exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files Date: 2024-05-29

Flowmon Unauthenticated Command Injection
Posted May 29, 2024
Authored by Dave Yesland | Site metasploit.com

This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Flowmon versions before v12.03.02.

tags | exploit
advisories | CVE-2024-2389
SHA-256 | f262ccf117a7326996b9db1324d65098a3eea5a5882162d9f1ec432434054948
Ubuntu Security Notice USN-6797-1
Posted May 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6797-1 - It was discovered that some 3rd and 4th Generation Intel® Xeon® Processors did not properly restrict access to certain hardware features when using Intel® SGX or Intel® TDX. This may allow a privileged local user to potentially further escalate their privileges on the system. This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. It was discovered that some Intel® Atom® Processors did not properly clear register state when performing various operations. A local attacker could use this to obtain sensitive information via a transient execution attack. This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2023-22655, CVE-2023-28746, CVE-2023-38575, CVE-2023-39368, CVE-2023-43490, CVE-2023-45733, CVE-2023-46103, CVE-2023-47855
SHA-256 | 1ae00687dcd8bf9e9f41102f5446e293b7f0e18dbc2d69d9941f2b35474397b5
Ubuntu Security Notice USN-6787-1
Posted May 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6787-1 - It was discovered that Jinja2 incorrectly handled certain HTML attributes that were accepted by the xmlattr filter. An attacker could use this issue to inject arbitrary HTML attribute keys and values to potentially execute a cross-site scripting attack.

tags | advisory, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2024-34064
SHA-256 | 5fb19612eaef3e824fef107b74a6791c85cf91717d71f96ab90d4a98e0def10e
Ubuntu Security Notice USN-6779-2
Posted May 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6779-2 - USN-6779-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Jan-Ivar Bruaroey discovered that Firefox did not properly manage memory when audio input connected with multiple consumers. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. Thomas Rinsma discovered that Firefox did not properly handle type check when handling fonts in PDF.js. An attacker could potentially exploit this issue to execute arbitrary javascript code in PDF.js. Irvan Kurniawan discovered that Firefox did not properly handle certain font styles when saving a page to PDF. An attacker could potentially exploit this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2024-4367, CVE-2024-4764, CVE-2024-4768, CVE-2024-4770, CVE-2024-4774
SHA-256 | 04753870be2f86ad507c1b333e07383bc770d2d1eff3370507f9073d2cd6e5b7
GRR 3.4.7.4
Posted May 29, 2024
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: YARA memory scanning improvements. Three additions and eleven removals.
tags | tool, remote, web, forensics
systems | unix
SHA-256 | c7a2afcb7f7030300a7925577a7b912f59608942f781769b5cbdf9916f73d67c
Ubuntu Security Notice USN-6795-1
Posted May 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6795-1 - Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-0001, CVE-2023-47233, CVE-2023-52435, CVE-2023-52491, CVE-2023-52492, CVE-2023-52494, CVE-2023-52498, CVE-2023-52530, CVE-2023-52583, CVE-2023-52587, CVE-2023-52588, CVE-2023-52595, CVE-2023-52597, CVE-2023-52598
SHA-256 | 1263e2b9ac7045e640a955619fc9ec7e9ee0cee6811cce5ca858a631117df48d
jSQL Injection 0.96
Posted May 29, 2024
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Fixed bug in cookie processing. Improved mysql dios. Upgraded dependencies version. Improved javadoc.
tags | tool, scanner, sql injection
systems | linux, unix
SHA-256 | 986e0909140808aa7906e212cb9896a9cf3030e9fccf810382c752b536ca2aab
Ubuntu Security Notice USN-6794-1
Posted May 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6794-1 - It was discovered that FRR incorrectly handled certain malformed BGP and OSPF packets. A remote attacker could use this issue to cause FRR to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-31948
SHA-256 | 47ddafe31545f6705925074862290fa2f1508b41ff29eebba6eafeea1205820a
Ubuntu Security Notice USN-6792-1
Posted May 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6792-1 - Naom Moshe discovered that Flask-Security incorrectly validated URLs. An attacker could use this issue to redirect users to arbitrary URLs.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-23385
SHA-256 | dd74e3993d1b111f328d5e0d507173edce5b7ad9ff7ff37d8a2b4b487eda20f7
Proxmark3 4.18589 Custom Firmware
Posted May 29, 2024
Authored by Christian Herrmann | Site github.com

This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware. This release is nicknamed "Aurora".

Changes: Major updates include hitag2 crack implementations, plot window can manipulate trace data, multiple bugs related to memory leaks, and new compiler version support.
tags | tool
systems | unix
SHA-256 | 94dcb8e3eaf14009453756fbcd73d0e47cd762d3772ce3040808feeacee87b90
Red Hat Security Advisory 2024-3464-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3464-03 - An update for glibc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include buffer overflow, code execution, null pointer, and out of bounds write vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2024-2961
SHA-256 | 397b6cd336aa2e64d49b2f9ab9d785c2a707a43a3d1eb27af9203a17f9c976e3
Red Hat Security Advisory 2024-3462-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3462-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-47013
SHA-256 | d72c2e9758adff9f1d07c56b3500c51817e271488f992b5e688851a713d3a712
Red Hat Security Advisory 2024-3461-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3461-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2024-26642
SHA-256 | a584b89190b10a794458035aa1763aa93306e9372351dd09b4e24f5e4d7da72e
Red Hat Security Advisory 2024-3460-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3460-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2024-26642
SHA-256 | 01f0cc63321a1a02e62122a00a2dfc31e28afec68f49edfd3c46f56ff4570cf2
Red Hat Security Advisory 2024-3433-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3433-03 - An update for protobuf is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-22570
SHA-256 | d26dd89079dc07bcecbe047ee69a066d6a8574cc3bb9d8a27ec06d3e4c658019
Red Hat Security Advisory 2024-3431-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3431-03 - An update for pcs is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2024-25126
SHA-256 | 9de2e526dc603d137acaece37ed266247f99cf697beecb900548429ae7c33fd1
Red Hat Security Advisory 2024-3428-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3428-03 - An update for the rust-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-38497
SHA-256 | c52460f17c34f2f7db626b0011c99f88cca044a7b16dbf38dc43c26b7396bcc7
Red Hat Security Advisory 2024-3427-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3427-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-1086
SHA-256 | a0ec33f557ca0d073a3f53ae8b4c8025fe904514b6a56620b3e867a7119b984f
Red Hat Security Advisory 2024-3426-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3426-03 - An update for the varnish:6 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2024-30156
SHA-256 | 9a239513f473b6fc5deae31cdc64fe73dc0bd7631e13a7127e9ab5d7efa9a967
Red Hat Security Advisory 2024-3423-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3423-03 - An update for glibc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include buffer overflow, null pointer, and out of bounds write vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2024-2961
SHA-256 | 995cb014fc7fbf93eff08dd567fd48717794b84ec50a3b2d0d627c41ace3be8b
Red Hat Security Advisory 2024-3422-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3422-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-27635
SHA-256 | 848bf74de9985a872431191a9fa04b7ec4c3b1d1f146fe8d142c50b6752deaa0
Red Hat Security Advisory 2024-3421-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3421-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-4244
SHA-256 | 722dd888172646245dc9d140441b7cfb6c22df4a3e2222165fb17ff9a41af213
Red Hat Security Advisory 2024-3418-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3418-03 - An update for rust is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-38497
SHA-256 | 28bf85c7cd7d3c6be9f84c46399a86e1fcf6b01fadbfa2a09a374be52c05c74f
Red Hat Security Advisory 2024-3417-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3417-03 - An update for mod_http2 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2024-27316
SHA-256 | 51cd68c97b17098ceb0463d9f1c9b0b64d7b2f7e4c6b47fa36793982f11f0f6b
Red Hat Security Advisory 2024-3414-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3414-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-4244
SHA-256 | 40d77d69adb5e2550fc1ae5d76234e1f22a683b6850d518f5a324ae11e6d89c8
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close