what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2023-05-01

Packet Storm New Exploits For April, 2023
Posted May 1, 2023
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 195 exploits added to Packet Storm in April, 2023.

tags | exploit
SHA-256 | 405e6139b88516b8b8d310fa20e72af135bf83c73084dbec2de5761b29649a61
Adobe ColdFusion Unauthenticated Remote Code Execution
Posted May 1, 2023
Authored by sf | Site metasploit.com

This Metasploit module exploits a remote unauthenticated deserialization of untrusted data vulnerability in Adobe ColdFusion 2021 Update 5 and earlier as well as ColdFusion 2018 Update 15 and earlier, in order to gain remote code execution.

tags | exploit, remote, code execution
advisories | CVE-2023-26360
SHA-256 | a97dc5c7910c67fbfa47a0a5ff5111b60ef4fc38c7f19bc191fb098243b227f6
Debian Security Advisory 5394-1
Posted May 1, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5394-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2022-3109
SHA-256 | 7c593ae98e568ffa42c0e654714ca6a0478520b206d50511ae16e3d37a3b2919
Ubuntu Security Notice USN-6052-1
Posted May 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6052-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for thisCVE, kernel support for the TCINDEX classifier has been removed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1829
SHA-256 | 22556eb4fe1474689bc2a6c1eab4d4271beaa362c89a900b76a777c5f897b936
Ubuntu Security Notice USN-6051-1
Posted May 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6051-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for thisCVE, kernel support for the TCINDEX classifier has been removed. It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1829, CVE-2023-1872
SHA-256 | 8f3d3ba695803e924025f809e81f937f6354a99d3974142526b46598df33475c
CompanyMaps 8.0 Cross Site Scripting
Posted May 1, 2023
Authored by Lucas Noki

CompanyMaps version 8.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2023-29983
SHA-256 | aaac30b158267861d9289cde53dbc4edc83c2d121335a780eed8bf01a13b6fac
Ubuntu Security Notice USN-6048-1
Posted May 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6048-1 - It was discovered that ZenLib doesn't check the return value of a specific operation before using it. An attacker could use a specially crafted input to crash programs using the library.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-36646
SHA-256 | e20bbb5af5fb0c406f73126eeb6cbcdcc74ec950c882da124143b56074856844
Ubuntu Security Notice USN-6050-1
Posted May 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6050-1 - It was discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwriting some paths. Maxime Escourbiac and Yassine BENGANA discovered that Git incorrectly handled some gettext machinery. An attacker could possibly use this issue to allows the malicious placement of crafted messages. Andre Baptista and Vitor Pinho discovered that Git incorrectly handled certain configurations. An attacker could possibly use this issue to arbitrary configuration injection.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-25652, CVE-2023-25815, CVE-2023-29007
SHA-256 | 2fe94ad0f659c0d3f64d2d232c14f2698dfebe3cc57764cdf1c493b0eb6608b9
Ubuntu Security Notice USN-6049-1
Posted May 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6049-1 - It was discovered that Netty's Zlib decoders did not limit memory allocations. A remote attacker could possibly use this issue to cause Netty to exhaust memory via malicious input, leading to a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. It was discovered that Netty created temporary files with excessive permissions. A local attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM, and Ubuntu 20.04 ESM.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2020-11612, CVE-2021-21290, CVE-2021-21409, CVE-2021-37136, CVE-2021-37137, CVE-2021-43797, CVE-2022-41881, CVE-2022-41915
SHA-256 | 7e20c4b100a01d5436fdc3d622df85ec25fc16ce3f77384791bc1e053d16f411
Mobile Mouse 3.6.0.4 Remote Code Execution
Posted May 1, 2023
Authored by Chokri Hammedi

Mobile Mouse version 3.6.0.4 suffers from a remote code execution vulnerability. This exploit is a second version from the original author of the original exploit released in September of 2022.

tags | exploit, remote, code execution
SHA-256 | e7a6810d6a70959199eb39d58ef19ffc0f717838c3bcbb82681904466d5ca0d6
AC Repair And Services 1.0 SQL Injection
Posted May 1, 2023
Authored by nu11secur1ty

AC Repair and Services version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 61ca067f3204dd60a28c5875c4c022cd31be78dd0d902d8f14cace50a68cc7d0
Ubuntu Security Notice USN-6037-1
Posted May 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6037-1 - ZeddYu Lu discovered that the FTP client from Apache Commons Net trusted the host from PASV responses by default. A remote attacker with a malicious FTP server could redirect the client to another server, which could possibly result in leaked information about services running on the private network of the client.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-37533
SHA-256 | 01b105752cb4c4020af26703fc7f227551e768e10ef43699d4dd35b88c29075e
Old Age Home Management 1.0 SQL Injection
Posted May 1, 2023
Authored by nu11secur1ty

Old Age Home Management version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 6dbc0dac3bea894598dae10e5fce781c47ae87adbd89ddb496e7eb7cfc60c6a7
Chitor CMS 1.1.2 SQL Injection
Posted May 1, 2023
Authored by CraCkEr

Chitor CMS version 1.1.2 suffers from a remote SQL injection vulnerability. The rollno parameter is also susceptible to SQL injection. Original discovery of this finding is attributed to msd0pe in April of 2023.

tags | exploit, remote, sql injection
SHA-256 | 78dad42d7298ef5d0716bb864dcc8bbd2338fcb72b229dd4f65720411723907f
Aigital Wireless-N Repeater Mini_Router.0.131229 Authentication Bypass
Posted May 1, 2023
Authored by Matteo Mandolini

Aigital Wireless-N Repeater version Mini_Router.0.131229 suffers from a login bypass vulnerability.

tags | exploit, bypass
SHA-256 | 460a71c5b1093240b5647e62c7f3da9e30ae22afdaf2e182c00e58fd99a484cf
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close