what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 44 RSS Feed

Files Date: 2024-07-09 to 2024-07-10

Ivanti EPM RecordGoodApp SQL Injection / Remote Code Execution
Posted Jul 9, 2024
Authored by Christophe de la Fuente, James Horseman | Site metasploit.com

Ivanti Endpoint Manager (EPM) 2022 SU5 and prior versions are susceptible to an unauthenticated SQL injection vulnerability which can be leveraged to achieve unauthenticated remote code execution.

tags | exploit, remote, code execution, sql injection
advisories | CVE-2024-29824
SHA-256 | afbe87d39c043c81d0f93f3553319f8d3bdf71f4fb0e22d349d23f26beab2503
Botan C++ Crypto Algorithms Library 3.5.0
Posted Jul 9, 2024
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current 3.x.x release.

Changes: Fixed a DoS caused by excessive name constraints. Fixed a name constraint processing error. Added a new much faster elliptic curve implementation. Added support for LMS hash based signatures. Added support for SSLKEYLOGFILE logging. Optimize processing in FFI botan_cipher_update. Add Public_Key::raw_public_key_bits. Many other updates and fixes noted in the changelog.
tags | library
advisories | CVE-2024-34702, CVE-2024-39312
SHA-256 | 67e8dae1ca2468d90de4e601c87d5f31ff492b38e8ab8bcbd02ddf7104ed8a9f
Botan C++ Crypto Algorithms Library 2.19.5
Posted Jul 9, 2024
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current 2.19.x release that reaches end-of-life at the end of 2024.

Changes: Fixed a DoS caused by excessive name constraints. Fixed a name constraint processing error. Fixed a crash in OCB. Fixed a test failure in compression with certain versions of zlib. Fixed some iterator debugging errors in TLS CBC decryption. Avoids a miscompilation in ARIA when using XCode 14. Certificate verification update.
tags | library
advisories | CVE-2024-34702, CVE-2024-39312
SHA-256 | dfeea0e0a6f26d6724c4af01da9a7b88487adb2d81ba7c72fcaf52db522c9ad4
Gentoo Linux Security Advisory 202407-23
Posted Jul 9, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202407-23 - Multiple vulnerabilities have been discovered in LIVE555 Media Server, the worst of which could lead to a denial of service. Versions greater than or equal to 2021.08.24 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2020-24027, CVE-2021-38380, CVE-2021-38381, CVE-2021-38382, CVE-2021-39282, CVE-2021-39283
SHA-256 | 985ada0515e118faf1d96d2cd1c7334be0e5199276ab8d441c78a61a42b33ade
Ubuntu Security Notice USN-6886-1
Posted Jul 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6886-1 - It was discovered that the Go net/http module did not properly handle the requests when request\'s headers exceed MaxHeaderBytes. An attacker could possibly use this issue to cause a panic resulting into a denial of service. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that the Go net/http module did not properly validate the subdomain match or exact match of the initial domain. An attacker could possibly use this issue to read sensitive information. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.

tags | advisory, web, denial of service
systems | linux, ubuntu
advisories | CVE-2023-45288, CVE-2023-45289, CVE-2023-45290, CVE-2024-24783, CVE-2024-24784, CVE-2024-24785, CVE-2024-24788, CVE-2024-24789, CVE-2024-24790
SHA-256 | 66197d055fed6c97073d4c955f114f48acbb90bca8321f4984ae151d375a3e75
Ubuntu Security Notice USN-6880-1
Posted Jul 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6880-1 - Sam Shahsavar discovered that Apache Tomcat did not properly reject HTTP requests with an invalid Content-Length header. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2022-42252
SHA-256 | a1b7658d93cbe9452fafc9962055ac3264eb70250edec2116b29a0ee545cc5ae
Ubuntu Security Notice USN-6885-1
Posted Jul 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6885-1 - Marc Stern discovered that the Apache HTTP Server incorrectly handled serving WebSocket protocol upgrades over HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. Orange Tsai discovered that the Apache HTTP Server mod_proxy module incorrectly sent certain request URLs with incorrect encodings to backends. A remote attacker could possibly use this issue to bypass authentication.

tags | advisory, remote, web, denial of service, protocol
systems | linux, ubuntu
advisories | CVE-2024-36387, CVE-2024-38473, CVE-2024-38476, CVE-2024-38477, CVE-2024-39884
SHA-256 | dc636ce74692d3f1a7da32825e61e1fcdc0b5d5a5413a13dc147dac6ff15aae4
Red Hat Security Advisory 2024-4419-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4419-03 - An update for edk2 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include buffer overflow and out of bounds read vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-45229
SHA-256 | 4074e254a33175b95fd87c662ad01c54b1b51d6eeac49179f5d4b64c0ca22b23
Red Hat Security Advisory 2024-4418-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4418-03 - An update for less is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2024-32487
SHA-256 | 6eea079d7a5f225b1311c93da86b2b506b874c224abade33d1c4e2e335ba9974
Red Hat Security Advisory 2024-4417-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4417-03 - An update for libreswan is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-3652
SHA-256 | 0de0b7f4bce6bb9c86b77198794ad864170d8f28f465de4e197a7f1f3e95e5ae
Red Hat Security Advisory 2024-4416-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4416-03 - An update for less is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2024-32487
SHA-256 | 9779f38d5c67590892cc95e98b9eeef26f2791044c7642d30a00bafc2de4c540
Red Hat Security Advisory 2024-4415-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4415-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2023-52434
SHA-256 | 4e78c5c2984dafdeaa7ef19d7b6115e6b841a4b44e4585d641283fe2e653b972
Red Hat Security Advisory 2024-4414-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4414-03 - An update for fence-agents is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-34064
SHA-256 | 1e4659c7badb0b3665fa277ed30c1dac1c4bad1f7acce7032ef423f887039600
Red Hat Security Advisory 2024-4413-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4413-03 - An update for pki-core is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2023-4727
SHA-256 | 39c072c9c9337ab758eb7d3423e1cd132aafe5621023f4c20da09c0b26d0f377
Red Hat Security Advisory 2024-4412-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4412-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2023-52434
SHA-256 | 8f3a880b55e99c813f162538379e31b0db1ce6134a16f878bf8071d39dddcbb9
Red Hat Security Advisory 2024-4411-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4411-03 - An update for booth is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-3049
SHA-256 | 6f52d0f330c4c6e9e3c5c391a73d39248d5e66f3f293c3961d040d8a75848108
Red Hat Security Advisory 2024-4409-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4409-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-31346
SHA-256 | 0fb1a5af2cce4b077e6c3070f3c2604b3fb5adfe71319acd6e5419bff7a03d7e
Red Hat Security Advisory 2024-4408-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4408-03 - An update for tpm2-tss is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-22745
SHA-256 | 29438d2bb58a7c83391b1aa94314baf5fab981379bdc95e83f6cdfa449820550
Red Hat Security Advisory 2024-4406-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4406-03 - An update for python3 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2023-6597
SHA-256 | fad9a8cb1ae41d406c1f5124652e152ff1cee7b8c5c85db5c53d7954b9dda8d8
Red Hat Security Advisory 2024-4404-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4404-03 - An update for fence-agents is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-34064
SHA-256 | c03cf592c7cb1ac34ed11bb1841770020cd2c4c8777e44040a5361b4df6a8cfb
Red Hat Security Advisory 2024-4403-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4403-03 - An update for pki-core is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2023-4727
SHA-256 | e37088f79413e96e952fe5ee8151fcdb994b3f65b0fea1c13541de571c2312fc
Red Hat Security Advisory 2024-4402-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4402-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-1597
SHA-256 | 3b51382e90ad9788491149689dfd6205c274ed1e4577fadbf0d7abb297f44e2c
Red Hat Security Advisory 2024-4400-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4400-03 - An update for booth is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-3049
SHA-256 | ae4b51588149f371d1d2d3e6b67183ab34915e5a386099e58130af7cabc613f6
Red Hat Security Advisory 2024-4392-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4392-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-51775
SHA-256 | 5231130a48c0022f15f16e388d438452f49ca96354b9e43113532b44d3e1c47c
Red Hat Security Advisory 2024-4390-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4390-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2024-27316
SHA-256 | 5feffa32663b1147fdb17ba495209e37bd329e017d6d27e6bc30039d9803486b
Page 1 of 2
Back12Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    17 Files
  • 24
    Jul 24th
    47 Files
  • 25
    Jul 25th
    31 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close