exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 9,946 RSS Feed

Web Files

Ubuntu Security Notice USN-6813-1
Posted Jun 6, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6813-1 - It was discovered that the Hotspot component of OpenJDK 21 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJDK 21 incorrectly performed reverse DNS query under certain circumstances in the Networking/HTTP client component. An attacker could possibly use this issue to obtain sensitive information.

tags | advisory, web, denial of service
systems | linux, ubuntu
advisories | CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21094
SHA-256 | 6e92f7b3b851a83ed6cc28570888c52ba58f3635231d02a4b6a4f1aa80e5b490
Debian Security Advisory 5705-1
Posted Jun 6, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5705-1 - A use-after-free was discovered in tinyproxy, a lightweight, non-caching, optionally anonymizing HTTP proxy, which could result in denial of service.

tags | advisory, web, denial of service
systems | linux, debian
advisories | CVE-2023-49606
SHA-256 | f34f6962364c552d9256ca00602911cad4b15031c32415eecc13a05289d3ac2c
Ubuntu Security Notice USN-6812-1
Posted Jun 6, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6812-1 - It was discovered that the Hotspot component of OpenJDK 17 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJDK 17 incorrectly performed reverse DNS query under certain circumstances in the Networking/HTTP client component. An attacker could possibly use this issue to obtain sensitive information.

tags | advisory, web, denial of service
systems | linux, ubuntu
advisories | CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21094
SHA-256 | d76d3814c48011af9e2b9e60715ce52cc7267b927080e73cd0fdcc7bbf1f0a01
Ubuntu Security Notice USN-6811-1
Posted Jun 6, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6811-1 - It was discovered that the Hotspot component of OpenJDK 11 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJDK 11 incorrectly performed reverse DNS query under certain circumstances in the Networking/HTTP client component. An attacker could possibly use this issue to obtain sensitive information.

tags | advisory, web, denial of service
systems | linux, ubuntu
advisories | CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21085, CVE-2024-21094
SHA-256 | dde28026b3a2f1cea25ed309d8230392afe8d23951483f501cb7a7d1687e4197
Red Hat Security Advisory 2024-3545-03
Posted Jun 4, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3545-03 - An update for nodejs is now available for Red Hat Enterprise Linux 9. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2024-27982
SHA-256 | 0d01f09450fc1b1898fb1f0b1f01d5cdf9116442110c8e2710c30281bebf2ef1
Red Hat Security Advisory 2024-3500-03
Posted May 31, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3500-03 - An update for the ruby:3.0 module is now available for Red Hat Enterprise Linux 8. Issues addressed include HTTP response splitting and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability, ruby
systems | linux, redhat
advisories | CVE-2021-33621
SHA-256 | 07018912af2cc2a30a1a8c489f204ef85a96a2eef4d3c15d2dfd7fdd867a602f
Red Hat Security Advisory 2024-3331-03
Posted May 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3331-03 - Red Hat OpenShift Container Platform release 4.14.27 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2023-45288
SHA-256 | 03d93a3c9b85c62831ca12e31990c8783f9b1c3425f6b0d4eb243e44d23aa923
Red Hat Security Advisory 2024-3327-03
Posted May 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3327-03 - Red Hat OpenShift Container Platform release 4.15.15 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2023-45288
SHA-256 | 77917c31c0c47e4bfe377b617d5beb180f4ed59a67ba72d9ead5c6c0c87247df
GRR 3.4.7.4
Posted May 29, 2024
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: YARA memory scanning improvements. Three additions and eleven removals.
tags | tool, remote, web, forensics
systems | unix
SHA-256 | c7a2afcb7f7030300a7925577a7b912f59608942f781769b5cbdf9916f73d67c
Ubuntu Security Notice USN-6788-1
Posted May 28, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6788-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2024-27834
SHA-256 | 2ba9114499615625ceec3aef13282d48432167a8d10e47afc3ee65f19e05d3e3
Debian Security Advisory 5699-1
Posted May 27, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5699-1 - Multiple cross-site scripting vulnerabilities were found in Redmine, a project management web application.

tags | advisory, web, vulnerability, xss
systems | linux, debian
advisories | CVE-2023-47258, CVE-2023-47259, CVE-2023-47260
SHA-256 | 8ccdf18f5aa689e7ce489e58e7238e0dea2c1e410a864ffd0488c844c3677af8
Debian Security Advisory 5698-1
Posted May 27, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5698-1 - Multiple security issues were found in Rack, an interface for developing web applications in Ruby, which could result in denial of service.

tags | advisory, web, denial of service, ruby
systems | linux, debian
advisories | CVE-2024-25126, CVE-2024-26141, CVE-2024-26146
SHA-256 | c1c37e27a20d3e72e78531a52e86cb1e39cc92edc299972478df2308d6692f22
Red Hat Security Advisory 2024-2875-03
Posted May 27, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2875-03 - Red Hat OpenShift Container Platform release 4.13.42 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2023-45288
SHA-256 | 6c4992f0696ba9ad40fadbbc6fce6cbfd09dbde3a7f8e324ac3720dcf6d2cf16
Debian Security Advisory 5695-1
Posted May 24, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5695-1 - Manfred Paul discovered that an attacker with arbitrary read and write capability may be able to bypass Pointer Authentication in the WebKitGTK web engine.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2024-27834
SHA-256 | ebf76abfa0cad06db407a29123e3f9ebdd9cb185b9505b156d444a91fa0c19a9
Red Hat Security Advisory 2024-3354-03
Posted May 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3354-03 - Red Hat Fuse 7.13.0 release is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Issues addressed include HTTP request smuggling, bypass, denial of service, deserialization, and traversal vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2022-41678
SHA-256 | 3f61ace5a463d3948ea3503c06ca682758e7accb473f998f646f99583a105d00
Red Hat Security Advisory 2024-2727-03
Posted May 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2727-03 - An update for python-gunicorn is now available for Red Hat OpenStack Platform 17.1. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2024-1135
SHA-256 | 2a37dee4207eefc9ea347826e5c8f8985a226d64408621fc69e2c9020364f408
CHAOS 5.0.8 Cross Site Scripting / Remote Command Execution
Posted May 21, 2024
Authored by h00die, chebuya | Site metasploit.com

CHAOS version 5.0.8 is a free and open-source Remote Administration Tool that allows generated binaries to control remote operating systems. The web application contains a remote command execution vulnerability which can be triggered by an authenticated user when generating a new executable. The web application also contains a cross site scripting vulnerability within the view of a returned command being executed on an agent.

tags | exploit, remote, web, xss
advisories | CVE-2024-30850, CVE-2024-31839
SHA-256 | f57ebc1eae72783c36ac9e3df7805d9879e3d1ced0b8232ea872b32518252dce
Nethserver 7 / 8 Cross Site Scripting
Posted May 21, 2024
Authored by Andrea Intilangelo

The NethServer module installed as WebTop, produced by Sonicle, is affected by a stored cross site scripting vulnerability due to insufficient input sanitization and output escaping which allows an attacker to store a malicious payload as to execute arbitrary web scripts or HTML. Versions 7 and 8 are affected.

tags | exploit, web, arbitrary, xss
advisories | CVE-2024-34058
SHA-256 | 71dee722377e162d1e9feb9e21ad78ba3b875d892287e875ff81e8ff1b5fccf2
Red Hat Security Advisory 2024-2910-03
Posted May 20, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2910-03 - An update for nodejs is now available for Red Hat Enterprise Linux 9. Issues addressed include HTTP request smuggling, denial of service, and out of bounds read vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2024-22025
SHA-256 | 6a9bf95f5fe49a7941a5b58651ee3a10b70d7da4d5bb7d293b750a7fd11b0b45
Debian Security Advisory 5691-1
Posted May 16, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5691-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or clickjacking.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2024-4367, CVE-2024-4767, CVE-2024-4768, CVE-2024-4769, CVE-2024-4770, CVE-2024-4777
SHA-256 | 1e42e075ffdd6f372b1ecc77b3c2d50b843d84eee3c7205c4a598520c46d85ab
Red Hat Security Advisory 2024-2853-03
Posted May 16, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2853-03 - An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 9. Issues addressed include HTTP request smuggling, denial of service, and out of bounds read vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2024-22025
SHA-256 | f747a4e9f1b642319051474661e503bcfcf7375a4d43089534aff34f0e1198ad
Ubuntu Security Notice USN-6770-1
Posted May 10, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6770-1 - USN-6729-1 fixed vulnerabilities in Apache HTTP Server. The update lead to the discovery of a regression in Fossil with regards to the handling of POST requests that do not have a Content-Length field set. This update fixes the problem.

tags | advisory, web, vulnerability
systems | linux, ubuntu
SHA-256 | a4fb9bd60541be12414572b8883d63af81dffb2f970ccd3933000f3825d55d7b
Openmediavault Remote Code Execution / Local Privilege Escalation
Posted May 9, 2024
Authored by Mert BENADAM

Openmediavault versions prior to 7.0.32 have a vulnerability that occurs when users in the web-admin group enter commands on the crontab by selecting the root shell. As a result of exploiting the vulnerability, authenticated web-admin users can run commands with root privileges and receive reverse shell connections.

tags | exploit, web, shell, root
SHA-256 | f54e108c3e072e69c000f9759d386e86aae92493e17fbe4348a5bdd7b5278328
Zed Attack Proxy 2.15.0 Cross Platform Package
Posted May 9, 2024
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. This is the cross platform package.

Changes: This is a bug fix and enhancement release.
tags | tool, web, vulnerability
SHA-256 | 05d3932a1affb0ab7987664677134709982ca3837a0b0f0e16f9aeb391933341
Debian Security Advisory 5684-1
Posted May 9, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5684-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. Kacper Kwapisz discovered that visiting a malicious website may lead to address bar spoofing. Nan Wang and Rushikesh Nandedkar discovered that processing maliciously crafted web content may lead to arbitrary code execution. SungKwon Lee discovered that processing web content may lead to a denial-of-service. Various other issues were also addressed.

tags | advisory, web, arbitrary, spoof, vulnerability, code execution
systems | linux, debian
advisories | CVE-2023-42843, CVE-2023-42950, CVE-2023-42956, CVE-2024-23252, CVE-2024-23254, CVE-2024-23263, CVE-2024-23280, CVE-2024-23284
SHA-256 | 6e9bc12028378c36947c0cc1d5a1b5f2cd1a6e3c69e4d33ee6a4c62e19d93ae3
Page 2 of 398
Back12345Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close