exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

Files Date: 2024-04-04

Positron Broadcast Signal Processor TRA7005 1.20 Authentication Bypass
Posted Apr 4, 2024
Authored by LiquidWorm | Site zeroscience.mk

The Positron Broadcast Digital Signal Processor TRA7005 version 1.20 suffers from an authentication bypass through a direct and unauthorized access to the password management functionality. The vulnerability allows attackers to bypass Digest authentication by manipulating the password endpoint _Passwd.html and its payload data to set a user's password to arbitrary value or remove it entirely. This grants unauthorized access to protected areas (/user, /operator, /admin) of the application without requiring valid credentials, compromising the device's system security.

tags | exploit, arbitrary
SHA-256 | e8bf7735882d4c05983b6e675cc30c123bd15be6138cd6e0ef2ac21890428ded
Debian Security Advisory 5654-1
Posted Apr 4, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5654-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2024-3156, CVE-2024-3158, CVE-2024-3159
SHA-256 | 35e8757ae6e574a37b9ebfb5d1139dac2fb585235346eb6d175c88b2c59af41d
GNU Transport Layer Security Library 3.8.5
Posted Apr 4, 2024
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: Added option to disable RSAES-PKCS1-v1_5. Added support for RIPEMD160 and PBES1-DES-SHA1 for backward compatibility with GCR. A couple of memory related issues have been fixed in RSA PKCS#1 v1.5 decryption error handling and deterministic ECDSA with earlier versions of GMP. Fixed a bug where building gnutls statically failed due to a duplicate definition of nettle_rsa_compute_root_tr().
tags | protocol, library
SHA-256 | 66269a2cfe0e1c2dabec87bdbbd8ab656f396edd9a40dd006978e003cfa52bfc
Ubuntu Security Notice USN-6710-2
Posted Apr 4, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6710-2 - USN-6710-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Manfred Paul discovered that Firefox did not properly perform bounds checking during range analysis, leading to an out-of-bounds write vulnerability. A attacker could use this to cause a denial of service, or execute arbitrary code. Manfred Paul discovered that Firefox incorrectly handled MessageManager listeners under certain circumstances. An attacker who was able to inject an event handler into a privileged object may have been able to execute arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2024-29943, CVE-2024-29944
SHA-256 | 10451fa33f7fbd875188c19a379b2973058dd79a55dd446fd39ec8ac1da5fdd6
User Registration And Login And User Management System 3.2 SQL Injection
Posted Apr 4, 2024
Authored by Yusuf DinC

User Registration and Login and User Management System version 3.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | d7b9220fd1f8abc396db42df756fbc5a76abf3925bf5357e6721975e8781e9cb
WordPress Membership For WooCommerce Shell Upload
Posted Apr 4, 2024
Authored by Milad Karimi

WordPress Membership for WooCommerce plugin versions prior to 2.1.7 suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 02cf8f42362fb411dc46a34c050893842dde9be08183674517277a5f694702c4
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close