exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 37 RSS Feed

Files Date: 2023-08-08 to 2023-08-09

Debian Security Advisory 5471-1
Posted Aug 8, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5471-1 - A security vulnerability has been discovered in libhtmlcleaner-java, a Java HTML parser library. An attacker was able to cause a denial of service (StackOverflowError) if the parser runs on user supplied input with deeply nested HTML elements. This update introduces a new nesting depth limit which can be overridden in cleaner properties.

tags | advisory, java, denial of service, overflow
systems | linux, debian
advisories | CVE-2023-34624
SHA-256 | f96281f975f20155fb343f0d82fab4ed0c0a3a6cbbc5a26c074cca92130006ba
Ubuntu Security Notice USN-6277-1
Posted Aug 8, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6277-1 - It was discovered that Dompdf was not properly validating untrusted input when processing HTML content under certain circumstances. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. It was discovered that Dompdf was not properly validating processed HTML content that referenced PHAR files, which could result in the deserialization of untrusted data. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-5011, CVE-2014-5012, CVE-2021-3838, CVE-2022-2400
SHA-256 | eae7a63a1314510fba016ace5f4fa58f3b235300091023f8fe1215a16f0a875b
Red Hat Security Advisory 2023-4531-01
Posted Aug 8, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4531-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-42896, CVE-2023-1281, CVE-2023-1829
SHA-256 | 011026b4b36f55daf3ed81b46636357bc0bab4bb6f8cd65f801fa0d7c9a04ecb
GNOME Files 43.4 Privilege Escalation
Posted Aug 8, 2023
Authored by Georgi Guninski

GNOME Files version 43.4 (nautilus) on Fedora 37 will extract zip archives with setuid files for other user identifiers that can be leveraged to escalate privileges.

tags | exploit
systems | linux, fedora
SHA-256 | ac80117ac673973985c2dd78f43ddd88009c6d2d28c771696ceaab5aceb3f410
Red Hat Security Advisory 2023-4456-01
Posted Aug 8, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4456-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.8. Issues addressed include an add administrator vulnerability.

tags | advisory, add administrator
systems | linux, redhat
advisories | CVE-2022-41723, CVE-2022-45869, CVE-2023-0458, CVE-2023-1998, CVE-2023-22652, CVE-2023-28321, CVE-2023-28322, CVE-2023-28484, CVE-2023-29469, CVE-2023-3089, CVE-2023-3090, CVE-2023-32681, CVE-2023-35788, CVE-2023-38408
SHA-256 | b0a498344d09cd12609bee557f305594f2cff6126e3cae1cdc620fc9159bf3ec
Red Hat Security Advisory 2023-4536-01
Posted Aug 8, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4536-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The package has been upgraded to a later upstream version: nodejs. Issues addressed include HTTP request smuggling and bypass vulnerabilities.

tags | advisory, web, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2023-30581, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590
SHA-256 | 2f06bbbf8bfb035c3cc29869030ff9c394d94f4a61e802e88783692206313bf6
Ubuntu Security Notice USN-6267-2
Posted Aug 8, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6267-2 - USN-6267-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy. Alexander Guryanov discovered that Firefox did not properly update the value of a global variable in WASM JIT analysis in some circumstances. An attacker could potentially exploit this issue to cause a denial of service. Mark Brand discovered that Firefox did not properly validate the size of an untrusted input stream. An attacker could potentially exploit this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4048, CVE-2023-4050, CVE-2023-4056
SHA-256 | 5fb0b898aafa28294fb8ccc08119b1fe47db5b53b2d6374b96b0c7fd72049cca
Red Hat Security Advisory 2023-4523-01
Posted Aug 8, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4523-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2023-27536, CVE-2023-28321
SHA-256 | fe1e1a7beeb477da26be10905af4664fbab2fbeccfcd8c098362265bd0c72eeb
Varient News Magazine Script 2.2 Insecure Settings
Posted Aug 8, 2023
Authored by indoushka

Varient News Magazine Script version 2.2 appears to leave default credentials installed after installation.

tags | exploit
SHA-256 | 55d39fc316be771eae1077981f65e91b1c5c157ca82a0c7e5a445518f84094df
Red Hat Security Advisory 2023-4459-01
Posted Aug 8, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4459-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.8.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-24539, CVE-2023-29400
SHA-256 | 58c55fc1f8686d749cce82dbeb1f696f569b11acb8df93ed3cda8bdbe810d8c7
Red Hat Security Advisory 2023-4539-01
Posted Aug 8, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4539-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-2454, CVE-2023-2455
SHA-256 | 4492727b610b193728ddfd73abfdc3f4792530283ba77b397c75d148b3f29e29
Red Hat Security Advisory 2023-4529-01
Posted Aug 8, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4529-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-28484, CVE-2023-29469
SHA-256 | 05f36faf9f4f406416529bd6b79e5d7d84f5904b90b4f43e01da22ebffbf76aa
Video Whisper Conference 1.01 Cross Site Scripting
Posted Aug 8, 2023
Authored by indoushka

Video Whisper Conference version 1.01 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b40ba81d48018c21e4e30b598f994c663576e363ae861549806e4e66a2267a20
Red Hat Security Advisory 2023-4535-01
Posted Aug 8, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4535-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41862, CVE-2023-2454, CVE-2023-2455
SHA-256 | bb0d93dc4642fdfdca0f3a521e54d8fafc5d8a05d94ed117e60752d51d43bb29
Red Hat Security Advisory 2023-4520-01
Posted Aug 8, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4520-01 - The python-requests package contains a library designed to make HTTP requests easy for developers.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2023-32681
SHA-256 | d0c1dc5e356e4b5ead6eee269f7ceb50713f9d3eba95d0dfa54c4f53d0db6666
Videoflix CMS 1.3 Insecure Settings
Posted Aug 8, 2023
Authored by indoushka

Videoflix CMS version 1.3 appears to leave default credentials installed after installation.

tags | exploit
SHA-256 | 1b188b1961144abfb1aff317f94f1ba0b540456dddba84057ab90b4a73e6bb7c
Red Hat Security Advisory 2023-4537-01
Posted Aug 8, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4537-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The package has been upgraded to a later upstream version: nodejs. Issues addressed include HTTP request smuggling and bypass vulnerabilities.

tags | advisory, web, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2023-30581, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590
SHA-256 | 26418c8a5be7babeeb199c8a8e789c7d53171594bcc88de2f5638715da3afb4b
Red Hat Security Advisory 2023-4524-01
Posted Aug 8, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4524-01 - Libcap is a library for getting and setting POSIX.1e draft 15 capabilities. Issues addressed include integer overflow and memory leak vulnerabilities.

tags | advisory, overflow, vulnerability, memory leak
systems | linux, redhat, osx
advisories | CVE-2023-2602, CVE-2023-2603
SHA-256 | 9393191fe2906786aaecc95ef657be2b2d21d0856639034a2d51cd3151f514e6
Red Hat Security Advisory 2023-4517-01
Posted Aug 8, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4517-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-42896, CVE-2023-1281, CVE-2023-1829, CVE-2023-2124, CVE-2023-2194, CVE-2023-2235
SHA-256 | 18ca1a2d2bb8e1e5c625c86b54b8da16e838e8069670bd47e1b837b47fd7e8ba
Virtues cpanelCMS 1.0 SQL Injection
Posted Aug 8, 2023
Authored by indoushka

Virtues cpanelCMS version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b0dd987501a8980f27a1a2c335dab1ec406d02a79b945305fa4690813000c747
Voodoo Chat 1.3 Cross Site Scripting
Posted Aug 8, 2023
Authored by indoushka

Voodoo Chat version 1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 11f7a2efbdf14e9500b0a6e971a896bbac171caeed20cc661f2b4ad1b5c02e2e
eneblur CMS 1.0 SQL Injection
Posted Aug 8, 2023
Authored by indoushka

eneblur CMS version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4d67639c944054e33175ed2e55a36b45439dd449f6e73134fe454cc1d6a7bb71
Red Hat Security Advisory 2023-4527-01
Posted Aug 8, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4527-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-2454, CVE-2023-2455
SHA-256 | 224d7a7ab3268b731ca5e1b6146c6fc24f536b48dce67839bd62d8aa4f6246e2
Red Hat Security Advisory 2023-4541-01
Posted Aug 8, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4541-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-42896, CVE-2023-1281, CVE-2023-1829, CVE-2023-2124, CVE-2023-2194, CVE-2023-2235
SHA-256 | afd57de8197f4fa2f3f6f819900ae0f78bac5331e50d8a51481ca5b1e5bb9e15
CMS BMGI International 4.0 SQL Injection
Posted Aug 8, 2023
Authored by indoushka

CMS BMGI International version 4.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 336a8b483f9aec691b3187aad233253738b3431f58b9ba29e3f0951d22563235
Page 1 of 2
Back12Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close