Proof of concept automation code to exploit a template injection vulnerability in GitHub repository sqlpad/sqlpad version prior to 6.10.1 that can result in remote code execution.
79a6a3c0f0cc3437faa5b70a9c94c21f376448987379d2b3ee42300f9a2f5271Proof of concept exploit for Spring Cloud Data Flow versions prior to 2.11.4 that achieves remote code execution through a malicious upload.
0ee38b6a8cf494539040a02c4712511aeac366dfde03820937e77f9441253ed3The array ppsPMR in DEVMEMXINT_RESERVATION holds references to PMR structures (using PMRRefPMR2()), intending to prevent the PMRs' physical memory from being released. However, PMRs with PVRSRV_MEMALLOCFLAG_NO_OSPAGES_ON_ALLOC (which for OSMem PMRs internally translates to FLAG_ONDEMAND) can release their backing physical pages while references to the PMR still exist; PMRLockSysPhysAddresses() must be used to prevent a PMR's backing pages from disappearing, like in DevmemIntMapPMR2(). Therefore, it is currently possible to free a PMR's backing pages while the PMR is mapped into a DEVMEMXINT_RESERVATION, leading to physical page use-after-free.
cc6e11ae0dee934a94a29ebded0e52e70690ca998d7efe6c5f0ffe85ffda4ebaUbuntu Security Notice 6997-1 - It was discovered that LibTIFF incorrectly handled memory. An attacker could possibly use this issue to cause the application to crash, resulting in a denial of service.
d715a8865849f88063b88cbe93cb59c0248d315acbdb3eee8c15abca6d300389An open redirection vulnerability has been reported for a version of the Spring Framework which is shipped with OX App Suite backend versions 7.10.6-rev66 and 8.24.7.
ea468f342f7a0408607b9ba93475fecd68d35bad982ae0c29036847c45ddb637Ubuntu Security Notice 6996-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
495c021cebaed12775fb7591f330431d792303b4c0b48774c767ece1790af9e8This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware. This release is nicknamed "Backdoor".
4a802faedf59e452328f4d955c2563277ed420bdb223052778e1d9f16ad90e0dUbuntu Security Notice 6841-2 - USN-6841-1 fixed a vulnerability in PHP. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that PHP could early return in the filter_var function resulting in invalid user information being treated as valid user information. An attacker could possibly use this issue to expose raw user input information.
d170b8e7f8f92515ffeb2d3bd1921abc8a3d13ffd05345330e4edb30169de83aRed Hat Security Advisory 2024-6510-03 - An update for emacs is now available for Red Hat Enterprise Linux 9.
2081e08ae54d127fff95dff4350cff54b4fedc7937c6f72ff06eef2e7f613112Red Hat Security Advisory 2024-6508-03 - Red Hat build of Apache Camel 4.4.2 for Spring Boot release and security update is now available. Issues addressed include an information leakage vulnerability.
4125779f8f68121d20c0d7b80edcc7a2478e5d8e4c074dee18e67d9ca3407f57Ubuntu Security Notice 6994-1 - It was discovered that Netty did not properly sanitize its input parameters. A remote attacker could possibly use this issue to cause a crash. It was discovered that Netty incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause Netty to consume resources, leading to a denial of service.
151f4791ce1bf18350da328db884812f982e73c362b6de11f386b30f3d2006efRed Hat Security Advisory 2024-6503-03 - New Red Hat build of Keycloak 24.0.7 packages are available from the Customer Portal. Issues addressed include an open redirection vulnerability.
28a003934b07a3c2aadb22b0a70bc2ac6b46ae5d5d08716f282cd2844773c1b3Red Hat Security Advisory 2024-6502-03 - New images are available for Red Hat build of Keycloak 24.0.7 and Red Hat build of Keycloak 24.0.7 Operator, running on OpenShift Container Platform. Issues addressed include an open redirection vulnerability.
046aa91658da32aaace325576b189b51b23a296257a7093cbe30a937b60105f4Red Hat Security Advisory 2024-6501-03 - New Red Hat build of Keycloak 22.0.12 packages are available from the Customer Portal. This is a security update with Moderate impact rating. Issues addressed include a bypass vulnerability.
7c20ef0e4508b339e4f572c98b8ae892e21dbb1baef9fb0cafea8e7322d6173ePrison Management System version 1.0 suffers from an add administrator vulnerability.
a25a824e97167db71e31b2009a9c44afedb55532be1b9ffa63f063ebf5479933Red Hat Security Advisory 2024-6500-03 - New images are available for Red Hat build of Keycloak 22.0.12 and Red Hat build of Keycloak 22.0.12 Operator, running on OpenShift Container Platform. This is a security update with Moderate impact rating. Issues addressed include a bypass vulnerability.
3d0f74993836983ce5e05180cb4aab02b685e8df8c104d6efcc4efff4200d794Red Hat Security Advisory 2024-6499-03 - A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal. Issues addressed include a bypass vulnerability.
6e72327137f256313005f38a55bfcc67c52f3c20354f53aab956dd4c4b484e14Red Hat Security Advisory 2024-6497-03 - A new image is available for Red Hat Single Sign-On 7.6.10, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. This is a security update with Moderate impact rating. Issues addressed include a bypass vulnerability.
48a1fc7c4b98e9e44039fc4fb594f3995d0a9a16ddcfb272b4b042e07833d5eeRed Hat Security Advisory 2024-6495-03 - New Red Hat Single Sign-On 7.6.10 packages are now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.
1122d48eeaf1bf744d6d15b3db19522faf3a4a58f0502e1fd2e230a60d24cba1Online Survey System version 1.0 suffers from a remote file inclusion vulnerability.
9ac49e540003cc98bbab6ed47333ffe2f4616bc3a383f48fe3a342e9a7dd83ccRed Hat Security Advisory 2024-6494-03 - New Red Hat Single Sign-On 7.6.10 packages are now available for Red Hat Enterprise Linux 8. Issues addressed include a bypass vulnerability.
c3d1b0b0dc8416e12ecef51a0ef896fdf2c0ef2d3b2555d6cb6d40e9c2102806Red Hat Security Advisory 2024-6493-03 - New Red Hat Single Sign-On 7.6.10 packages are now available for Red Hat Enterprise Linux 7. Issues addressed include a bypass vulnerability.
369f7584f39bf3facbaa74446ee5a874dc7b59cb182b2d14736546262ed729dfOnline Student Grading System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
6572f3f9bad83df66bb8f42e5fa49921e0511eab96c98361242df9209e7eb2d1Red Hat Security Advisory 2024-6488-03 - An update for the python39:3.9 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include a code execution vulnerability.
f934714a4bd6df9c1203cc3c3ca1883f671862ce1f7fc4a5983c3eab7b53d966Online Marriage Registration System version 1.0 suffers from a remote shell upload vulnerability.
990ace207073f604556500939f13df158bf2dfab39adaff554b8e9d0500f40f9
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed