what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Recent Files

Files RSS Feed
Ubuntu Security Notice USN-7089-6
Posted Nov 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7089-6 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
Ubuntu Security Notice USN-7112-1
Posted Nov 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7112-1 - It was discovered that the GD Graphics Library did not perform proper bounds checking while handling BMP and WebP files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
Ubuntu Security Notice USN-7111-1
Posted Nov 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7111-1 - Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this issue to cause a denial of service. Marten Seemann discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. Ameya Darshan and Jakob Ackermann discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service.

tags | advisory, web, denial of service
systems | linux, ubuntu
Ubuntu Security Notice USN-7088-5
Posted Nov 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7088-5 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
Ubuntu Security Notice USN-7089-5
Posted Nov 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7089-5 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
Ubuntu Security Notice USN-7071-2
Posted Nov 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7071-2 - A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
Ubuntu Security Notice USN-7049-2
Posted Nov 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7049-2 - USN-7049-1 fixed vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that PHP incorrectly handled parsing multipart form data. A remote attacker could possibly use this issue to inject payloads and cause PHP to ignore legitimate data.

tags | advisory, remote, php, vulnerability
systems | linux, ubuntu
Ubuntu Security Notice USN-7110-1
Posted Nov 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7110-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
Siemens Energy Omnivise T3000 8.2 SP3 Privilege Escalation / File Download
Posted Nov 14, 2024
Authored by Andreas Kolbeck, Steffen Robertz | Site sec-consult.com

Siemens Energy Omnivise T3000 version 8.2 SP3 suffers from local privilege escalation, cleartext storage of passwords in configuration and log files, file system access allowing for arbitrary file download, and IP whitelist bypass.

tags | exploit, arbitrary, local
TX Text Control .NET Server For ASP.NET Arbitrary File Read / Write
Posted Nov 14, 2024
Authored by Filip Palian

TX Text Control .NET Server For ASP.NET has an issue where it was possible to change the configured system path for reading and writing files in the underlying operating system with privileges of the user running a web application.

tags | exploit, web, asp
GravCMS 1.10.7 Arbitrary YAML Write / Update
Posted Nov 14, 2024
Site github.com

Proof of concept remote code execution exploit for GravCMS 1.10.7 that leverages an arbitrary YAML write / update.

tags | exploit, remote, arbitrary, code execution, proof of concept
PHP-CGI Argument Injection Remote Code Execution
Posted Nov 14, 2024
Authored by BTtea | Site github.com

Proof of concept remote code execution exploit for PHP-CGI that affects versions 8.1 before 8.1.29, 8.2 before 8.2.20, and 8.3 before 8.3.8.

tags | exploit, remote, cgi, php, code execution, proof of concept
PHP-CGI Argument Injection Susceptibility Scanner
Posted Nov 14, 2024
Site github.com

This is a bash script that is a vulnerability checker for CVE-2024-4577 designed to scan multiple domains for an argument injection vulnerability in PHP-CGI. This tool allows security researchers and system administrators to quickly assess whether their systems or a list of domains are potentially vulnerable to this specific security issue. This issue affected PHP-CGI versions 8.1 before 8.1.29, 8.2 before 8.2.20, and 8.3 before 8.3.8.

tags | tool, cgi, scanner, php, bash
systems | unix
Ubuntu Security Notice USN-7109-1
Posted Nov 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7109-1 - Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this issue to cause a denial of service. Marten Seemann discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. Ameya Darshan and Jakob Ackermann discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service.

tags | advisory, web, denial of service
systems | linux, ubuntu
Ubuntu Security Notice USN-7107-1
Posted Nov 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7107-1 - It was discovered that Minizip in zlib incorrectly handled certain zip header fields. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
Red Hat Security Advisory 2024-9601-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9601-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include buffer overflow and privilege escalation vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
Red Hat Security Advisory 2024-9583-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9583-03 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes a bug fix and security fixes. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
Red Hat Security Advisory 2024-9579-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9579-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include buffer overflow and privilege escalation vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
Red Hat Security Advisory 2024-9573-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9573-03 - An update for libsoup is now available for Red Hat Enterprise Linux 8. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web
systems | linux, redhat
Red Hat Security Advisory 2024-9572-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9572-03 - An update for libsoup is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web
systems | linux, redhat
Red Hat Security Advisory 2024-9571-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9571-03 - Streams for Apache Kafka 2.8.0 is now available from the Red Hat Customer Portal. Issues addressed include denial of service and man-in-the-middle vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
Red Hat Security Advisory 2024-9566-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9566-03 - An update for libsoup is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web
systems | linux, redhat
Red Hat Security Advisory 2024-9559-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9559-03 - An update for libsoup is now available for Red Hat Enterprise Linux 9. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web
systems | linux, redhat
Red Hat Security Advisory 2024-9554-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9554-03 - An update for firefox is now available for Red Hat Enterprise Linux 9. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities.

tags | advisory, denial of service, spoof, vulnerability, xss
systems | linux, redhat
Red Hat Security Advisory 2024-9552-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9552-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities.

tags | advisory, denial of service, spoof, vulnerability, xss
systems | linux, redhat
View Older Files →

Recent News

News RSS Feed
Microsoft Power Pages Misconfigurations Exposing Sensitive Data
Posted Nov 15, 2024

tags | headline, privacy, microsoft, data loss
Man Gets 5 Years For Laundering Crypto From Bitfinex Hack
Posted Nov 15, 2024

tags | headline, hacker, data loss, fraud, cryptography
Five Eyes Infosec Agencies List 2024's Most Exploited Software Flaws
Posted Nov 14, 2024

tags | headline, government, usa, canada, britain, australia, flaw, new zealand
CISA, FBI Confirm China Hacked Telecoms To Spy
Posted Nov 14, 2024

tags | headline, government, privacy, usa, phone, china, data loss, cyberwar, spyware, backdoor
Two Men Charged For Hacking US Tax Preparation Firms
Posted Nov 14, 2024

tags | headline, hacker, privacy, usa, fraud, identity theft
Iranian Threat Group Targets Aerospace Workers With Fake Job Lures
Posted Nov 14, 2024

tags | headline, hacker, fraud, phish, iran
Air National Guardsman Gets 15 Years For Leaking Docs On Discord
Posted Nov 13, 2024

tags | headline, government, usa, data loss, military
Citrix, Cisco, Fortinet Zero-Days Among 2023's Most Exploited Vulnerabilities
Posted Nov 13, 2024

tags | headline, hacker, flaw, cisco, zero day
Ivanti Patches 50 Vulnerabilities Across Several Products
Posted Nov 13, 2024

tags | headline, flaw, patch
Intel And AMD Have Released Many Advisories
Posted Nov 13, 2024

tags | headline, flaw, patch, intel
View More News →

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close