what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 32 RSS Feed

Files Date: 2023-05-18

IBM AIX 7.2 inscout Privilege Escalation
Posted May 18, 2023
Authored by Tim Brown, Brendan Coles | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in IBM AIX invscout set-uid root utility present in AIX 7.2 and earlier. The undocumented -rpm argument can be used to install an RPM file; and the undocumented -o argument passes arguments to the rpm utility without validation, leading to command injection with effective-uid root privileges. This module has been tested successfully on AIX 7.2.

tags | exploit, root
systems | aix
advisories | CVE-2023-28528
SHA-256 | f3e0281ebf8cc8be1ea81e0032c40dcbde5f2db791362ec9903abdd761d6ef66
WordPress Elementor Lite 5.7.1 Arbitrary Password Reset
Posted May 18, 2023
Authored by Rafie Muhammed | Site wordfence.com

On May 11 2023, Essential Addons for Elementor, a WordPress plugin with over one million active installations, released a patch for a critical vulnerability that made it possible for any unauthenticated user to reset arbitrary user passwords, including user accounts with administrative-level access. Versions 5.7.1 and below are affected.

tags | advisory, arbitrary
advisories | CVE-2023-32243
SHA-256 | b490bdb882ad86e7ff81deba47da7c86db696c222f28c738f8439dfac6b670ce
Debian Security Advisory 5405-1
Posted May 18, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5405-1 - It was discovered that missing input sanitizing in the implementation of the OIDCStripCookie option in mod_auth_openidc could result in denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2023-28625
SHA-256 | 1d6dd7ea5255ab55435a7b8021c5fcfec6d0f6853f11f96937e6377931367996
Red Hat Security Advisory 2023-3221-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3221-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.11.0. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2023-32205, CVE-2023-32206, CVE-2023-32207, CVE-2023-32211, CVE-2023-32212, CVE-2023-32213, CVE-2023-32215
SHA-256 | e25c1fe577d896c07297f36243a52740d63fca57a5456b7a3889141756159c09
Red Hat Security Advisory 2023-3220-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3220-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.11.0 ESR. Issues addressed include a bypass vulnerability.

tags | advisory, web, bypass
systems | linux, redhat
advisories | CVE-2023-32205, CVE-2023-32206, CVE-2023-32207, CVE-2023-32211, CVE-2023-32212, CVE-2023-32213, CVE-2023-32215
SHA-256 | 0a3d66a9b40a5500cf9249b7bf9e793450d3aea906b3dc59da693dec82bb48bd
Red Hat Security Advisory 2023-3223-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3223-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 2.4.0 serves as a replacement for Red Hat AMQ Streams 2.3.0, and includes security and bug fixes, and enhancements. Issues addressed include denial of service, deserialization, information leakage, memory exhaustion, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-36518, CVE-2021-0341, CVE-2021-37136, CVE-2021-37137, CVE-2021-46877, CVE-2022-24823, CVE-2022-36944, CVE-2022-40149, CVE-2022-40150, CVE-2022-42003, CVE-2022-42004, CVE-2023-0833, CVE-2023-1370
SHA-256 | 2e9f7b14744710d4471684a7020cb03110e262064411dd07a3bca0add6dbd69d
Ubuntu Security Notice USN-6087-1
Posted May 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6087-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM.

tags | advisory, denial of service, ruby
systems | linux, ubuntu
advisories | CVE-2023-28755, CVE-2023-28756
SHA-256 | cc361b6847f2850db6412282b2a465949ce6e489bc3be40573658c7db61eda9b
Ubuntu Security Notice USN-6088-1
Posted May 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6088-1 - It was discovered that runC incorrectly made /sys/fs/cgroup writable when in rootless mode. An attacker could possibly use this issue to escalate privileges. It was discovered that runC incorrectly performed access control when mounting /proc to non-directories. An attacker could possibly use this issue to escalate privileges. It was discovered that runC incorrectly handled /proc and /sys mounts inside a container. An attacker could possibly use this issue to bypass AppArmor, and potentially SELinux.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2023-25809, CVE-2023-27561, CVE-2023-28642
SHA-256 | 2f031ce092f7d0711f57fff73989b5ab760a9919f81cb22a319eeecb62e33b00
Ubuntu Security Notice USN-6086-1
Posted May 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6086-1 - It was discovered that minimatch incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-3517
SHA-256 | cb1b228d1eb2df235eb05d08d9c229415c6b4a367f1496c0ff14077cda988736
Red Hat Security Advisory 2023-1329-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1329-01 - Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built from the edge capabilities of Red Hat OpenShift. MicroShift is an application that is deployed on top of Red Hat Enterprise Linux devices at the edge, providing an efficient way to operate single-node clusters in these low-resource environments. This advisory contains the RPM packages for Red Hat build of MicroShift 4.13.0. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41717
SHA-256 | bb404d982dde3b955ac9572e8e61019a0a990f8beeae74743a7245392242f0bd
Red Hat Security Advisory 2023-2138-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2138-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the extra low-latency container images for Red Hat OpenShift Container Platform 4.13. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2020-16251, CVE-2021-43998
SHA-256 | b79395754ba21855cd5d5031d58d1663e08942e2e0206b476363246f24bf8b51
Red Hat Security Advisory 2023-3205-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3205-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.0 images. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-27664, CVE-2022-2879, CVE-2022-2880, CVE-2022-32149, CVE-2022-32189, CVE-2022-32190, CVE-2022-41715, CVE-2022-41717
SHA-256 | 4a34dffe5fe9a55229a283a656ce8bd4866b959518034a1c1e0f3cd63f69b2f6
Red Hat Security Advisory 2023-1325-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1325-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, and information leakage vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2022-2990, CVE-2022-3259, CVE-2022-41717, CVE-2022-41723, CVE-2022-41724, CVE-2022-41725, CVE-2023-0056, CVE-2023-0229, CVE-2023-0778, CVE-2023-25577, CVE-2023-25725
SHA-256 | 3c99969afc933e620ba374452c68f8593447bc9cc623598572b823c7da85ed1a
Red Hat Security Advisory 2023-1328-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1328-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include denial of service and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-20329, CVE-2021-38561, CVE-2022-2990, CVE-2022-3259, CVE-2022-41717, CVE-2022-41723, CVE-2022-41724, CVE-2022-41725, CVE-2023-0056, CVE-2023-0229, CVE-2023-0778, CVE-2023-25577, CVE-2023-25725
SHA-256 | 3a4e6c17a1fad21c0a5fe97d77aab166a10953b20b4daadf02981ebeea2e43b3
Red Hat Security Advisory 2023-3204-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3204-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.0 RPMs. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-27664, CVE-2022-32149, CVE-2022-32189, CVE-2022-32190, CVE-2022-41717
SHA-256 | 08faa1eb448f6988cd7668ab6bda752456d67d6329f4a21098bbc758d63aa513
Red Hat Security Advisory 2023-2695-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2695-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.40.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-3064
SHA-256 | 30808f64ea9dc8b1dd535d9353817e3c61f34db64947e263e5d3a55cca08ab61
Red Hat Security Advisory 2023-3198-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3198-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, code execution, cross site request forgery, cross site scripting, denial of service, deserialization, information leakage, and insecure permissions vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, csrf
systems | linux, redhat
advisories | CVE-2021-26291, CVE-2022-1471, CVE-2022-25857, CVE-2022-29599, CVE-2022-30953, CVE-2022-30954, CVE-2022-42889, CVE-2022-43401, CVE-2022-43402, CVE-2022-43403, CVE-2022-43404, CVE-2022-43405, CVE-2022-43406, CVE-2022-43407
SHA-256 | 90baa6d6f8737bc29288b3b786655a657c5e97ed240d5aeb004a1660ffaa76c6
Red Hat Security Advisory 2023-1326-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1326-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, information leakage, out of bounds read, and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2021-20329, CVE-2021-38561, CVE-2021-4235, CVE-2021-4238, CVE-2021-43519, CVE-2021-44964, CVE-2022-1271, CVE-2022-1586, CVE-2022-1587, CVE-2022-1785, CVE-2022-1897, CVE-2022-1927, CVE-2022-21698, CVE-2022-23525
SHA-256 | f10395f77e4a90547f5bf8316a70cce7a5aac085f5d00bc9f68bcb976f306cf9
Ubuntu Security Notice USN-6085-1
Posted May 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6085-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, x86, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-27672, CVE-2022-3707, CVE-2023-0459, CVE-2023-1075, CVE-2023-1078, CVE-2023-1118, CVE-2023-1513, CVE-2023-20938, CVE-2023-2162, CVE-2023-32269
SHA-256 | aa3210f987aad288eceb4d47738fefdeeaba45b30f0086b998487487e95379e5
Debian Security Advisory 5404-1
Posted May 18, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5404-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2023-2721, CVE-2023-2722, CVE-2023-2723, CVE-2023-2724, CVE-2023-2725, CVE-2023-2726
SHA-256 | b9d8cf3624f6ed52243b417dd4886d4a46160ad20e96d0070a4579b580fe1a6e
Ubuntu Security Notice USN-6050-2
Posted May 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6050-2 - USN-6050-1 fixed several vulnerabilities in Git. This update provides the corresponding updates for CVE-2023-25652 and CVE-2023-29007 on Ubuntu 16.04 LTS. It was discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwrite paths.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-25652, CVE-2023-29007
SHA-256 | bf137bc1e28d6f96918599b40cde4c229b4efe526010eac8495bdb458bfd2cab
Ubuntu Security Notice USN-6084-1
Posted May 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6084-1 - Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information. Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information.

tags | advisory, x86, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-0459, CVE-2023-1118, CVE-2023-1513, CVE-2023-2162, CVE-2023-32269
SHA-256 | aff7252874c1a2288365562741dd0fcaeace1fb8d18c5af9a19d4e635dc0a359
Red Hat Security Advisory 2023-3191-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3191-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include denial of service and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2023-0461, CVE-2023-1390
SHA-256 | c8885e2be14e585e386a8420bf3ce75ac0a76079440fd3d3c73e66d98ebc68eb
Red Hat Security Advisory 2023-3177-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3177-01 - The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. apr-util is a library which provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more. Issues addressed include an out of bounds write vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-25147
SHA-256 | 97d76318cf1509dbafa824df4406434d637982261af6b64ad1362f5ff8942075
Red Hat Security Advisory 2023-3189-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3189-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2023-28617
SHA-256 | c1a9f72a1de72bcd2a82bf5398bf81512e57501c0569646cf82d89a6db74ee2e
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close