Ubuntu Security Notice 6262-1 - It was discovered that Wireshark did not properly handle certain NFS packages when certain configuration options were enabled. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service. It was discovered that Wireshark did not properly handle certain GVCP packages. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS.
a2075872cd77cf9a317690bbe65aeb0bc05f54e68f7501ad7a5514e88942fcd9Debian Linux Security Advisory 5463-1 - A security issue was discovered in Thunderbird, which could result in spoofing of filenames of email attachments.
419522d972bfd7ceaa7bbf94463a800a4f5b317605e4ac8088b0f279fb3270c5RansomLord is a proof-of-concept tool that automates the creation of PE files, used to compromise ransomware pre-encryption. This tool uses dll hijacking to defeat ransomware.
be0ca518deef51df0a96636cca863c555649559f4b5ef25817a684ecfa1b4b9aRed Hat Security Advisory 2023-4329-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Issues addressed include a code execution vulnerability.
3fbb5077ab0bb19d87b6c8dc2253460979a2750fd27e22540bb29c8aada46e84Debian Linux Security Advisory 5462-1 - Tavis Ormandy discovered that under specific microarchitectural circumstances, a vector register in AMD "Zen 2" CPUs may not be written to 0 correctly. This flaw allows an attacker to leak sensitive information across concurrent processes, hyper threads and virtualized guests.
4843fa3dde681d8b75ab008ae1096db7f9ae4946d29382ec2f46f0691db4b394This Metasploit module exploits a SQL injection vulnerability in RudderStack's rudder-server, an open source Customer Data Platform (CDP). The vulnerability exists in versions of rudder-server prior to 1.3.0-rc.1. By exploiting this flaw, an attacker can execute arbitrary SQL commands, which may lead to remote code execution due to the rudder role in PostgreSQL having superuser permissions by default.
4a7457a1bba3ccf6db3434ee961f2c065cceb465b7e915484a770c32bf4d7babUbuntu Security Notice 6261-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.
61fedc9fdbbcf1386a4c050696f6c23c47c6b3b07660a05455f081ba31d4a991Joomla iProperty Real Estate extension version 4.1.1 suffers from a cross site scripting vulnerability.
b7b595b1ea5b9b2b8a96ad0e456a15b78b97aa366d383d880aee7ab6081a5cb3Red Hat Security Advisory 2023-4330-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and bypass vulnerabilities.
e350366281586d2cef04c6d228a4b1688a999c2161b5a64f4df03fc2dc126fb6Red Hat Security Advisory 2023-4332-01 - An update for bind is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important.
45547ee83d4f5428c5d11b32f129925578b244a19fc1b53ed38addf0d2d54a49Red Hat Security Advisory 2023-4326-01 - Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss.
b4f3076599027863de603013a3f6fab6ce32be3c617d94a08fe5341850f973d8Codecanyon Bitcoin Tools Suite version 1.0 suffers from a local file inclusion vulnerability.
3f0b3f215e70dcb7b41afe2d7e625c808a42e076d6e7a88bfa606f27d166e4d7CMVC SHOP LMS version 2.1.0 suffers from a remote SQL injection vulnerability.
3f3080fb67d3a39a60fd548707202e7665e3a163c78d50f4b113c8a9f256111cmRemoteNG version 1.77.3.1784-NB exploit that extracts sensitive information that is stored in memory in the clear but encrypted at rest.
317d7c61096327e5b26547dc45e1871ea228f9b129d6c588a6ad96a624ad6231Debian Linux Security Advisory 5461-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
d6c7fe0b8e07bb3725b7971d65c2bceafe2c7eaf392c1d8c4fad2e8c965f0ea4Red Hat Security Advisory 2023-4331-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and bypass vulnerabilities.
f16ee90126b9893b5e5bba06fb24bfec93e3b2b99379a10616a486da89a60aedRed Hat Security Advisory 2023-4325-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.
11034381c907f99dc80ba159c646082ca613d6cec0aa649bc04959b75192f8faGreenShot version 1.2.10 suffers from an insecure deserialization arbitrary code execution vulnerability.
b26edbfe421934dee223c0345040828fff445263bcf0bca848f9ee4110b474efRed Hat Security Advisory 2023-4289-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.
7f6983c97b012d3c8ab2a7b0d53d6c6525129dc39169e119338aab21973893f7CMSshop version 1 suffers from a cross site scripting vulnerability.
987e4a7e0d2984ae1bf6c18eb68c0343d8d4d8903869ab00d311e71710917c70Copyparty version 1.8.2 suffers from a directory traversal vulnerability.
10dea046e820f717f8c60041a06363b7caa55cc55a7d734ee9c1a90c67a24bf5Copyparty version 1.8.6 suffers from a cross site scripting vulnerability.
de5e7bb15ea61e7046b163e6ca02eb273949a641b477e87ab36bbc4fab72aec3169 bytes small Windows/x64 PIC NULL-free calc.exec shellcode.
4d8ef778b3fa4d33d047bc1cf28b30c55e64f1c18779fd433649fe60f5ea0befRed Hat Security Advisory 2023-4328-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.
6534a96f002cbd0fcc7dc51643fe11b62b8416a4c5d95352408507b1850401c7CMSninesol version 1.0 suffers from a cross site scripting vulnerability.
cc24590ed15ae36995cd07ce7d11d89d10fea2105fa99e86e76dd6c1fdfbd54f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed