what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2023-09-25

RoyalTSX 6.0.1 RTSZ File Handling Heap Memory Corruption
Posted Sep 25, 2023
Authored by LiquidWorm | Site zeroscience.mk

RoyalTSX version 6.0.1 suffers from an RTSZ file handling heap memory corruption vulnerability. The application receives SIGABRT after the RAPortCheck.createNWConnection() function is handling the SecureGatewayHost object in the RoyalTSXNativeUI. When the hostname has an array of around 1600 bytes and the Test Connection is clicked the application crashes instantly.

tags | exploit
SHA-256 | 6bddf02ee202f21877203f81e88ca57213713fa9fe71c747db9f8b293f536b4a
OPNsense 23.1.11_1 / 23.7.3 / 23.7.4 Cross Site Scripting / Privilege Escalation
Posted Sep 25, 2023
Authored by Yasar Klawohn, JM | Site x41-dsec.de

OPNsense versions 23.1.11_1, 23.7.3, and 23.7.4 suffer from cross site scripting vulnerabilities that can allow for privilege escalation.

tags | exploit, vulnerability, xss
SHA-256 | 76e4fc1b6aee4986d4bbb70760bae717204a144677ec04e5e69cc9e4ca014975
Debian Security Advisory 5504-1
Posted Sep 25, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5504-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2023-3341, CVE-2023-4236
SHA-256 | d08a45f75291405aa2fc709f550a23b9901e1dce097ebf1ca545a9a498d0dbd8
Apple Security Advisory 2023-09-21-7
Posted Sep 25, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-09-21-7 - macOS Monterey 12.7 addresses a privilege escalation vulnerability.

tags | advisory
systems | apple
advisories | CVE-2023-41992
SHA-256 | 8ce806831c23799edfe51f75038820626c202835f3e8eab8dc7178462f887bcc
Global Socket 1.4.41
Posted Sep 25, 2023
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Transparent proxy detection. muslcc localtime() bug work around.
tags | tool, tcp
systems | unix
SHA-256 | 35256f0fc9b7a99eeb830d321b5976dc55f4abafc463b09e57965f8a55be4200
GNUnet P2P Framework 0.20.0
Posted Sep 25, 2023
Authored by Christian Grothoff | Site ovmj.org

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.

Changes: Added GNUNET_PQ_get_oid_by_name. Added GNUNET_PQ_get_oid(). Added new CCA-secure KEM and use in IDENTITY encryption. Added KEM API to avoid ephemeral private key management. Various other additions, updates, and improvements in this release.
tags | tool, web, udp, tcp, peer2peer
systems | unix
SHA-256 | 56029e78a99c04d52b1358094ae5074e4cd8ea9b98cf6855f57ad9af27ac9518
Apple Security Advisory 2023-09-21-6
Posted Sep 25, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-09-21-6 - macOS Ventura 13.6 addresses bypass vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2023-41991, CVE-2023-41992, CVE-2023-41993
SHA-256 | 38b6bdfc2c02e42e0dce4d0ecec7c16ebbb17b092bf7f5132dbe7b5849c9930e
Apple Security Advisory 2023-09-21-5
Posted Sep 25, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-09-21-5 - watchOS 9.6.3 addresses bypass vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2023-41991, CVE-2023-41992
SHA-256 | 5c5ee93b16e3c6712507d2ff6e5b7ed5829e719c8075068f4f94a53f4484563a
Ubuntu Security Notice USN-6190-2
Posted Sep 25, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6190-2 - USN-6190-1 fixed a vulnerability in AccountsService. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Kevin Backhouse discovered that AccountsService incorrectly handled certain D-Bus messages. A local attacker could use this issue to cause AccountsService to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2023-3297
SHA-256 | f440d8dc0f9ffb116adb040e10ecf34cedf3dcac2a8b62dbdd04bc7e53b2c517
Ubuntu Security Notice USN-6365-2
Posted Sep 25, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6365-2 - USN-6365-1 fixed a vulnerability in Open VM Tools. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SAML token signature verification and perform VMware Tools Guest Operations.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2023-20900
SHA-256 | e021010be0de73a4f28b80b4129ed427ea5f99b587b311842f8a521eb0fe74f4
Cybersecurity In Industry 4.0 And Smart Manufacturing
Posted Sep 25, 2023
Authored by Erhan YAZAN

Whitepaper called Cybersecurity in Industry 4.0 and Smart Manufacturing: The Rise of Security in the Age of IoT, IIoT, ICS, and SCADA. This article examines Industry 4.0's relationship with the rapidly developing technologies Internet of Things (IoT), Industrial Internet of Things (IIoT), Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) and why cyber security is important in these areas.

tags | paper
SHA-256 | 0458410365974be314b620bd7944a4541658322fd5a9cee88134e46a6317b29b
Apple Security Advisory 2023-09-21-4
Posted Sep 25, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-09-21-4 - watchOS 10.0.1 addresses bypass vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2023-41991, CVE-2023-41992
SHA-256 | 5711a5ee98a1f4a97a803777178be3e4188589740ade0cf56b4a3c7e7dd8cdc2
LogoBee CMS 0.2 Cross Site Scripting
Posted Sep 25, 2023
Authored by indoushka

LogoBee CMS version 0.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c2ead32c5cb5f5d010966c9529b1024ec709d62421149c9904c0751f97329087
Lamano LMS 0.1 Insecure Settings
Posted Sep 25, 2023
Authored by indoushka

Lamano LMS version 0.1 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | 1211a4d26c19dfb4f055d2493981d0ec9270c990f56c26cfafa09b3466428519
Apple Security Advisory 2023-09-21-3
Posted Sep 25, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-09-21-3 - iOS 16.7 and iPadOS 16.7 addresses bypass vulnerabilities.

tags | advisory, vulnerability
systems | apple, ios
advisories | CVE-2023-41991, CVE-2023-41992, CVE-2023-41993
SHA-256 | f449601a62ebbbd144305ef4452d57a5c40a3de57572f6f193ea28a6a3b9c199
Apple Security Advisory 2023-09-21-2
Posted Sep 25, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-09-21-2 - iOS 17.0.1 and iPadOS 17.0.1 addresses bypass vulnerabilities.

tags | advisory, vulnerability
systems | apple, ios
advisories | CVE-2023-41991, CVE-2023-41992, CVE-2023-41993
SHA-256 | f23503e52b808d43f23c89a857eaf734ab1d7444e01c12625db6d60309d2ad5e
Apple Security Advisory 2023-09-21-1
Posted Sep 25, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-09-21-1 - Safari 16.6.1 addresses a code execution vulnerability.

tags | advisory, code execution
systems | apple
advisories | CVE-2023-41993
SHA-256 | 766524a7cd017ff0881465c9f9c8e4ddd7862131dbd353efe01b6bc192483827
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close