RansomLord is a proof-of-concept tool that automates the creation of PE files, used to compromise ransomware pre-encryption. This tool uses dll hijacking to defeat ransomware by placing PE files in the x32 or x64 directories where the program is run from.
647494bda466e645768d6f7d1cd051097aee319f88018d1a80547d8d538c98dbRed Hat Security Advisory 2024-3527-03 - Red Hat AMQ Streams 2.7.0 is now available from the Red Hat Customer Portal. Issues addressed include buffer overflow, denial of service, integer overflow, memory leak, and resource exhaustion vulnerabilities.
f7976b8e170be546f0ae90244875124b0d4dbae1498c74c776b4c1380ae64a0dRed Hat Security Advisory 2024-3513-03 - An update for less is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.
251dd556f26343b061eb6615219c2ae27b1ff872ff5eced27823edeeab298cb7Red Hat Security Advisory 2024-3501-03 - An update for nghttp2 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
2259ed3c98bb1958e22876aeeb7b02063f28b9dab1b85e7ad5768608d11e5562Red Hat Security Advisory 2024-3500-03 - An update for the ruby:3.0 module is now available for Red Hat Enterprise Linux 8. Issues addressed include HTTP response splitting and denial of service vulnerabilities.
07018912af2cc2a30a1a8c489f204ef85a96a2eef4d3c15d2dfd7fdd867a602fRed Hat Security Advisory 2024-3497-03 - An update for edk2 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a buffer overflow vulnerability.
843acaf0f746a1a8840e4560f9d9f7ea650a214c6e15a1b3c3ffc0d0cc80cde1This archive contains all of the 68 exploits added to Packet Storm in May, 2024.
753ccfd5242ce49f15443887fb69c5c38c00091bb52bdafe46e28e7762f1d5c9Ubuntu Security Notice 6804-1 - It was discovered that GNU C Library nscd daemon contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service. It was discovered that GNU C Library nscd daemon did not properly check the cache content, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.
9dc17726191c1e8d25af731e1c1a582fe7b554d3f505d4bab60a6459bb305c87Ubuntu Security Notice 6803-1 - Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 24.04 LTS. Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS.
791bb40a4c8f9acb0292a309c51863cc9ae4a462faabf1d22932877c8c7196c1jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.
90399bcb164b4b112830c11dba0b7486158942ee798ef7e06e37df300f75cccfUbuntu Security Notice 6802-1 - Lukas Fittl discovered that PostgreSQL incorrectly performed authorization in the built-in pg_stats_ext and pg_stats_ext_exprs views. An unprivileged database user can use this issue to read most common values and other statistics from CREATE STATISTICS commands of other users.
c10954c73d680328599d7d8e4dbcd565129971a3eff1d9b0307ace0fc71664d5changedetection versions 0.45.20 and below suffer from a remote code execution vulnerability.
70e710cf9046b44a8c5d97c23bc771dcb7c5a9099610fdbaebc0e275487b2ebaOnline Payment Hub System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
4961e6290d3d4553b7cf539d9befdc3d12ec735c180c3ee1a73f99cbf2eab38bUbuntu Security Notice 6801-1 - It was discovered that PyMySQL incorrectly escaped untrusted JSON input. An attacker could possibly use this issue to perform SQL injection attacks.
df54bff30293aa2fb510345c2f13fdaf729e74f69da269365211c88d04dd552fUbuntu Security Notice 6800-1 - It was discovered that browserify-sign incorrectly handled an upper bound check in signature verification. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform a signature forgery attack.
bbb5053adf3b1fc0f858b00ff034ddf245220cc2b0b12057d2b648d4e63fedaeBWL Advanced FAQ Manager version 2.0.3 suffers from a remote SQL injection vulnerability.
f95ccaedfdaee1cf2d018058b8c73c3b7d6c5bdacad42079362785b6fa9fa81ciMLog versions prior to 1.307 suffer from a persistent cross site scripting vulnerability.
41363b501e8b38ba3e267a44d4da15c2e44e3c8e7251c38bd295cdf08bd7d310Check Point Security Gateway suffers from an information disclosure vulnerability. Versions affected include R77.20 (EOL), R77.30 (EOL), R80.10 (EOL), R80.20 (EOL), R80.20.x, R80.20SP (EOL), R80.30 (EOL), R80.30SP (EOL), R80.40 (EOL), R81, R81.10, R81.10.x, and R81.20.
9a00e15745eee654d5e56bd4984cd3a4bdcf8830f76d50a2c9914ecf0ab23d3f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed