exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 80,618 RSS Feed

Advisory Files

CentOS Stream 9 Missing Kernel Security Fixes
Posted Mar 21, 2023
Authored by Jann Horn, Google Security Research

The kernel tree of CentOS Stream 9 suffers from multiple use-after-free conditions that were already patched in upstream stable trees.

tags | advisory, kernel
systems | linux, centos
advisories | CVE-2023-0590, CVE-2023-1249, CVE-2023-1252
SHA-256 | a5f94e90c58a4d65e7349c5ac6abff2cbc680f758ae71b7d0bf35a8ec6642057
Red Hat Security Advisory 2023-1336-01
Posted Mar 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1336-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | c7cd62e9be26e368dcce7e0d1976e0a8615ec3f69dfadaf4a6825860dca8fda7
Ubuntu Security Notice USN-5964-1
Posted Mar 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5964-1 - Harry Sintonen discovered that curl incorrectly handled certain TELNET connection options. Due to lack of proper input scrubbing, curl could pass on user name and telnet options to the server as provided, contrary to expectations. Harry Sintonen discovered that curl incorrectly handled special tilde characters when used with SFTP paths. A remote attacker could possibly use this issue to circumvent filtering.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27538
SHA-256 | 7303af9763b09b697c1acbc39214d51f90dd82cd2f8e2e8bd2040d6a4b2ec3e8
Ubuntu Security Notice USN-5963-1
Posted Mar 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5963-1 - It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-47024, CVE-2023-0049, CVE-2023-0051, CVE-2023-0054, CVE-2023-0288, CVE-2023-1264
SHA-256 | 373740425cdce8362111cf4caef765a5938b71e36b30145ab757004e4a8b3cb8
Ubuntu Security Notice USN-5960-1
Posted Mar 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5960-1 - Yebo Cao discovered that Python incorrectly handled certain URLs. An attacker could possibly use this issue to bypass blocklisting methods by supplying a URL that starts with blank characters.

tags | advisory, python
systems | linux, ubuntu
advisories | CVE-2023-24329
SHA-256 | 727432be8aaebcbbf1e8da1308a8110c3c6dc6fb3ff312a8e8e10aae1adc194b
Red Hat Security Advisory 2023-1303-01
Posted Mar 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1303-01 - Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale. Data Grid 7.3.10 replaces Data Grid 7.3.9 and includes security fixes. Issues addressed include code execution and deserialization vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-39144
SHA-256 | c62443ed1f58111e5bcbad07381e2b4e325eed22780a41853e581f1fe837f762
Red Hat Security Advisory 2023-1286-01
Posted Mar 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1286-01 - Migration Toolkit for Runtimes 1.0.2 Images. Issues addressed include denial of service, privilege escalation, and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-46848, CVE-2022-2056, CVE-2022-2057, CVE-2022-2058, CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-2867, CVE-2022-2868, CVE-2022-2869, CVE-2022-2953, CVE-2022-31690, CVE-2022-35737, CVE-2022-40303
SHA-256 | b6aeb9fcd298c51ea745ab2408444b545077335be2e3494910e6f630ad0116c8
Red Hat Security Advisory 2023-1154-01
Posted Mar 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1154-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.54.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-4238, CVE-2022-41717
SHA-256 | 5c596f5a31a4a5aaa0d9da6362e7aedbf2490976e0aa29ed070d1a9470444aba
Red Hat Security Advisory 2023-1285-01
Posted Mar 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1285-01 - Migration Toolkit for Runtimes 1.0.2 ZIP artifacts. Issues addressed include privilege escalation, server-side request forgery, and traversal vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2022-31690, CVE-2022-3782, CVE-2022-46364
SHA-256 | fba0bc9c40f8531e652357bd8a648a346250378dc0b43249ddd4aabace8918a3
Debian Security Advisory 5356-2
Posted Mar 17, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5356-2 - One of the security fixes released as DSA 5356 introduced a regression in the processing of specific WAV files. Updated sox packages are available to correct this issue.

tags | advisory
systems | linux, debian
SHA-256 | e1babfd23fbc696770c5e3ea11e225dd0d9ca59dab909793c30fb2526b1cfa4f
Ubuntu Security Notice USN-5959-1
Posted Mar 17, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5959-1 - It was discovered that Kerberos incorrectly handled memory when processing KDC data, which could lead to a NULL pointer dereference. An attacker could possibly use this issue to cause a denial of service or have other unspecified impacts.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2021-36222
SHA-256 | d9f3d92945cbc3be219bd04ebd7aac3aa31d1cac83d0d62d9ee82f4e45c4d1b0
Ubuntu Security Notice USN-5962-1
Posted Mar 17, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5962-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-3169, CVE-2022-3344, CVE-2022-3435, CVE-2022-3521, CVE-2022-3545, CVE-2022-4139, CVE-2022-4379, CVE-2022-45869, CVE-2022-47518, CVE-2022-47519, CVE-2022-47520, CVE-2022-47521, CVE-2023-0179, CVE-2023-0461
SHA-256 | 564ea90f0a9cb872d9edcccc127c68905719afec80e7f2bbba3ccb3fe0d567d9
Debian Security Advisory 5375-1
Posted Mar 17, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5375-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or spoofing.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, debian
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | 943bb672c5f5a142c518592167667218e9e53d058b0660c6d0458c7636cb77ca
Ubuntu Security Notice USN-5961-1
Posted Mar 17, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5961-1 - It was discovered that abcm2ps incorrectly handled memory when parsing specially crafted ABC files. An attacker could use this issue to cause abcm2ps to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. Chiba of Topsec Alpha Lab discovered that abcm2ps incorrectly handled memory when parsing specially crafted ABC files. An attacker could use this issue to cause abcm2ps to crash, leading to a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-10753, CVE-2021-32435
SHA-256 | b2dd20769972bbb693dff57a5249e0e6efe673b60728f67b614a4ce8f92ba882
Microsoft User Account Control Nuances
Posted Mar 17, 2023
Authored by Stefan Kanthak

This write up is an overview of how Microsoft's attempts to manage elevated access to executables via registry entries has added over complexity that still allows for escalation.

tags | advisory, registry
SHA-256 | b1516a79355be52fa5902480223a989e031dabbe42f666f261b68eb25bbb8331
Ubuntu Security Notice USN-5954-1
Posted Mar 16, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5954-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Lukas Bernhard discovered that Firefox did not properly manage memory when invalidating JIT code while following an iterator. An attacker could potentially exploits this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-25750, CVE-2023-25751, CVE-2023-25752, CVE-2023-28160, CVE-2023-28161, CVE-2023-28162, CVE-2023-28164, CVE-2023-28177
SHA-256 | 9a904798e7771b7468e2663f1514597410be79efd31e38ffa22747567f7a3706
Red Hat Security Advisory 2023-1278-01
Posted Mar 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1278-01 - An update for openstack-nova is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-47951
SHA-256 | 84ce34082ecf15b501d3f5dd5b16dc64a671e600f50f733f68297abfc0d89c00
Debian Security Advisory 5374-1
Posted Mar 16, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5374-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing.

tags | advisory, web, arbitrary, spoof
systems | linux, debian
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | ef900a452c188015da475ec656d55f96626688e7c22638f3904a9534481df7d1
Ubuntu Security Notice USN-5958-1
Posted Mar 16, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5958-1 - It was discovered that FFmpeg could be made to dereference a null pointer. An attacker could possibly use this to cause a denial of service via application crash. These issues only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that FFmpeg could be made to access an out-of-bounds frame by the Apple RPZA encoder. An attacker could possibly use this to cause a denial of service via application crash or access sensitive information. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.10.

tags | advisory, denial of service
systems | linux, apple, ubuntu
advisories | CVE-2022-3109, CVE-2022-3341, CVE-2022-3964, CVE-2022-3965
SHA-256 | b710f29c60cd37296fe80fdbacdb69f11d2246bd09c99140cec31c3ea61c73c5
Red Hat Security Advisory 2023-1277-01
Posted Mar 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1277-01 - An update for openstack-swift is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-47950
SHA-256 | 36644484a5a040c57b80a6074bb74fb811251c415a5cef71c761b1ad092101d5
Ubuntu Security Notice USN-5957-1
Posted Mar 16, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5957-1 - Cody Sixteen discovered that LibreCAD incorrectly handled memory when parsing DXF files. An attacker could use this issue to cause LibreCAD to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. Lilith of Cisco Talos discovered that LibreCAD incorrectly handled memory when parsing DWG files. An attacker could use this issue to cause LibreCAD to crash, leading to a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | cisco, linux, ubuntu
advisories | CVE-2018-19105, CVE-2021-21900, CVE-2021-45341, CVE-2021-45343
SHA-256 | 35b7c93aae7d5f74307e9f519fbae61a8f696262b1f794b5aa9bd13b6f828db7
Red Hat Security Advisory 2023-1275-01
Posted Mar 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1275-01 - An update for etcd is now available for Red Hat OpenStack Platform. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-1705, CVE-2022-27664, CVE-2022-2880, CVE-2022-30629, CVE-2022-30630, CVE-2022-30632, CVE-2022-30635, CVE-2022-3064, CVE-2022-32148, CVE-2022-32189, CVE-2022-41715, CVE-2022-41717
SHA-256 | d066674ef76779d85d203477eb3b6fa620ffdcbf7da90af5ab48dfdcfd299f79
Ubuntu Security Notice USN-5956-1
Posted Mar 16, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5956-1 - Dawid Golunski discovered that PHPMailer was not properly escaping user input data used as arguments to functions executed by the system shell. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. It was discovered that PHPMailer was not properly escaping characters in certain fields of the code_generator.php example code. An attacker could possibly use this issue to conduct cross-site scripting attacks. This issue was only fixed in Ubuntu 16.04 ESM and Ubuntu 18.04 ESM.

tags | advisory, arbitrary, shell, php, xss
systems | linux, ubuntu
advisories | CVE-2016-10033, CVE-2017-11503, CVE-2017-5223, CVE-2018-19296, CVE-2020-13625, CVE-2021-3603
SHA-256 | 222714e4ee696b2603d69df38c77117f2e5b2027b932d6a069bca47f30bd053c
Ubuntu Security Notice USN-5956-2
Posted Mar 16, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5956-2 - USN-5956-1 fixed vulnerabilities in PHPMailer. It was discovered that the fix for CVE-2017-11503 was incomplete. This update fixes the problem. Dawid Golunski discovered that PHPMailer was not properly escaping user input data used as arguments to functions executed by the system shell. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM.

tags | advisory, arbitrary, shell, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-11503, CVE-2017-5223, CVE-2018-19296, CVE-2020-13625, CVE-2021-3603
SHA-256 | 80b3365b80c510d9ed0f8f67ed3b629ab7b2e844952fb217a7a549d591be9150
Ubuntu Security Notice USN-5855-2
Posted Mar 16, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5855-2 - USN-5855-1 fixed a vulnerability in ImageMagick. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause ImageMagick to stop responding, resulting in a denial of service, or possibly obtain the contents of arbitrary files by including them into images.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-44267
SHA-256 | 58d142057396cfff41f3cfe91792056150a83a0fbb85ec3df97fe31bcfa39599
Page 5 of 3,225
Back34567Next

File Archive:

March 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    13 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    31 Files
  • 8
    Mar 8th
    16 Files
  • 9
    Mar 9th
    13 Files
  • 10
    Mar 10th
    9 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    10 Files
  • 14
    Mar 14th
    6 Files
  • 15
    Mar 15th
    17 Files
  • 16
    Mar 16th
    22 Files
  • 17
    Mar 17th
    13 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    16 Files
  • 21
    Mar 21st
    13 Files
  • 22
    Mar 22nd
    5 Files
  • 23
    Mar 23rd
    6 Files
  • 24
    Mar 24th
    47 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    50 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    7 Files
  • 30
    Mar 30th
    31 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close