what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 73 RSS Feed

Files Date: 2024-04-30 to 2024-04-30

Windows PspBuildCreateProcessContext Double-Fetch / Buffer Overflow
Posted Apr 30, 2024
Authored by gabe_k

Proof of concept code that demonstrates how the Windows kernel suffers from a privilege escalation vulnerability due to a double-fetch in PspBuildCreateProcessContext that leads to a stack buffer overflow.

tags | exploit, overflow, kernel, proof of concept
systems | windows
advisories | CVE-2024-26218
SHA-256 | 0d419f34140c82908299252d3794e80651aedada14ee132d75462cbcf8700e96
Windows NtQueryInformationThread Double-Fetch / Arbitrary Write
Posted Apr 30, 2024
Authored by gabe_k

Proof of concept code that demonstrates how the Windows kernel suffers from a privilege escalation vulnerability due to a double-fetch in NtQueryInformationThread that leads to an arbitrary write.

tags | exploit, arbitrary, kernel, proof of concept
systems | windows
advisories | CVE-2024-21345
SHA-256 | 17303e9dc06042a7d7b761657e3f97ac797834b1b9703bc726107b814b22b014
Exploiting The NT Kernel In 24H2
Posted Apr 30, 2024
Authored by gabe_k

This is the full Windows privilege escalation exploit produced from the blog Exploiting the NT Kernel in 24H2: New Bugs in Old Code and Side Channels Against KASLR.

tags | exploit, kernel
systems | windows
advisories | CVE-2024-21345, CVE-2024-26218
SHA-256 | 359dac8448d7ce433fa3541cbb436c20ba5d34c9e0efb99cd95d1c887c779304
osCommerce 4 Cross Site Scripting
Posted Apr 30, 2024
Authored by CraCkEr

osCommerce version 4 suffers from a cross site scripting vulnerability. This finding is another vector of attack for this issue already discovered by the same researcher in November of 2023.

tags | exploit, xss
advisories | CVE-2024-4348
SHA-256 | f8285fdf1bc0d4437ae633d7dde7f4f607db4b9ab45579773b774ad89e950ca2
Ubuntu Security Notice USN-6758-1
Posted Apr 30, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6758-1 - It was discovered that the JSON5 parse method incorrectly handled the parsing of keys named __proto__. An attacker could possibly use this issue to pollute the prototype of the returned object, setting arbitrary or unexpected keys, and cause a denial of service, allow unintended access to network services or have other unspecified impact, depending on the application's use of the module.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-46175
SHA-256 | 10c35ac640b9fc8c5f799d18da39309e30d744b585fd766bdde2765ee9ecbda3
Ubuntu Security Notice USN-6761-1
Posted Apr 30, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6761-1 - It was discovered that Anope did not properly process credentials for suspended accounts. An attacker could possibly use this issue to normally login to the platform as a suspended user after changing their password.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2024-30187
SHA-256 | f6658138c22c33ef65562ccb306efc0364b88646591930b4009dc3aa895fa34f
Ubuntu Security Notice USN-6759-1
Posted Apr 30, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6759-1 - It was discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to cause FreeRDP to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2024-32658, CVE-2024-32662
SHA-256 | 3a5628139a70311c31214964c15cd8597177950d361357a28e3507256052bf61
Ubuntu Security Notice USN-6757-1
Posted Apr 30, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6757-1 - It was discovered that PHP incorrectly handled PHP_CLI_SERVER_WORKERS variable. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to cookie by pass.

tags | advisory, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2022-4900, CVE-2024-2756, CVE-2024-3096
SHA-256 | d148d55e0339c28ab206c4e04376d9c0144caabdf1c279dfc99b6ae169bc4172
Red Hat Security Advisory 2024-2528-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2528-03 - An update for mingw-glib2 is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-29499
SHA-256 | 387f40d4a5321b87c83727ab321d5d491928cde0c555e05bc3544de3f70e4559
Red Hat Security Advisory 2024-2525-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2525-03 - An update for mingw-pixman is now available for Red Hat Enterprise Linux 9. Issues addressed include integer overflow and out of bounds write vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-44638
SHA-256 | 7611f233f16e4003c69a91ee23499cbe6bed6fd4c7a8d26442bbf86975a89a03
Red Hat Security Advisory 2024-2517-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2517-03 - An update for wpa_supplicant is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2023-52160
SHA-256 | 8524f45342379f23a28563d69bc1323f5335b59713270fa1753cd0f9a39bd719
Red Hat Security Advisory 2024-2512-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2512-03 - An update for file is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer over-read vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-48554
SHA-256 | c9757f1fb62938415e74e1b72c2623972dd8192885f87e85b130055785b92ddd
Red Hat Security Advisory 2024-2504-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2504-03 - An update for libssh is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6004
SHA-256 | 319c2fb25725f4c923d65a48a8b63b79d1937db033f4405d2658a55a308bc12f
Red Hat Security Advisory 2024-2483-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2483-03 - An update for traceroute is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-46316
SHA-256 | 951bf24a953cbd3ecf0024db056d9ef69269d38b3117598eb04e129fe43159b4
Red Hat Security Advisory 2024-2463-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2463-03 - An update for systemd is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-7008
SHA-256 | aa80114f691729899b2c102d9086bfb2e6b84c5790e5c17bd15b2a8ad3a1da48
Red Hat Security Advisory 2024-2456-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2456-03 - An update for grub2 is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution, out of bounds read, and out of bounds write vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2023-4692
SHA-256 | 522d251117a31b5cf29b4472d79399998985d63ff3a4e49df0eba1ac473063ee
Red Hat Security Advisory 2024-2447-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2447-03 - An update for openssl and openssl-fips-provider is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-2975
SHA-256 | 462bc3d09215be0bbf81e8c4c531f8af9c1a08788384e4109de00f728a5419d4
Red Hat Security Advisory 2024-2438-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2438-03 - An update for pam is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-22365
SHA-256 | cac3a3de79b3927054001a5021d0b32777a41ac2c428fcbed09b80fee9552b8a
Red Hat Security Advisory 2024-2437-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2437-03 - An update for exfatprogs is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-45897
SHA-256 | ec5d7aefbd502e5e7c0e5c48a25a38df22b3fe2dd3ed2fdd713b96cb82f7c68c
Red Hat Security Advisory 2024-2433-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2433-03 - An update for avahi is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-38469
SHA-256 | 90fb38c055073491b2428ef19f02827d4691135c7e0f1150f88aba63908a0f38
Red Hat Security Advisory 2024-2410-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2410-03 - An update for harfbuzz is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-25193
SHA-256 | 884461d864560f6315bfa4a5dc72f974f120e60a0cab9320db27835b00b3f593
Red Hat Security Advisory 2024-2396-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2396-03 - An update for squashfs-tools is now available for Red Hat Enterprise Linux 9. Issues addressed include a traversal vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-40153
SHA-256 | d5724e9e6cae2fa3d83368d819fb614c4934189062ff71fb096011b100933d77
Red Hat Security Advisory 2024-2394-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2394-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution, double free, integer overflow, memory exhaustion, memory leak, null pointer, out of bounds access, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability, code execution, memory leak
systems | linux, redhat
advisories | CVE-2020-26555
SHA-256 | 86435dbd1e42e1cb6babcb7c70863a0ed35c27cc178b52ec0cd6a1f94cb358cd
Red Hat Security Advisory 2024-2387-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2387-03 - An update for mod_jk and mod_proxy_cluster is now available for Red Hat Enterprise Linux 9. Issues addressed include cross site scripting and information leakage vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2023-6710
SHA-256 | 1afbcf28960759dfb2bf1cd21470b1d259028ca98c06545215ea1561a67e4844
Red Hat Security Advisory 2024-2377-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2377-03 - An update for zziplib is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-18770
SHA-256 | 3182e260d8bb4bef343bdb8627ad9b7ce5ee263c32e316bbac18445b5dc812d9
Page 1 of 3
Back123Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close