what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files Date: 2024-03-26

Ubuntu Security Notice USN-6717-1
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6717-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Hubert Kario discovered that Thunderbird had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover sensitive information.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-5388, CVE-2024-2607, CVE-2024-2608, CVE-2024-2610, CVE-2024-2612, CVE-2024-2614, CVE-2024-2616
SHA-256 | c7e276778f2c974b0aa76f968f7adfbc3e4984a93e8eaf31675ad13306e8e12a
Ubuntu Security Notice USN-6588-2
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6588-2 - USN-6588-1 fixed a vulnerability in PAM. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Matthias Gerstner discovered that the PAM pam_namespace module incorrectly handled special files when performing directory checks. A local attacker could possibly use this issue to cause PAM to stop responding, resulting in a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2024-22365
SHA-256 | c7b2ad8e2a4e87b81fc87db1dc5b2aeb9a7d378c2c2f1ce83e2f5497ce27f2a0
Bludit 3.13.0 Cross Site Scripting
Posted Mar 26, 2024
Authored by Gokhan Sensukur

Bludit version 3.13.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e30c7734bfb11521c11bd57e218e971d8a00d093a2268443b78f2c2f295a3316
Ubuntu Security Notice USN-6716-1
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6716-1 - Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service. It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-44879, CVE-2023-22995, CVE-2023-23000, CVE-2023-23004, CVE-2023-4244, CVE-2023-51779, CVE-2023-51780, CVE-2023-51782, CVE-2023-6121, CVE-2024-0340, CVE-2024-1086, CVE-2024-24855
SHA-256 | ca7041e9e1eafaa437eb00fd772e3fc4d0224945b1c747de75266ab82a88c293
Ubuntu Security Notice USN-6714-1
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6714-1 - It was discovered that debmany in Debian Goodies incorrectly handled certain deb files. An attacker could possibly use this issue to execute arbitrary shell commands.

tags | advisory, arbitrary, shell
systems | linux, debian, ubuntu
advisories | CVE-2023-27635
SHA-256 | d54f6944dfabbda777fb8a78361b6893760736de4073959bba84adbd8fa06495
Red Hat Security Advisory 2024-1510-03
Posted Mar 26, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1510-03 - An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8. Issues addressed include denial of service and privilege escalation vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2023-46809
SHA-256 | c4e6147191f85484eee5ae21e78a7706257747db690704310b707b291d30af6c
Red Hat Security Advisory 2024-1509-03
Posted Mar 26, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1509-03 - An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2024-25710
SHA-256 | ab201e94c9eeeb4ca23426158c1ae91b99566dfd9eb0d28704bf90c452b176b4
Red Hat Security Advisory 2024-1502-03
Posted Mar 26, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1502-03 - An update for grafana-pcp is now available for Red Hat Enterprise Linux 9. Issues addressed include a memory leak vulnerability.

tags | advisory, memory leak
systems | linux, redhat
advisories | CVE-2024-1394
SHA-256 | 64af92473e9dc53ecf48f74ebad70ff0466cead91970b760217b6a2ed21f16c0
Insurance Management System PHP And MySQL 1.0 Cross Site Scripting
Posted Mar 26, 2024
Authored by Hakki Toklu

Insurance Management System PHP and MySQL version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss
SHA-256 | 57a616cd0cf4b87402d807007a9cc4baf3849c77c283470d324acd935adbc001
Red Hat Security Advisory 2024-1501-03
Posted Mar 26, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1501-03 - An update for grafana is now available for Red Hat Enterprise Linux 9. Issues addressed include a memory leak vulnerability.

tags | advisory, memory leak
systems | linux, redhat
advisories | CVE-2024-1394
SHA-256 | ebb63361bb759d3a9e7a13173336126c9fc98df8ecb9106b9f4cd1f8f0240020
Red Hat Security Advisory 2024-1500-03
Posted Mar 26, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1500-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-5388
SHA-256 | c05f8f74cc8a662e477728100ce6bcdd582daa8a8b25edec9d157bea7fcf1396
Red Hat Security Advisory 2024-1499-03
Posted Mar 26, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1499-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-5388
SHA-256 | 4c35312ed656f58e5e77883ac99c6d4277c212a2120cbc8392c9387665c90811
Craft CMS 4.4.14 Remote Code Execution
Posted Mar 26, 2024
Authored by Olivier Lasne

Craft CMS version 4.4.14 suffers from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2023-41892
SHA-256 | 6dada91b5125e5cbc3f8d9cb9d59a5f937052241fe1e5481dab19199fced220c
Ubuntu Security Notice USN-6707-3
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6707-3 - Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2024-1085, CVE-2024-1086
SHA-256 | 4481855a0359e6fcdb7c16104841f3e2ebed01d718273c406f874c85f64846a5
Red Hat Security Advisory 2024-1497-03
Posted Mar 26, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1497-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-5388
SHA-256 | 694916cc7f93ef561a4faa6e4737263c6cb158372d7f2f807cc33d8f3ad9986b
Red Hat Security Advisory 2024-1496-03
Posted Mar 26, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1496-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-5388
SHA-256 | 7f4ff279933caca7c3743c461957b45d21d77941725aa2ac85b04d5e1ce0acb3
Red Hat Security Advisory 2024-1491-03
Posted Mar 26, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1491-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-5388
SHA-256 | 945623663f2172096c6b71e3b08fdabe05c8a47439dd5ff05a8e7b4e291dc27a
Red Hat Security Advisory 2024-1490-03
Posted Mar 26, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1490-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-5388
SHA-256 | ff89bb1e11cbe0562a24cf57e66f3825dcb41bc7cd1d8ebc94e15ab4bbdd16e0
LimeSurvey Community 5.3.32 Cross Site Scripting
Posted Mar 26, 2024
Authored by Subhankar Singh

LimeSurvey Community version 5.3.32 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2024-24506
SHA-256 | a0fc1c6d55d96c794b571df26d967b5cf55a3845f9c967220231741cb99ae87c
Orange Station 1.0 Shell Upload
Posted Mar 26, 2024
Authored by nu11secur1ty

Orange Station version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 5a9f8a0ab40cab9d931909357ed512b4a4e0910b05218556dc4ed1977fa5b4d8
Ubuntu Security Notice USN-6704-3
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6704-3 - It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service. Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-23000, CVE-2023-32247, CVE-2024-1085, CVE-2024-1086, CVE-2024-24855
SHA-256 | 01efe4c147c2288e39cc2669dc4bb7d1e7e1641d78d25efb20089e9afb739cf7
Red Hat Security Advisory 2024-1489-03
Posted Mar 26, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1489-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-5388
SHA-256 | 86bc89a9b35a07fa4157edb431950ea320dbafa5691bafdddeddeb1a3c184da5
Red Hat Security Advisory 2024-1488-03
Posted Mar 26, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1488-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-5388
SHA-256 | 6bf37a4b678fce20bf909634fe2de254458bf2ea9e41119e298ea3af53f80f9c
Red Hat Security Advisory 2024-1487-03
Posted Mar 26, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1487-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-5388
SHA-256 | 7c27cfc7e2501f297c9a798bd9de71a80591b82191a8429e1542992a7cd7ad91
Ubuntu Security Notice USN-6701-3
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6701-3 - Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service. It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-2002, CVE-2023-23000, CVE-2023-3006, CVE-2023-34256, CVE-2023-39197, CVE-2023-4132, CVE-2023-46838, CVE-2023-51781, CVE-2023-6121, CVE-2024-0775, CVE-2024-1086, CVE-2024-24855
SHA-256 | 5a4090a47f47b9d450d81add0c7c5cc25fe72ace31de291f6722899f4e03c608
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close