This Metasploit module exploits an unauthenticated command injection vulnerability in Cacti versions through 1.2.22 in order to achieve unauthenticated remote code execution as the www-data user.
e63c1aedc4dd728df608137b19687c9e69ec0ae051a555280b58f4cc45f05eb6Inout Search Engine version 10.1.3 suffers from a cross site scripting vulnerability.
c32df83849d238b031091b57cbe551049a10b3a034d6d248af9e813f15050385Inout Homestay version 2.0 suffers from a remote SQL injection vulnerability.
ddd17c54c1ad77326efd7f4df4ae548147ee2c630ceb187f992d756190a45d19The t2'23 Call For Papers has been announced. It will take place May 4th through the 5th, 2023 in Helsinki, Finland.
2235f9a9ede909195456aaef9036e5789bbe845b4ac330ad569f0d005760ac7eUbuntu Security Notice 5822-1 - It was discovered that Samba incorrectly handled the bad password count logic. A remote attacker could possibly use this issue to bypass bad passwords lockouts. This issue was only addressed in Ubuntu 22.10. Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service.
7e28dc77ffbc9a0bdb6d12d1db8027cea88238b892667a9f4f8b17fd154d8b4fUbuntu Security Notice 5821-1 - Sebastian Chnelik discovered that wheel incorrectly handled certain file names when validated against a regex expression. An attacker could possibly use this issue to cause a denial of service.
2c6733a62e41392a9c0d37ac84e393c4cc856937d815f7c35eb217b8d0dc9764Red Hat Security Advisory 2023-0396-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
0bfb098f3f7e0bb25a209a1c544f316b74d9e3292093f35d99b3e2e3eb6eb962Red Hat Security Advisory 2023-0397-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.
5672c5f40991a6e1e1d884a4eef30b5b18e8f5a938cd4b5d049462a1d6a5c130Red Hat Security Advisory 2023-0203-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
55d9172089df187496a7c2f02151a98f344c0927652ccc4bf0e085cfac95e94bRed Hat Security Advisory 2023-0395-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
81e2f82868d70a3c953a085f97b8fc784dccff11dc978225a0f18cd3027e8aadRed Hat Security Advisory 2023-0241-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.50.
d4d867c949e73f5ca9d8ba39428b40edc0532a27d87f57fb3cc316cc047a5573Red Hat Security Advisory 2023-0393-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a file download vulnerability.
f22d4623e7d980b335fd5112a71b7e302df57348b7d16c3b478ff04cac1c8403Red Hat Security Advisory 2023-0392-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
dc4638f3b1a3a61d8746a1bef86ca86ce3c2a307cadfb6c2950ccfdb9824f50dDebian Linux Security Advisory 5325-1 - It was discovered that SPIP, a website engine for publishing, would allow a malicious user to SQL injection attacks, or bypass authorization access.
22c7169c00d84e1a0d28755fee189ae87a60630052483debb57ec686b0541e8cApple Security Advisory 2023-01-23-8 - Safari 16.3 addresses code execution vulnerabilities.
61d8a660abf7081692bb9315413c2a9bb7c1405bab878882031580f42a2ab335Apple Security Advisory 2023-01-23-7 - watchOS 9.3 addresses bypass, code execution, and information leakage vulnerabilities.
f9f7b972faca743e67e384107ecddcabcd5a2d7ab1a62f92ef4ba018fac7d97aApple Security Advisory 2023-01-23-6 - macOS Big Sur 11.7.3 addresses buffer overflow, bypass, and code execution vulnerabilities.
aac95eb2a84296b6abbfaf3eadfc9a29430c5a2f313ef8710e3d5be26cb06bdbApple Security Advisory 2023-01-23-5 - macOS Monterey 12.6.3 addresses buffer overflow, bypass, code execution, and information leakage vulnerabilities.
86dd9b786a0318174acd539801f6e3fe6a86591529277185d71eb7e9e3237c4dApple Security Advisory 2023-01-23-4 - macOS Ventura 13.2 addresses buffer overflow, bypass, code execution, information leakage, and use-after-free vulnerabilities.
0cd5bf89e176e4c213da4d53018a83b92e2203a6e71bf12d7a356eea1213909bApple Security Advisory 2023-01-23-3 - iOS 12.5.7 addresses a code execution vulnerability.
ca20c54235d1a4f84eeec3a278849a37e4ef1d9e2f491eaed9b3aa083fde48a7Apple Security Advisory 2023-01-23-2 - iOS 15.7.3 and iPadOS 15.7.3 addresses bypass and code execution vulnerabilities.
ee21407e59469cf735e9640ce25355cae5d95a4bc602316d8f031114e7f5f84aApple Security Advisory 2023-01-23-1 - iOS 16.3 and iPadOS 16.3 addresses bypass, code execution, and information leakage vulnerabilities.
e1d38963e60058292ec5d46d069abb5e8a1cf75d83dab5ba0137f6766a463715Ubuntu Security Notice 5820-1 - Lorenz Hipp discovered a flaw in exuberant-ctags handling of the tag filename command-line argument. A crafted tag filename specified in the command line or in the configuration file could result in arbitrary command execution.
83fe1f7fd58f639ff5df45480b668fb1d931fe81a5cd949993c0591fb8a70b7eRed Hat Security Advisory 2023-0387-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a deserialization vulnerability.
bf98929eb9dc5c5ca5bc0e416a9c293d3e50302c21bd729dbad8b5cf58d08dd2Red Hat Security Advisory 2023-0354-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a deserialization vulnerability.
bd7fde7e9fb387f3f5463e02c82d5237191b01e8597247e1b9e60d2c58ef2761
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed