exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 16,750 RSS Feed

Arbitrary Files

Debian Security Advisory 5702-1
Posted Jun 3, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5702-1 - An integer overflow in the EXIF metadata parsing was discovered in the GStreamer media framework, which may result in denial of service or potentially the execution of arbitrary code if a malformed file is processed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2024-4453
SHA-256 | 49549d83b64002c3eecffa31a3c209c6e5c93494c0d9069cb4e8a66a6873588a
Debian Security Advisory 5701-1
Posted Jun 3, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5701-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2024-5493, CVE-2024-5494, CVE-2024-5495, CVE-2024-5496, CVE-2024-5497, CVE-2024-5498, CVE-2024-5499
SHA-256 | 02fed5c43638fe4ae91ef3bc5445fdecf0491a21def3562d073c512f4e018893
Ubuntu Security Notice USN-6803-1
Posted May 31, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6803-1 - Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 24.04 LTS. Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS.

tags | advisory, denial of service, arbitrary, code execution
systems | linux, ubuntu
advisories | CVE-2023-49501, CVE-2023-49502, CVE-2023-49528, CVE-2023-50007, CVE-2023-50008, CVE-2023-50009, CVE-2023-50010, CVE-2023-51793, CVE-2023-51794, CVE-2024-31578, CVE-2024-31582, CVE-2024-31585
SHA-256 | 791bb40a4c8f9acb0292a309c51863cc9ae4a462faabf1d22932877c8c7196c1
Ubuntu Security Notice USN-6798-1
Posted May 30, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6798-1 - It was discovered that GStreamer Base Plugins incorrectly handled certain EXIF metadata. An attacker could possibly use this issue to execute arbitrary code or cause a crash.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-4453
SHA-256 | 4acac72a3dfe0373fc6b22e1840f610eab5b9380f0c2cfc854223027ec48278c
Ubuntu Security Notice USN-6796-1
Posted May 30, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6796-1 - Fergus Dall discovered that TPM2 Software Stack did not properly handle layer arrays. An attacker could possibly use this issue to cause TPM2 Software Stack to crash, resulting in a denial of service, or possibly execute arbitrary code. Jurgen Repp and Andreas Fuchs discovered that TPM2 Software Stack did not validate the quote data after deserialization. An attacker could generate an arbitrary quote and cause TPM2 Software Stack to have unknown behavior.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-22745, CVE-2024-29040
SHA-256 | dcfbc23cf3c552a9a4744b58987227f1e79944f37c015bfecba48473b02cb673
Ubuntu Security Notice USN-6787-1
Posted May 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6787-1 - It was discovered that Jinja2 incorrectly handled certain HTML attributes that were accepted by the xmlattr filter. An attacker could use this issue to inject arbitrary HTML attribute keys and values to potentially execute a cross-site scripting attack.

tags | advisory, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2024-34064
SHA-256 | 5fb19612eaef3e824fef107b74a6791c85cf91717d71f96ab90d4a98e0def10e
Ubuntu Security Notice USN-6779-2
Posted May 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6779-2 - USN-6779-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Jan-Ivar Bruaroey discovered that Firefox did not properly manage memory when audio input connected with multiple consumers. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. Thomas Rinsma discovered that Firefox did not properly handle type check when handling fonts in PDF.js. An attacker could potentially exploit this issue to execute arbitrary javascript code in PDF.js. Irvan Kurniawan discovered that Firefox did not properly handle certain font styles when saving a page to PDF. An attacker could potentially exploit this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2024-4367, CVE-2024-4764, CVE-2024-4768, CVE-2024-4770, CVE-2024-4774
SHA-256 | 04753870be2f86ad507c1b333e07383bc770d2d1eff3370507f9073d2cd6e5b7
Ubuntu Security Notice USN-6794-1
Posted May 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6794-1 - It was discovered that FRR incorrectly handled certain malformed BGP and OSPF packets. A remote attacker could use this issue to cause FRR to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-31948
SHA-256 | 47ddafe31545f6705925074862290fa2f1508b41ff29eebba6eafeea1205820a
Ubuntu Security Notice USN-6792-1
Posted May 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6792-1 - Naom Moshe discovered that Flask-Security incorrectly validated URLs. An attacker could use this issue to redirect users to arbitrary URLs.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-23385
SHA-256 | dd74e3993d1b111f328d5e0d507173edce5b7ad9ff7ff37d8a2b4b487eda20f7
Ubuntu Security Notice USN-6793-1
Posted May 28, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6793-1 - It was discovered that Git incorrectly handled certain submodules. An attacker could possibly use this issue to execute arbitrary code. This issue was fixed in Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS. It was discovered that Git incorrectly handled certain cloned repositories. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-32002, CVE-2024-32004, CVE-2024-32020, CVE-2024-32021, CVE-2024-32465
SHA-256 | 6663dccf730f5142c551541e6d40fa74ee358fffac9030c6af11f18cc01bddd8
HAWKI 1.0.0-beta.1 XSS / File Overwrite / Session Fixation
Posted May 28, 2024
Authored by Thorger Jansen, Florian Stuhlmann | Site sec-consult.com

HAWKI version 1.0.0-beta.1 before commit 146967f suffers from cross site scripting, arbitrary file overwrite, and session fixation vulnerabilities.

tags | exploit, arbitrary, vulnerability, xss
advisories | CVE-2024-25975, CVE-2024-25976, CVE-2024-25977
SHA-256 | dfca73f84c2fb3bf8edc1b2f48f75be2dbaaae19ce18c9d800d8ca4a7c98f67a
Ubuntu Security Notice USN-6789-1
Posted May 28, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6789-1 - Amel Bouziane-Leblond discovered that LibreOffice incorrectly handled graphic on-click bindings. If a user were tricked into clicking a graphic in a specially crafted document, a remote attacker could possibly run arbitrary script.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-3044
SHA-256 | d3e5b1bd2a39a191a7aebd1d63fd550596fa47d0e63011152637be56aa8bb80b
Ubuntu Security Notice USN-6788-1
Posted May 28, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6788-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2024-27834
SHA-256 | 2ba9114499615625ceec3aef13282d48432167a8d10e47afc3ee65f19e05d3e3
Ubuntu Security Notice USN-6786-1
Posted May 28, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6786-1 - It was discovered that Netatalk did not properly protect an SMB and AFP default configuration. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-22995
SHA-256 | 72fad2b781f8ff2082e13d1a516f5bafad0d167afddfbdab03910defffb10881
Debian Security Advisory 5697-1
Posted May 27, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5697-1 - A security issue was discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. Google is aware that an exploit for CVE-2024-5274 exists in the wild.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2024-5274
SHA-256 | b95760bff73ca523e8064e624e41ac38b2c3c6343a6323e6d07950a7f3418eaf
Debian Security Advisory 5696-1
Posted May 24, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5696-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2024-5157, CVE-2024-5158, CVE-2024-5159, CVE-2024-5160
SHA-256 | b7e3e6cab84dd880e214cab994b2a4b4aaa1f491f9fecc5d21616b41f45961c2
Debian Security Advisory 5695-1
Posted May 24, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5695-1 - Manfred Paul discovered that an attacker with arbitrary read and write capability may be able to bypass Pointer Authentication in the WebKitGTK web engine.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2024-27834
SHA-256 | ebf76abfa0cad06db407a29123e3f9ebdd9cb185b9505b156d444a91fa0c19a9
Ubuntu Security Notice USN-6736-2
Posted May 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6736-2 - USN-6736-1 fixed vulnerabilities in klibc. This update provides the corresponding updates for Ubuntu 24.04 LTS. It was discovered that zlib, vendored in klibc, incorrectly handled pointer arithmetic. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-9840, CVE-2018-25032, CVE-2022-37434
SHA-256 | e52b87abb1cbef1ab680534a984ee5229ded4d8db86d8012fd602d5815e51c14
Ubuntu Security Notice USN-6783-1
Posted May 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6783-1 - It was discovered that VLC incorrectly handled certain media files. A remote attacker could possibly use this issue to cause VLC to crash, resulting in a denial of service, or potential arbitrary code execution.

tags | advisory, remote, denial of service, arbitrary, code execution
systems | linux, ubuntu
advisories | CVE-2023-47359
SHA-256 | 74e3830e001942c2ddc6731929c011b922cbfa41a326dcc195908ced4f0613b9
AVideo WWBNIndex Plugin Unauthenticated Remote Code Execution
Posted May 22, 2024
Authored by Valentin Lobstein | Site metasploit.com

This Metasploit module exploits an unauthenticated remote code execution vulnerability in the WWBNIndex plugin of the AVideo platform. The vulnerability exists within the submitIndex.php file, where user-supplied input is passed directly to the require() function without proper sanitization. By exploiting this, an attacker can leverage the PHP filter chaining technique to execute arbitrary PHP code on the server. This allows for the execution of commands and control over the affected system. The exploit is particularly dangerous because it does not require authentication, making it possible for any remote attacker to exploit this vulnerability.

tags | exploit, remote, arbitrary, php, code execution
advisories | CVE-2024-31819
SHA-256 | 7df90df7e75927e09777170cc36a4823a5062bc6e077056564aea5f7a6ba8b7f
Ubuntu Security Notice USN-6782-1
Posted May 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6782-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Thomas Rinsma discovered that Thunderbird did not properly handle type check when handling fonts in PDF.js. An attacker could potentially exploit this issue to execute arbitrary javascript code in PDF.js.

tags | advisory, denial of service, arbitrary, javascript
systems | linux, ubuntu
advisories | CVE-2024-4367, CVE-2024-4769, CVE-2024-4770, CVE-2024-4777
SHA-256 | 0f0a71c347b975f78289e67052bdd319bc9db3306585631d3361530ff7c998bf
Ubuntu Security Notice USN-6781-1
Posted May 21, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6781-1 - Le Dinh Hai discovered that Spreadsheet::ParseExcel was passing unvalidated input from a file into a string-type "eval". An attacker could craft a malicious file to achieve arbitrary code execution.

tags | advisory, arbitrary, code execution
systems | linux, ubuntu
advisories | CVE-2023-7101
SHA-256 | cbbc9336f0ab4f5ad4b0da404d1fa2f58da1f00404c2dbea318ee4148ecf03b9
Ubuntu Security Notice USN-6779-1
Posted May 21, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6779-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Jan-Ivar Bruaroey discovered that Firefox did not properly manage memory when audio input connected with multiple consumers. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-4367, CVE-2024-4764, CVE-2024-4768, CVE-2024-4769, CVE-2024-4770, CVE-2024-4773, CVE-2024-4774, CVE-2024-4775, CVE-2024-4777
SHA-256 | 4d7400f325f71baca26df6b20cae1eea1678bfef4723ae53fb8cbfd57b547707
Nethserver 7 / 8 Cross Site Scripting
Posted May 21, 2024
Authored by Andrea Intilangelo

The NethServer module installed as WebTop, produced by Sonicle, is affected by a stored cross site scripting vulnerability due to insufficient input sanitization and output escaping which allows an attacker to store a malicious payload as to execute arbitrary web scripts or HTML. Versions 7 and 8 are affected.

tags | exploit, web, arbitrary, xss
advisories | CVE-2024-34058
SHA-256 | 71dee722377e162d1e9feb9e21ad78ba3b875d892287e875ff81e8ff1b5fccf2
Debian Security Advisory 5692-1
Posted May 16, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5692-1 - Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2023-52722, CVE-2024-29510, CVE-2024-33869, CVE-2024-33870, CVE-2024-33871
SHA-256 | d4f4dc76a1241a4665b63dcd5061cf042887c11d7880776417f4ea5db16cca29
Page 2 of 670
Back12345Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close