what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 448 RSS Feed

Files Date: 2024-04-01 to 2024-04-30

Kemp LoadMaster Unauthenticated Command Injection
Posted Apr 29, 2024
Authored by Dave Yesland | Site metasploit.com

This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Kemp LoadMaster in the authorization header after version 7.2.48.1. The following versions are patched: 7.2.59.2 (GA), 7.2.54.8 (LTSF), and 7.2.48.10 (LTS).

tags | exploit
advisories | CVE-2024-1212
SHA-256 | 3a721b9eae3cbcc73dbb679d3903115192bf095161310b9403ab283b1ed814f6
Debian Security Advisory 5675-1
Posted Apr 29, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5675-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2024-4058, CVE-2024-4059, CVE-2024-4060
SHA-256 | 00ccb50fae5e1ffc0dedb975935d1c430bdb1c0605de3c11ff7187b895a8800f
Doctor Appointment Management System 1.0 Cross Site Scripting
Posted Apr 29, 2024
Authored by SoSPiro

Doctor Appointment Management System version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2024-4293
SHA-256 | 0c3515ce2c317170c7225f17f3a5d2fc73aa45477ced43b63dff0c9c028c968d
Ubuntu Security Notice USN-6744-3
Posted Apr 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6744-3 - USN-6744-1 fixed a vulnerability in Pillow. This update provides the corresponding updates for Ubuntu 24.04 LTS. Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-28219
SHA-256 | a3c5e325117510f72eaab078b9452bd572b5c6a7b644c56f33872ee990abf55d
Ubuntu Security Notice USN-6734-2
Posted Apr 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6734-2 - USN-6734-1 fixed vulnerabilities in libvirt. This update provides the corresponding updates for Ubuntu 24.04 LTS. Alexander Kuznetsov discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. It was discovered that libvirt incorrectly handled certain RPC library API calls. An attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2024-1441, CVE-2024-2494
SHA-256 | de9bb025a2d32f7b6bc492105033df1d20ac65f5466d9541f8a4b62ce26e46e5
Ubuntu Security Notice USN-6733-2
Posted Apr 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6733-2 - USN-6733-1 fixed vulnerabilities in GnuTLS. This update provides the corresponding updates for Ubuntu 24.04 LTS. It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker could possibly use this issue to recover sensitive information. It was discovered that GnuTLS incorrectly handled verifying certain PEM bundles. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.10.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2024-28834, CVE-2024-28835
SHA-256 | ddfa9b53cf55c5c796be4d398f38aed182745e8f5742e95f3b46d0343f9fcb73
Ubuntu Security Notice USN-6718-3
Posted Apr 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6718-3 - USN-6718-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 24.04 LTS. Dan Fandrich discovered that curl would incorrectly use the default set of protocols when a parameter option disabled all protocols without adding any, contrary to expectations. This issue only affected Ubuntu 23.10. It was discovered that curl incorrectly handled memory when limiting the amount of headers when HTTP/2 server push is allowed. A remote attacker could possibly use this issue to cause curl to consume resources, leading to a denial of service.

tags | advisory, remote, web, denial of service, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2024-2004, CVE-2024-2398
SHA-256 | ade4e33456f4d06c99e18ff976f56f75797e1d3f0b86ecd687782229e52eb969
Ubuntu Security Notice USN-6729-3
Posted Apr 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6729-3 - USN-6729-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding updates for Ubuntu 24.04 LTS. Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. Bartek Nowotarski discovered that the Apache HTTP Server HTTP/2 module incorrectly handled endless continuation frames. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service.

tags | advisory, remote, web, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-38709, CVE-2024-24795, CVE-2024-27316
SHA-256 | 64bc41b5243d484a6b2e16655cb72ea9b8aa3a19737b46627dbb01cfa4e8fb4e
Ubuntu Security Notice USN-6737-2
Posted Apr 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6737-2 - USN-6737-1 fixed a vulnerability in the GNU C Library. This update provides the corresponding update for Ubuntu 24.04 LTS. Charles Fol discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-2961
SHA-256 | d547d0cf23618743ec2bd33bede52369b6bc5a9e3ce645acccfd6d92d390e28c
Ubuntu Security Notice USN-6756-1
Posted Apr 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6756-1 - It was discovered that less mishandled newline characters in file names. If a user or automated system were tricked into opening specially crafted files, an attacker could possibly use this issue to execute arbitrary commands on the host.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-32487
SHA-256 | cb27c0c511bf9bfd9cd8b1b5dc886cfc5388e099a8f6018acb0cf2eb78ab4c1f
Ubuntu Security Notice USN-6755-1
Posted Apr 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6755-1 - Ingo Brückl discovered that cpio contained a path traversal vulnerability. If a user or automated system were tricked into extracting a specially crafted cpio archive, an attacker could possibly use this issue to write arbitrary files outside the target directory on the host, even if using the option --no-absolute-filenames.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-7207
SHA-256 | a5fb927cd890c4ab4d0b9b311bd01f35cef7e8148d89957eff3b923887c78f36
ESET NOD32 Antivirus 17.1.11.0 Unquoted Service Path
Posted Apr 29, 2024
Authored by Milad Karimi

ESET NOD32 Antivirus version 17.1.11.0 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | c89869f15a61fbd6e4a27d4969ac6487945ff8bbb640fcd901475febf642a0e2
Red Hat Security Advisory 2024-2098-03
Posted Apr 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2098-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-1753
SHA-256 | 844a399712818d1829507d96b0e185a6856885a98a51526018106aff1f21ca0f
Red Hat Security Advisory 2024-2097-03
Posted Apr 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2097-03 - An update for the container-tools:4.0 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-1753
SHA-256 | 9ac4c642d55e4237f2488f22e1c501c23b619b0fe97149b60a109456aeda99fc
Red Hat Security Advisory 2024-2088-03
Posted Apr 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2088-03 - An update is now available for the Red Hat build of Cryostat 2 on RHEL 8. Issues addressed include denial of service, memory exhaustion, and memory leak vulnerabilities.

tags | advisory, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2023-45288
SHA-256 | 85e9f4b82829cdb5154e6b0ed68982f3a590b552ab033dc5ccb8378824c92ab2
Red Hat Security Advisory 2024-2086-03
Posted Apr 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2086-03 - An update for shim is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-40546
SHA-256 | 163b8d7f23fc449ad0b491ac44a69d7352b1d374a412ba1c1e38f8dacd766a00
Red Hat Security Advisory 2024-2079-03
Posted Apr 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2079-03 - An update for git-lfs is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-45288
SHA-256 | 3cd30580ffa328322a6495d5895e0beff813cfc5f046717b71b4649ef9301f27
Red Hat Security Advisory 2024-2077-03
Posted Apr 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2077-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-4122
SHA-256 | 6f76e24e53f2459cc0463337801bfb82bc7fb57090b1f96b30392409e974da3e
Red Hat Security Advisory 2024-1897-03
Posted Apr 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1897-03 - Red Hat OpenShift Container Platform release 4.14.22 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and memory leak vulnerabilities.

tags | advisory, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2023-45288
SHA-256 | 3dc7300cb575928816fb3106bb7b92145b5c67d3fa2b7ba1bcb3e3ad75476549
Red Hat Security Advisory 2024-1891-03
Posted Apr 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1891-03 - Red Hat OpenShift Container Platform release 4.14.22 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include cross site scripting, denial of service, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2023-3978
SHA-256 | 29c1ea6cff4a6c5ae4b3f8f00c143764f7008e137f962f5367951102a1d50d8d
The Not-So-Silent Type
Posted Apr 26, 2024
Authored by Jeffrey Knockel, Zoë Reichert, Mona Wang | Site citizenlab.ca

Whitepaper called The not-so-silent type - Vulnerabilities across keyboard apps reveal keystrokes to network eavesdroppers.

tags | paper, vulnerability
SHA-256 | 1baca6b77c2dd267d995c6cc273aa8908082ad0a1d57ae3a7cf03d39df9cbc85
Ubuntu Security Notice USN-6754-1
Posted Apr 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6754-1 - It was discovered that nghttp2 incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that nghttp2 incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

tags | advisory, remote, web, denial of service
systems | linux, ubuntu
advisories | CVE-2019-9511, CVE-2019-9513, CVE-2023-44487, CVE-2024-28182
SHA-256 | 5cf8f575ba3f618cd1a7ba459257c95bf26180fa995bf1e705ddd3bb811a5c3e
Ubuntu Security Notice USN-6753-1
Posted Apr 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6753-1 - Thomas Neil James Shadwell discovered that CryptoJS was using an insecure cryptographic default configuration. A remote attacker could possibly use this issue to expose sensitive information.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2023-46233
SHA-256 | 9b59079ffc816463d7133b64a1e0918a00b6e29ba9a8c0f1321f133a3a7f8bb4
Debian Security Advisory 5674-1
Posted Apr 26, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5674-1 - It was discovered that PDNS Recursor, a resolving name server, was susceptible to denial of service if recursive forwarding is configured.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2024-25583
SHA-256 | 31109fb4cec81c7b8a039c6278a8841ddbab70a72484cabe22b669645401f990
Ubuntu Security Notice USN-6751-1
Posted Apr 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6751-1 - It was discovered that Zabbix incorrectly handled input data in the discovery and graphs pages. A remote authenticated attacker could possibly use this issue to perform reflected cross-site scripting attacks.

tags | advisory, remote, xss
systems | linux, ubuntu
advisories | CVE-2022-35229
SHA-256 | aca65a6b1e51cfb0dd46b906420ebb846f14557c539fa2fa267bbee51159cbed
Page 1 of 18
Back12345Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close