This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Flowmon versions before v12.03.02.
f262ccf117a7326996b9db1324d65098a3eea5a5882162d9f1ec432434054948Ubuntu Security Notice 6797-1 - It was discovered that some 3rd and 4th Generation Intel® Xeon® Processors did not properly restrict access to certain hardware features when using Intel® SGX or Intel® TDX. This may allow a privileged local user to potentially further escalate their privileges on the system. This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. It was discovered that some Intel® Atom® Processors did not properly clear register state when performing various operations. A local attacker could use this to obtain sensitive information via a transient execution attack. This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS.
1ae00687dcd8bf9e9f41102f5446e293b7f0e18dbc2d69d9941f2b35474397b5Ubuntu Security Notice 6787-1 - It was discovered that Jinja2 incorrectly handled certain HTML attributes that were accepted by the xmlattr filter. An attacker could use this issue to inject arbitrary HTML attribute keys and values to potentially execute a cross-site scripting attack.
5fb19612eaef3e824fef107b74a6791c85cf91717d71f96ab90d4a98e0def10eUbuntu Security Notice 6779-2 - USN-6779-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Jan-Ivar Bruaroey discovered that Firefox did not properly manage memory when audio input connected with multiple consumers. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. Thomas Rinsma discovered that Firefox did not properly handle type check when handling fonts in PDF.js. An attacker could potentially exploit this issue to execute arbitrary javascript code in PDF.js. Irvan Kurniawan discovered that Firefox did not properly handle certain font styles when saving a page to PDF. An attacker could potentially exploit this issue to cause a denial of service.
04753870be2f86ad507c1b333e07383bc770d2d1eff3370507f9073d2cd6e5b7GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.
c7a2afcb7f7030300a7925577a7b912f59608942f781769b5cbdf9916f73d67cUbuntu Security Notice 6795-1 - Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service.
1263e2b9ac7045e640a955619fc9ec7e9ee0cee6811cce5ca858a631117df48djSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.
986e0909140808aa7906e212cb9896a9cf3030e9fccf810382c752b536ca2aabUbuntu Security Notice 6794-1 - It was discovered that FRR incorrectly handled certain malformed BGP and OSPF packets. A remote attacker could use this issue to cause FRR to crash, resulting in a denial of service, or possibly execute arbitrary code.
47ddafe31545f6705925074862290fa2f1508b41ff29eebba6eafeea1205820aUbuntu Security Notice 6792-1 - Naom Moshe discovered that Flask-Security incorrectly validated URLs. An attacker could use this issue to redirect users to arbitrary URLs.
dd74e3993d1b111f328d5e0d507173edce5b7ad9ff7ff37d8a2b4b487eda20f7This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware. This release is nicknamed "Aurora".
94dcb8e3eaf14009453756fbcd73d0e47cd762d3772ce3040808feeacee87b90Red Hat Security Advisory 2024-3464-03 - An update for glibc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include buffer overflow, code execution, null pointer, and out of bounds write vulnerabilities.
397b6cd336aa2e64d49b2f9ab9d785c2a707a43a3d1eb27af9203a17f9c976e3Red Hat Security Advisory 2024-3462-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free vulnerability.
d72c2e9758adff9f1d07c56b3500c51817e271488f992b5e688851a713d3a712Red Hat Security Advisory 2024-3461-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.
a584b89190b10a794458035aa1763aa93306e9372351dd09b4e24f5e4d7da72eRed Hat Security Advisory 2024-3460-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.
01f0cc63321a1a02e62122a00a2dfc31e28afec68f49edfd3c46f56ff4570cf2Red Hat Security Advisory 2024-3433-03 - An update for protobuf is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
d26dd89079dc07bcecbe047ee69a066d6a8574cc3bb9d8a27ec06d3e4c658019Red Hat Security Advisory 2024-3431-03 - An update for pcs is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a denial of service vulnerability.
9de2e526dc603d137acaece37ed266247f99cf697beecb900548429ae7c33fd1Red Hat Security Advisory 2024-3428-03 - An update for the rust-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
c52460f17c34f2f7db626b0011c99f88cca044a7b16dbf38dc43c26b7396bcc7Red Hat Security Advisory 2024-3427-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-free vulnerability.
a0ec33f557ca0d073a3f53ae8b4c8025fe904514b6a56620b3e867a7119b984fRed Hat Security Advisory 2024-3426-03 - An update for the varnish:6 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a denial of service vulnerability.
9a239513f473b6fc5deae31cdc64fe73dc0bd7631e13a7127e9ab5d7efa9a967Red Hat Security Advisory 2024-3423-03 - An update for glibc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include buffer overflow, null pointer, and out of bounds write vulnerabilities.
995cb014fc7fbf93eff08dd567fd48717794b84ec50a3b2d0d627c41ace3be8bRed Hat Security Advisory 2024-3422-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
848bf74de9985a872431191a9fa04b7ec4c3b1d1f146fe8d142c50b6752deaa0Red Hat Security Advisory 2024-3421-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a use-after-free vulnerability.
722dd888172646245dc9d140441b7cfb6c22df4a3e2222165fb17ff9a41af213Red Hat Security Advisory 2024-3418-03 - An update for rust is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
28bf85c7cd7d3c6be9f84c46399a86e1fcf6b01fadbfa2a09a374be52c05c74fRed Hat Security Advisory 2024-3417-03 - An update for mod_http2 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a denial of service vulnerability.
51cd68c97b17098ceb0463d9f1c9b0b64d7b2f7e4c6b47fa36793982f11f0f6bRed Hat Security Advisory 2024-3414-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a use-after-free vulnerability.
40d77d69adb5e2550fc1ae5d76234e1f22a683b6850d518f5a324ae11e6d89c8
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed