8f0bb1f9
Oracle 19c / 21c Sharding Component Password Hash Exposure
Posted Oct 26, 2023
Authored by Emad Al-Mousa

Oracle database versions 19.3 through 19.20 and 21.3 through 21.11 have an issue where an account with create session and select any dictionary can view password hashes stored in a system table that is part of a sharding component setup.

tags | exploit, info disclosure
advisories | CVE-2023-22074
SHA-256 | d2f153475e1ccb9fba7a3c56502ebe8182c7fe13f5f32cca180c60ebe9c205c7
Debian Security Advisory 5534-1
Posted Oct 26, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5534-1 - Jan-Niklas Sohn discovered several vulnerabilities in the Xorg X server, which may result in privilege escalation if the X server is running privileged.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2023-5367, CVE-2023-5380
SHA-256 | 2d877389e6dc5bf119f1d41ac788f45ac3278834d8f069872721785ab249a780
Page 1 of 2
Back12Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    17 Files
  • 24
    Jul 24th
    47 Files
  • 25
    Jul 25th
    31 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close