what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2023-06-21

Debian Security Advisory 5434-1
Posted Jun 21, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5434-1 - A heap-based buffer overflow vulnerability was found in the HTTP chunk parsing code of minidlna, a lightweight DLNA/UPnP-AV server, which may result in denial of service or the execution of arbitrary code.

tags | advisory, web, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2023-33476
SHA-256 | 7f71f9245838fb544dc4679d61458c69044ed1975fd9c395139c5b8893ef09f2
Ubuntu Security Notice USN-6182-1
Posted Jun 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6182-1 - It was discovered that pngcheck incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-27818
SHA-256 | 36d4d487593b3247a8408868b62fd272f8b8ba69f8442f9e384a1610e227a0fa
PHP Online School 1.0 Cross Site Scripting
Posted Jun 21, 2023
Authored by CraCkEr

PHP Online School version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
SHA-256 | f03972c1e09a9186ceda63b51379c7322f797984280b34e747cead9ca8483d0d
PHP Mall 5.0 Cross Site Scripting
Posted Jun 21, 2023
Authored by CraCkEr

PHP Mail version 5.0 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
SHA-256 | ab9cccf88065d059ab46972fbfac65d69ffa30754d5ac7563f151812c102ac6b
OpenSCAP Libraries 1.3.8
Posted Jun 21, 2023
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: The boot-time remediation service for systemd's Offline Update mode is now disabled by default. Added offline capabilities to the shadow OVAL probe. Added offline capabilities to the sysctl OVAL probe. Added auristorfs to list of network filesystems. Added new experimental linux-bound fwupdsecattr probe for system firmware security attributes (fwupd-based). Used ListUnitFiles D-Bus method to fetch all units in systemd OVAL probe. Fixed minor resource leaks.
tags | protocol, library
systems | unix
SHA-256 | d4bf0dd35e7f595f34a440ebf4234df24faa2602c302b96c43274dbb317803b3
Ubuntu Security Notice USN-6181-1
Posted Jun 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6181-1 - Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications the generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application. This issue only affected Ubuntu 22.10. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, web, denial of service, cgi, ruby
systems | linux, ubuntu
advisories | CVE-2021-33621
SHA-256 | f634308d9f8170226b080952b6f1730c28beb18e02e1b9af7f1902121a0a253c
Ubuntu Security Notice USN-6180-1
Posted Jun 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6180-1 - It was discovered that VLC could be made to read out of bounds when decoding image files. If a user were tricked into opening a crafted image file, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that VLC could be made to write out of bounds when processing H.264 video files. If a user were tricked into opening a crafted H.264 video file, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-19721, CVE-2020-13428, CVE-2021-25802, CVE-2021-25803, CVE-2022-41325
SHA-256 | c52af8630ae166c542bdfafe10cf863aa88d4e80d4e6850258db0ed837428cb6
Nokia ASIKA 7.13.52 Private Key Disclosure
Posted Jun 21, 2023
Authored by Amirhossein Bahramizadeh

Nokia ASIKA version 7.13.52 suffers from a hard-coded private key disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2023-25187
SHA-256 | ba290e4ad8f61e25e13991a6b32e0f12e28123576ee71b01dfcecb7262302d64
Red Hat Security Advisory 2023-3705-01
Posted Jun 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3705-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2023-2235, CVE-2023-32233
SHA-256 | d9170a36430152a0d4ba9fe37a5440e6cdc18a63346a7327047c49cb6c7e80ff
WordPress Super Socializer 7.13.52 Cross Site Scripting
Posted Jun 21, 2023
Authored by Amirhossein Bahramizadeh

WordPress Super Socializer plugin version 7.13.52 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2023-2779
SHA-256 | 500b777953696c9fdb839937351514402c8d413e3650f3e88f7299c12594f542
Ubuntu Security Notice USN-6143-3
Posted Jun 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6143-3 - USN-6143-1 fixed vulnerabilities and USN-6143-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Jun Kokatsu discovered that Firefox did not properly validate site-isolated process for a document loaded from a data: URL that was the result of a redirect, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-34415, CVE-2023-34416
SHA-256 | e690f8d3c152b17d38443bd09682b13c330339ba11e481a3a6a3374c0990b471
Accent Microcomputers CMS 2.4 Directory Traversal
Posted Jun 21, 2023
Authored by indoushka

Accent Microcomputers CMS version 2.4 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | b97b79554d7e5c0c7a8d861646a222bb108524fbbcdddc5ba9bf4b8cca5eab8c
PHP Car Dealer 3.0 Cross Site Scripting
Posted Jun 21, 2023
Authored by CraCkEr

PHP Car Dealer version 3.0 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
SHA-256 | 5d7cda295322273a07765d0e26863912ad7bb4ef36801e228c39142c37806ef6
Debian Security Advisory 5433-1
Posted Jun 21, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5433-1 - Gregory James Duck reported that missing input validation in various functions provided by libx11, the X11 client-side library, may result in denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2023-3138
SHA-256 | 99cc65c1ad12a278a4a4e25bf0b90ba31d13ff5fd3f7e054cbc9ea208033a4a4
WordPress WP Sticky Social 1.0.1 CSRF / Cross Site Scripting
Posted Jun 21, 2023
Authored by Amirhossein Bahramizadeh

WordPress WP Sticky Social plugin version 1.0.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2023-3320
SHA-256 | 479e92cf55475922a543143a9c1fe4f295337a3f7b58ea422c35e1964de638fd
Ubuntu Security Notice USN-5948-2
Posted Jun 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5948-2 - USN-5948-1 fixed vulnerabilities in Werkzeug. This update provides the corresponding updates for Ubuntu 23.04. It was discovered that Werkzeug did not properly handle the parsing of nameless cookies. A remote attacker could possibly use this issue to shadow other cookies.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-23934, CVE-2023-25577
SHA-256 | ba83f0682203fee0c453506a48dc08ac74fabba29b013868628afba2887e223f
A Cart 2.0 Database Disclosure
Posted Jun 21, 2023
Authored by indoushka

A Cart version 2.0 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | f02d0af5684e95ea2a0babb2e693e32db722ba7f6a1d94ea916d95540c7adc2e
3CX Open Standards Software IP PBX Thailand 2.0.3 Cross Site Scripting
Posted Jun 21, 2023
Authored by indoushka

3CX Open Standards Software IP PBX Thailand version 2.0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 54c4956a1f5cfc0d4ae4e2fc7a1375fbf20a46a97c6e71f33753fed6e0c8ac71
SPIP 4.2.1 Remote Code Execution
Posted Jun 21, 2023
Authored by nuts7

SPIP versions 4.2.1 and below suffer from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2023-27372
SHA-256 | bc549f06980b67c5d5fb853b317d52b6bf509cd5c2baedf878192f640f78097d
Talroo Jobs Script 1.0 Cross Site Scripting
Posted Jun 21, 2023
Authored by CraCkEr

Talroo Jobs Script version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e57e88ecbbb2f0aa0cc689b5631c6a21fe165b9af9b9597251c61b3f3b1f8fa5
Ubuntu Security Notice USN-6168-2
Posted Jun 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6168-2 - USN-6168-1 fixed a vulnerability in libx11. This update provides the corresponding update for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 ESM. Gregory James Duck discovered that libx11 incorrectly handled certain Request, Event, or Error IDs. If a user were tricked into connecting to a malicious X Server, a remote attacker could possibly use this issue to cause libx11 to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-3138
SHA-256 | cfbed00d12ce5e17e808411a3087316dc771868a1016244059c6b0aef5d4d9c7
WordPress BookIt 2.3.7 Authentication Bypass
Posted Jun 21, 2023
Authored by Lana Codes | Site wordfence.com

WordPress BookIt plugin versions 2.3.7 and below suffer from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2023-2834
SHA-256 | 61dc50a9de429ab9f4cfeb4f8a3e4d9cf106deb606d16a976ab70609cc9d514f
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close