exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2024-06-11

Kernel Live Patch Security Notice LSN-0104-1
Posted Jun 11, 2024
Authored by Benjamin M. Romer

It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2023-51781, CVE-2023-6270, CVE-2024-26581, CVE-2024-26597
SHA-256 | f7127619d6d49ee0879a07ecb39ec1664f889e77759d10e791546b357aa50eb4
VSCode ipynb Remote Code Execution
Posted Jun 11, 2024
Authored by h00die, Zemnmez | Site metasploit.com

VSCode when opening a Jupyter notebook (.ipynb) file bypasses the trust model. On versions v1.4.0 through v1.71.1, its possible for the Jupyter notebook to embed HTML and javascript, which can then open new terminal windows within VSCode. Each of these new windows can then execute arbitrary code at startup. During testing, the first open of the Jupyter notebook resulted in pop-ups displaying errors of unable to find the payload exe file. The second attempt at opening the Jupyter notebook would result in successful execution. Successfully tested against VSCode 1.70.2 on Windows 10.

tags | exploit, arbitrary, javascript
systems | windows
advisories | CVE-2022-41034
SHA-256 | dfacdfad1b8092f162656aa7bc4778fc74536b788b7075dfea96dafa5efb29f3
Ubuntu Security Notice USN-6822-1
Posted Jun 11, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6822-1 - It was discovered that Node.js incorrectly handled certain inputs when it is using the policy mechanism. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to bypass the policy mechanism. It was discovered that Node.js incorrectly handled certain inputs when it is using the policy mechanism. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform a privilege escalation.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2023-32002, CVE-2023-32559
SHA-256 | 56af1cd66722a1eb5f6a693a34869045fe3ef0caa4ecbe64e54e6947bfb6b639
Oracle Database Password Hash Unauthorized Access
Posted Jun 11, 2024
Authored by Emad Al-Mousa

Oracle Database versions 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, and 19c allows for unauthorized access to password hashes by an account with the DBA role.

tags | exploit, info disclosure
advisories | CVE-2020-2969
SHA-256 | edea13d6bbb4e899e5a14a7b29742067ce892997ff2cae4bac02dd2d1a895ab2
Ubuntu Security Notice USN-6817-2
Posted Jun 11, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6817-2 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-38096, CVE-2023-47233, CVE-2023-52647, CVE-2023-52648, CVE-2023-52649, CVE-2023-52652, CVE-2023-52653, CVE-2023-52659, CVE-2023-52662, CVE-2023-6270, CVE-2023-7042, CVE-2024-23307, CVE-2024-24861, CVE-2024-25739
SHA-256 | da3b6fdbfeefefc30a45d334629964e3d2b65daea1ae3f644490e39d694fe316
Ubuntu Security Notice USN-6827-1
Posted Jun 11, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6827-1 - It was discovered that LibTIFF incorrectly handled memory when performing certain cropping operations, leading to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service, overflow
systems | linux, ubuntu
advisories | CVE-2023-3164
SHA-256 | 874a9358c0272fbb734fb1ea1399846fcc6719212cfa6407e2425118abba7419
Ubuntu Security Notice USN-6825-1
Posted Jun 11, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6825-1 - It was discovered that the PDO driver in ADOdb was incorrectly handling string quotes. A remote attacker could possibly use this issue to perform SQL injection attacks. This issue only affected Ubuntu 16.04 LTS. It was discovered that ADOdb was incorrectly handling GET parameters in test.php. A remote attacker could possibly use this issue to execute cross-site scripting attacks. This issue only affected Ubuntu 16.04 LTS.

tags | advisory, remote, php, xss, sql injection
systems | linux, ubuntu
advisories | CVE-2016-4855, CVE-2016-7405, CVE-2021-3850
SHA-256 | 01e0f44081269e85a54c1d9b8ba563fa88ee4b62bc5f34527ee8158874e4e2ff
Ubuntu Security Notice USN-6821-2
Posted Jun 11, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6821-2 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2023-52434, CVE-2023-52447, CVE-2023-52620, CVE-2023-52640, CVE-2023-52641, CVE-2023-52645, CVE-2023-52650, CVE-2023-52662, CVE-2023-6270, CVE-2023-7042, CVE-2024-0841, CVE-2024-22099, CVE-2024-26583, CVE-2024-26603
SHA-256 | c0d502aabcbbf1e5adcf7965d701523eed1192f64932ac780a636cf8bf6e2746
Ubuntu Security Notice USN-6818-2
Posted Jun 11, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6818-2 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2023-52443, CVE-2023-52444, CVE-2023-52445, CVE-2023-52447, CVE-2023-52448, CVE-2023-52451, CVE-2023-52452, CVE-2023-52453, CVE-2023-52454, CVE-2023-52455, CVE-2023-52457, CVE-2023-52458, CVE-2023-52462, CVE-2023-52465
SHA-256 | 9ba8e27136f85eb9b04e59f45205671bb1e2028060ec6d3762843127fc48c57d
Ubuntu Security Notice USN-6824-1
Posted Jun 11, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6824-1 - It was discovered that GIFLIB incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2021-40633
SHA-256 | 9cf823b2b1b5824514c4bad7467d1e486ff9ee639e6a59a29e300dfab1630596
Red Hat Security Advisory 2024-3790-03
Posted Jun 11, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3790-03 - OpenShift API for Data Protection 1.3.2 is now available. Issues addressed include a memory exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-45289
SHA-256 | 98d713f1f787e58dbba56e0b5faf41492d3395dcf16382f49129632c168cdadd
Red Hat Security Advisory 2024-3784-03
Posted Jun 11, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3784-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.10. Issues addressed include bypass and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2024-4367
SHA-256 | 5fb3db6c947c2cfe0a5662dbd910df7ada7d331d3372a1c478d88507de1840b8
Red Hat Security Advisory 2024-3783-03
Posted Jun 11, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3783-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.10. Issues addressed include bypass and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2024-4367
SHA-256 | 6df7b417c1d4cd2c965f9388462d93259f0500b3e20694b142c718dc9155f3db
Red Hat Security Advisory 2024-3781-03
Posted Jun 11, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3781-03 - An update is now available for Red Hat Ansible Automation Platform 2.4. Issues addressed include HTTP request smuggling, buffer overflow, code execution, cross site scripting, denial of service, memory exhaustion, null pointer, and password leak vulnerabilities.

tags | advisory, web, denial of service, overflow, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2023-5752
SHA-256 | 97582fd49f5e2d746ce75f2c7f0477643a47ef5538d5de3b9d00c3c7df43d95b
Red Hat Security Advisory 2024-3775-03
Posted Jun 11, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3775-03 - An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-3183
SHA-256 | d40d3e16f7e58d00e78aa95ac7376982bdb5777d0f791c2b56f7f31f7f9703e1
Red Hat Security Advisory 2024-3763-03
Posted Jun 11, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3763-03 - An update for nghttp2 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2024-28182
SHA-256 | 47748331b1add114f2d3813978b5b419f22b7d1d4b347ddcefacea388cbf8999
Red Hat Security Advisory 2024-3762-03
Posted Jun 11, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3762-03 - Red Hat AMQ Broker 7.11.7 is now available from the Red Hat Customer Portal.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-5072
SHA-256 | 4b51a103d0d44580997ec74472b1f04762427decf268b1dfec5c8990c1e1db2e
Red Hat Security Advisory 2024-3761-03
Posted Jun 11, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3761-03 - An update for ipa is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-3183
SHA-256 | a081da8312ce71ba93b7989b950d13cf8c7c16918fc1d6887fa599c5e0daf716
Red Hat Security Advisory 2024-3760-03
Posted Jun 11, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3760-03 - An update for ipa is now available for Red Hat Enterprise Linux 7.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-3183
SHA-256 | 55ef54b8f9ba48eb8ba1227d7db604245ce8eb3f69fdf3cd1c689629a288aeb1
Red Hat Security Advisory 2024-3759-03
Posted Jun 11, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3759-03 - An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-2698
SHA-256 | dec95d98e7ac1f174c60e17a3b07bcbece61029b851bdb4e7734813244e066ec
Red Hat Security Advisory 2024-3758-03
Posted Jun 11, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3758-03 - An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-3183
SHA-256 | fca6f43503566df89db89e51b46a0ab987583e74cd1aeefc5e12e06a84c20844
Red Hat Security Advisory 2024-3757-03
Posted Jun 11, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3757-03 - An update for ipa is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-2698
SHA-256 | 715829d97391ad8b2a349372946776aeea078fbd0312af99631ae3fe853ff8e1
Red Hat Security Advisory 2024-3756-03
Posted Jun 11, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3756-03 - An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8.4 Advanced Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-3183
SHA-256 | 3a2c0293376ceb3d9e48d26deae1f5a3fb877ab37d2a20dcf5a4b2edec8fbc3b
Red Hat Security Advisory 2024-3755-03
Posted Jun 11, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3755-03 - An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-2698
SHA-256 | 0fcbb6fea71e54325132778254536ca554e4b187b4882a08dc5b3a13dd1dca5f
Red Hat Security Advisory 2024-3754-03
Posted Jun 11, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3754-03 - An update for ipa is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-2698
SHA-256 | 5c429f274dab74cb7d6d33fb2079db3cd0cc10ff2e5eb28b0cb250a123180a14
Page 1 of 2
Back12Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close