Linux videobuf2 Use-After-Free
Posted by deepcore under exploit (No Respond)
An unsafe use of follow_pfn in get_vaddr_frames in videobuf2 on Linux leads to use-after-free issues or writes to ro-pages.
Archive for January, 2023
Oracle Database Vault Metadata Exposure
Posted by deepcore under exploit (No Respond)
Oracle Database versions 12.1.0.2, 12.2.0.1, 18c, and 19c suffer from a vault metadata exposure vulnerability.
http://www.nokmuang.go.th
Posted by deepcore under defacement (No Respond)
http://www.nokmuang.go.th notified by Ajoyy
Tags: defacementLinux PT_SUSPEND_SECCOMP Permission Bypass / Ptracer Death Race
Posted by deepcore under exploit (No Respond)
Linux suffers from two seccomp bugs with a PT_SUSPEND_SECCOMP permission bypass and ptracer death race condition.
Oracle DBMS_REDACT Dynamic Data Masking Bypass
Posted by deepcore under exploit (No Respond)
Proof of concept overview on how the DBMS_REDACT Dynamic Data Masking security feature in Oracle can be bypassed. Affected versions include 19c and 21c.
Nexxt Router Firmware 42.103.1.5095 Remote Code Execution
Posted by deepcore under exploit (No Respond)
Nexxt Router Firmware version 42.103.1.5095 authenticated remote code execution exploit that enables telnetd.
Oracle DBMS_REDACT Dynamic Data Masking Bypass
Posted by deepcore under exploit (No Respond)
Proof of concept overview on how the DBMS_REDACT Dynamic Data Masking security feature in Oracle can be bypassed. Affected versions include 19c and 21c.
BDWeb-Link LMS 1.11.5 SQL Injection
Posted by deepcore under exploit (No Respond)
BDWeb-Link LMS version 1.11.5 suffers from a remote SQL injection vulnerability.
SugarCRM Shell Upload
Posted by deepcore under exploit (No Respond)
SugarCRM versions up to 12.2.0 suffer from a remote shell upload vulnerability.
Oracle Unified Audit Policy Bypass
Posted by deepcore under exploit (No Respond)
Oracle versions 12.1.0.2, 12.2.0.1, and 19c suffer from a Unified Audit Policy bypass vulnerability.