exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 55 RSS Feed

Files

GZ Appointment Scheduling 1.8 Cross Site Scripting
Posted Jun 30, 2023
Authored by CraCkEr

GZ Appointment Scheduling version 1.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 199d4e134ffc8bf451bf7d9a9a76e51f074673a986dd081a509653edf98f9898

Related Files

Debian Security Advisory 5609-1
Posted Jan 29, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5609-1 - Several vulnerabilities were discovered in the Slurm Workload Manager, a cluster resource management and job scheduling system, which may result in privilege escalation, denial of service, bypass of message hash checks or opening files with an incorrect set of extended groups.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2023-49933, CVE-2023-49936, CVE-2023-49937, CVE-2023-49938
SHA-256 | f57d906dddf94852997ecaf61e4354f8e39782336cb81672d34166c0cb2789b8
Debian Security Advisory 5529-1
Posted Oct 18, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5529-1 - Francois Diakhate discovered that several race conditions in file processing of the Simple Linux Utility for Resource Management (SLURM), a cluster resource management and job scheduling system, could result in denial of service by overwriting arbitrary files.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2023-41914
SHA-256 | 2cab2219e1844c1e5042a5b8b60c052e98d2ea56538c5e952de91f15a9d11ad3
Ubuntu Security Notice USN-6223-1
Posted Jul 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6223-1 - It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service. It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1670, CVE-2023-1859, CVE-2023-1998, CVE-2023-25012, CVE-2023-2985, CVE-2023-35788
SHA-256 | 6734417eac361fe013105bbc41e89886a385309d8bc7bdc98d05b21ba8977cd8
Ubuntu Security Notice USN-6207-1
Posted Jul 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6207-1 - It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service. It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1670, CVE-2023-1859, CVE-2023-1998, CVE-2023-25012, CVE-2023-2985
SHA-256 | 078d5bcad96bf9c3bb2527dc64d2f00742ddc07203c5630cbb8b66d7899217b6
Ubuntu Security Notice USN-6185-1
Posted Jun 23, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6185-1 - It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service. It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1670, CVE-2023-1859, CVE-2023-1998, CVE-2023-25012, CVE-2023-2985
SHA-256 | be2e9478a6761c035541dad4eff6b7f5f36c9c99263510c8055de1ab00fac4e0
Ubuntu Security Notice USN-6172-1
Posted Jun 19, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6172-1 - It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service. It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1670, CVE-2023-1859, CVE-2023-1998, CVE-2023-25012, CVE-2023-2985
SHA-256 | 330cba8aaf905bebf41e6a80a4c8a1cb8e157b85a9c041a2105319a7b2000420
Ubuntu Security Notice USN-6045-1
Posted Apr 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6045-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-3586, CVE-2022-4095, CVE-2023-1390, CVE-2023-1670, CVE-2023-1829
SHA-256 | 7f4964a8bbfe00a994ffc5a23ff5b019eb9dba86de5a26b1c7231f029cb97ab6
Debian Security Advisory 5166-1
Posted Jun 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5166-1 - Two security issues were discovered in the Simple Linux Utility for Resource Management (SLURM), a cluster resource management and job scheduling system, which could result in privilege escalation.

tags | advisory
systems | linux, debian
advisories | CVE-2022-29500, CVE-2022-29501
SHA-256 | 214a6a00f3b7b0c70bbfe43be16de469e5b02c90f56dca397ed39c280613611c
Ubuntu Security Notice USN-5484-1
Posted Jun 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5484-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-39713, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-21499
SHA-256 | 6ec0ae0395c19c7e5a1cccd288c838331c898658993f20553714a1b880f284f3
Kernel Live Patch Security Notice LSN-0086-1
Posted Jun 3, 2022
Authored by Benjamin M. Romer

It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2021-39713, CVE-2022-0492, CVE-2022-1055, CVE-2022-1116, CVE-2022-21499, CVE-2022-29581, CVE-2022-30594
SHA-256 | d764344ffd074691e5125e0c7ecb9972329d587b004cdad9acfe1fafabfb0253
Ubuntu Security Notice USN-5443-2
Posted Jun 1, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5443-2 - Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code. Jann Horn discovered that the Linux kernel did not properly enforce seccomp restrictions in some situations. A local attacker could use this to bypass intended seccomp sandbox restrictions.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-29581, CVE-2022-30594
SHA-256 | d9db3c4379a58440851b2d6e71caae3d47d27c20b77c8e1811ef18f4fc1efaf6
Ubuntu Security Notice USN-5442-2
Posted Jun 1, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5442-2 - Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code. Bing-Jhong Billy Jheng discovered that the io_uring subsystem in the Linux kernel contained in integer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-1116, CVE-2022-29581, CVE-2022-30594
SHA-256 | 5632e668ad026b3cc2fecc2e4439dd6df764ced86921dd64641d8fd7bcfcf72c
Ubuntu Security Notice USN-5413-1
Posted May 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5413-1 - Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service. It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-27820, CVE-2021-39713, CVE-2021-4157, CVE-2022-26490, CVE-2022-27223, CVE-2022-28390
SHA-256 | 91244b1f084946d306199917a00cb07c4faa804148fb749c2918a68baf634f4c
SMASH: Synchronized Many-Sided Rowhammer Attacks From JavaScript
Posted Apr 15, 2021
Authored by Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Pietro Frigo, Emanuele Vannacci, Finn de Ridder

In this paper, the authors show that under realistic assumptions, it is indeed possible to bypass TRR directly from JavaScript, allowing attackers to exploit the resurfaced Rowhammer bug inside the browser. In addition, their analysis reveals new requirements for practical TRR evasion. For instance, they discovered that activating many rows in rapid succession as shown in TRRespass may not always be sufficient to produce bit flips. The scheduling of DRAM accesses also plays an important role.

tags | paper, javascript
SHA-256 | 47dfe422ce30e7bc84f40aade82f759d07d143dca97cf56e443b984812de680a
Debian Security Advisory 4841-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4841-1 - Multiple security issues were discovered in the Simple Linux Utility for Resource Management (SLURM), a cluster resource management and job scheduling system, which could result in denial of service, information disclosure or privilege escalation.

tags | advisory, denial of service, info disclosure
systems | linux, debian
advisories | CVE-2019-19728, CVE-2020-12693, CVE-2020-27745, CVE-2020-27746
SHA-256 | 712ed599fc20ba013e1934a61707706f7641e32e87a2fb01164d581a781f4383
Class Scheduling System 1.0 Cross Site Scripting
Posted Dec 23, 2020
Authored by Aakash Madaan

Class Scheduling System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | adbb192a182c5be01024e5377112931a76283874d7ee2370350f93a0aa3d9cd1
School Faculty Scheduling System 1.0 SQL Injection
Posted Oct 21, 2020
Authored by Jyotsna Adhana

School Faculty Scheduling System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 7f7430970e932d434b301925cd6542b96ae4108450f192f06b87e005ffef1397
School Faculty Scheduling System 1.0 Cross Site Scripting
Posted Oct 21, 2020
Authored by Jyotsna Adhana

School Faculty Scheduling System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 5b0e209318f5530eaa84ee220a3be30ef6be875921a5e5021415a5b002e43403
Microsoft Windows Update Orchestrator Unchecked ScheduleWork Call
Posted Sep 28, 2020
Authored by Imre Rad, bwatters-r7 | Site metasploit.com

This Metasploit module exploit uses access to the UniversalOrchestrator ScheduleWork API call which does not verify the caller's token before scheduling a job to be run as SYSTEM. You cannot schedule something in a given time, so the payload will execute as system sometime in the next 24 hours.

tags | exploit
advisories | CVE-2020-1313
SHA-256 | 3a60a69dcbeb7de997adcc7d739647b41b00df07ef99e3f346dd78c5b1f47616
Online Scheduling System 1.0 SQL Injection
Posted May 5, 2020
Authored by Saurav Shukla

Online Scheduling System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | dc5060d71e3f7fb1f8c315318ca1895b5a004b130bbb3ec0aaac2da96e3d3f46
Online Scheduling System 1.0 Authentication Bypass
Posted Apr 30, 2020
Authored by Bobby Cooke

Online Scheduling System version 1.0 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | 6afcc5b0051b6eec0e838842890ca8ab551609a47811313dd84cb767b3e02fed
Online Scheduling System 1.0 Cross Site Scripting
Posted Apr 30, 2020
Authored by Bobby Cooke

Online Scheduling System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 872919a2779e6e04e5d200971fb18ef5498c54070aaccf8201ff0a606608bc9c
Debian Security Advisory 4572-1
Posted Nov 19, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4572-1 - It was discovered in the Simple Linux Utility for Resource Management (SLURM), a cluster resource management and job scheduling system did not escape strings when importing an archive file into the accounting_storage/mysql backend, resulting in SQL injection.

tags | advisory, sql injection
systems | linux, debian
advisories | CVE-2019-12838
SHA-256 | e9226c014af9aa261f4daad658cd75a20880c2eabb13a35490a1760bf6a03212
Red Hat Security Advisory 2019-2505-01
Posted Aug 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2505-01 - ironic-inspector is an auxiliary service for discovering hardware properties for a node managed by Ironic. Hardware introspection or hardware properties discovery is a process of getting hardware parameters required for scheduling from a bare metal node, given its power management credentials. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
systems | linux, redhat
advisories | CVE-2019-10141
SHA-256 | 4834e9f0cab4a596b4f82c32a8052d425f6d9f6012fe0735cc713d5a7c11fb05
Red Hat Security Advisory 2019-1734-01
Posted Jul 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1734-01 - ironic-inspector is an auxiliary service for discovering hardware properties for a node managed by Ironic. Hardware introspection or hardware properties discovery is a process of getting hardware parameters required for scheduling from a bare metal node, given its power management credentials. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
systems | linux, redhat
advisories | CVE-2019-10141
SHA-256 | 5ad7434852adabb2b9f281bafc8e320ccd293f08775c1f1ce6667380ef125404
Page 1 of 3
Back123Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    34 Files
  • 28
    Feb 28th
    27 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close