exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2024-11-14

Siemens Energy Omnivise T3000 8.2 SP3 Privilege Escalation / File Download
Posted Nov 14, 2024
Authored by Andreas Kolbeck, Steffen Robertz | Site sec-consult.com

Siemens Energy Omnivise T3000 version 8.2 SP3 suffers from local privilege escalation, cleartext storage of passwords in configuration and log files, file system access allowing for arbitrary file download, and IP whitelist bypass.

tags | exploit, arbitrary, local
advisories | CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879
SHA-256 | f3ace4f4cb5b84a560a9593357976ec236f7e116327a16dffefa142cb8440217
TX Text Control .NET Server For ASP.NET Arbitrary File Read / Write
Posted Nov 14, 2024
Authored by Filip Palian

TX Text Control .NET Server For ASP.NET has an issue where it was possible to change the configured system path for reading and writing files in the underlying operating system with privileges of the user running a web application.

tags | exploit, web, asp
SHA-256 | 87daef249524395b391c7767b295ddf96c40db5d4fbd376c76c034cc5844d043
GravCMS 1.10.7 Arbitrary YAML Write / Update
Posted Nov 14, 2024
Site github.com

Proof of concept remote code execution exploit for GravCMS 1.10.7 that leverages an arbitrary YAML write / update.

tags | exploit, remote, arbitrary, code execution, proof of concept
advisories | CVE-2021-21425
SHA-256 | 5cb1696418ca010542d02a039fd2e7ced0fb5abc292d2bf9e447350af4776e32
PHP-CGI Argument Injection Remote Code Execution
Posted Nov 14, 2024
Authored by BTtea | Site github.com

Proof of concept remote code execution exploit for PHP-CGI that affects versions 8.1 before 8.1.29, 8.2 before 8.2.20, and 8.3 before 8.3.8.

tags | exploit, remote, cgi, php, code execution, proof of concept
advisories | CVE-2024-4577
SHA-256 | a6b63ce9c93a3021236a9a584571d58798fe9d500b30228bb2141feca495c4d9
PHP-CGI Argument Injection Susceptibility Scanner
Posted Nov 14, 2024
Site github.com

This is a bash script that is a vulnerability checker for CVE-2024-4577 designed to scan multiple domains for an argument injection vulnerability in PHP-CGI. This tool allows security researchers and system administrators to quickly assess whether their systems or a list of domains are potentially vulnerable to this specific security issue. This issue affected PHP-CGI versions 8.1 before 8.1.29, 8.2 before 8.2.20, and 8.3 before 8.3.8.

tags | tool, cgi, scanner, php, bash
systems | unix
advisories | CVE-2024-4577
SHA-256 | 58c9a80f92e4d182c0940c15a33aa87129477ec3f26f7c5c954d840e6f170fd4
Ubuntu Security Notice USN-7109-1
Posted Nov 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7109-1 - Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this issue to cause a denial of service. Marten Seemann discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. Ameya Darshan and Jakob Ackermann discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service.

tags | advisory, web, denial of service
systems | linux, ubuntu
advisories | CVE-2022-41723, CVE-2022-41724, CVE-2022-41725, CVE-2023-24531, CVE-2023-24536, CVE-2023-29402, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405, CVE-2023-29406, CVE-2023-39323, CVE-2023-39325, CVE-2023-45288, CVE-2023-45290
SHA-256 | 58c0bd17f1c8113660d80deb0928ae6b2fe30fb7373a788126eaeb55879ba80a
Ubuntu Security Notice USN-7107-1
Posted Nov 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7107-1 - It was discovered that Minizip in zlib incorrectly handled certain zip header fields. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-45853
SHA-256 | b29823bfaf7715177aa099252dea5c17d60d20ee2a13e95c6592b075179da5bc
Red Hat Security Advisory 2024-9601-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9601-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include buffer overflow and privilege escalation vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2024-9632
SHA-256 | 436b5ab127e3c29548ed9d594d910c0db3d8393935fae86053f038cf19032ae9
Red Hat Security Advisory 2024-9583-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9583-03 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes a bug fix and security fixes. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2024-24789
SHA-256 | b671a83f89503b0c60b77229cc0d15d3b332bb60bab32e2e39c1018c7617576c
Red Hat Security Advisory 2024-9579-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9579-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include buffer overflow and privilege escalation vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2024-9632
SHA-256 | 58093003460ba2d795e11ec0f48a8a209783bed6b8d9d81cd78ef5e54c849f90
Red Hat Security Advisory 2024-9573-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9573-03 - An update for libsoup is now available for Red Hat Enterprise Linux 8. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2024-52530
SHA-256 | a411110e03659ac41bbb02463e2b8c2f48e5af59d5009027810e4a45ead01796
Red Hat Security Advisory 2024-9572-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9572-03 - An update for libsoup is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2024-52530
SHA-256 | 9f46c86dcc6ada4d635320c26267780c043507a83e6d6372534e320a3b2f9938
Red Hat Security Advisory 2024-9571-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9571-03 - Streams for Apache Kafka 2.8.0 is now available from the Red Hat Customer Portal. Issues addressed include denial of service and man-in-the-middle vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2024-7254
SHA-256 | 6ec7ebcb8c72e1758d3d8172c33021e5842d8d74c7fd352dcc4cc4dae4cafaa3
Red Hat Security Advisory 2024-9566-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9566-03 - An update for libsoup is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2024-52530
SHA-256 | 1633b88577866c6c09e75bf0d0c57680a523acd883fe580880dcbd9ee578402d
Red Hat Security Advisory 2024-9559-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9559-03 - An update for libsoup is now available for Red Hat Enterprise Linux 9. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2024-52530
SHA-256 | 5e91b95ec1e29f865f463dce837f8aa4122489bc99dd2b0d277dad092bd3790f
Red Hat Security Advisory 2024-9554-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9554-03 - An update for firefox is now available for Red Hat Enterprise Linux 9. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities.

tags | advisory, denial of service, spoof, vulnerability, xss
systems | linux, redhat
advisories | CVE-2024-9680
SHA-256 | 07505224304fca595c3aa12b538f0a3e0bbfb2b61da8605c72c2aac4aed0d6b7
Red Hat Security Advisory 2024-9552-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9552-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities.

tags | advisory, denial of service, spoof, vulnerability, xss
systems | linux, redhat
advisories | CVE-2024-9680
SHA-256 | 667d48d21c4234df2ad894ff6d742c06d74817a3460697d56e0d08a2e79e32ee
Red Hat Security Advisory 2024-9547-03
Posted Nov 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9547-03 - An update for krb5 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-3596
SHA-256 | ed4241a390c433dd22b487da79308ad8465918a4883fdd53f320df6cb307df1f
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close