what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 44 RSS Feed

Files Date: 2023-04-26

Ubuntu Security Notice USN-6010-3
Posted Apr 26, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6010-3 - USN-6010-1 fixed vulnerabilities and USN-6010-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage fullscreen notifications using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. An attacker could potentially exploit this issue to perform spoofing attacks. Lukas Bernhard discovered that Firefox did not properly manage memory when doing Garbage Collector compaction. An attacker could potentially exploits this issue to cause a denial of service. Zx from qriousec discovered that Firefox did not properly validate the address to free a pointer provided to the memory manager. An attacker could potentially exploits this issue to cause a denial of service. Alexis aka zoracon discovered that Firefox did not properly validate the URI received by the WebExtension during a load request. An attacker could potentially exploits this to obtain sensitive information. Trung Pham discovered that Firefox did not properly validate the filename directive in the Content-Disposition header. An attacker could possibly exploit this to perform reflected file download attacks potentially tricking users to install malware. Ameen Basha M K discovered that Firefox did not properly validate downloads of files ending in .desktop. An attacker could potentially exploits this issue to execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-29533, CVE-2023-29535, CVE-2023-29536, CVE-2023-29538, CVE-2023-29539, CVE-2023-29540, CVE-2023-29541, CVE-2023-29548
SHA-256 | 28a0d5910e512b4af6cca1c5d9dce55d15bf50d2e6d7a0ad119fdafd23d0ddad
Red Hat Security Advisory 2023-2023-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2023-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10735, CVE-2021-28861, CVE-2022-40186, CVE-2022-40897, CVE-2022-4304, CVE-2022-4415, CVE-2022-4450, CVE-2022-45061, CVE-2022-48303, CVE-2023-0215, CVE-2023-0286, CVE-2023-0361, CVE-2023-23916
SHA-256 | c6904d9c5fef64669837a2ad40e8be5c2049a68a8cf769b21ca87ac743de8433
Ubuntu Security Notice USN-6039-1
Posted Apr 26, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6039-1 - It was discovered that OpenSSL was not properly managing file locks when processing policy constraints. If a user or automated system were tricked into processing a certificate chain with specially crafted policy constraints, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. David Benjamin discovered that OpenSSL was not properly performing the verification of X.509 certificate chains that include policy constraints, which could lead to excessive resource consumption. If a user or automated system were tricked into processing a specially crafted X.509 certificate chain that includes policy constraints, a remote attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-3996, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466
SHA-256 | eadba9a6b350964348dfb8cdb88af943d8fef03500b5392c3de74160dd5725ad
qdPM 9.1 Cross Site Scripting
Posted Apr 26, 2023
Authored by Or4nG.M4N

qdPM version 9.1 suffers from a cross site scripting vulnerability. Original discovery of cross site scripting in this version is attributed to Mehmet Emiroglu in 2019.

tags | exploit, xss
SHA-256 | 762c3a099f8808825acab911075c4599d14e0932cf84e755a9b0be0b475e2ba4
Red Hat Security Advisory 2023-1953-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1953-01 - Red Hat OpenShift Logging Subsystem 5.6.5 update. Issues addressed include cross site scripting and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2022-4269, CVE-2022-4378, CVE-2023-0266, CVE-2023-0361, CVE-2023-0386, CVE-2023-27539, CVE-2023-28120
SHA-256 | 1ff111b4a85069401a7dff1ebf454e3f070b0c09625b392292621a537d201e03
Red Hat Security Advisory 2023-1866-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1866-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.58. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2022-42889, CVE-2023-25761, CVE-2023-25762
SHA-256 | 60147a8fdf6c53e7eda20f3e0a6a5e994efa58cd13406e903a89573ee69fa740
PHP Restaurants 1.0 SQL Injection / Cross Site Scripting
Posted Apr 26, 2023
Authored by Or4nG.M4N

PHP Restaurants version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass and a cross site scripting vulnerability. Original discovery of SQL injection in this version is attributed to Nefrit ID in February of 2022.

tags | exploit, remote, php, xss, sql injection
SHA-256 | b586c653e892e2e9c9de6abf89736d9dfbba1db49179b4cfb8634d3641320419
Red Hat Security Advisory 2023-1884-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1884-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | fc9c89b13e312fb5f4fe1200009a9ca763b5f8337fc63c661b1d4617cab984b4
Red Hat Security Advisory 2023-1887-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1887-01 - Multicluster Engine for Kubernetes 2.2.3 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-25881, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0361, CVE-2023-0767, CVE-2023-23916, CVE-2023-29017, CVE-2023-29199, CVE-2023-30547
SHA-256 | c76abde01d9f10b906b82af70f526e5dde9beac6b1dfdb779fcbc3547e91a418
Mars Stealer 8.3 Account Takeover
Posted Apr 26, 2023
Authored by Skoll

Mars Stealer version 8.3 suffers from an account takeover vulnerability.

tags | exploit
SHA-256 | 859ee6c02a290946712e160d9fa6957451e5ff9d3a1ee48e8c136fe88493850a
Red Hat Security Advisory 2023-1911-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1911-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | 9d163bafbf388ac00da9f7a838418d56d00c0139edb7bf0140f06b01dec25a06
Red Hat Security Advisory 2023-1894-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1894-01 - Multicluster Engine for Kubernetes 2.1 hotfix security update for console. Red Hat Product Security has rated this update as having a security impact of Critical.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-29017, CVE-2023-29199, CVE-2023-30547
SHA-256 | a4d5833a20f647432803c36f9d6285067175b734d7b16b4a2022f3008be1d028
Red Hat Security Advisory 2023-1891-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1891-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | a02f2aeb02de3e3cd1ef5581ab62cd830ff7765877fb325a12d70845a136334a
Red Hat Security Advisory 2023-1900-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1900-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | 743fb31e69fd4e0116700449a26a483ff2f843f48be9bae0069191715d14ef4d
Online Book Store 1.0 SQL Injection
Posted Apr 26, 2023
Authored by Or4nG.M4N

Online Book Store version 1.0 suffers from a remote SQL injection vulnerability. This is a variant of the original vulnerability discovered in August of 2020 by Moaaz Taha.

tags | exploit, remote, sql injection
SHA-256 | 28d8290923669351721291a134ab393064c7cf596e562dab8f119516f8343a3a
Red Hat Security Advisory 2023-1909-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1909-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | 3739b37c880d2da2be9d06afde260f6c5c51745b5d9fbe5add364093b8a5cfd1
Red Hat Security Advisory 2023-1895-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1895-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | 7e24dc5c83755b35eac96990fec408a3982ade0da1cf5f6def9808b724814582
Red Hat Security Advisory 2023-1897-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1897-01 - Red Hat Advanced Cluster Management for Kubernetes hotfix security update for console. Red Hat Product Security has rated this update as having a security impact of Critical.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-29017, CVE-2023-29199, CVE-2023-30547
SHA-256 | 2a3f7857ed0c099eda337c2e3470ecbfe3228a7856eccb4fda5999ddd33b2267
Red Hat Security Advisory 2023-1898-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1898-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | c3885a76526f2066fe315bfaba0bbeed59359de09379a9db4645147aa664059c
Windows/x64 Delete File / Dynamic PEB Method NULL-Free Shellcode
Posted Apr 26, 2023
Authored by Nayani

This Windows/x64 shellcode is an implementation of the DeleteFileA Windows API to delete a file in the C:/Windows/Temp/ directory.

tags | shellcode
systems | windows
SHA-256 | 5aec26b7e7e54f4fd6d0132a04967aea1827335f4327596bf01678300a0e46bb
Red Hat Security Advisory 2023-1896-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1896-01 - Red Hat Advanced Cluster Management for Kubernetes hotfix security update for console. Red Hat Product Security has rated this update as having a security impact of Critical.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-29017, CVE-2023-29199, CVE-2023-30547
SHA-256 | 83707081dc1083d6ecc90ebee7b1235456f75dafd9f9d03b26e4f683aa42a9ca
Red Hat Security Advisory 2023-1892-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1892-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | d0fee704ac2e0b904f5b6f7700c6e81698b85814ff5f9575c5fcaec580afd3f5
Red Hat Security Advisory 2023-1890-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1890-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | 475f33b3702899a4789e289b74fb8f0babce8e19a61863ced44976a76bbb2989
Red Hat Security Advisory 2023-1889-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1889-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968
SHA-256 | 9f78081af1d5884adcd5cbc581deafc1e86b022e83fb9cd4c0f6e9aa196fef43
PaperCut NG/MG 22.0.4 Authentication Bypass
Posted Apr 26, 2023
Authored by MaanVader

PaperCut NG/MG version 22.0.4 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2023-27350
SHA-256 | 95117b4ea6d64465f3bdf0cbe0e494cb29917bc6739c9247641bc9a4924cf832
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close