what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 34 RSS Feed

Files Date: 2024-07-17

Faraday 5.4.0
Posted Jul 17, 2024
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Implemented Elasticsearch vulnerability ingest from Faraday for comprehensive statistical analysis. Implemented workspace update functionality for changes to vulnerabilities, assets, and services. Introduced debouncer logic to prevent redundant updates to the database. Added ping timeout, ping interval and logger parameters on faraday server config. Changed session_timeout in config to float to allow for fractions of hours. Various other updates.
tags | tool, rootkit
systems | unix
SHA-256 | c77b97c39c4123f852d12ad4acfa33fbe1ee4442e74afbe37ac9b9d761710a96
Xenforo 2.2.15 Remote Code Execution
Posted Jul 17, 2024
Authored by EgiX | Site karmainsecurity.com

XenForo versions 2.2.15 and below suffer from a remote code execution vulnerability in the Template system.

tags | exploit, remote, code execution
advisories | CVE-2024-38458
SHA-256 | 141922e324fd21737d323eaed2f53c7bc972900273dfc3e19ea72c0648544233
XenForo 2.2.15 Cross Site Request Forgery
Posted Jul 17, 2024
Authored by EgiX | Site karmainsecurity.com

XenForo versions 2.2.15 and below suffer from a cross site request forgery vulnerability in Widget::actionSave.

tags | exploit, csrf
advisories | CVE-2024-38457
SHA-256 | a2e0e2c93fd20ac00f325a1d77c282bae74c903affae30dd55518d5333641874
Debian Security Advisory 5731-1
Posted Jul 17, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5731-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2023-52760, CVE-2024-25741, CVE-2024-27397, CVE-2024-36894, CVE-2024-36973, CVE-2024-36978, CVE-2024-37078, CVE-2024-38619, CVE-2024-39298, CVE-2024-39371, CVE-2024-39469, CVE-2024-39474, CVE-2024-39484, CVE-2024-39487
SHA-256 | 4367b93fd0ea16ab18f88c7940aa8c04d71f1deff307e3acccab8066e254073c
Hospital Management System Project In ASP.Net MVC 1 SQL Injection
Posted Jul 17, 2024
Authored by 0xMykull

Hospital Management System Project in ASP.Net MVC version 1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, asp
advisories | CVE-2024-40502
SHA-256 | a527f71217d32274beae028c4fd49e504ec99bf57f1991e46fa931328924f372
Kernel Live Patch Security Notice LSN-0105-1
Posted Jul 17, 2024
Authored by Benjamin M. Romer

It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the netfilter connection tracker for netlink in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2023-6270, CVE-2023-7192, CVE-2024-26642, CVE-2024-26828, CVE-2024-26924
SHA-256 | e841c7c43cd27027fc1462482840cc26556602ee6c248d45547e0f6361010c71
Red Hat Security Advisory 2024-4591-03
Posted Jul 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4591-03 - Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.16.0 on Red Hat Enterprise Linux 9. Issues addressed include denial of service, memory leak, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2023-43646
SHA-256 | 2769b8537c3f9c42c05b23b4b22d5ff4293db4b466edf9a74627041de22a4044
Ubuntu Security Notice USN-6896-3
Posted Jul 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6896-3 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2022-48627, CVE-2023-52656, CVE-2023-52699, CVE-2023-6270, CVE-2023-7042, CVE-2024-22099, CVE-2024-23307, CVE-2024-24858, CVE-2024-24861, CVE-2024-25739, CVE-2024-26586, CVE-2024-26687, CVE-2024-26812, CVE-2024-26813
SHA-256 | a1423a94bbd0e244b50a9dcc42a0d161e6c9763ef9a664b4bc82761901f3c48b
Red Hat Security Advisory 2024-4590-03
Posted Jul 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4590-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-6601
SHA-256 | b195337db3e9fe3df6ddb5a587f110c3cd2ca360fcaefe3592508b7923902672
Red Hat Security Advisory 2024-4586-03
Posted Jul 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4586-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-6601
SHA-256 | 2ccc40a39b4766a56bc4f0dbd8bbce91369bf588970b34f2bd3561b4768114cc
Red Hat Security Advisory 2024-4583-03
Posted Jul 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4583-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-47548
SHA-256 | 4ef86d7cb54e4f3530011c56c660939cad4f7c76d17bdcb218e74ff383401b36
Red Hat Security Advisory 2024-4581-03
Posted Jul 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4581-03 - An update for podman is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include a memory leak vulnerability.

tags | advisory, memory leak
systems | linux, redhat
advisories | CVE-2024-1394
SHA-256 | 30e57b0f355c6501fcf2dca957fe19fe518076b52172b2a156ec6425bbf2f791
Red Hat Security Advisory 2024-4580-03
Posted Jul 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4580-03 - An update for cups is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-35235
SHA-256 | c62c90feeb72116d70821cb75a329eab5909e7a6c635cdf5779b647878272ecf
Red Hat Security Advisory 2024-4579-03
Posted Jul 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4579-03 - An update for git is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-32002
SHA-256 | 59d99da49fc7047e99fb67591f23c53c55fc330d79d87458cfc95f682336e177
Red Hat Security Advisory 2024-4577-03
Posted Jul 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4577-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a privilege escalation vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-6546
SHA-256 | 7db6f1dd8b4a87e3ecd4cac330b5f4908d0d818f128d72915d119e096d72a24f
Red Hat Security Advisory 2024-4576-03
Posted Jul 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4576-03 - An update for nghttp2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2024-28182
SHA-256 | daf02fc4aca1b327066a84e8f4110e483e635c981dfc0e2408f9758e7d19a11d
Red Hat Security Advisory 2024-4575-03
Posted Jul 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4575-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-27635
SHA-256 | c2a06f08eb1141579b29e600ada28a3958adaf8c93001b1d38fbdf8a4f86bf0d
Ubuntu Security Notice USN-6900-1
Posted Jul 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6900-1 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2023-52631, CVE-2023-52638, CVE-2023-52643, CVE-2023-52645, CVE-2023-52880, CVE-2023-6270, CVE-2024-0841, CVE-2024-1151, CVE-2024-23307, CVE-2024-24861, CVE-2024-26593, CVE-2024-26600, CVE-2024-26603, CVE-2024-26642
SHA-256 | e97da32f17a29fe4696411be940643a9db1b1d29119fc6286db6efced74e2225
Red Hat Security Advisory 2024-4573-03
Posted Jul 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4573-03 - An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8 and Red Hat Enterprise Linux 9. Issues addressed include an out of bounds access vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2024-21131
SHA-256 | dce7a0c036e6d2be197b39dc26098d4ac746bdc576ffc4fd7c39ecd7f0b0ac54
Red Hat Security Advisory 2024-4572-03
Posted Jul 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4572-03 - An update is now available for OpenJDK. Issues addressed include an out of bounds access vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-21131
SHA-256 | 7a5b2fc1f1dbbb7fb31f3b8517953672e27e3522531d183ac19a9a0f5cf83c68
Red Hat Security Advisory 2024-4571-03
Posted Jul 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4571-03 - An update is now available for OpenJDK. Issues addressed include an out of bounds access vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-21131
SHA-256 | 9f976be289bc42246218af3759ce841ecadf48f60f65b217bc64ba99e5d9fa5d
Ubuntu Security Notice USN-6898-2
Posted Jul 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6898-2 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-38096, CVE-2023-52880, CVE-2024-23307, CVE-2024-24861, CVE-2024-25739, CVE-2024-26629, CVE-2024-26642, CVE-2024-26654, CVE-2024-26687, CVE-2024-26812, CVE-2024-26813, CVE-2024-26817, CVE-2024-26828, CVE-2024-26926
SHA-256 | 0ab8434a912c1a37f7ce3d27489ffab441a7e52cdc71e41d0a0713946e958fbe
Red Hat Security Advisory 2024-4570-03
Posted Jul 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4570-03 - An update is now available for OpenJDK. Issues addressed include an out of bounds access vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-21131
SHA-256 | ee2674ed10294092320e653df3cd3390dee4c5ea87e5845240a1620c7f84854d
Red Hat Security Advisory 2024-4569-03
Posted Jul 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4569-03 - An update is now available for OpenJDK. Issues addressed include an out of bounds access vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-21131
SHA-256 | 49e9df47592f4155d81eede43fe18cbbdc2b2d4591190324a069b69f2f1b3445
Red Hat Security Advisory 2024-4566-03
Posted Jul 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4566-03 - An update is now available for OpenJDK. Issues addressed include an out of bounds access vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-21131
SHA-256 | 8b83fc9a45416fdb89f659b7a456a4d630f448488b9cdc135bd435777b974760
Page 1 of 2
Back12Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close