exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 131,622 RSS Feed

Files

Red Hat Security Advisory 2024-1801-03
Posted Apr 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1801-03 - An update for unbound is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-50387
SHA-256 | 45122845dea36af6a8541c34b5b848f918b02a18d28d962c00ba4e7bed57d9d2
Red Hat Security Advisory 2024-1800-03
Posted Apr 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1800-03 - Updates for bind and bind-dyndb-ldap are now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-4408
SHA-256 | e3df1184e9249e0d7a062812d27b0c57794884f78be0a1f9ce04f80b27e75532
Red Hat Security Advisory 2024-1782-03
Posted Apr 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1782-03 - An update for bind and dhcp is now available for Red Hat Enterprise Linux 8.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-4408
SHA-256 | 3521b85f513eaa72701379f6484a5a9fab8ebff8e911ac7a58cfec746bf9abed
OpenClinic GA 5.247.01 Information Disclosure
Posted Apr 15, 2024
Authored by VB

OpenClinic GA version 5.247.01 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2023-40278
SHA-256 | 2ff76ee23f3646bb23d72691d3d4f6a113f1d03e2ad22824d2636988ff0294f6
OpenClinic GA 5.247.01 Path Traversal
Posted Apr 15, 2024
Authored by VB

OpenClinic GA version 5.247.01 suffers from an authenticated path traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2023-40279
SHA-256 | 0a16a99fea8a81ce4ac5a7f2ff88ffe98623e591f76c35f5e7c3d8893490aef0
Online Fire Reporting System 1.2 SQL Injection
Posted Apr 15, 2024
Authored by Diyar Saadi

Online Fire Reporting System version 1.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | 9342b7d21282ed54ce4702c6cda7276732332887ecb951f160125d0470ad7553
Stock Management System 1.0 SQL Injection
Posted Apr 15, 2024
Authored by Josué Mier

Stock Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2023-51951
SHA-256 | ee8f6806eb002eeb79308e1f582300e6c9e5c6963aed8ff7b5b730994fc80298
Ubuntu Security Notice USN-6730-1
Posted Apr 12, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6730-1 - It was discovered that Apache Maven Shared Utils did not handle double-quoted strings properly, allowing shell injection attacks. This could allow an attacker to run arbitrary code.

tags | advisory, arbitrary, shell
systems | linux, ubuntu
advisories | CVE-2022-29599
SHA-256 | 15c8d6e5b9065ade2c2ed5b94442496e05fb18a0a38ae85a9562327745d57a90
Debian Security Advisory 5656-1
Posted Apr 12, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5656-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2024-3157, CVE-2024-3515, CVE-2024-3516
SHA-256 | 36d8ec32098862bd442312fd32c3ee1e040b8baf4b868bc51289c338d235032e
Terratec dmx_6fire USB 1.23.0.02 Unquoted Service Path
Posted Apr 12, 2024
Authored by Joseph Kwabena Fiagbor

Terratec dmx_6fire USB version 1.23.0.02 suffers from an unquoted service path vulnerability.

tags | exploit
advisories | CVE-2024-31804
SHA-256 | 3b1ae38d17de2b6bb05d853af820ee9f6f5e2f2251357f5de9240f209b72112f
Ubuntu Security Notice USN-6729-1
Posted Apr 12, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6729-1 - Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2023-38709, CVE-2024-24795, CVE-2024-27316
SHA-256 | b6b856a665b8ccd0c761b17ac9d0990bb16f01e11f4e9c76e440d6681ef8b0fd
Ray OS 2.6.3 Command Injection
Posted Apr 12, 2024
Authored by Fire_Wolf

The Ray Project dashboard contains a CPU profiling page, and the format parameter is not validated before being inserted into a system command executed in a shell, allowing for arbitrary command execution. If the system is configured to allow passwordless sudo (a setup some Ray configurations require) this will result in a root shell being returned to the user. If not configured, a user level shell will be returned. Versions 2.6.3 and below are affected.

tags | exploit, arbitrary, shell, root
advisories | CVE-2023-6019
SHA-256 | 71d55c6a52e12ee9261d11d52085671ffd68404f5deb15af6740a69e8a217fba
Ubuntu Security Notice USN-6727-2
Posted Apr 12, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6727-2 - USN-6727-1 fixed vulnerabilities in NSS. The update introduced a regression when trying to load security modules on Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This update fixes the problem. It was discovered that NSS incorrectly handled padding when checking PKCS#1 certificates. A remote attacker could possibly use this issue to perform Bleichenbacher-like attacks and recover private data. This issue only affected Ubuntu 20.04 LTS. It was discovered that NSS had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover private data. It was discovered that NSS had a timing side-channel when using certain NIST curves. A remote attacker could possibly use this issue to recover private data. The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.98 which includes the latest CA certificate bundle and other security improvements.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-4421, CVE-2023-5388, CVE-2023-6135
SHA-256 | 98f7aae4d30d1b37976aae71c2f8f3d1c09fb49865d4abec3139169342e9663a
WordPress Playlist For Youtube 1.32 Cross Site Scripting
Posted Apr 12, 2024
Authored by Erdemstar

WordPress Playlist for Youtube plugin version 1.32 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 89bd57c1d15c2fdb70027b10bc188998968404fee02a9c3318c678b99724d195
MinIO Privilege Escalation
Posted Apr 12, 2024
Authored by Jenson Zhao

MinIO versions prior to 2024-01-31T20-20-33Z suffer from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2024-24747
SHA-256 | 1fd596cf1466301a3fd1b25b9e0abbc97d0da47e2d4cbfabb6133bac6cd96055
Red Hat Security Advisory 2024-1795-03
Posted Apr 12, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1795-03 - VolSync v0.9.1 general availability release images, which provide enhancements, security fixes, and updated container images.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-24786
SHA-256 | 2d60e84c0e26e9c6bc3737d447e60a85e24ea8b74de28f75685f3d881499bbd4
Red Hat Security Advisory 2024-1789-03
Posted Apr 12, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1789-03 - An update for bind is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-4408
SHA-256 | 84bd7cf29f31db99a16698c475174af16965a7562a02b0006fce3148054a43e6
Red Hat Security Advisory 2024-1787-03
Posted Apr 12, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1787-03 - An update for squid is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer over-read, denial of service, and null pointer vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2023-46724
SHA-256 | 015523c72701c6b4ebda8d02b7728a2600a97d861a8fdfed0767aa6829228f17
Red Hat Security Advisory 2024-1786-03
Posted Apr 12, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1786-03 - An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2024-27316
SHA-256 | 9838d3362a205bf95b6542e2c2caf6d6b03da8436f7ed6e2cd637f0e92a53504
Red Hat Security Advisory 2024-1785-03
Posted Apr 12, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1785-03 - An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-31080
SHA-256 | 5280c0ce0aabacede5b0b1276745bee4a2e979d670ab34636d588a41a1ba82f3
Red Hat Security Advisory 2024-1784-03
Posted Apr 12, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1784-03 - An update for gnutls is now available for Red Hat Enterprise Linux 8. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-28834
SHA-256 | 3704f7681fcb98c2ef4644550c22ee9b60ac0ce4e8cb4b7e49563fcce13701fd
TOR Virtual Network Tunneling Tool 0.4.8.11
Posted Apr 11, 2024
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.

Changes: This is a minor release mostly to upgrade the fallbackdir list. Worth noting also that directory authority running this version will now automatically reject relays running the end of life 0.4.7.x version.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | 8f2bdf90e63380781235aa7d604e159570f283ecee674670873d8bb7052c8e07
Trimble TM4Web 22.2.0 Privilege Escalation / Access Code Disclosure
Posted Apr 11, 2024
Authored by Clement Cruchet

An access control issue in Trimble TM4Web version 22.2.0 allows unauthenticated attackers to access a specific crafted URL path to retrieve the last registration access code and use this access code to register a valid account. If the access code was used to create an Administrator account, attackers are also able to register new Administrator accounts with full rights and privileges.

tags | exploit
advisories | CVE-2023-27195
SHA-256 | f463a33e91d671de7054018540aff6f6ec53938dedf239b9646be10f49edfccf
Ubuntu Security Notice USN-6727-1
Posted Apr 11, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6727-1 - It was discovered that NSS incorrectly handled padding when checking PKCS#1 certificates. A remote attacker could possibly use this issue to perform Bleichenbacher-like attacks and recover private data. This issue only affected Ubuntu 20.04 LTS. It was discovered that NSS had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover private data.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2023-4421, CVE-2023-5388, CVE-2023-6135
SHA-256 | 2c691be3dfb8ed61396b4eb86ac7b035f8344a516e272f6ffb13c26ac0186bd9
OX App Suite 7.10.6 Cross Site Scripting / Deserialization Issue
Posted Apr 11, 2024
Authored by Martin Heiland

OX App Suite version 7.10.6 suffers from cross site scripting and deserialization vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2023-46604, CVE-2024-23189, CVE-2024-23190, CVE-2024-23191, CVE-2024-23192
SHA-256 | d67b15e5e463386e7b28cf5d7d03eebfcf3f668423493ad7f356fc890f038561
Page 5 of 5,265
Back34567Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close