exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2024-07-29 to 2024-07-30

mySCADA MyPRO Authenticated Command Injection
Posted Jul 29, 2024
Authored by Michael Heinzl | Site metasploit.com

An authenticated command injection vulnerability exists in MyPRO versions 8.28.0 and below from mySCADA. The vulnerability can be exploited by a remote attacker to inject arbitrary operating system commands which will get executed in the context of NT AUTHORITY\SYSTEM.

tags | exploit, remote, arbitrary
advisories | CVE-2023-28384
SHA-256 | 6bdea3ad1391073febd62f0e884fbd6fc6fea49ac4cfd406e9d4238facc1c2ed
Ubuntu Security Notice USN-6926-1
Posted Jul 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6926-1 - 黄思聪 discovered that the NFC Controller Interface implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-46343, CVE-2023-52436, CVE-2023-52444, CVE-2023-52449, CVE-2023-52469, CVE-2023-52752, CVE-2024-25739, CVE-2024-25744, CVE-2024-26857, CVE-2024-26882, CVE-2024-26923, CVE-2024-27020, CVE-2024-35978, CVE-2024-35997
SHA-256 | 5946767f63c59a1b35d467132768a7ffe22b7db995b64fbe9e4a10be86c172d9
Ubuntu Security Notice USN-6925-1
Posted Jul 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6925-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2024-26882
SHA-256 | fe1fba60e33b29ebcc0c686a7d7dd8e22db410b67deed3ea344841f408dec4d0
Blog Site 1.0 SQL Injection
Posted Jul 29, 2024
Authored by nu11secur1ty

Blog Site version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1782b046991f3607dfff6d31c96b4101dee037b31b0a50fae28cfec7b81e11d6
Debian Security Advisory 5734-2
Posted Jul 29, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5734-2 - The security update announced as DSA 5734-1 caused a regression on configurations using the Samba DLZ module. Updated packages are now available to correct this issue.

tags | advisory
systems | linux, debian
SHA-256 | db85a04ceff1e9fa79d7b6291241e7bbb6413f70cdd9cbd1fe8fbaac121ca01e
QuickJob 6.1 Insecure Settings
Posted Jul 29, 2024
Authored by indoushka

QuickJob version 6.1 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | e6896d4cea9d5e1f38adf67e9cf29b00d07caf0ece1ebc4e316d431f13e72eca
Prison Management System version 1.0 Insecure Settings
Posted Jul 29, 2024
Authored by indoushka

Prison Management System version version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | 81a9d01f3c8c94bb0000f4403731ff41830ed447ed13fdad39cbe7cc67884842
Ubuntu Security Notice USN-6924-1
Posted Jul 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6924-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2021-47131, CVE-2022-48655, CVE-2024-26585, CVE-2024-26907
SHA-256 | fe53846e8c2cef290fe6f0e94666b098b0705e2d7d948fed1bfc7f874370ec5f
Ubuntu Security Notice USN-6921-1
Posted Jul 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6921-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2024-25742, CVE-2024-35997, CVE-2024-36008, CVE-2024-36016
SHA-256 | f21012d26bb2d7955b293ca300cc71afa2c6c54d91aeb2e68d7f99a4c54f7d37
Ubuntu Security Notice USN-6923-1
Posted Jul 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6923-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-52752, CVE-2024-25742, CVE-2024-27017, CVE-2024-36016
SHA-256 | f1478e6fbfb5ae574e77c100a2ce319395b280eba6b7976833ad785e429368d6
Telegram For Android Connection::onReceivedData Use-After-Free
Posted Jul 29, 2024
Authored by Google Security Research, Mark Brand

Telegram for Android suffers from a use-after-free vulnerability in Connection::onReceivedData.

tags | advisory
SHA-256 | b50977499b859adec9bc55d49621466231a4ab00aa44223747f9839cecd9995e
PowerVR _DevmemXReservationPageAddress() Wrapping Addition Error
Posted Jul 29, 2024
Authored by Jann Horn, Google Security Research

PowerVR has an issue where wrapping addition in _DevmemXReservationPageAddress() causes an MMU operation at the wrong address.

tags | exploit
advisories | CVE-2024-34748
SHA-256 | 8cf4775aa2d6620274690594068ebd5446a26435ff99535d37ef3d64af38db87
PowerVR DevmemXIntMapPages() / DevmemXIntUnmapPages() Integer Overflows
Posted Jul 29, 2024
Authored by Jann Horn, Google Security Research

PowerVR has integer overflows in DevmemXIntMapPages() and DevmemXIntUnmapPages(), exploitable as dangling GPU page table entries.

tags | exploit, overflow
advisories | CVE-2024-34733
SHA-256 | 607faad30ec56959223ff39f5065ae4bc346c6c969c93404b728ab4ed243fc1a
PowerVR PMR Physical Memory Handling Flaw
Posted Jul 29, 2024
Authored by Jann Horn, Google Security Research

PowerVR PMR allows physical memory to be freed before GPU TLB invalidation.

tags | exploit
advisories | CVE-2024-34732
SHA-256 | 48938b3e44dc2ae24749118301fe7c8b943bd6b5bb5f57034378aa0f41845d6f
Ubuntu Security Notice USN-6922-1
Posted Jul 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6922-1 - It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. Chenyuan Yang discovered that the Unsorted Block Images flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2024-24857, CVE-2024-25739
SHA-256 | d8199e3a6b66aed553595f80a8e85c290a603353bb2760a7684a887ba27e7328
Ubuntu Security Notice USN-6920-1
Posted Jul 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6920-1 - It was discovered that EDK II was not properly performing bounds checks in Tianocompress, which could lead to a buffer overflow. An authenticated user could use this issue to potentially escalate their privileges via local access. It was discovered that EDK II had an insufficient memory write check in the SMM service, which could lead to a page fault occurring. An authenticated user could use this issue to potentially escalate their privileges, disclose information and/or create a denial of service via local access.

tags | advisory, denial of service, overflow, local
systems | linux, ubuntu
advisories | CVE-2017-5731, CVE-2018-12182, CVE-2018-12183, CVE-2018-3613, CVE-2019-0160
SHA-256 | b0c58ba1819156bcb07af298c55e7923ac32736a17201de136f2c76adc18526e
Ubuntu Security Notice USN-6916-1
Posted Jul 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6916-1 - It was discovered that Lua did not properly generate code when "_ENV" is constant. An attacker could possibly use this issue to cause a denial of service or execute arbitrary unstrusted lua code. It was discovered that Lua did not properly handle C stack overflows during error handling. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-28805, CVE-2022-33099
SHA-256 | 8dc2309f1f3abdff4ffe7a3ffa5c9734cee36847320ff747f561fae81cabb4ad
Pharmacy Management System 1.0 Insecure Settings
Posted Jul 29, 2024
Authored by indoushka

Pharmacy Management System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | 59f44c9b7f06be4efb67d80c7c07d536ce29ef1457664c97c77dea0949148078
Online Payment Hub System 1.0 Insecure Settings
Posted Jul 29, 2024
Authored by indoushka

Online Payment Hub System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | 30a6b1cbf6e4c838b1c70e5f65c51d228a564e5d1e6f1bc286e2c364b4ee5cda
Ubuntu Security Notice USN-6918-1
Posted Jul 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6918-1 - It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-52699, CVE-2024-26811, CVE-2024-26817, CVE-2024-26922, CVE-2024-26923, CVE-2024-26924, CVE-2024-26928, CVE-2024-26980, CVE-2024-26981, CVE-2024-26982, CVE-2024-26983, CVE-2024-26986, CVE-2024-26989, CVE-2024-26990
SHA-256 | 947dc6ce3cec3cdfef479e2eb5fb7d19c77151dd763924f5af72f2e51a47fe3b
Ubuntu Security Notice USN-6919-1
Posted Jul 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6919-1 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-38096, CVE-2022-48808, CVE-2023-52488, CVE-2023-52641, CVE-2023-52645, CVE-2023-52650, CVE-2023-52652, CVE-2023-52656, CVE-2023-52880, CVE-2023-6270, CVE-2023-7042, CVE-2024-0841, CVE-2024-21823, CVE-2024-22099
SHA-256 | fa62a455fd5fec5f2b84e0a201be2706aede67f259d7f0118ea8b7534bc3d5ac
Ubuntu Security Notice USN-6917-1
Posted Jul 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6917-1 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-38096, CVE-2023-52488, CVE-2023-52699, CVE-2023-52880, CVE-2024-23307, CVE-2024-24859, CVE-2024-24861, CVE-2024-25739, CVE-2024-26629, CVE-2024-26642, CVE-2024-26654, CVE-2024-26687, CVE-2024-26810, CVE-2024-26811
SHA-256 | 251746e4365add72c09071f34c8d71ce2bf736d76955b282b86efbf8b71bd9f6
Innue Business Live Chat 2.5 Insecure Settings
Posted Jul 29, 2024
Authored by indoushka

Innue Business Live Chat version 2.5 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | 69cf2bb9bb7d7ff376d99fe228145e43a3757fab2416d6aff6f75b372ddf2d3a
Red Hat Security Advisory 2024-4902-03
Posted Jul 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4902-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include double free and null pointer vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-47548
SHA-256 | 794b6b25a9bd88032a7517feef2d5094739be4addb8f6e1430313c7c6f00b446
Red Hat Security Advisory 2024-4896-03
Posted Jul 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4896-03 - An update for python3.11 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a traversal vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6597
SHA-256 | 460b7453d0b911b2859c2415fee168effe4fd6ccb286a5956ec85070f4b769fc
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close