exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Recent Files

Files RSS Feed
Lynis Auditing Tool 3.1.1
Posted Mar 18, 2024
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Detection of ArcoLinux has been added. Redis configuration file path added for FreeBSD. Check /snap directory location for Redis configuration file.
tags | tool, scanner
systems | unix
dav1d Integer Overflow / Out-Of-Bounds Write
Posted Mar 18, 2024
Authored by Ivan Fratric, Google Security Research, Nick Galloway

There is an integer overflow in dav1d when decoding an AV1 video with large width/height. The integer overflow may result in an out-of-bounds write.

tags | exploit, overflow
Ubuntu Security Notice USN-6696-1
Posted Mar 18, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6696-1 - Yi Yang discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 8 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.

tags | advisory, java, denial of service, arbitrary
systems | linux, ubuntu
Red Hat Security Advisory 2024-1348-03
Posted Mar 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1348-03 - An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

tags | advisory
systems | linux, redhat
Red Hat Security Advisory 2024-1346-03
Posted Mar 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1346-03 - An update is now available for Red Hat OpenShift GitOps 1.11. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
Red Hat Security Advisory 2024-1345-03
Posted Mar 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1345-03 - An update is now available for Red Hat OpenShift GitOps 1.10. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
UPS Network Management Card 4 Path Traversal
Posted Mar 18, 2024
Authored by Victor Garcia

UPS Network Management Card version 4 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
Gasmark Pro 1.0 Shell Upload
Posted Mar 18, 2024
Authored by nu11secur1ty

Gasmark Pro version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
Nokia BMC Log Scanner 13 Command Injection
Posted Mar 18, 2024
Authored by Matthew Gregory, Carlos Andres Gonzalez

Nokia BMC Log Scanner version 13 suffers from a remote command injection vulnerability.

tags | exploit, remote
vm2 3.9.19 Sandbox Escape
Posted Mar 18, 2024
Authored by Calil Khalil, Adriel Mc Roberts

vm2 versions 3.9.19 and below suffer from a sandbox escape vulnerability.

tags | exploit
Ubuntu Security Notice USN-6694-1
Posted Mar 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6694-1 - It was discovered that Expat could be made to consume large amounts of resources. If a user or automated system were tricked into processing specially crafted input, an attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
Debian Security Advisory 5632-1
Posted Mar 15, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5632-1 - It was discovered that composer, a dependency manager for the PHP language, processed files in the local working directory. This could lead to local privilege escalation or malicious code execution. Due to a technical issue this email was not sent on 2024-02-26 like it should have.

tags | advisory, local, php, code execution
systems | linux, debian
Financials By Coda Authorization Bypass
Posted Mar 15, 2024
Authored by Leo Draghi

Financials by Coda versions prior to 2023Q4 suffer from an incorrect access control authorization bypass vulnerability. The Change Password feature can be abused in order to modify the password of any user of the application.

tags | exploit, bypass
Financials By Coda Cross Site Scripting
Posted Mar 15, 2024
Authored by Leo Draghi

Financials by Coda versions prior to 2023Q4 suffer from a cross site scripting vulnerability.

tags | exploit, xss
Ubuntu Security Notice USN-6695-1
Posted Mar 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6695-1 - It was discovered that TeX Live incorrectly handled certain memory operations in the embedded axodraw2 tool. An attacker could possibly use this issue to cause TeX Live to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. It was discovered that TeX Live allowed documents to make arbitrary network requests. If a user or automated system were tricked into opening a specially crafted document, a remote attacker could possibly use this issue to exfiltrate sensitive information, or perform other network-related attacks. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
Red Hat Security Advisory 2024-1335-03
Posted Mar 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1335-03 - An update for dnsmasq is now available for Red Hat Enterprise Linux 8.

tags | advisory
systems | linux, redhat
Red Hat Security Advisory 2024-1334-03
Posted Mar 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1334-03 - An update for dnsmasq is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
Red Hat Security Advisory 2024-1333-03
Posted Mar 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1333-03 - Red Hat OpenShift Serverless version 1.32.0 is now available.

tags | advisory
systems | linux, redhat
Red Hat Security Advisory 2024-1332-03
Posted Mar 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1332-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
Red Hat Security Advisory 2024-1328-03
Posted Mar 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1328-03 - Red Hat Advanced Cluster Management for Kubernetes 2.9.3 General Availability release images, which fix bugs and update container images. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
Red Hat Security Advisory 2024-1327-03
Posted Mar 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1327-03 - An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
Debian Security Advisory 5640-1
Posted Mar 15, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5640-1 - Two vulnerabilities were discovered in Open vSwitch, a software-based Ethernet virtual switch, which could result in a bypass of OpenFlow rules or denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
Faraday 5.2.0
Posted Mar 15, 2024
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Fixed hosts stats when bulk delete is applied to vulns. Fixed an issue where the server was not updating the agents status on restart. Removed websockets port from docker-compose.
tags | tool, rootkit
systems | unix
HALO 2.13.1 CORS Issue
Posted Mar 15, 2024
Authored by nu11secur1ty

HALO version 2.13.1 has an insecure cross-origin resource sharing setting that allows an arbitrary origin.

tags | exploit, arbitrary
Membership Management System 1.0 SQL Injection / Shell Upload
Posted Mar 15, 2024
Authored by SoSPiro

Membership Management System version 1.0 suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
View Older Files →

Recent News

News RSS Feed
Why Does The US Want To ban TikTok, And When Could It Happen?
Posted Mar 15, 2024

tags | headline, government, usa, china, cyberwar, spyware, social
Discontinued Security Plugins Expose Many WordPress Sites To Takeover
Posted Mar 15, 2024

tags | headline, hacker, flaw, wordpress
Member Of LockBit Ransomware Group Sentenced To 4 Years In Prison
Posted Mar 15, 2024

tags | headline, malware, canada, russia, cybercrime, fraud, cryptography
Banish OEM Self-Signed Certs And Roll Your Own LetsEncrypt
Posted Mar 15, 2024

tags | headline, privacy, cryptography
Cop Shop Rapped For Completely Avoidable Web Form Blunder
Posted Mar 15, 2024

tags | headline, government, privacy, britain, data loss
Cisco Patches High Severity IOS RX Vulnerabilities
Posted Mar 14, 2024

tags | headline, flaw, patch, cisco
RedLine Malware Top Credential Stealer Of Last 6 Months
Posted Mar 14, 2024

tags | headline, hacker, malware, cybercrime, data loss, password, identity theft
Meta Sues Brazenly Disloyal Former Exec Over Stolen Confidential Docs
Posted Mar 14, 2024

tags | headline, data loss, fraud, facebook
Poking Holes In Google Tech Bagged Bug Hunters $10M
Posted Mar 14, 2024

tags | headline, hacker, flaw, google
US Congress Goes Bang, Bang, On Tik-Tok Sale Or Ban Plan
Posted Mar 14, 2024

tags | headline, government, privacy, usa, china, cyberwar, spyware, social
View More News →

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close