exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 32,498 RSS Feed

Vulnerability Files

Red Hat Security Advisory 2024-1328-03
Posted Mar 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1328-03 - Red Hat Advanced Cluster Management for Kubernetes 2.9.3 General Availability release images, which fix bugs and update container images. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2023-45142
SHA-256 | f6f85471c9a907c483cc77c26bf19a3950c25f78d7dd2e8e2bad198d0735c06b
Debian Security Advisory 5640-1
Posted Mar 15, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5640-1 - Two vulnerabilities were discovered in Open vSwitch, a software-based Ethernet virtual switch, which could result in a bypass of OpenFlow rules or denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2023-3966, CVE-2023-5366
SHA-256 | ee33fda52165e0797d00ba28edf1c0746142b6af8db3080011d86af844a64baa
Membership Management System 1.0 SQL Injection / Shell Upload
Posted Mar 15, 2024
Authored by SoSPiro

Membership Management System version 1.0 suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
SHA-256 | bafbc2c7895ab97a3d57de482862b676a744678a894f6abb9103ae63f21b01a1
Ubuntu Security Notice USN-6587-5
Posted Mar 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6587-5 - USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the RRChangeOutputProperty and RRChangeProviderProperty APIs. An attacker could possibly use this issue to cause the X Server to crash, or obtain sensitive information.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-6478, CVE-2023-6816, CVE-2024-0229, CVE-2024-0408, CVE-2024-0409, CVE-2024-21885, CVE-2024-21886
SHA-256 | 9f02a5fba82a37e9433c20a481152b829c57eaf4483d36e161436fe7547bf8f0
Apple Security Advisory 03-12-2024-1
Posted Mar 14, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 03-12-2024-1 - GarageBand 10.4.11 addresses code execution and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2024-23300
SHA-256 | cf1feda0632734f3eac97a03cb231aca57c5c2445e35cdacbbac27e26d43b080
Apple Security Advisory 03-07-2024-7
Posted Mar 14, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 03-07-2024-7 - visionOS 1.1 addresses buffer overflow, bypass, code execution, and out of bounds read vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2024-23220, CVE-2024-23225, CVE-2024-23226, CVE-2024-23235, CVE-2024-23246, CVE-2024-23254, CVE-2024-23257, CVE-2024-23258, CVE-2024-23262, CVE-2024-23263, CVE-2024-23264, CVE-2024-23265, CVE-2024-23284, CVE-2024-23286
SHA-256 | bb37d3d885c05665df5e0348f90e65516bd9024d109db00efe75183960a1ab40
Apple Security Advisory 03-07-2024-6
Posted Mar 14, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2022-48554, CVE-2024-0258, CVE-2024-23225, CVE-2024-23226, CVE-2024-23235, CVE-2024-23239, CVE-2024-23241, CVE-2024-23246, CVE-2024-23250, CVE-2024-23254, CVE-2024-23263, CVE-2024-23264, CVE-2024-23265, CVE-2024-23270
SHA-256 | 75dbd070cadb95c190fb2c3e720880078476efddd8b02e812bc1c594dfa6e86f
Apple Security Advisory 03-07-2024-5
Posted Mar 14, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 03-07-2024-5 - watchOS 10.4 addresses buffer overflow, bypass, and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2022-48554, CVE-2024-0258, CVE-2024-23225, CVE-2024-23226, CVE-2024-23231, CVE-2024-23235, CVE-2024-23239, CVE-2024-23246, CVE-2024-23250, CVE-2024-23254, CVE-2024-23263, CVE-2024-23265, CVE-2024-23278, CVE-2024-23280
SHA-256 | 6df43170bd5fc352fd321acd5fe231d753158fd667fcbe6941a1ccefd16eb11a
Apple Security Advisory 03-07-2024-4
Posted Mar 14, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 03-07-2024-4 - macOS Monterey 12.7.4 addresses buffer overflow, bypass, code execution, and out of bounds write vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2023-28826, CVE-2024-23201, CVE-2024-23204, CVE-2024-23216, CVE-2024-23218, CVE-2024-23225, CVE-2024-23227, CVE-2024-23230, CVE-2024-23234, CVE-2024-23244, CVE-2024-23245, CVE-2024-23247, CVE-2024-23257, CVE-2024-23264
SHA-256 | 6d34d98987ed9e7f5bc383bd22eb781faef984e2518dc2398e1701abcb1cdd3b
Red Hat Security Advisory 2024-1323-03
Posted Mar 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1323-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2022-42896
SHA-256 | 9a06e0eca6d55f4737c53093f73634c651394734ef1e9e0d5c554986987a9199
Red Hat Security Advisory 2024-1306-03
Posted Mar 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1306-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include memory exhaustion, null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-0480
SHA-256 | 918586fe8c14e3f2f628a7b762630d87f80c4a3f3463279d073ae350dd8596f4
Apple Security Advisory 03-07-2024-3
Posted Mar 14, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 03-07-2024-3 - macOS Ventura 13.6.5 addresses buffer overflow, bypass, code execution, and out of bounds write vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2023-28826, CVE-2024-23201, CVE-2024-23203, CVE-2024-23204, CVE-2024-23216, CVE-2024-23217, CVE-2024-23218, CVE-2024-23225, CVE-2024-23227, CVE-2024-23230, CVE-2024-23231, CVE-2024-23234, CVE-2024-23245, CVE-2024-23247
SHA-256 | a73a9b93cfdd3db0327dd1d8307d169f4dba16169f4b090abd5020a3d9a70efe
Apple Security Advisory 03-07-2024-2
Posted Mar 14, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 03-07-2024-2 - macOS Sonoma 14.4 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability, code execution
systems | apple
advisories | CVE-2022-42816, CVE-2022-48554, CVE-2023-42853, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-0258, CVE-2024-23205, CVE-2024-23216, CVE-2024-23225, CVE-2024-23226, CVE-2024-23227, CVE-2024-23230, CVE-2024-23231
SHA-256 | 29c509ba93a9dc40af758aca80410a21c8239c2a3c115bac3d2acd0e1e6deea5
Apple Security Advisory 03-07-2024-1
Posted Mar 14, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 03-07-2024-1 - Safari 17.4 addresses denial of service, data exfiltration, and missing authentication vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | apple
advisories | CVE-2024-23252, CVE-2024-23254, CVE-2024-23263, CVE-2024-23273, CVE-2024-23280, CVE-2024-23284
SHA-256 | 5bc0c85ddeab13d91cebaf39fefae7e5434a1407a66d5df1287ec20e5148e936
Apple Security Advisory 03-05-2024-1
Posted Mar 14, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 03-05-2024-1 - iOS 17.4 and iPadOS 17.4 addresses bypass vulnerabilities.

tags | advisory, vulnerability
systems | apple, ios
advisories | CVE-2024-23225, CVE-2024-23243, CVE-2024-23256, CVE-2024-23296
SHA-256 | cbc9275ed4bed87b1bfd7c0e5e76fb3237d40785b4580fdd1ac1b0c19e68baf4
GhostRace: Exploiting And Mitigating Speculative Race Conditions
Posted Mar 13, 2024
Authored by Cristiano Giuffrida, Anil Kurmus, Hany Ragab, Andrea Mambretti | Site download.vusec.net

Race conditions arise when multiple threads attempt to access a shared resource without proper synchronization, often leading to vulnerabilities such as concurrent use-after-free. To mitigate their occurrence, operating systems rely on synchronization primitives such as mutexes, spinlocks, etc. In this paper, the authors present GhostRace, the first security analysis of these primitives on speculatively executed code paths. Their key finding is that all the common synchronization primitives can be microarchitecturally bypassed on speculative paths, turning all architecturally race-free critical regions into Speculative Race Conditions (SRCs).

tags | paper, vulnerability
advisories | CVE-2024-2193
SHA-256 | e0d3a753ac273a430c317cd67e808c20b6cdd914b31b24e71450d5fb4ad420af
Stealing Part Of A Production Language Model
Posted Mar 13, 2024
Authored by David Rolnick, Jonathan Hayase, Eric Wallace, Nicholas Carlini, Arthur Conmy, Thomas Steinke, Matthew Jagielski, Florian Tramer, Krishnamurthy Dvijotham, Daniel Paleka, Katherine Lee, Milad Nasr, A. Feder Cooper

In this whitepaper, the authors introduce the first model-stealing attack that extracts precise, nontrivial information from black-box production language models like OpenAI's ChatGPT or Google's PaLM-2. Specifically, their attack recovers the embedding projection layer (up to symmetries) of a transformer model, given typical API access. For under $20 USD, their attack extracts the entire projection matrix of OpenAI's ada and babbage language models. They thereby confirm, for the first time, that these black-box models have a hidden dimension of 1024 and 2048, respectively. They also recover the exact hidden dimension size of the gpt-3.5-turbo model, and estimate it would cost under $2,000 in queries to recover the entire projection matrix. They conclude with potential defenses and mitigations, and discuss the implications of possible future work that could extend this attack.

tags | exploit, paper, vulnerability
SHA-256 | 35bb26fb1fe58d91b595fbecc219b129076e6cc3ae746288dc27c6fa0d128e6a
Red Hat Security Advisory 2024-1278-03
Posted Mar 13, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1278-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2023-3390
SHA-256 | 6b2284d02c2f3fc32bd487fd3f167763e2d294ff66de903a129316872db1929b
Ubuntu Security Notice USN-6656-2
Posted Mar 12, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6656-2 - USN-6656-1 fixed several vulnerabilities in PostgreSQL. This update provides the corresponding updates for Ubuntu 16.04 LTS It was discovered that PostgreSQL incorrectly handled dropping privileges when handling REFRESH MATERIALIZED VIEW CONCURRENTLY commands. If a user or automatic system were tricked into running a specially crafted command, a remote attacker could possibly use this issue to execute arbitrary SQL functions.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2024-0985
SHA-256 | f45b11c7e2648a6365c7c0c4a04b1f4fe6c6106dd3b6d76e794be3a2d298a00a
Red Hat Security Advisory 2024-1269-03
Posted Mar 12, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1269-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Issues addressed include null pointer, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-3545
SHA-256 | 0dca2b95d83f2e06fcd70d43d60fe031ceb4425e7cba49254273efdce77b6b5f
Red Hat Security Advisory 2024-1268-03
Posted Mar 12, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1268-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Issues addressed include null pointer, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-3545
SHA-256 | a345f643b8091f2ef476dc55be42211ec4686a71622f968e79555da9a6b7b6f0
Red Hat Security Advisory 2024-1253-03
Posted Mar 12, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1253-03 - An update for kpatch-patch-5_14_0-70_64_1, kpatch-patch-5_14_0-70_70_1, kpatch-patch-5_14_0-70_75_1, kpatch-patch-5_14_0-70_80_1, and kpatch-patch-5_14_0-70_85_1 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2023-2163
SHA-256 | 617ece46c41b05791b1be764d0835032147659b14ce52b66d5869faff9182db3
Red Hat Security Advisory 2024-1250-03
Posted Mar 12, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1250-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include memory exhaustion, null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-0480
SHA-256 | 1a8fb1156681ea9fffde120cc80c4918fc32db13b323665272dc5e45827f8bb9
Red Hat Security Advisory 2024-1248-03
Posted Mar 12, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1248-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include null pointer, out of bounds access, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2023-4244
SHA-256 | e8cee96a94ad07c9429b0bfe0fc3b41b26d6aecb31ef509f3a03f7021e1d0f40
Debian Security Advisory 5637-1
Posted Mar 8, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5637-1 - Several security vulnerabilities have been discovered in Squid, a full featured web proxy cache. Due to programming errors in Squid's HTTP request parsing, remote attackers may be able to execute a denial of service attack by sending large X-Forwarded-For header or trigger a stack buffer overflow while performing HTTP Digest authentication. Other issues facilitate request smuggling past a firewall or a denial of service against Squid's Helper process management.

tags | advisory, remote, web, denial of service, overflow, vulnerability
systems | linux, debian
advisories | CVE-2023-46724, CVE-2023-46846, CVE-2023-46847, CVE-2023-46848, CVE-2023-49285, CVE-2023-49286, CVE-2023-50269, CVE-2024-23638, CVE-2024-25111, CVE-2024-25617
SHA-256 | a79ef3e7a5505aef83c8e1d9026a34f64acecaa9ccd3e41b225ac5500d8a96e7
Page 1 of 1,300
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close