exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 131,253 RSS Feed

Files

Lynis Auditing Tool 3.1.1
Posted Mar 18, 2024
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Detection of ArcoLinux has been added. Redis configuration file path added for FreeBSD. Check /snap directory location for Redis configuration file.
tags | tool, scanner
systems | unix
SHA-256 | d72f4ee7325816bb8dbfcf31eb104207b9fe58a2493c2a875373746a71284cc3
dav1d Integer Overflow / Out-Of-Bounds Write
Posted Mar 18, 2024
Authored by Ivan Fratric, Google Security Research, Nick Galloway

There is an integer overflow in dav1d when decoding an AV1 video with large width/height. The integer overflow may result in an out-of-bounds write.

tags | exploit, overflow
advisories | CVE-2024-1580
SHA-256 | 258b775b05e2d4378551ee4e66e5c90a5df4e7d9ef5dc5c37abec0ba66db8a8e
Ubuntu Security Notice USN-6696-1
Posted Mar 18, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6696-1 - Yi Yang discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 8 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.

tags | advisory, java, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952
SHA-256 | 4b0662938dd8d4f3377ff21d6e5a575b539f89ee7c9b38c565dd184d1e38fed8
Red Hat Security Advisory 2024-1348-03
Posted Mar 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1348-03 - An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-0985
SHA-256 | 12701665c8c4af8ea9bd2661fc2d37419a7c25ffe7d92d76c953ecc21c5ad46d
Red Hat Security Advisory 2024-1346-03
Posted Mar 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1346-03 - An update is now available for Red Hat OpenShift GitOps 1.11. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2024-28175
SHA-256 | 4e27fe9694223369048171a7dd87a8d18d6410672e631aedc8749e530cb03b2e
Red Hat Security Advisory 2024-1345-03
Posted Mar 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1345-03 - An update is now available for Red Hat OpenShift GitOps 1.10. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2024-28175
SHA-256 | 64a46bf7a4541939a17921f671d245f64410181b222639c51c4a7b97d1d18532
UPS Network Management Card 4 Path Traversal
Posted Mar 18, 2024
Authored by Victor Garcia

UPS Network Management Card version 4 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 09c742a5856228ab92542adea67531a36cce939377dbf076b6f5c6131ba276dc
Gasmark Pro 1.0 Shell Upload
Posted Mar 18, 2024
Authored by nu11secur1ty

Gasmark Pro version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 74aac3d302e6dccc4a04f4bb3b7f33f7c74952c5fafd68a7b296c174889dd69b
Nokia BMC Log Scanner 13 Command Injection
Posted Mar 18, 2024
Authored by Matthew Gregory, Carlos Andres Gonzalez

Nokia BMC Log Scanner version 13 suffers from a remote command injection vulnerability.

tags | exploit, remote
advisories | CVE-2022-45899
SHA-256 | dd739a9071327fb09fa5e5c4324f8585adfcdd2bb749945102e954aa364813c8
vm2 3.9.19 Sandbox Escape
Posted Mar 18, 2024
Authored by Calil Khalil, Adriel Mc Roberts

vm2 versions 3.9.19 and below suffer from a sandbox escape vulnerability.

tags | exploit
advisories | CVE-2023-37466
SHA-256 | b24b64151051cccf149693cb0f7f9f928064b14ccdf177979124b8a149121d80
Ubuntu Security Notice USN-6694-1
Posted Mar 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6694-1 - It was discovered that Expat could be made to consume large amounts of resources. If a user or automated system were tricked into processing specially crafted input, an attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2023-52425
SHA-256 | 462e6cb8ba210916a36cb74b260ab305aee4e0ca9a78e36ddc059b2b669d919e
Debian Security Advisory 5632-1
Posted Mar 15, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5632-1 - It was discovered that composer, a dependency manager for the PHP language, processed files in the local working directory. This could lead to local privilege escalation or malicious code execution. Due to a technical issue this email was not sent on 2024-02-26 like it should have.

tags | advisory, local, php, code execution
systems | linux, debian
advisories | CVE-2024-24821
SHA-256 | 41b32f3945ea62d6717b9bcf3c2f3261d62077b5c247d91363fa5b2bd9022945
Financials By Coda Authorization Bypass
Posted Mar 15, 2024
Authored by Leo Draghi

Financials by Coda versions prior to 2023Q4 suffer from an incorrect access control authorization bypass vulnerability. The Change Password feature can be abused in order to modify the password of any user of the application.

tags | exploit, bypass
advisories | CVE-2024-28735
SHA-256 | b902e8c8533e18988a3d9cf1a301f95fdca312dbda532a060668f36b710b0b68
Financials By Coda Cross Site Scripting
Posted Mar 15, 2024
Authored by Leo Draghi

Financials by Coda versions prior to 2023Q4 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2024-28734
SHA-256 | 34202068f860d76bf76919a5032aea9e7b1a4b4f23d207a20914dd51652a7504
Ubuntu Security Notice USN-6695-1
Posted Mar 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6695-1 - It was discovered that TeX Live incorrectly handled certain memory operations in the embedded axodraw2 tool. An attacker could possibly use this issue to cause TeX Live to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. It was discovered that TeX Live allowed documents to make arbitrary network requests. If a user or automated system were tricked into opening a specially crafted document, a remote attacker could possibly use this issue to exfiltrate sensitive information, or perform other network-related attacks. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-18604, CVE-2023-32668, CVE-2024-25262
SHA-256 | e8f6e7fc279a5f1af336dbd407dfe96cd81c2d7194fe47a554772e61fc96870e
Red Hat Security Advisory 2024-1335-03
Posted Mar 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1335-03 - An update for dnsmasq is now available for Red Hat Enterprise Linux 8.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-50387
SHA-256 | aab93a1c07c0459eeede6062c0ec72cc1f97c3372664e0562eb6cfa813043e1d
Red Hat Security Advisory 2024-1334-03
Posted Mar 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1334-03 - An update for dnsmasq is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-50387
SHA-256 | be74eb2a2d40891fa02835b8554452dea266a85e2c6f06b8677e84d0827876d8
Red Hat Security Advisory 2024-1333-03
Posted Mar 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1333-03 - Red Hat OpenShift Serverless version 1.32.0 is now available.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-28110
SHA-256 | 7876100d35bbc329a5e741d2c289d0a6d883142f7f1ac2c7c8a4fd208cd1830a
Red Hat Security Advisory 2024-1332-03
Posted Mar 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1332-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-42896
SHA-256 | 5b7e778fe03cd90f431084fe4c4d880aeab66342b5a0e403d70b251fb0844330
Red Hat Security Advisory 2024-1328-03
Posted Mar 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1328-03 - Red Hat Advanced Cluster Management for Kubernetes 2.9.3 General Availability release images, which fix bugs and update container images. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2023-45142
SHA-256 | f6f85471c9a907c483cc77c26bf19a3950c25f78d7dd2e8e2bad198d0735c06b
Red Hat Security Advisory 2024-1327-03
Posted Mar 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1327-03 - An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2023-44442
SHA-256 | 5db7d2a7e68f0f73b050d2f6cb1f1deb8c53a03f9134b648aa168e1c4d8ead08
Debian Security Advisory 5640-1
Posted Mar 15, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5640-1 - Two vulnerabilities were discovered in Open vSwitch, a software-based Ethernet virtual switch, which could result in a bypass of OpenFlow rules or denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2023-3966, CVE-2023-5366
SHA-256 | ee33fda52165e0797d00ba28edf1c0746142b6af8db3080011d86af844a64baa
Faraday 5.2.0
Posted Mar 15, 2024
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Fixed hosts stats when bulk delete is applied to vulns. Fixed an issue where the server was not updating the agents status on restart. Removed websockets port from docker-compose.
tags | tool, rootkit
systems | unix
SHA-256 | 69ef3847ab0a3944f6246bfa3a426588d80294ddfedb22b90e7e5c525e54eef9
HALO 2.13.1 CORS Issue
Posted Mar 15, 2024
Authored by nu11secur1ty

HALO version 2.13.1 has an insecure cross-origin resource sharing setting that allows an arbitrary origin.

tags | exploit, arbitrary
SHA-256 | d03ce00498ebd36e4dfcab8b4a25be241e021255496446e7b6df62fb6024ec33
Membership Management System 1.0 SQL Injection / Shell Upload
Posted Mar 15, 2024
Authored by SoSPiro

Membership Management System version 1.0 suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
SHA-256 | bafbc2c7895ab97a3d57de482862b676a744678a894f6abb9103ae63f21b01a1
Page 1 of 5,251
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close