what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files Date: 2023-03-07

Arris DG3450 AR01.02.056.18_041520_711.NCS.10 XSS / Missing Authentication
Posted Mar 7, 2023
Authored by Steffen Robertz | Site sec-consult.com

Arris DG3450 cable gateway version AR01.02.056.18_041520_711.NCS.10 suffers from cross site scripting and missing authentication vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2023-27571, CVE-2023-27572
SHA-256 | c86cd78224d0a1dc11fa8725e61327ea16bc608bd258e5251a6ecfda7f8bb033
Oracle 19c Access Bypass
Posted Mar 7, 2023
Authored by Emad Al-Mousa

Oracle Database Vault had a flaw that would allow unauthorized privileged users to extract data from a protected table. Oracle 19c versions 19.18 and below are affected. Fixed in the Oracle Critical Patch Update October 2022.

tags | exploit
SHA-256 | 9793cd8f9b7072bec5dd6bf77759bc5e3eb357c40e0c937e857487981ea190ab
CoreDial sipXcom sipXopenfire 21.04 Remote Command Execution / Weak Permissions
Posted Mar 7, 2023
Authored by Systems Research Group

CoreDial sipXcom sipXopenfire versions 21.04 and below suffer from XMPP message system command argument injection and insecure service file permissions that when chained together gives root.

tags | exploit, root
advisories | CVE-2023-25355, CVE-2023-25356
SHA-256 | b306297e359b80aaed39f16e6cdc8e7a70a93aff1cb4084d52e8dfcfadc31596
ZwiiCMS 12.2.04 Remote Code Execution
Posted Mar 7, 2023
Authored by Hadi Mene

ZwiiCMS version 12.2.04 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-10567
SHA-256 | eb76d5e63d49a529d995356a055f296bd4746ac15c006561a9eaa8406810db0d
OpenBSD 7.2 ip_srcroute() Overflow
Posted Mar 7, 2023
Authored by Erg Noor | Site github.com

OpenBSD version 7.2 suffers from an overflow vulnerability. ip_dooptions() will allow IPOPT_SSRR with optlen = 2. save_rte() will set isr_nhops to very large value, which will cause an overflow in the next ip_srcroute() call.

tags | exploit, overflow
systems | openbsd
SHA-256 | 6aea32da93ccffa7fa7a888b010cc9b2cd121b1c2b6e081ded5446c568530e66
Ubuntu Security Notice USN-5931-1
Posted Mar 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5931-1 - It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2022-37454
SHA-256 | 33bbf9788230cbeb99c657b8e28943adea06a0071c8079fb8b2553765bcb5937
Ubuntu Security Notice USN-5930-1
Posted Mar 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5930-1 - It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2022-37454
SHA-256 | 3eea1d8c54397f96a37251d32922f85c73164c2faad23c5a4a9d2e29e9aef977
Red Hat Security Advisory 2023-1101-01
Posted Mar 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1101-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-4378
SHA-256 | 754fa2dc830287b9e351689491d3113031c6020c1ea88ab4deb401a3a5aadcaa
Red Hat Security Advisory 2023-1102-01
Posted Mar 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1102-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-21594, CVE-2022-21599, CVE-2022-21604, CVE-2022-21608, CVE-2022-21611, CVE-2022-21617, CVE-2022-21625, CVE-2022-21632, CVE-2022-21633, CVE-2022-21637, CVE-2022-21640, CVE-2022-39400, CVE-2022-39408, CVE-2022-39410
SHA-256 | 5b3cb62926e5f23d6776e3c5504bad9edb7a72d6d023781a630418a23604f76c
Red Hat Security Advisory 2023-1093-01
Posted Mar 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1093-01 - The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated tools. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-3560
SHA-256 | 02c0dba02209a2c43fc366c320f12872a2b38473f00db2fee0b5451f4d89a0df
Red Hat Security Advisory 2023-1091-01
Posted Mar 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1091-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-42703, CVE-2022-4378
SHA-256 | a4b3cb86f69fd42e3d5f9bb38725e9e037a981a023f5eb42cc8c73337f1d034e
Red Hat Security Advisory 2023-1030-01
Posted Mar 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1030-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.30.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41717
SHA-256 | 3fb05a6874de2909ab80039fc9a100f211a86901f9e1abbdcf59fe58eba02528
Red Hat Security Advisory 2023-1095-01
Posted Mar 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1095-01 - The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Issues addressed include a buffer over-read vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-37434
SHA-256 | adc250f0615cd75a6c70333c14bb359ef4003b176b22315d1c4d2e663cd88127
Red Hat Security Advisory 2023-1090-01
Posted Mar 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1090-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2022-38023
SHA-256 | ad42697be1a8b3e90602dd1b778dc1c577060b0e9c7f554f5ef9742d0b65b431
Red Hat Security Advisory 2023-1103-01
Posted Mar 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1103-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-4378
SHA-256 | 7fec50157b375daac493b7e5ed4608a6f6711ac6c1e66f82d5e5ec88a073211b
Red Hat Security Advisory 2023-1092-01
Posted Mar 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1092-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-42703, CVE-2022-4378
SHA-256 | 8ef1153d9fc643191e1f5b6368978fe775f904a9ce6a68391a96143de849f45f
Ubuntu Security Notice USN-5929-1
Posted Mar 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5929-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-3169, CVE-2022-3344, CVE-2022-3435, CVE-2022-3521, CVE-2022-3545, CVE-2022-4139, CVE-2022-4379, CVE-2022-45869, CVE-2022-47518, CVE-2022-47519, CVE-2022-47520, CVE-2022-47521, CVE-2023-0179, CVE-2023-0461
SHA-256 | b91d808cf19fdf7c90b1715dd76fe4ce1006bf73ea7d460b158031998be12e19
Ubuntu Security Notice USN-5928-1
Posted Mar 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5928-1 - It was discovered that systemd did not properly validate the time and accuracy values provided to the format_timespan function. An attacker could possibly use this issue to cause a buffer overrun, leading to a denial of service attack. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. It was discovered that systemd did not properly manage the fs.suid_dumpable kernel configurations. A local attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-3821, CVE-2022-4415, CVE-2022-45873
SHA-256 | 509bb5498c466727e8b77069e58b5b38ba7506e8a8d8e979018a2f971776f7e6
Red Hat Security Advisory 2023-1042-01
Posted Mar 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1042-01 - Custom Metrics Autoscaler Operator for Red Hat OpenShift including security updates.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1705, CVE-2022-1962, CVE-2022-27664, CVE-2022-28131, CVE-2022-28327, CVE-2022-2879, CVE-2022-2880, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, CVE-2022-32148, CVE-2022-32149
SHA-256 | f399dcb2538382b0da653070530d24a988f6311382debb5d7ef4ab333944715b
Ubuntu Security Notice USN-5927-1
Posted Mar 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5927-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-3669, CVE-2022-3424, CVE-2022-3521, CVE-2022-3545, CVE-2022-3628, CVE-2022-36280, CVE-2022-3640, CVE-2022-41218, CVE-2022-42328, CVE-2022-42895, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394
SHA-256 | 267cb30398652c6d5e4143e7a564419a514df5b940ea487c998523a7f3bc146b
Ubuntu Security Notice USN-5926-1
Posted Mar 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5926-1 - Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. Lee Jones discovered that a use-after-free vulnerability existed in the Bluetooth implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-4155, CVE-2022-20566, CVE-2022-41858, CVE-2022-42895, CVE-2023-0045, CVE-2023-23559
SHA-256 | a41914777c5a10c7ff57a46d9d192b11651b4647733ebe5adb378ce5a4e9e4af
Ubuntu Security Notice USN-5925-1
Posted Mar 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5925-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the Kernel Connection Multiplexor socket implementation in the Linux kernel when releasing sockets in certain situations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-3521, CVE-2022-3545, CVE-2022-3628, CVE-2022-3640, CVE-2022-42328, CVE-2022-42895, CVE-2023-0461
SHA-256 | 0f0f2bc4ad90e2d21d62d6495742008cd217c7c1134c60f81916c696fb70393c
Ubuntu Security Notice USN-5924-1
Posted Mar 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5924-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-3669, CVE-2022-20369, CVE-2022-26373, CVE-2022-2663, CVE-2022-29900, CVE-2022-29901, CVE-2022-3424, CVE-2022-3521, CVE-2022-3545, CVE-2022-3628, CVE-2022-36280, CVE-2022-3640, CVE-2022-3646, CVE-2022-3649
SHA-256 | a8eab20b02c9df68362580c4223bc74421adc8ea73b39fe1311d5dcd6ee3c327
Red Hat Security Advisory 2023-1079-01
Posted Mar 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1079-01 - An update for osp-director-downloader-container, osp-director-agent-container and osp-director-operator-container is now available for Red Hat OpenStack Platform 16.2 (Train).

tags | advisory
systems | linux, redhat
advisories | CVE-2021-46848, CVE-2022-2879, CVE-2022-35737, CVE-2022-40303, CVE-2022-40304, CVE-2022-41715, CVE-2022-41717, CVE-2022-4415, CVE-2022-47629
SHA-256 | f179351d8e79ae43b469f9abebae34f6ed031645dfff0ad5dfb1bc546c857c7f
Ubuntu Security Notice USN-5923-1
Posted Mar 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5923-1 - It was discovered that LibTIFF could be made to read out of bounds when processing certain malformed image files with the tiffcrop tool. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a denial of service. It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed image files with the tiffcrop tool. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-0795, CVE-2023-0798, CVE-2023-0799, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803
SHA-256 | aceba9aebfd2a89b320ea42141c53aaa7e10f9fbc5e30591386d07722bcec437
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close