what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2024-08-05

Debian Security Advisory 5737-1
Posted Aug 5, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5737-1 - If LibreOffice failed to validate a signed macro, it displayed a warning but still allowed execution of the script after printing a warning. Going forward in high macro security mode such macros are now disabled.

tags | advisory
systems | linux, debian
advisories | CVE-2024-6472
SHA-256 | fbf253db6414dcb929182435af773e9e12a5474cb92ce8587a9837bc3f4a4a51
Ubuntu Security Notice USN-6944-1
Posted Aug 5, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6944-1 - Dov Murik discovered that curl incorrectly handled parsing ASN.1 Generalized Time fields. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive memory contents.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2024-7264
SHA-256 | 5f93afb3b824fe8ddb04cb4fa82fa74a7dfc010696ce877a226b6d2172775efb
Linux DRM drm_file_update_pid() Race Condition / Use-After-Free
Posted Aug 5, 2024
Authored by Jann Horn, Google Security Research

Linux DRM has drm_file_update_pid() call to get_pid() too late, which creates a race condition that can lead to use-after-free issue of a struct pid.

tags | exploit
systems | linux
advisories | CVE-2024-39486
SHA-256 | ea7aa640ea9bb86fe73ddf82c6205724499ae72e163dd9ad1ae1c987416c0d29
Online Shopping Portal Project 2.0 SQL Injection
Posted Aug 5, 2024
Authored by OoN_Boy

Online Shopping Portal Project version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e732827ff3dbea9466f6b986d572ab2330ab9823f6fa595996fa292a9acf1714
Dolphin 7.4.2 Blind SQL Injection
Posted Aug 5, 2024
Authored by Andrey Stoykov

Dolphin version 7.4.2 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8248fa7dd2014942fa684fcf3a8e321be37bb5444685be1d6befc1212eec50e8
Ivanti ADC 9.9 Authentication Bypass
Posted Aug 5, 2024
Authored by ohnoisploited

Ivanti ADC version 9.9 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | 0ae1fab25861b80abe6cec837486cb13f326931260c2697ace240a741c9d04e1
Genexus Protection Server 9.7.2.10 Unquoted Service Path
Posted Aug 5, 2024
Authored by SamAlucard

Genexus Protection Server version 9.7.2.10 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 0d3423b81fac0acbc8f3590a08c003578d0cf593893d18f3bf048590272aa035
Devika 1 Path Traversal
Posted Aug 5, 2024
Authored by Alperen Ergel

Devika version 1 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2024-40422
SHA-256 | a1faa88d45aec3e4e47f6aaf83509670b4fb84ce15462308d2e7daa8d66d754c
Debian Security Advisory 5736-1
Posted Aug 5, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5736-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, information disclosure or bypass of Java sandbox restrictions.

tags | advisory, java, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2024-21131, CVE-2024-21138, CVE-2024-21140, CVE-2024-21144, CVE-2024-21145, CVE-2024-21147
SHA-256 | 957d1e7febf0e6ffc2970d2843195a0864cd1906e9b17bd7a94d8dc578a923fa
e107 2.3.3 Cross Site Scripting
Posted Aug 5, 2024
Authored by indoushka

e107 version 2.3.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 65270fcfbc4496558285477bf858c62cce40aea1dfc36c2063fca646faa64fa5
Codeprojects E-Commerce 1.0 Insecure Settings
Posted Aug 5, 2024
Authored by indoushka

Codeprojects E-Commerce version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | acf83fc048a5b78daef5b35427a28ee1b8cfe5ca1da8852c476dd0caa664a93c
Ubuntu Security Notice USN-6895-4
Posted Aug 5, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6895-4 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2023-52631, CVE-2023-52637, CVE-2023-52642, CVE-2023-52643, CVE-2023-52880, CVE-2023-6270, CVE-2024-0841, CVE-2024-1151, CVE-2024-23307, CVE-2024-24861, CVE-2024-26593, CVE-2024-26602, CVE-2024-26603, CVE-2024-26606
SHA-256 | 5abbf5bf5626f5254f4e45c8a2e156eed0e1819bb69d45b4255f18556cc62da1
Blog Site 1.0 SQL Injection
Posted Aug 5, 2024
Authored by indoushka

Blog Site version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | b973485e27bf8b71a8b316ce0f45cca7bc4e94900efaf7f303038dd9d65cc778
Best Courier Management System 1.0 SQL Injection
Posted Aug 5, 2024
Authored by indoushka

Best Courier Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | 7bf8d850cb1870953a38d53d85bb8aadba11dd9744f23e9616abc56e07e0916a
Appointment Scheduler 4.0 Insecure Direct Object Reference
Posted Aug 5, 2024
Authored by indoushka

Appointment Scheduler version 4.0 suffers from an insecure direct object reference vulnerability.

tags | exploit
SHA-256 | abce18094602234c124f6e8d416edc3a0bca449a2873357a5bde30586f807aa6
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close