what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 36 RSS Feed

Files Date: 2023-10-05

Wireshark Analyzer 4.0.10
Posted Oct 5, 2023
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: A bug was fixed where there was an error loading the g729.so plugin with Wireshark 4.0.9 and 3.6.17 on macOS.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | b2e3ff03fa2be9058a9ffbedd12b0a670433bd16c8cc6c432ab48dabc2df1898
jSQL Injection 0.94
Posted Oct 5, 2023
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Fixed Sleep Time always applied when disabled in Preference. Fixed URL encoding always applied in path when disabled in Preference. Fixed strategy Stacked not applied. Optimized SQL query.
tags | tool, scanner, sql injection
systems | linux, unix
SHA-256 | 5674649cb5463b17483b4b4890dd1892b295b619eea8c1a2230452f2df7677c6
Chrome ReduceJSLoadPropertyWithEnumeratedKey Out-Of-Bounds Access
Posted Oct 5, 2023
Authored by Google Security Research, Glazvunov

Chrome checks in ReduceJSLoadPropertyWithEnumeratedKey are not sufficient to prevent the engine from reading an out-of-bounds index from an enum cache.

tags | exploit
advisories | CVE-2023-4427
SHA-256 | d2720d577ee6196fb4e71365c0315fa67c9c9abb683aa559628add3042c1ecce
Chrome Dangling FixedArray Pointers / Memory Corruption
Posted Oct 5, 2023
Authored by Google Security Research, Glazvunov

Chrome suffers from an issue with dangling FixedArray pointers in Torque that can lead to memory corruption.

tags | exploit
advisories | CVE-2023-4355
SHA-256 | 1bf880f7ba1c3955eba8b9696b7db8f2836b2579a921f40d918c9f7f376eb6da
Chrome SKIA Integer Overflow
Posted Oct 5, 2023
Authored by Google Security Research, Mark Brand

When deserializing an SkPath, there is some basic validation performed to ensure that the contents are consistent. This validation does not use safe integer types, or perform additional validation, so it's possible for a large path to overflow the point count, resulting in an unsafe SkPath object.

tags | exploit, overflow
advisories | CVE-2023-4354
SHA-256 | 7e0793cb8767bd5e3e5ac3845bbfc7ec6d83d30f81733f1592b40df7805b3a2f
edgetpu_pin_user_pages Race Condition
Posted Oct 5, 2023
Authored by Google Security Research, Seth Jenkins

There is a race condition in edgetpu_pin_user_pages which is reachable from some unprivileged contexts, including the Camera app, or the Google Meet app.

tags | exploit
advisories | CVE-2023-35645
SHA-256 | f2c097f59fbb9a93bf14610f9faf8be4d99e83e00ca52f16c11b8af6ef496e22
Ubuntu Security Notice USN-6396-2
Posted Oct 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6396-2 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information.

tags | advisory, x86, local
systems | linux, ubuntu
advisories | CVE-2022-27672, CVE-2022-40982, CVE-2023-3212, CVE-2023-3863, CVE-2023-40283, CVE-2023-4128
SHA-256 | 70922139c6b034f316eb5edab38f72e40e1c058b73dbdd7a944c8bf477ad69b9
Ubuntu Security Notice USN-6419-1
Posted Oct 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6419-1 - Hong Phat Ly discovered that jQuery UI did not properly manage parameters from untrusted sources, which could lead to arbitrary web script or HTML code injection. A remote attacker could possibly use this issue to perform a cross-site scripting attack. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Esben Sparre Andreasen discovered that jQuery UI did not properly handle values from untrusted sources in the Datepicker widget. A remote attacker could possibly use this issue to perform a cross-site scripting attack and execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.

tags | advisory, remote, web, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2016-7103, CVE-2021-41184, CVE-2022-31160
SHA-256 | 05388b73a403c354a99e6e89119bc4f5977a6dc6cffe23761717eab763f7e15d
Ubuntu Security Notice USN-6418-1
Posted Oct 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6418-1 - It was discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue was only fixed in Ubuntu 20.04 LTS. Vít Šesták discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-22883, CVE-2021-22884
SHA-256 | efe81905e836b8c2f8ec1aa28b49b9d7d4e86625a9cac2b64a592023b82ead87
Red Hat Security Advisory 2023-5447-01
Posted Oct 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5447-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2023-0800, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804, CVE-2023-2602, CVE-2023-2603, CVE-2023-26115, CVE-2023-27536, CVE-2023-28321, CVE-2023-28484, CVE-2023-29469, CVE-2023-29491, CVE-2023-30630
SHA-256 | 064208411f350866ed68312f72f0c474f0a2ecea1dbbc546d9f0284e9cdd0f9b
Ubuntu Security Notice USN-6417-1
Posted Oct 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6417-1 - It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2021-4001, CVE-2023-1206, CVE-2023-3212, CVE-2023-3338, CVE-2023-3863, CVE-2023-4194
SHA-256 | c26238a5fdacf3ea9d3afd0da623a96b6fd205a4238fb6b5c63f66ebabb02fb1
Ubuntu Security Notice USN-6416-1
Posted Oct 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6416-1 - It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service. Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1206, CVE-2023-20569, CVE-2023-2156, CVE-2023-3338, CVE-2023-38432, CVE-2023-3863, CVE-2023-3865, CVE-2023-3866, CVE-2023-4132, CVE-2023-4155, CVE-2023-4194, CVE-2023-4273, CVE-2023-44466
SHA-256 | 331f2ead28b7e52720b6f311fc3698392b6dd99793aaafc88fa16cf568162c17
Ubuntu Security Notice USN-6415-1
Posted Oct 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6415-1 - Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory. Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code.

tags | advisory, remote, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-20569, CVE-2023-25775, CVE-2023-37453, CVE-2023-3772, CVE-2023-3773, CVE-2023-42753, CVE-2023-4622, CVE-2023-4623
SHA-256 | ac0576ea83c3691a31572b17759cf26008e0d00fe1b127688ad4fc8be0c5c1ec
Ubuntu Security Notice USN-6414-2
Posted Oct 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6414-2 - USN-6414-1 and USN-6378-1 fixed CVE-2023-43665 and CVE-2023-41164 in Django, respectively. This update provides the corresponding update for Ubuntu 18.04 LTS. Wenchao Li discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-41164
SHA-256 | f10086f54f995b17b4c0765ad284f4a177e992a12092d7fc61d4ed48781a7141
Red Hat Security Advisory 2023-5446-01
Posted Oct 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5446-01 - Release of Red Hat build of OptaPlanner 8.38.0 SP1. This release includes security fixes. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2023-4853
SHA-256 | 53d098f168441f0611d96d6b72f382d80343ed03b08e2c001f78d65a86f0cf38
Debian Security Advisory 5515-1
Posted Oct 5, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5515-1 - A security issue was discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2023-5346
SHA-256 | cd387add5ecac48e0ec28d632aaa0667202aefef4687f0629b6c55ff658c3240
Ubuntu Security Notice USN-6414-1
Posted Oct 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6414-1 - Wenchao Li discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-43665
SHA-256 | 0d512e8d90b6f3b9cbd71c856ea71fe9bdebfeb0c5275142aa20c6a6072f5c3f
Ubuntu Security Notice USN-6413-1
Posted Oct 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6413-1 - It was discovered that GNU binutils was not properly performing checks when dealing with memory allocation operations, which could lead to excessive memory consumption. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. It was discovered that GNU binutils was not properly performing bounds checks when processing debug sections with objdump, which could lead to an overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-17122, CVE-2017-8421, CVE-2022-35205, CVE-2022-47007, CVE-2022-47011, CVE-2022-48063
SHA-256 | 85f3b8e66e6ca80cfad7a4b2fee86408e70eb04287c701f0932d49c7e4efa739
Ubuntu Security Notice USN-6412-1
Posted Oct 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6412-1 - Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Hyunwoo Kim discovered that the Technotrend/Hauppauge USB DEC driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2022-45886, CVE-2022-45887, CVE-2022-48425, CVE-2023-1206, CVE-2023-20569, CVE-2023-2156, CVE-2023-3212, CVE-2023-38427, CVE-2023-38431, CVE-2023-4155, CVE-2023-4194, CVE-2023-4273
SHA-256 | eef2bb4192be147f56bfdab3849d216add0a381c00e18c6ca3934a0f72c58c02
Red Hat Security Advisory 2023-5438-01
Posted Oct 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5438-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.3.1. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-3600, CVE-2023-5169, CVE-2023-5171, CVE-2023-5176, CVE-2023-5217
SHA-256 | 715a89fbdb178aa9352737ec608e1714c879a975897a5589e3ce302464f340de
Red Hat Security Advisory 2023-5426-01
Posted Oct 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5426-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.3.1 ESR. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-3600, CVE-2023-5169, CVE-2023-5171, CVE-2023-5176, CVE-2023-5217
SHA-256 | 3ed2e8b6e60bd86bf45ecb7063e1303618ab239fe54fef1762deaf1e7cd91dc9
Red Hat Security Advisory 2023-5430-01
Posted Oct 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5430-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.3.1. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-3600, CVE-2023-5169, CVE-2023-5171, CVE-2023-5176, CVE-2023-5217
SHA-256 | e43c4243435fb2eb1f7e39e4f150404f89cfef5c6ffc7f9039b21b760e43552b
Red Hat Security Advisory 2023-5442-01
Posted Oct 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5442-01 - Red Hat Advanced Cluster Management for Kubernetes 2.8.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41721, CVE-2023-24539, CVE-2023-24540, CVE-2023-26136, CVE-2023-29400, CVE-2023-29491, CVE-2023-30630
SHA-256 | 8ae212f8203286d8bd562c1b68bea127cf49e8e6953d776786190637a7155566
Red Hat Security Advisory 2023-5432-01
Posted Oct 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5432-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.3.1. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-3600, CVE-2023-5169, CVE-2023-5171, CVE-2023-5176, CVE-2023-5217
SHA-256 | cfeb933422ebc25e4ba3bf335f4dec82d2fef8d62873682c46a61b0105dd00ce
Red Hat Security Advisory 2023-5435-01
Posted Oct 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5435-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.3.1. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-3600, CVE-2023-5169, CVE-2023-5171, CVE-2023-5176, CVE-2023-5217
SHA-256 | b31cecd703d813be4d834c2d617bca16bfd9101a06380b207168e84e7c809a82
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close