exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2023-12-15 to 2023-12-16

RTPEngine mr11.5.1.6 Denial Of Service
Posted Dec 15, 2023
Authored by Sandro Gauci | Site enablesecurity.com

RTPEngine version mr11.5.1.6 suffers from a denial of service vulnerability via DTLS Hello packets during call initiation.

tags | exploit, denial of service
SHA-256 | 7938f478eab1d8bc840896b24b1e1e899b45b53e89a3e7429e87eaebcefdc333
PKP-WAL 3.4.0-3 Remote Code Execution
Posted Dec 15, 2023
Authored by EgiX | Site karmainsecurity.com

PKP Web Application Library (PKP-WAL) versions 3.4.0-3 and below, as used in Open Journal Systems (OJS), Open Monograph Press (OMP), and Open Preprint Systems (OPS) before versions 3.4.0-4 or 3.3.0-16, suffer from a NativeImportExportPlugin related remote code execution vulnerability.

tags | exploit, remote, web, code execution
advisories | CVE-2023-47271
SHA-256 | 894453dd71b738c757ad44c73e02be6e0af26e1e261f945b9dc8f20a9ebb348e
American Fuzzy Lop plus plus 4.09c
Posted Dec 15, 2023
Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: 9 changes to afl-fuzz, 4 changes to afl-whatsup, 2 changes to instrumentation, 1 fix for frida_mode, support for AFL_FUZZER_LOOPCOUNT for afl.rs and LLVMFuzzerTestOneInput, and a few other updates.
tags | tool, fuzzer
systems | unix
SHA-256 | 2d3b2e4f066b1f3eda17faff147dfa3e4b16fba044257361aca51a2322c5122d
Ubuntu Security Notice USN-6488-2
Posted Dec 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6488-2 - USN-6488-1 fixed a vulnerability in strongSwan. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Florian Picca discovered that strongSwan incorrectly handled certain DH public values. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-41913
SHA-256 | 338f4a5b2aa85b89f8b08d5684422107226ac51c46249766ac922c0b469c720e
Ubuntu Security Notice USN-6556-1
Posted Dec 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6556-1 - It was discovered that Budgie Extras incorrectly handled certain temporary file paths. An attacker could possibly use this issue to inject false information or deny access to the application. Matthias Gerstner discovered that Budgie Extras incorrectly handled certain temporary file paths. A local attacker could use this to inject arbitrary PNG data in this path and have it displayed on the victim's desktop or deny access to the application.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2023-49342, CVE-2023-49344, CVE-2023-49346
SHA-256 | 1e445a20e0c3e2f5cd796458dc464196f8b71e35096e6c4f1fb6ced4a09715a1
Asterisk 20.1.0 Denial Of Service
Posted Dec 15, 2023
Authored by Sandro Gauci | Site enablesecurity.com

When handling DTLS-SRTP for media setup, Asterisk version 20.1.0 is susceptible to denial of service due to a race condition in the hello handshake phase of the DTLS protocol. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack.

tags | exploit, denial of service, protocol
advisories | CVE-2023-49786
SHA-256 | 64a70704bf3c592f3c715409a2cca70dea12a637204ffa690f04e1d61f8e5387
Ubuntu Security Notice USN-6558-1
Posted Dec 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6558-1 - It was discovered that audiofile could be made to dereference invalid memory. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that audiofile could be made to write out of bounds. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-13440, CVE-2018-17095, CVE-2019-13147, CVE-2022-24599
SHA-256 | 6a440b0470b659ef8af146298808a0dd6b5659c6528660e23e465d017c10fa55
Ubuntu Security Notice USN-6557-1
Posted Dec 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6557-1 - It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. It was discovered that Vim could be made to recurse infinitely. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2022-1725, CVE-2022-1771, CVE-2022-1886, CVE-2022-2000, CVE-2022-2042, CVE-2023-48232, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706
SHA-256 | 872f33dc2b7bc88b8c7bb037d8cce3aa5d34706dc69f05eec595485cb8f8d733
Ubuntu Security Notice USN-6233-2
Posted Dec 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6233-2 - USN-6233-1 fixed vulnerabilities in YAJL. This update provides the corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. It was discovered that YAJL was not properly performing bounds checks when decoding a string with escape sequences. If a user or automated system using YAJL were tricked into processing specially crafted input, an attacker could possibly use this issue to cause a denial of service .

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-16516, CVE-2022-24795, CVE-2023-33460
SHA-256 | 1a79b120418384147adf55646f48f838ca04a6cd9e3d760d119309f406d0434a
Ubuntu Security Notice USN-6546-2
Posted Dec 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6546-2 - USN-6546-1 fixed vulnerabilities in LibreOffice. This update provides the corresponding updates for Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Reginaldo Silva discovered that LibreOffice incorrectly handled filenames when passing embedded videos to GStreamer. If a user were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary GStreamer plugins. Reginaldo Silva discovered that LibreOffice incorrectly handled certain non-typical hyperlinks. If a user were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary scripts.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-6185, CVE-2023-6186
SHA-256 | 808b75d5f543a21d97def30aa63e9371eeed40a1188f1ac039def1ee13521456
Red Hat Security Advisory 2023-7861-03
Posted Dec 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7861-03 - A security update is now available for Red Hat build of Keycloak 22.0.7 images running on OpenShift Container Platform. Issues addressed include bypass and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2023-6134
SHA-256 | a43e254701b7eb30b58f86a22ec0162fdc94294c52af4f8c808a0dac88a9dead
Red Hat Security Advisory 2023-7860-03
Posted Dec 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7860-03 - Red Hat build of Keycloak 22.0.7 is now available from the Customer Portal. Issues addressed include bypass and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2023-6134
SHA-256 | bd77f42fb81bdd69394cf7559995ff5bc7d63bcde027ee27ad485f360d3a7e63
Red Hat Security Advisory 2023-7858-03
Posted Dec 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7858-03 - A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal. Issues addressed include bypass, cross site scripting, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2023-6134
SHA-256 | 4f7e250c04328d5a2bc1c02c7f545e8d60acfe2db275a86ff2ea0753e95fc08f
Red Hat Security Advisory 2023-7857-03
Posted Dec 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7857-03 - A new image is available for Red Hat Single Sign-On 7.6.6, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Issues addressed include bypass, cross site scripting, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2023-6134
SHA-256 | 279db730dc69748f4a962e39c690f93ee52ab83f882105e097594aa5cb1bdf18
Red Hat Security Advisory 2023-7856-03
Posted Dec 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7856-03 - New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 8. Issues addressed include bypass, cross site scripting, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2023-6134
SHA-256 | d5e8efdab8a4c8731e2b96f8282b54ca41c19c49aa01d05bf988062db2c38d85
Red Hat Security Advisory 2023-7855-03
Posted Dec 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7855-03 - New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 9. Issues addressed include bypass, cross site scripting, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2023-6134
SHA-256 | 4b1f5fa5a8ff219473a13aea4a431672c67fcce937368e391424195f051ce999
Red Hat Security Advisory 2023-7854-03
Posted Dec 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7854-03 - New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 7. Issues addressed include bypass, cross site scripting, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2023-6134
SHA-256 | b82bec761d2724b71ca55b12cd8f105aeefa574106064512ef12754dce666d44
Red Hat Security Advisory 2023-7851-03
Posted Dec 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7851-03 - Updated Satellite 6.14 packages that fixes Important security bugs and several regular bugs are now available for Red Hat Satellite. Issues addressed include cross site scripting and local file inclusion vulnerabilities.

tags | advisory, local, vulnerability, xss, file inclusion
systems | linux, redhat
advisories | CVE-2023-4886
SHA-256 | 5936a03da5b97212f5fb9b6747bf8731fbb23f1c33b0483d107dfa2b817abdfb
Red Hat Security Advisory 2023-7845-03
Posted Dec 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7845-03 - Red Hat Integration Camel for Spring Boot 3.20.4 release and security update is now available.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-5072
SHA-256 | f1a9010c52d782e96a327f8bb851b3f05b3b3f0b2e85b487c325f4126e5aca7d
Red Hat Security Advisory 2023-7842-03
Posted Dec 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7842-03 - Red Hat Integration Camel for Spring Boot 4.0.2 release and security update is now available.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-5072
SHA-256 | c8db5fcd2da61fc6ef73d125ba9f510f4bc02130d8b303e6814f389f7324348f
Red Hat Security Advisory 2023-7841-03
Posted Dec 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7841-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-44446
SHA-256 | 547f477e8f085245a258d0161a2ccc6995b995b24194ea393e2fb0a096e76776
Red Hat Security Advisory 2023-7840-03
Posted Dec 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7840-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-44446
SHA-256 | dcc415b0b1ad9afbb103e1931df7f6b1519625eab2516ddf6e9a30d42f040d50
Red Hat Security Advisory 2023-7836-03
Posted Dec 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7836-03 - An update for avahi is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-3468
SHA-256 | 9a2de5344afce1a07abf19f30fa7f1c7ae13a2570c385908070c5545c82f97fb
osCommerce 4.13-60075 Shell Upload
Posted Dec 15, 2023
Authored by nu11secur1ty

osCommerce version 4.13-60075 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | ec2851de45716323cc9586ace2e5ab5f4c1232d38a2afff9df61187983d1047d
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close