what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2023-03-01 to 2023-03-02

Oracle E-Business Suite (EBS) Unauthenticated Arbitrary File Upload
Posted Mar 1, 2023
Authored by sf, HMs, l1k3beef | Site metasploit.com

This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in Oracle Web Applications Desktop Integrator, as shipped with Oracle EBS versions 12.2.3 through to 12.2.11, in order to gain remote code execution as the oracle user.

tags | exploit, remote, web, arbitrary, code execution, file upload
advisories | CVE-2022-21587
SHA-256 | a890c277f9518d69ee5b632d253b7c12b7da15367479577605ce796496a2f670
Packet Storm New Exploits For February, 2023
Posted Mar 1, 2023
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 82 exploits added to Packet Storm in February, 2023.

tags | exploit
SHA-256 | 1aac08f0f83c7b542b7b390b5edbc859493c3d548148a11d7a05d5876ea81bef
Red Hat Security Advisory 2023-0899-01
Posted Mar 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0899-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.53.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-4238, CVE-2022-3064, CVE-2022-41717, CVE-2022-4337, CVE-2022-4338
SHA-256 | fc9ef1ae79ed9c3711cc3750e4b209a31eb742fbcff55654265a78a41ad02a5d
Debian Security Advisory 5366-1
Posted Mar 1, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5366-1 - The Qualys Research Labs reported an authorization bypass (CVE-2022-41974) and a symlink attack (CVE-2022-41973) in multipath-tools, a set of tools to drive the Device Mapper multipathing driver, which may result in local privilege escalation.

tags | advisory, local
systems | linux, debian
advisories | CVE-2022-41973, CVE-2022-41974
SHA-256 | 449a42da9bb4b8caeb5d67f7cec2a182bd6252f94c98c628487a48466106f6b0
Ubuntu Security Notice USN-5880-2
Posted Mar 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5880-2 - USN-5880-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Christian Holler discovered that Firefox did not properly manage memory when using PKCS 12 Safe Bag attributes. An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes. Johan Carlsson discovered that Firefox did not properly manage child iframe's unredacted URI when using Content-Security-Policy-Report-Only header. An attacker could potentially exploits this to obtain sensitive information. Vitor Torres discovered that Firefox did not properly manage permissions of extensions interaction via ExpandedPrincipals. An attacker could potentially exploits this issue to download malicious files or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly validate background script invoking requestFullscreen. An attacker could potentially exploit this issue to perform spoofing attacks. Ronald Crane discovered that Firefox did not properly manage memory when using EncodeInputStream in xpcom. An attacker could potentially exploits this issue to cause a denial of service. Samuel Grob discovered that Firefox did not properly manage memory when using wrappers wrapping a scripted proxy. An attacker could potentially exploits this issue to cause a denial of service. Holger Fuhrmannek discovered that Firefox did not properly manage memory when using Module load requests. An attacker could potentially exploits this issue to cause a denial of service. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-0767, CVE-2023-25728, CVE-2023-25729, CVE-2023-25730, CVE-2023-25732, CVE-2023-25733, CVE-2023-25735, CVE-2023-25739, CVE-2023-25742
SHA-256 | d8134e53c73b5f2b98a54caf846a945da5e3e78dac7bf2d66525cf6b12579a76
Ubuntu Security Notice USN-5900-1
Posted Mar 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5900-1 - It was discovered that tar incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information or cause a crash.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2022-48303
SHA-256 | 4503c25c8985b1cadb953a8cf1e182195165a07bc046b1a1d324361c2f37498d
Ubuntu Security Notice USN-5638-4
Posted Mar 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5638-4 - USN-5638-1 fixed several vulnerabilities in Expat. This update provides the corresponding update for Ubuntu 14.04 ESM. Rhodri James discovered that Expat incorrectly handled memory when processing certain malformed XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-40674
SHA-256 | e8573f45eee357d0e6e1aea46a23678438ed02db697e4eb77adc47dd2c099c25
Red Hat Security Advisory 2023-1014-01
Posted Mar 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1014-01 - An update for etcd is now available for Red Hat OpenStack Platform 17.0 (Wallaby).

tags | advisory
systems | linux, redhat
advisories | CVE-2022-3064
SHA-256 | c4879e7392aa52c6dca6db166aa6b15431df175559308cee79acd01da94a7087
Red Hat Security Advisory 2023-1017-01
Posted Mar 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1017-01 - OpenStack Image Service provides discovery,registration, and delivery services for virtual disk images. The Image Service API server provides a standard REST interface for querying information about virtual disk images stored in a variety of back-end stores, including OpenStack Object Storage. Clients can register new virtual disk images with the Image Service, query for information on publicly available disk images, and use the Image Service's client library for streaming virtual disk images.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-47951
SHA-256 | 80ab0faeedfbdf327d8426f0871c22b67707bc75bf6dd21d8bbbced6ad1b1c92
Red Hat Security Advisory 2023-1008-01
Posted Mar 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1008-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include denial of service, integer overflow, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-3564, CVE-2022-4378, CVE-2022-4379, CVE-2023-0179
SHA-256 | fba873bf08142b1734ce101270b4bfda6391348b5715d496bfb89c99f2fc2fa0
Red Hat Security Advisory 2023-1013-01
Posted Mar 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1013-01 - An update for openstack-swift is now available for Red Hat OpenStack Platform 17.0 (Wallaby).

tags | advisory
systems | linux, redhat
advisories | CVE-2022-47950
SHA-256 | b4523a9e064e03dd889b768dc71d965d0d8f13043a46a4878969d3dc412e49f7
Red Hat Security Advisory 2023-0890-01
Posted Mar 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0890-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.5. Issues addressed include denial of service and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-38561
SHA-256 | 64053042b8e50f28dccf721063ca374b26f0c2a595d5acc89d839263971e7e3e
Red Hat Security Advisory 2023-1018-01
Posted Mar 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1018-01 - An update for python-werkzeug is now available for Red Hat OpenStack Platform 17.0 (Wallaby). Issues addressed include a remote shell upload vulnerability.

tags | advisory, remote, shell, python
systems | linux, redhat
advisories | CVE-2023-25577
SHA-256 | 6cabeb616cc86e2cbaf9eeff580fc77e5c814243da7ceecee78741afbe444047
Red Hat Security Advisory 2023-1016-01
Posted Mar 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1016-01 - Cinder is the replacement of nova-volume in Folsom and beyond, used for block storage.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-47951
SHA-256 | bd3dd8c54d58013ab73540538eb2f9d5ac4338d7f6081ac715b81cd621b545dc
Red Hat Security Advisory 2023-1015-01
Posted Mar 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1015-01 - OpenStack Compute is open source software designed to provision and manage large networks of virtual machines,creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances, managing networks, and controlling access through users and projects.OpenStack Compute strives to be both hardware and hypervisor agnostic, currently supporting a variety of standard hardware configurations and seven major hypervisors.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-47951
SHA-256 | 93c5f30cf15b3fc63477f6581b0e8f07cb77caaec261a9c23601b89802364699
Ubuntu Security Notice USN-5903-1
Posted Mar 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5903-1 - It was discovered that lighttpd incorrectly handled certain inputs, which could result in a stack buffer overflow. A remote attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, denial of service, overflow
systems | linux, ubuntu
advisories | CVE-2022-22707
SHA-256 | a0a282a6f042353c2982180a586d4f786bba17c14f0faf45bda948394888a9e8
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close