what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2024-07-23

Perten Instruments Process Plus Software 1.11.6507.0 LFI / Hardcoded Credentials
Posted Jul 23, 2024
Authored by T. Weber, S. Dietz | Site cyberdanube.com

Perten Instruments Process Plus Software versions 1.11.6507.0 and below suffer from local file inclusion, hardcoded credential, and execution with unnecessary privilege vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
advisories | CVE-2024-6911, CVE-2024-6912, CVE-2024-6913
SHA-256 | 92c6be9a95dec36f75c305fd1ec54275736478e25459c036cab67f945826b0f2
Ubuntu Security Notice USN-6905-1
Posted Jul 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6905-1 - It was discovered that Rack incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. It was discovered that Rack incorrectly handled Multipart MIME parsing. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-27530, CVE-2023-27539
SHA-256 | f1fb99c460c408c54600bfb86185879ad2833e7b4ce66083ea2f2adece4c2d2b
Ubuntu Security Notice USN-6904-1
Posted Jul 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6904-1 - It was discovered that PyMongo incorrectly handled certain BSON. An attacker could possibly use this issue to read sensitive information or cause a crash.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2024-5629
SHA-256 | fcdec1b07b070a6622feb7e4235b0acc1f1a048b493cbdd384578b9850c079a6
tc Tor Chat Client July 2024 Release
Posted Jul 23, 2024
Authored by fausto

tc is a low-tech free software to chat anonymously and ciphered over Tor circuits in PGP. Use it to protected your communication end-to-end with RSA/DSA encryption and keep yourself anonymously reachable by anyone who only knows your .onion address and your public key. All this and more in 3278 lines of C code that compile and run on BSD and Linux systems with an IRC like GUI. As this is a rolling release and does not have an official build yet, the prior version on Packet Storm was replaced with this updated code base.

Changes: loadauthkeys() validate file to not complain with tor and fit display. loadauthkeys() introduce tmp[]. decrypt() fix format-truncation warning in snprintf (size 5 to 20). showgroups() fix format warning casting the pointer. loadkeysid() add support to load ed25519 keys fingerprint as recipient. loadkeysid() add support to load ed25519 keys description. loadkeysid() int finger introduced. loadkeysid() enlarged buf[] to 65 chars. Various other updates and additions.
tags | tool
systems | linux, unix, bsd
SHA-256 | 6c67a5801efc2a283234e2f35e78d64c742c4135b8931a73f5ed69073993ef33
Red Hat Security Advisory 2024-4717-03
Posted Jul 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4717-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-6601
SHA-256 | 2a02b4915e8c2ff33295c851f4ef088aa4f068b2b322aa2a9c78f8ec187cc6e7
Red Hat Security Advisory 2024-4713-03
Posted Jul 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4713-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2024-36886
SHA-256 | 3a72ee436dc05f0c47719e8dbc954c6eb8dec748f207f0ae84336bb6fd1420e9
Red Hat Security Advisory 2024-4697-03
Posted Jul 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4697-03 - An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-24788
SHA-256 | 79070c148d2d5eb975b74c2c5ab3519c00b0290a075521ddedb9a1ce6d400eb7
Ubuntu Security Notice USN-6898-4
Posted Jul 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6898-4 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-38096, CVE-2023-52880, CVE-2024-23307, CVE-2024-24861, CVE-2024-25739, CVE-2024-26629, CVE-2024-26654, CVE-2024-26687, CVE-2024-26811, CVE-2024-26812, CVE-2024-26814, CVE-2024-26828, CVE-2024-26922, CVE-2024-26925
SHA-256 | 8b053de7161b766a9cba5511fe20d03faf97b54bcfcc24fb43aa58677af61c15
Ubuntu Security Notice USN-6893-3
Posted Jul 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6893-3 - It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-52699, CVE-2024-26811, CVE-2024-26923, CVE-2024-26926, CVE-2024-26936, CVE-2024-26980, CVE-2024-26981, CVE-2024-26983, CVE-2024-26985, CVE-2024-26987, CVE-2024-26988, CVE-2024-26989, CVE-2024-26991, CVE-2024-26992
SHA-256 | 7f62f78668bc36911b1f96b40c020e8124cd85ad4a7b7ca69e27900327bdb441
Ubuntu Security Notice USN-6896-5
Posted Jul 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6896-5 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2022-48627, CVE-2023-52620, CVE-2023-52656, CVE-2023-52699, CVE-2023-52880, CVE-2023-6270, CVE-2023-7042, CVE-2024-22099, CVE-2024-23307, CVE-2024-24858, CVE-2024-24861, CVE-2024-25739, CVE-2024-26586, CVE-2024-26642
SHA-256 | df9560dc3783d3d4a0c9d99e6352e1f6ea6dd5c66518086f9ad8789fbd721813
LMS ZAI 6.1 Insecure Settings
Posted Jul 23, 2024
Authored by indoushka

LMS ZAI version 6.1 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | ac6f91ffe20c571e57ac0c8a6aef0c5437b2d37e5f53c46ef41059f24100b7db
Quick Job 2.4 Insecure Direct Object Reference
Posted Jul 23, 2024
Authored by indoushka

Quick Job version 2.4 suffers from an insecure direct object reference vulnerability.

tags | exploit
SHA-256 | ed619defcb18f94880d7fdc150758b05fc052d89b88cf6c32eda99ac714a326b
PPDB ONLINE 1.3 Administrative Page Disclosure
Posted Jul 23, 2024
Authored by indoushka

PPDB ONLINE version 1.3 appears to suffer from an administrative page disclosure issue.

tags | exploit, info disclosure
SHA-256 | 567512dc29f3191d46966af5a6dd1339474aa567f65e1c6564dccda43acadad3
PHP MaXiMuS 2.5.2 Cross Site Scripting
Posted Jul 23, 2024
Authored by indoushka

PHP MaXiMuS version 2.5.2 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
SHA-256 | f7f012f0611c7ac312b6b0ad3df48db019ad64a1683b0a0e3c97146f444edd95
NUKE SENTINEL 2.5.2 Cross Site Scripting
Posted Jul 23, 2024
Authored by indoushka

NUKE SENTINEL version 2.5.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 04959e224e4d66c86926b38e058df306a652f0dbf3a13e5a864ba731b33ed47c
Minfotech CMS 2.0 SQL Injection
Posted Jul 23, 2024
Authored by indoushka

Minfotech CMS version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c70371f0daa1616ffe4fc66938a433e31d91535c9593510fb4fccef1fdbc587e
eDesign CMS 2.0 Insecure Direct Object Reference
Posted Jul 23, 2024
Authored by indoushka

eDesign CMS version 2.0 suffers from an insecure direct object reference vulnerability.

tags | exploit
SHA-256 | 55a4eca00e7267d8d4d5cdd94c2b99447eef8059c06cab914a3401ebda7966f2
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close