what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2023-02-09

SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow
Posted Feb 9, 2023
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 LinkAndShare Transmitter version 1.1.2 suffers from a format string memory leak and stack buffer overflow vulnerability because it fails to properly sanitize user supplied input when calling the getenv() function from MSVCR120.DLL resulting in a crash overflowing the memory stack and leaking sensitive information. The attacker can abuse the username environment variable to trigger and potentially execute code on the affected system.

tags | exploit, overflow, memory leak
SHA-256 | 08bed1643ca8fe7e52102e53c1b987d059eaa3806e683bad069e20c052d613ef
Ubuntu Security Notice USN-5835-5
Posted Feb 9, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5835-5 - USN-5835-3 fixed vulnerabilities in Nova. This update provides the corresponding updates for Ubuntu 18.04 LTS. Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Nova incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-47951
SHA-256 | 849be3ecfe24a5c1a9e3f943a68b92a32c8177e09081ae6b746734cd27ea46d0
Ubuntu Security Notice USN-5835-4
Posted Feb 9, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5835-4 - USN-5835-1 fixed vulnerabilities in Cinder. This update provides the corresponding updates for Ubuntu 18.04 LTS. In addition, a regression was fixed for Ubuntu 20.04 LTS. Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Cinder incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-47951
SHA-256 | a7ff1600a9855ca7ba2c77382f0e93281df3f651f00851821d1955e102ffd77f
Red Hat Security Advisory 2023-0691-01
Posted Feb 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0691-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include an out of bounds read vulnerability.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2022-4337, CVE-2022-4338
SHA-256 | aa11bba93d275b15bbe33633c0bf0edec0248409e016a596d403d90bffdf08bf
Zoho ManageEngine Endpoint Central / MSP 10.1.2228.10 Remote Code Execution
Posted Feb 9, 2023
Authored by Christophe de la Fuente, Khoa Dinh, horizon3ai | Site metasploit.com

This Metasploit module exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine Endpoint Central and MSP versions 10.1.2228.10 and below (CVE-2022-47966). Due to a dependency to an outdated library (Apache Santuario version 1.4.1), it is possible to execute arbitrary code by providing a crafted samlResponse XML to the Endpoint Central SAML endpoint. Note that the target is only vulnerable if it is configured with SAML-based SSO, and the service should be active.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2022-47966
SHA-256 | 71109ad0ad4b5ae831f696edf7fd6c48b5fba5f7665fd0d7e73697da0de10222
Fortra GoAnywhere MFT Unsafe Deserialization Remote Code Execution
Posted Feb 9, 2023
Authored by Ron Bowes | Site metasploit.com

This Metasploit module exploits an object deserialization vulnerability in Fortra GoAnywhere MFT.

tags | exploit
advisories | CVE-2023-0669
SHA-256 | 051497e68329329350b8fed17a087b6d124609bf8c23ea52d28ac047e63c6038
Red Hat Security Advisory 2023-0685-01
Posted Feb 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0685-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include an out of bounds read vulnerability.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2022-4337, CVE-2022-4338
SHA-256 | 42a41ed205946f14d37d39c954be2279e135fa2ea811de244c96a42f06cfa438
Red Hat Security Advisory 2023-0688-01
Posted Feb 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0688-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include an out of bounds read vulnerability.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2022-4337, CVE-2022-4338
SHA-256 | 470aa983207d55626dc6bc025e15685f857a800ab343e1e0584b9b2e1995cc64
Red Hat Security Advisory 2023-0692-01
Posted Feb 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0692-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-32149, CVE-2022-41717
SHA-256 | c724623243641c16854a7844c0cefb04635c5ae9567a1af3d9793a9874dc0621
Red Hat Security Advisory 2023-0693-01
Posted Feb 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0693-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2021-4235, CVE-2021-43138, CVE-2021-46848, CVE-2022-2056, CVE-2022-2057, CVE-2022-2058, CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-27664, CVE-2022-2867, CVE-2022-2868, CVE-2022-2869, CVE-2022-2879
SHA-256 | 4cfa93a9c8eec59671cef9eab6c0c285ebe2bcaf6a8c559a999651c9ddbf94f2
Red Hat Security Advisory 2023-0689-01
Posted Feb 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0689-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include an out of bounds read vulnerability.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2022-4337, CVE-2022-4338
SHA-256 | 36b776ba1c0dc330100ebe6712125fff612e323fdf26825ca2c4dd650cf4e622
Red Hat Security Advisory 2023-0687-01
Posted Feb 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0687-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include an out of bounds read vulnerability.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2022-4337, CVE-2022-4338
SHA-256 | 1a8b9aa584e2a8f86ebb6870af5d2a4d0080fd2941191bc5ae678a62ecb50c8a
Windows Kernel Dangling Registry Link Node Use-After-Free
Posted Feb 9, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a use-after-free vulnerability due to a dangling registry link node under paged pool memory pressure.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-21747
SHA-256 | 54ec3add551cac7b508b2e8157d5a658c016115390f2b327d14cac78af270263
Red Hat Security Advisory 2023-0671-01
Posted Feb 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0671-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2023-0494
SHA-256 | d10a8c4bfe4dfeef5b4dbdb1337e0f766d3545b430286164c23a28df10c71b92
Red Hat Security Advisory 2023-0561-01
Posted Feb 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0561-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-4238
SHA-256 | 5d066e8584377e9441db37c290eb0e0aa8f23d06003d490e4f765d95691dcafe
Red Hat Security Advisory 2023-0675-01
Posted Feb 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0675-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include a use-after-free vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2023-0494
SHA-256 | 9a8f3a08fd509d45fb2482b2c079c5355440da1b8933317295ff39b596adef08
Red Hat Security Advisory 2023-0560-01
Posted Feb 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0560-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include bypass, cross site request forgery, cross site scripting, denial of service, deserialization, and improper authorization vulnerabilities.

tags | advisory, denial of service, vulnerability, xss, csrf
systems | linux, redhat
advisories | CVE-2020-7692, CVE-2022-25857, CVE-2022-30946, CVE-2022-30952, CVE-2022-30953, CVE-2022-30954, CVE-2022-36882, CVE-2022-36883, CVE-2022-36884, CVE-2022-36885, CVE-2022-43401, CVE-2022-43402, CVE-2022-43403, CVE-2022-43404
SHA-256 | 87d74e099c44a8fba916939b5b695bf11f9ee4557c7c18075edde2249576eb5c
Red Hat Security Advisory 2023-0673-01
Posted Feb 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0673-01 - Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-45060
SHA-256 | 8794bedaa206d7f444d9a2610f8ad315eefcb609cc12a69239da4a79a4e134a8
Debian Security Advisory 5345-1
Posted Feb 9, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5345-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2023-0696, CVE-2023-0697, CVE-2023-0698, CVE-2023-0699, CVE-2023-0700, CVE-2023-0701, CVE-2023-0702, CVE-2023-0703, CVE-2023-0704, CVE-2023-0705
SHA-256 | 89393ac268aca132cbde8aa1dc5a896a95d6c5f58f4156cae903b5f30586b8a3
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close