what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 16,067 RSS Feed

Arbitrary Files

Codigo Markdown Editor 1.0.1 Code Execution
Posted May 5, 2023
Authored by 8bitsec

Codigo Markdown Editor version 1.0.1 suffers from an arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
SHA-256 | e036d89c3ecf5c617ea1d50911657f4a70e420ed7eac57799cd3558f92a046ea
Debian Security Advisory 5398-1
Posted May 5, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5398-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2023-2459, CVE-2023-2460, CVE-2023-2461, CVE-2023-2462, CVE-2023-2463, CVE-2023-2464, CVE-2023-2465, CVE-2023-2466, CVE-2023-2467, CVE-2023-2468
SHA-256 | ee38b91484a2e9da0e6d235cdab8756535ecf5dc0dbec326bcf55aab4a9aae7a
Ubuntu Security Notice USN-6057-1
Posted May 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6057-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-4129, CVE-2022-47929, CVE-2022-4842, CVE-2023-0386, CVE-2023-0394, CVE-2023-1073, CVE-2023-1074, CVE-2023-1281, CVE-2023-1652, CVE-2023-26545
SHA-256 | 040f1d117d95311a74a29ff7b24fcda0c036e35e0b140bebc5c6fe078bee84e0
Jedox 2020.2.5 Groovy-Scripts Remote Code Execution
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

The Jedox Integrator in Jedox version 2020.2.5 allows remote authenticated users to create Jobs to execute arbitrary code via Groovy-scripts.

tags | exploit, remote, arbitrary
advisories | CVE-2022-47876
SHA-256 | 8065e4e78250d240608b08aca1a8685e42ececaa25eca5af679674be330ecc23
Jedox 2020.2.5 Cross Site Scripting
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

Jedox version 2020.2.5 has a persistent cross site scripting vulnerability that allows remote authenticated users to inject arbitrary web scripts or HTML in the logs page via the log module.

tags | exploit, remote, web, arbitrary, xss
advisories | CVE-2022-47877
SHA-256 | 5164b7a5306b238573d253d40ef2fa647e9a36ad1421e0ef98c89b532a85fe01
Jedox 2022.4.2 Directory Traversal / Remote Code Execution
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

Jedox version 2022.4.2 has a directory traversal vulnerability in /be/erpc.php allows remote authenticated users to execute arbitrary code.

tags | exploit, remote, arbitrary, php, file inclusion
advisories | CVE-2022-47875
SHA-256 | c9cad2fb718763533c5af806ca3b6ce9f045e040593ca5a0ad42e98f36535634
Jedox 2022.4.2 RPC Interface Remote Code Execution
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

Jedox version 2022.4.2 has a vulnerability in /be/rpc.php and /be/erpc.php that allows remote authenticated users to load arbitrary PHP classes from the rtn directory and to execute its methods.

tags | exploit, remote, arbitrary, php
advisories | CVE-2022-47879
SHA-256 | ccf211f35f6efc1e74056a425e818939d4b997eb3c43d2de782f50e9ba9d5712
Debian Security Advisory 5397-1
Posted May 3, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5397-1 - Vulnerabilities have been discovered in the WebKitGTK web engine. Luan Herrera discovered that an HTML document may be able to render iframes with sensitive user information. P1umer and Q1IQ discovered that processing maliciously crafted web content may lead to arbitrary code execution. An anonymous researcher discovered that processing maliciously crafted web content may bypass Same Origin Policy. An anonymous researcher discovered that a website may be able to track sensitive user information. Clement Lecigne and Donncha O Cearbhaill discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

tags | advisory, web, arbitrary, vulnerability, code execution
systems | linux, debian, apple
advisories | CVE-2022-0108, CVE-2022-32885, CVE-2023-27932, CVE-2023-27954, CVE-2023-28205
SHA-256 | 906c82aa33e2a5d3a615396adfc2c3297efa50d485469f517e5f3d4abec2f097
Gentoo Linux Security Advisory 202305-23
Posted May 3, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202305-23 - Multiple vulnerabilities have been discovered in Lua, the worst of which could result in arbitrary code execution.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2014-5461, CVE-2021-44647, CVE-2022-28805
SHA-256 | 00aefb3377c44926da8759cd1d9a0caff52ef4beac1d0f7f4a215d7820e9e283
Gentoo Linux Security Advisory 202305-18
Posted May 3, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202305-18 - Multiple vulnerabilities have been found in libsdl2, the worst of which could result in arbitrary code execution. Versions less than 2.26.0 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2021-33657, CVE-2022-4743
SHA-256 | 329099e77e1155de31ad66371529080c5715465d8e090924f3aba8938512f75b
Gentoo Linux Security Advisory 202305-17
Posted May 3, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202305-17 - Multiple vulnerabilities have been found in libsdl, the worst of which could result in arbitrary code execution. Versions less than 1.2.15_p20221201>= are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2019-13616, CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7638, CVE-2021-33657, CVE-2022-34568
SHA-256 | f88cbbf99497c62f630186c9fc9b3387da4a2cc7bd86fcd3e2435a35d63ff6ff
Debian Security Advisory 5396-1
Posted May 3, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5396-1 - Vulnerabilities have been discovered in the WebKitGTK web engine. Luan Herrera discovered that an HTML document may be able to render iframes with sensitive user information. P1umer and Q1IQ discovered that processing maliciously crafted web content may lead to arbitrary code execution. An anonymous researcher discovered that processing maliciously crafted web content may bypass Same Origin Policy. Clement Lecigne and Donncha O Cearbhaill discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

tags | advisory, web, arbitrary, vulnerability, code execution
systems | linux, debian, apple
advisories | CVE-2022-0108, CVE-2022-32885, CVE-2023-27932, CVE-2023-27954, CVE-2023-28205
SHA-256 | caa6ba8a7c6d999f37d1121df65a4754aa4c306b9a151b6edb8be86f9d9c9467
Gentoo Linux Security Advisory 202305-06
Posted May 3, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202305-6 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. Versions less than 102.7.0:esr are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2022-46871, CVE-2022-46872, CVE-2022-46873, CVE-2022-46874, CVE-2022-46875, CVE-2022-46877, CVE-2022-46878, CVE-2022-46879, CVE-2022-46880, CVE-2022-46881, CVE-2022-46882, CVE-2023-23597, CVE-2023-23598, CVE-2023-23599
SHA-256 | 3746ac6148cfdb063da8214b3525df9bb561fb7e0f7f70c9b0620ce82a045329
Gentoo Linux Security Advisory 202305-02
Posted May 3, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202305-2 - Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.

tags | advisory, arbitrary, vulnerability, code execution, python
systems | linux, gentoo
advisories | CVE-2015-20107, CVE-2021-28363, CVE-2021-28861, CVE-2021-29921, CVE-2021-3654, CVE-2022-0391, CVE-2022-37454, CVE-2022-42919, CVE-2022-45061
SHA-256 | 641b7206ae708be2456ced27dc11f8f77c8d01d6eb97ee4f516c3e6799b4e0ad
Debian Security Advisory 5394-1
Posted May 1, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5394-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2022-3109
SHA-256 | 7c593ae98e568ffa42c0e654714ca6a0478520b206d50511ae16e3d37a3b2919
Ubuntu Security Notice USN-6051-1
Posted May 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6051-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for thisCVE, kernel support for the TCINDEX classifier has been removed. It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1829, CVE-2023-1872
SHA-256 | 8f3d3ba695803e924025f809e81f937f6354a99d3974142526b46598df33475c
Ubuntu Security Notice USN-6050-1
Posted May 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6050-1 - It was discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwriting some paths. Maxime Escourbiac and Yassine BENGANA discovered that Git incorrectly handled some gettext machinery. An attacker could possibly use this issue to allows the malicious placement of crafted messages. Andre Baptista and Vitor Pinho discovered that Git incorrectly handled certain configurations. An attacker could possibly use this issue to arbitrary configuration injection.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-25652, CVE-2023-25815, CVE-2023-29007
SHA-256 | 2fe94ad0f659c0d3f64d2d232c14f2698dfebe3cc57764cdf1c493b0eb6608b9
Ubuntu Security Notice USN-6045-1
Posted Apr 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6045-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-3586, CVE-2022-4095, CVE-2023-1390, CVE-2023-1670, CVE-2023-1829
SHA-256 | 7f4964a8bbfe00a994ffc5a23ff5b019eb9dba86de5a26b1c7231f029cb97ab6
Ubuntu Security Notice USN-6044-1
Posted Apr 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6044-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1829, CVE-2023-1872
SHA-256 | 5b839e06eac533ee8f931c1c5769d4b8cd6ee8129c976f2954f2bcb6042ef741
Ubuntu Security Notice USN-6017-2
Posted Apr 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6017-2 - USN-6017-1 fixed vulnerabilities in Ghostscript. This update provides the corresponding updates for Ubuntu 23.04. Hadrien Perrineau discovered that Ghostscript incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-28879
SHA-256 | 5fdcd4372554a29fabe2932c2cce62f872a1a9eed160f0089423240348d4714a
Ubuntu Security Notice USN-6010-3
Posted Apr 26, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6010-3 - USN-6010-1 fixed vulnerabilities and USN-6010-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage fullscreen notifications using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. An attacker could potentially exploit this issue to perform spoofing attacks. Lukas Bernhard discovered that Firefox did not properly manage memory when doing Garbage Collector compaction. An attacker could potentially exploits this issue to cause a denial of service. Zx from qriousec discovered that Firefox did not properly validate the address to free a pointer provided to the memory manager. An attacker could potentially exploits this issue to cause a denial of service. Alexis aka zoracon discovered that Firefox did not properly validate the URI received by the WebExtension during a load request. An attacker could potentially exploits this to obtain sensitive information. Trung Pham discovered that Firefox did not properly validate the filename directive in the Content-Disposition header. An attacker could possibly exploit this to perform reflected file download attacks potentially tricking users to install malware. Ameen Basha M K discovered that Firefox did not properly validate downloads of files ending in .desktop. An attacker could potentially exploits this issue to execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-29533, CVE-2023-29535, CVE-2023-29536, CVE-2023-29538, CVE-2023-29539, CVE-2023-29540, CVE-2023-29541, CVE-2023-29548
SHA-256 | 28a0d5910e512b4af6cca1c5d9dce55d15bf50d2e6d7a0ad119fdafd23d0ddad
Ubuntu Security Notice USN-6040-1
Posted Apr 25, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6040-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-4129, CVE-2022-47929, CVE-2022-4842, CVE-2023-0386, CVE-2023-0394, CVE-2023-1073, CVE-2023-1074, CVE-2023-1281, CVE-2023-1652, CVE-2023-26545
SHA-256 | 26dff9542ab0bc55ce32713143c92728543d90f446c699eee6688caf98c1678e
Debian Security Advisory 5393-1
Posted Apr 24, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5393-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2023-2133, CVE-2023-2134, CVE-2023-2135, CVE-2023-2136, CVE-2023-2137
SHA-256 | e3a2157c393645dfb393ee9ad3917dc59ae65410313a1f4480e733e61b4fbe63
Debian Security Advisory 5392-1
Posted Apr 24, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5392-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2023-0547, CVE-2023-1945, CVE-2023-28427, CVE-2023-29479, CVE-2023-29533, CVE-2023-29535, CVE-2023-29536, CVE-2023-29539, CVE-2023-29541, CVE-2023-29548, CVE-2023-29550
SHA-256 | a28b033ae410bc6d9bd3b9c6566cf7c268e4507f95d5a5fb3e772a6768ba4739
Ubuntu Security Notice USN-6035-1
Posted Apr 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6035-1 - It was discovered that KAuth incorrectly handled some configuration parameters with specially crafted arbitrary types. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-7443
SHA-256 | db7160bf3cf4b1beb0b7a9ece362aeac816a613c2c1412b77b7be0e28b5aae24
Page 4 of 643
Back23456Next

File Archive:

June 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    18 Files
  • 2
    Jun 2nd
    13 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    32 Files
  • 6
    Jun 6th
    39 Files
  • 7
    Jun 7th
    22 Files
  • 8
    Jun 8th
    17 Files
  • 9
    Jun 9th
    20 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close