Proof of concept code that demonstrates how the Windows kernel suffers from a privilege escalation vulnerability due to a double-fetch in PspBuildCreateProcessContext that leads to a stack buffer overflow.
0d419f34140c82908299252d3794e80651aedada14ee132d75462cbcf8700e96Proof of concept code that demonstrates how the Windows kernel suffers from a privilege escalation vulnerability due to a double-fetch in NtQueryInformationThread that leads to an arbitrary write.
17303e9dc06042a7d7b761657e3f97ac797834b1b9703bc726107b814b22b014This is the full Windows privilege escalation exploit produced from the blog Exploiting the NT Kernel in 24H2: New Bugs in Old Code and Side Channels Against KASLR.
359dac8448d7ce433fa3541cbb436c20ba5d34c9e0efb99cd95d1c887c779304osCommerce version 4 suffers from a cross site scripting vulnerability. This finding is another vector of attack for this issue already discovered by the same researcher in November of 2023.
f8285fdf1bc0d4437ae633d7dde7f4f607db4b9ab45579773b774ad89e950ca2Ubuntu Security Notice 6758-1 - It was discovered that the JSON5 parse method incorrectly handled the parsing of keys named __proto__. An attacker could possibly use this issue to pollute the prototype of the returned object, setting arbitrary or unexpected keys, and cause a denial of service, allow unintended access to network services or have other unspecified impact, depending on the application's use of the module.
10c35ac640b9fc8c5f799d18da39309e30d744b585fd766bdde2765ee9ecbda3Ubuntu Security Notice 6761-1 - It was discovered that Anope did not properly process credentials for suspended accounts. An attacker could possibly use this issue to normally login to the platform as a suspended user after changing their password.
f6658138c22c33ef65562ccb306efc0364b88646591930b4009dc3aa895fa34fUbuntu Security Notice 6759-1 - It was discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to cause FreeRDP to crash, resulting in a denial of service.
3a5628139a70311c31214964c15cd8597177950d361357a28e3507256052bf61Ubuntu Security Notice 6757-1 - It was discovered that PHP incorrectly handled PHP_CLI_SERVER_WORKERS variable. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to cookie by pass.
d148d55e0339c28ab206c4e04376d9c0144caabdf1c279dfc99b6ae169bc4172Red Hat Security Advisory 2024-2528-03 - An update for mingw-glib2 is now available for Red Hat Enterprise Linux 9.
387f40d4a5321b87c83727ab321d5d491928cde0c555e05bc3544de3f70e4559Red Hat Security Advisory 2024-2525-03 - An update for mingw-pixman is now available for Red Hat Enterprise Linux 9. Issues addressed include integer overflow and out of bounds write vulnerabilities.
7611f233f16e4003c69a91ee23499cbe6bed6fd4c7a8d26442bbf86975a89a03Red Hat Security Advisory 2024-2517-03 - An update for wpa_supplicant is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.
8524f45342379f23a28563d69bc1323f5335b59713270fa1753cd0f9a39bd719Red Hat Security Advisory 2024-2512-03 - An update for file is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer over-read vulnerability.
c9757f1fb62938415e74e1b72c2623972dd8192885f87e85b130055785b92dddRed Hat Security Advisory 2024-2504-03 - An update for libssh is now available for Red Hat Enterprise Linux 9.
319c2fb25725f4c923d65a48a8b63b79d1937db033f4405d2658a55a308bc12fRed Hat Security Advisory 2024-2483-03 - An update for traceroute is now available for Red Hat Enterprise Linux 9.
951bf24a953cbd3ecf0024db056d9ef69269d38b3117598eb04e129fe43159b4Red Hat Security Advisory 2024-2463-03 - An update for systemd is now available for Red Hat Enterprise Linux 9.
aa80114f691729899b2c102d9086bfb2e6b84c5790e5c17bd15b2a8ad3a1da48Red Hat Security Advisory 2024-2456-03 - An update for grub2 is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution, out of bounds read, and out of bounds write vulnerabilities.
522d251117a31b5cf29b4472d79399998985d63ff3a4e49df0eba1ac473063eeRed Hat Security Advisory 2024-2447-03 - An update for openssl and openssl-fips-provider is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
462bc3d09215be0bbf81e8c4c531f8af9c1a08788384e4109de00f728a5419d4Red Hat Security Advisory 2024-2438-03 - An update for pam is now available for Red Hat Enterprise Linux 9.
cac3a3de79b3927054001a5021d0b32777a41ac2c428fcbed09b80fee9552b8aRed Hat Security Advisory 2024-2437-03 - An update for exfatprogs is now available for Red Hat Enterprise Linux 9.
ec5d7aefbd502e5e7c0e5c48a25a38df22b3fe2dd3ed2fdd713b96cb82f7c68cRed Hat Security Advisory 2024-2433-03 - An update for avahi is now available for Red Hat Enterprise Linux 9.
90fb38c055073491b2428ef19f02827d4691135c7e0f1150f88aba63908a0f38Red Hat Security Advisory 2024-2410-03 - An update for harfbuzz is now available for Red Hat Enterprise Linux 9.
884461d864560f6315bfa4a5dc72f974f120e60a0cab9320db27835b00b3f593Red Hat Security Advisory 2024-2396-03 - An update for squashfs-tools is now available for Red Hat Enterprise Linux 9. Issues addressed include a traversal vulnerability.
d5724e9e6cae2fa3d83368d819fb614c4934189062ff71fb096011b100933d77Red Hat Security Advisory 2024-2394-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution, double free, integer overflow, memory exhaustion, memory leak, null pointer, out of bounds access, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
86435dbd1e42e1cb6babcb7c70863a0ed35c27cc178b52ec0cd6a1f94cb358cdRed Hat Security Advisory 2024-2387-03 - An update for mod_jk and mod_proxy_cluster is now available for Red Hat Enterprise Linux 9. Issues addressed include cross site scripting and information leakage vulnerabilities.
1afbcf28960759dfb2bf1cd21470b1d259028ca98c06545215ea1561a67e4844Red Hat Security Advisory 2024-2377-03 - An update for zziplib is now available for Red Hat Enterprise Linux 9.
3182e260d8bb4bef343bdb8627ad9b7ce5ee263c32e316bbac18445b5dc812d9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed