what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2024-03-22

Win32.STOP.Ransomware (Smokeloader) MVID-2024-0676 Remote Code Execution
Posted Mar 22, 2024
Authored by malvuln | Site malvuln.com

Win32.STOP.Ransomware (smokeloader) malware suffers from both local and remote code execution vulnerabilities. The remote code execution can be achieved by leveraging a man-in-the-middle attack.

tags | exploit, remote, local, vulnerability, code execution
systems | windows
SHA-256 | 9740a4e0b25da98023aa4b00d3dc186e1ae19f18ff322ffbd1efa8acd634f49a
Proxmark3 4.18341 Custom Firmware
Posted Mar 22, 2024
Authored by Christian Herrmann | Site github.com

This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware. This release is nicknamed "Zenith".

Changes: 12 changes, 4 bug fixes, and 4 additions in this release.
tags | tool
systems | unix
SHA-256 | f22b0bbebc02dcb6a99ac3ba69f3035afdd6f068fcdb759ca5eac85fee0a77ce
Task Management System 1.0 SQL Injection
Posted Mar 22, 2024
Authored by Gnanaraj Mauviel

Task Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2024-29301, CVE-2024-29302, CVE-2024-29303
SHA-256 | 19d5f8c5ea06895a1df525a3f2aa900e859bf45ece3512286a979c45e7883470
Debian Security Advisory 5644-1
Posted Mar 22, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5644-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or leaks of encrypted email subjects.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2023-5388, CVE-2024-0743, CVE-2024-1936, CVE-2024-2607, CVE-2024-2608, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024-2614, CVE-2024-2616
SHA-256 | 52c9ec4f8c2d47616afc49e17f3a3b204457658b0cbdb5e77c7a81280f8c2fce
Debian Security Advisory 5643-1
Posted Mar 22, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5643-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure, bypass of content security policies or spoofing.

tags | advisory, web, arbitrary, spoof, info disclosure
systems | linux, debian
advisories | CVE-2023-5388, CVE-2024-0743, CVE-2024-2607, CVE-2024-2608, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024-2614, CVE-2024-2616
SHA-256 | a448517a42a8f898647c5aa7c7b1e0258fff75928a056aa5b3eb6c5fe41ab76b
Ubuntu Security Notice USN-6708-1
Posted Mar 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6708-1 - It was discovered that Graphviz incorrectly handled certain config6a files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2023-46045
SHA-256 | 87c56dd2a6e4a9f5eb5b6002def5a0ee55ce8cfd12daff0edd58f64d95d3c0e5
Ubuntu Security Notice USN-6709-1
Posted Mar 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6709-1 - It was discovered that checking excessively long DH keys or parameters may be very slow. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. After the fix for CVE-2023-3446 Bernd Edlinger discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2024-0727
SHA-256 | a3c85443f6ce0636dc4acc75b294ee38bc75374485acad341a73a787d547a0cb
Ubuntu Security Notice USN-6700-2
Posted Mar 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6700-2 - It was discovered that the Layer 2 Tunneling Protocol implementation in the Linux kernel contained a race condition when releasing PPPoL2TP sockets in certain conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the ext4 file system implementation in the Linux kernel did not properly handle block device modification while it is mounted. A privileged attacker could use this to cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-20567, CVE-2023-34256, CVE-2023-39197, CVE-2023-51781, CVE-2024-0775, CVE-2024-1086, CVE-2024-24855
SHA-256 | 4c2466c5a1092f0062ced6462c5b58b113956d4b9c6caa9042e032feef05a6f5
Ubuntu Security Notice USN-6704-2
Posted Mar 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6704-2 - It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service. Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-23000, CVE-2023-32247, CVE-2024-1085, CVE-2024-1086, CVE-2024-24855
SHA-256 | f06bcd3c690a7a1a9aa03506a63b723e669f5ad31c8c9917af3280e58f9883e5
Red Hat Security Advisory 2024-1473-03
Posted Mar 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1473-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6185
SHA-256 | d3e0c922c524bbf1d29c4d55dda3a429b8c2019757212b8b0de9e7d5deb1f340
Red Hat Security Advisory 2024-1472-03
Posted Mar 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1472-03 - An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a memory leak vulnerability.

tags | advisory, memory leak
systems | linux, redhat
advisories | CVE-2024-1394
SHA-256 | 5f645f06f6c84589dda4aabe3ce13b56b1e7f110aa5cfb218ca59eaa261e5d5c
Red Hat Security Advisory 2024-1468-03
Posted Mar 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1468-03 - An update for go-toolset-1.19-golang is now available for Red Hat Developer Tools. Issues addressed include a memory leak vulnerability.

tags | advisory, memory leak
systems | linux, redhat
advisories | CVE-2024-1394
SHA-256 | 04acb2d2456fffc7f4ec7acde25b31ce6e592eb03027eb856ee8eb1ed609286a
GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers
Posted Mar 22, 2024
Authored by Daniel Genkin, David Kohlbrenner, Christopher W. Fletcher, Boru Chen, Pradyumna Shome, Yingchen Wang, Riccardo Paccagnella | Site gofetch.fail

This whitepaper shows that the security threat from DMPs is significantly worse than previously thought and demonstrates the first end-to-end attacks on security-critical software using the Apple m-series DMP. Undergirding the author's attacks is a new understanding of how DMPs behave which shows, among other things, that the Apple DMP will activate on behalf of any victim program and attempt to leak any cached data that resembles a pointer.

tags | paper
systems | apple
SHA-256 | a26af7248f3a7458c6db704eb23699f3163f79dcf78ceedd895d0097eb93941b
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close