Headline
CVE-2023-30223: Packet Storm
A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions.
TP-Link Archer AX10(EU)_V1.2_230220 Buffer Overflow
Posted Jun 16, 2023
Authored by Giuseppe Compare
TP-Link Archer version AX10(EU)_V1.2_230220 suffers from a buffer overflow vulnerability.
tags | advisory, overflow
Download | Favorite | View
QuickJob Portal 6.1 Cross Site Scripting
Posted Jun 16, 2023
Authored by CraCkEr
QuickJob Portal version 6.1 suffers from a cross site scripting vulnerability.
tags | exploit, xss
Download | Favorite | View
Quicklancer Freelance Marketplace 2.4 Cross Site Scripting
Posted Jun 16, 2023
Authored by CraCkEr
Quicklancer Freelance Marketplace version 2.4 suffers from a cross site scripting vulnerability.
tags | exploit, xss
Download | Favorite | View
QuickHomes Real Estate CMS 1.3 Cross Site Scripting
Posted Jun 16, 2023
Authored by CraCkEr
QuickHomes Real Estate CMS version 1.3 suffers from a cross site scripting vulnerability.
tags | exploit, xss
Download | Favorite | View
Debian Security Advisory 5431-1
Posted Jun 16, 2023
Authored by Debian | Site debian.org
Debian Linux Security Advisory 5431-1 - Xu Biang discovered that missing input sanitizing in Sofia-SIP, a SIP User-Agent library could result in denial of service.
tags | advisory, denial of service
systems | linux, debian
Download | Favorite | View
Ubuntu Security Notice USN-6156-2
Posted Jun 16, 2023
Authored by Ubuntu | Site security.ubuntu.com
Ubuntu Security Notice 6156-2 - USN-6156-1 fixed a vulnerability in SSSD. In certain environments, not all packages ended up being upgraded at the same time, resulting in authentication failures when the PAM module was being used. This update fixes the problem. It was discovered that SSSD incorrectly sanitized certificate data used in LDAP filters. When using this issue in combination with FreeIPA, a remote attacker could possibly use this issue to escalate privileges.
tags | advisory, remote
systems | linux, ubuntu
Download | Favorite | View
Debian Security Advisory 5430-1
Posted Jun 16, 2023
Authored by Debian | Site debian.org
Debian Linux Security Advisory 5430-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, information disclosure or bypass of sandbox restrictions.
tags | advisory, java, denial of service, vulnerability, info disclosure
systems | linux, debian
Download | Favorite | View
Red Hat Security Advisory 2023-3644-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com
Red Hat Security Advisory 2023-3644-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release.
tags | advisory
systems | linux, redhat
Download | Favorite | View
Red Hat Security Advisory 2023-3645-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com
Red Hat Security Advisory 2023-3645-01 - Red Hat OpenShift Service Mesh is Red Hat’s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. This advisory covers the RPM packages for the release. Issues addressed include a denial of service vulnerability.
tags | advisory, denial of service
systems | linux, redhat
Download | Favorite | View
Ubuntu Security Notice USN-6169-1
Posted Jun 16, 2023
Authored by Ubuntu | Site security.ubuntu.com
Ubuntu Security Notice 6169-1 - It was discovered that GNU SASL’s GSSAPI server could make an out-of-bounds reads if given specially crafted GSS-API authentication data. A remote attacker could possibly use this issue to cause a denial of service or to expose sensitive information.
tags | advisory, remote, denial of service
systems | linux, ubuntu
Download | Favorite | View
Red Hat Security Advisory 2023-3641-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com
Red Hat Security Advisory 2023-3641-01 - This release of Camel for Spring Boot 3.18.3.P2 serves as a replacement for Camel for Spring Boot 3.18.3.P1 and includes bug fixes and enhancements, which are documented in the Release Notes linked in the References. Issues addressed include denial of service, deserialization, resource exhaustion, and server-side request forgery vulnerabilities.
tags | advisory, denial of service, vulnerability
systems | linux, redhat
Download | Favorite | View
Red Hat Security Advisory 2023-3642-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com
Red Hat Security Advisory 2023-3642-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. This new container image is based on Red Hat Ceph Storage 6.1 and Red Hat Enterprise Linux 9. Issues addressed include bypass, cross site scripting, denial of service, information leakage, spoofing, and traversal vulnerabilities.
tags | advisory, denial of service, spoof, vulnerability, xss
systems | linux, redhat
Download | Favorite | View
Debian Security Advisory 5429-1
Posted Jun 16, 2023
Authored by Debian | Site debian.org
Debian Linux Security Advisory 5429-1 - Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code.
tags | advisory, denial of service, arbitrary, vulnerability, protocol
systems | linux, debian
Download | Favorite | View
Ubuntu Security Notice USN-6168-1
Posted Jun 16, 2023
Authored by Ubuntu | Site security.ubuntu.com
Ubuntu Security Notice 6168-1 - Gregory James Duck discovered that libx11 incorrectly handled certain Request, Event, or Error IDs. If a user were tricked into connecting to a malicious X Server, a remote attacker could possibly use this issue to cause libx11 to crash, resulting in a denial of service.
tags | advisory, remote, denial of service
systems | linux, ubuntu
Download | Favorite | View
Debian Security Advisory 5428-1
Posted Jun 16, 2023
Authored by Debian | Site debian.org
Debian Linux Security Advisory 5428-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
Download | Favorite | View
Red Hat Security Advisory 2023-3622-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com
Red Hat Security Advisory 2023-3622-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, code execution, cross site request forgery, denial of service, information leakage, insecure permissions, and resource exhaustion vulnerabilities.
tags | advisory, denial of service, vulnerability, code execution, csrf
systems | linux, redhat
Download | Favorite | View
Red Hat Security Advisory 2023-3624-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com
Red Hat Security Advisory 2023-3624-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.
tags | advisory, web, denial of service
systems | linux, redhat
Download | Favorite | View
Red Hat Security Advisory 2023-3623-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com
Red Hat Security Advisory 2023-3623-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. These new packages include numerous enhancements and bug fixes. Issues addressed include cross site scripting and denial of service vulnerabilities.
tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
Download | Favorite | View
Ubuntu Security Notice USN-6155-2
Posted Jun 16, 2023
Authored by Ubuntu | Site security.ubuntu.com
Ubuntu Security Notice 6155-2 - USN-6155-1 fixed a vulnerability in Requests. This update provides the corresponding update for Ubuntu 16.04 ESM and 18.04 ESM. Dennis Brinkrolf and Tobias Funke discovered that Requests incorrectly leaked Proxy-Authorization headers. A remote attacker could possibly use this issue to obtain sensitive information.
tags | advisory, remote
systems | linux, ubuntu
Download | Favorite | View
Suricata IDPE 6.0.13
Posted Jun 16, 2023
Site suricata.io
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It’s capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
Changes: 1 security fix, 11 bug fixes, 1 task, and 2 documentation updates.
tags | tool, intrusion detection
systems | unix
Download | Favorite | View
Debian Security Advisory 5427-1
Posted Jun 16, 2023
Authored by Debian | Site debian.org
Debian Linux Security Advisory 5427-1 - An anonymous researcher discovered that processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited. An anonymous researcher discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
tags | advisory, web, arbitrary, code execution
systems | linux, debian, apple
Download | Favorite | View
Red Hat Security Advisory 2023-3610-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com
Red Hat Security Advisory 2023-3610-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, code execution, cross site request forgery, cross site scripting, denial of service, memory exhaustion, and resource exhaustion vulnerabilities.
tags | advisory, denial of service, vulnerability, code execution, xss, csrf
systems | linux, redhat
Download | Favorite | View
Textpattern CMS 4.8.8 Command Injection
Posted Jun 16, 2023
Authored by tmrswrr
Textpattern CMS version 4.8.8 suffers from a command injection vulnerability.
tags | exploit
Download | Favorite | View
WordPress Abandoned Cart Lite For WooCommerce 5.14.2 Authentication Bypass
Posted Jun 16, 2023
Authored by ayantaker | Site github.com
WordPress Abandoned Cart Lite for WooCommerce plugin versions 5.14.2 and below proof of concept authentication bypass exploit.
tags | exploit, proof of concept, bypass
Download | Favorite | View
Red Hat Security Advisory 2023-3609-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com
Red Hat Security Advisory 2023-3609-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.
tags | advisory
systems | linux, redhat
Download | Favorite | View