Packet Storm ≈ Full Disclosure Information Security
Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none))
-
Qantas App Glitch Sees Boarding Passes Fly To Other Accounts
-
Google Boosts Bug Bounty Payouts Tenfold In Mobile App Security Push
-
Adobe Adds Content Credentials And Firefly To Bug Bounty Program
-
China's Attacks On Critical Infrastructure Tip Of Iceberg
-
London Drugs Pharmacy Closes All Stores To Respond To Cyber Incident
-
Defending Infrastructure, Securing Systems Key To CISA's New AI Guidelines
-
Apple's Incredibly Private Safari Is Not So Private In Europe
-
Hacker Jailed For Blackmailing Therapy Patients
-
UK Outlaws Awful Default Passwords On Connected Devices
-
Vulnerability In R Programming Language Could Fuel Supply Chain Attacks
-
FCC Fines Wireless Carriers For Sharing User Locations Without Consent
-
OpenAI's ChatGPT Targeted In Austrian Privacy Complaint
-
Okta Warns Of Credential Stuffing Attacks Using Tor, Residential Proxies
-
Watchdog Reveals Google Privacy Sandbox Worries
-
Packet Storm New Exploits For April, 2024
This archive contains all of the 132 exploits added to Packet Storm in April, 2024. -
Ubuntu Security Notice USN-6760-1
Ubuntu Security Notice 6760-1 - George-Andrei Iosif and David Fernandez Gonzalez discovered that Gerbv did not properly initialize a data structure when parsing certain nested RS-274X format files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. -
Kernel Live Patch Security Notice LSN-0103-1
Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory). Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed. -
Microsoft PlayReady Cryptography Weakness
There is yet another attack possible against Protected Media Path process beyond the one involving two global XOR keys. The new attack may also result in the extraction of a plaintext content key value. -
Online Tours And Travels Management System 1.0 SQL Injection
Online Tours and Travels Management System version 1.0 suffers from a remote SQL injection vulnerability. -
Red Hat Security Advisory 2024-2639-03
Red Hat Security Advisory 2024-2639-03 - The Migration Toolkit for Containers 1.7.15 is now available.