Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
c77b97c39c4123f852d12ad4acfa33fbe1ee4442e74afbe37ac9b9d761710a96XenForo versions 2.2.15 and below suffer from a remote code execution vulnerability in the Template system.
141922e324fd21737d323eaed2f53c7bc972900273dfc3e19ea72c0648544233XenForo versions 2.2.15 and below suffer from a cross site request forgery vulnerability in Widget::actionSave.
a2e0e2c93fd20ac00f325a1d77c282bae74c903affae30dd55518d5333641874Debian Linux Security Advisory 5731-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
4367b93fd0ea16ab18f88c7940aa8c04d71f1deff307e3acccab8066e254073cHospital Management System Project in ASP.Net MVC version 1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
a527f71217d32274beae028c4fd49e504ec99bf57f1991e46fa931328924f372It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the netfilter connection tracker for netlink in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). Various other issues were also addressed.
e841c7c43cd27027fc1462482840cc26556602ee6c248d45547e0f6361010c71Red Hat Security Advisory 2024-4591-03 - Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.16.0 on Red Hat Enterprise Linux 9. Issues addressed include denial of service, memory leak, and resource exhaustion vulnerabilities.
2769b8537c3f9c42c05b23b4b22d5ff4293db4b466edf9a74627041de22a4044Ubuntu Security Notice 6896-3 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.
a1423a94bbd0e244b50a9dcc42a0d161e6c9763ef9a664b4bc82761901f3c48bRed Hat Security Advisory 2024-4590-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
b195337db3e9fe3df6ddb5a587f110c3cd2ca360fcaefe3592508b7923902672Red Hat Security Advisory 2024-4586-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
2ccc40a39b4766a56bc4f0dbd8bbce91369bf588970b34f2bd3561b4768114ccRed Hat Security Advisory 2024-4583-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution and use-after-free vulnerabilities.
4ef86d7cb54e4f3530011c56c660939cad4f7c76d17bdcb218e74ff383401b36Red Hat Security Advisory 2024-4581-03 - An update for podman is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include a memory leak vulnerability.
30e57b0f355c6501fcf2dca957fe19fe518076b52172b2a156ec6425bbf2f791Red Hat Security Advisory 2024-4580-03 - An update for cups is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
c62c90feeb72116d70821cb75a329eab5909e7a6c635cdf5779b647878272ecfRed Hat Security Advisory 2024-4579-03 - An update for git is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
59d99da49fc7047e99fb67591f23c53c55fc330d79d87458cfc95f682336e177Red Hat Security Advisory 2024-4577-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a privilege escalation vulnerability.
7db6f1dd8b4a87e3ecd4cac330b5f4908d0d818f128d72915d119e096d72a24fRed Hat Security Advisory 2024-4576-03 - An update for nghttp2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a denial of service vulnerability.
daf02fc4aca1b327066a84e8f4110e483e635c981dfc0e2408f9758e7d19a11dRed Hat Security Advisory 2024-4575-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
c2a06f08eb1141579b29e600ada28a3958adaf8c93001b1d38fbdf8a4f86bf0dUbuntu Security Notice 6900-1 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service.
e97da32f17a29fe4696411be940643a9db1b1d29119fc6286db6efced74e2225Red Hat Security Advisory 2024-4573-03 - An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8 and Red Hat Enterprise Linux 9. Issues addressed include an out of bounds access vulnerability.
dce7a0c036e6d2be197b39dc26098d4ac746bdc576ffc4fd7c39ecd7f0b0ac54Red Hat Security Advisory 2024-4572-03 - An update is now available for OpenJDK. Issues addressed include an out of bounds access vulnerability.
7a5b2fc1f1dbbb7fb31f3b8517953672e27e3522531d183ac19a9a0f5cf83c68Red Hat Security Advisory 2024-4571-03 - An update is now available for OpenJDK. Issues addressed include an out of bounds access vulnerability.
9f976be289bc42246218af3759ce841ecadf48f60f65b217bc64ba99e5d9fa5dUbuntu Security Notice 6898-2 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.
0ab8434a912c1a37f7ce3d27489ffab441a7e52cdc71e41d0a0713946e958fbeRed Hat Security Advisory 2024-4570-03 - An update is now available for OpenJDK. Issues addressed include an out of bounds access vulnerability.
ee2674ed10294092320e653df3cd3390dee4c5ea87e5845240a1620c7f84854dRed Hat Security Advisory 2024-4569-03 - An update is now available for OpenJDK. Issues addressed include an out of bounds access vulnerability.
49e9df47592f4155d81eede43fe18cbbdc2b2d4591190324a069b69f2f1b3445Red Hat Security Advisory 2024-4566-03 - An update is now available for OpenJDK. Issues addressed include an out of bounds access vulnerability.
8b83fc9a45416fdb89f659b7a456a4d630f448488b9cdc135bd435777b974760
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed