what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2023-05-04

Ubuntu Security Notice USN-6055-1
Posted May 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6055-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue is being addressed only for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

tags | advisory, denial of service, ruby
systems | linux, ubuntu
advisories | CVE-2023-28755, CVE-2023-28756
SHA-256 | 57cc9e7412e527b063da950b49c9036f3f360426a199720cba2c4ff74ccb4925
Shannon Baseband fmtp SDP Attribute Memory Corruption
Posted May 4, 2023
Authored by Google Security Research, natashenka

Shannon Baseband suffers from a memory corruption vulnerability that occurs when the baseband modem processes SDP when setting up a call. When an fmtp attribute is parsed, the integer that represents the payload type is copied into an 8-byte buffer using memcpy with the length of payload type as the length parameter. There are no checks that the payload type is less than 8-bytes long or actually an integer.

tags | exploit
advisories | CVE-2022-26496
SHA-256 | 51aa5a7a2ca1d9308cad99d6da19581180aa08b8653f1c44406c7c5c7dc253b9
Red Hat Security Advisory 2023-2107-01
Posted May 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2107-01 - The Migration Toolkit for Containers (MTC) 1.7.9 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-41724, CVE-2022-41725, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0361, CVE-2023-23916, CVE-2023-25173, CVE-2023-28617
SHA-256 | 4e5916017cd2c38d0dbb46d07a4b6c5a15d545e4b934c30942abd25556065af8
Companymaps 8.0 SQL Injection
Posted May 4, 2023
Authored by Lucas Noki

Companymaps version 8.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2023-29809
SHA-256 | b0aafe154f3d640b0eff41d1f3be75f73ed88008c31e54c2549ca7bdaed63fed
Companymaps 8.0 Cross Site Scripting
Posted May 4, 2023
Authored by Lucas Noki

Companymaps version 8.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2023-29808
SHA-256 | 9170a05ef8923b1a4cb8e64c5fe811adc5c974c3590f52c7d1fcaf7d86970d04
Red Hat Security Advisory 2023-2104-01
Posted May 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2104-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-10735, CVE-2021-28861, CVE-2022-25881, CVE-2022-2873, CVE-2022-40897, CVE-2022-41222, CVE-2022-4269, CVE-2022-4304, CVE-2022-4378, CVE-2022-43945, CVE-2022-4415, CVE-2022-4450, CVE-2022-45061, CVE-2022-48303
SHA-256 | d7518abfdd2ac009bc17d82bebd1a4b25522cb7e7ce34f44d42b7e72b887fd7b
Shannon Baseband acfg / pcfg SDP Attribute Memory Corruption
Posted May 4, 2023
Authored by Google Security Research, natashenka

Shannon Baseband suffers from a memory corruption vulnerability that occurs when the baseband modem processes SDP when setting up a call. SDP supports attributes acfg and pcfg that allow configuration information to be specified as integers. The baseband software allocates a fixed-size buffer for this information, but does not check that the number of integers specified by the SDP is within this bound. This can lead to memory corruption when processing an acfg or pcfg attribute that contains more than 14 format types.

tags | exploit
advisories | CVE-2022-26497
SHA-256 | f7237e53d6febca38b353f2be59e9064bb4853fb37c38f9779aa9f273abc1ff6
Red Hat Security Advisory 2023-2097-03
Posted May 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2097-03 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include code execution, cross site scripting, denial of service, deserialization, improper neutralization, information leakage, and remote shell upload vulnerabilities.

tags | advisory, remote, denial of service, shell, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2022-1471, CVE-2022-22577, CVE-2022-23514, CVE-2022-23515, CVE-2022-23516, CVE-2022-23517, CVE-2022-23518, CVE-2022-23519, CVE-2022-23520, CVE-2022-25857, CVE-2022-27777, CVE-2022-31163, CVE-2022-32224, CVE-2022-33980
SHA-256 | 50fea193584f82c8f1d6717f456a59c84a8ff40da5472a16b24d35524eadc879
GV-Edge Recording Manager 2.2.3.0 Privilege Escalation
Posted May 4, 2023
Authored by Andrea Intilangelo

GV-Edge Recording Manager version 2.2.3.0 suffers from a privilege escalation vulnerability.

tags | advisory
advisories | CVE-2023-23059
SHA-256 | b4e358b9f4225b98f697086ed63dac38775b10cd0cb5bac428df7fe2c497a8de
Red Hat Security Advisory 2023-2100-01
Posted May 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2100-01 - This release of Camel for Spring Boot 3.20.1 serves as a replacement for Camel for Spring Boot 3.18.3 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. The purpose of this text-only errata is to inform you about the security issues fixed. Issues addressed include bypass, code execution, cross site scripting, denial of service, man-in-the-middle, memory exhaustion, resource exhaustion, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2021-37533, CVE-2022-25857, CVE-2022-31777, CVE-2022-33681, CVE-2022-37865, CVE-2022-37866, CVE-2022-38398, CVE-2022-38648, CVE-2022-38749, CVE-2022-38750, CVE-2022-38751, CVE-2022-38752, CVE-2022-39368, CVE-2022-40146
SHA-256 | 1bb832bf7ada06ee62e5e890aaaa9e8555545e8a79873bfe81eac208c4eb6165
Shannon Baseband chatroom SDP Attribute Memory Corruption
Posted May 4, 2023
Authored by Google Security Research, natashenka

Shannon Baseband suffers from a memory corruption vulnerability that occurs when the baseband modem processes SDP when setting up a call. SDP supports an attribute chatroom that allows multiple chat properties to be specified. The baseband software allocates a fixed-size buffer for these types, but does not check that the number of properties specified by the SDP is within this bound. This can lead to memory corruption when processing a chatroom attribute that contains more than 12 format types.

tags | exploit
advisories | CVE-2022-26498
SHA-256 | 8cb6ebadee250d2e79ec5b2160d5e18c8dae53fae64e54aa90dddc180b42ce0d
Red Hat Security Advisory 2023-2101-01
Posted May 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2101-01 - Red Hat Update Infrastructure offers a highly scalable, highly redundant framework that enables you to manage repositories and content. It also enables cloud providers to deliver content and updates to Red Hat Enterprise Linux instances. Issues addressed include denial of service and remote shell upload vulnerabilities.

tags | advisory, remote, denial of service, shell, vulnerability
systems | linux, redhat
advisories | CVE-2022-40899, CVE-2023-23969, CVE-2023-24580
SHA-256 | 2b5ebe94865b3ffd2e36ff0fcd58a37a83e0059cdb4bed21cb41db6d6c6cf9af
Shannon Baseband accept-type SDP Attribute Memory Corruption
Posted May 4, 2023
Authored by Google Security Research, natashenka

Shannon Baseband suffers from a memory corruption vulnerability that occurs when the baseband modem processes SDP when setting up a call. SDP supports an attribute accept-type that allows multiple format types to be specified. The baseband software allocates a fixed-size buffer for these types, but does not check that the number of format types specified by the SDP is within this bound. This can lead to memory corruption when processing an accept-type attribute that contains more than 12 format types.

tags | exploit
advisories | CVE-2023-24033
SHA-256 | 3e5dd3b9a11c7e00afc44d10af02f39c84d18710dc6778f472e078fbfd7d018b
Red Hat Security Advisory 2023-2098-01
Posted May 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2098-01 - Multicluster Engine for Kubernetes 2.0.8 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-25881, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0361, CVE-2023-0767, CVE-2023-23916
SHA-256 | 5b409796351ae2191f3661c02dbe09dbe4a07067b31d38f4971846d655574798
Red Hat Security Advisory 2023-2099-01
Posted May 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2099-01 - A patch is now available for Camel for Spring Boot 3.18.3. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2023-1370, CVE-2023-20863
SHA-256 | c03bad8f83a4deffe2609c9a9c130f938597dfd431f082672af5eb6c0e6de748
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close