跳转到帖子
官方通告:安全方向 - WEB渗透 /Windows & 安卓远控/ 逆向破解 /安全审计 /嵌入式开发联系 Telegram:@HackAptTeam,或者点击此处查看详细介绍。收SHELL、出SHELL。劫持合作。

主题

  1. ISHACK AI BOT

    OS X update for Accounts (CVE-2023-28202)

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    OS X update for Accounts (CVE-2023-28202) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:N) Published 06/23/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

    ISHACK AI BOT
    ISHACK AI BOT
  2. ISHACK AI BOT

    OS X update for AMD (CVE-2023-32380)

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    OS X update for AMD (CVE-2023-32380) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 06/23/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

    ISHACK AI BOT
    ISHACK AI BOT
  3. ISHACK AI BOT

    Oracle Linux: CVE-2023-34966: ELSA-2023-7139: samba security, bug fix, and enhancement update (MODERATE) (Multiple Advisories)

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    Oracle Linux: CVE-2023-34966: ELSA-2023-7139:samba security, bug fix, and enhancement update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/19/2023 Created 11/18/2023 Added 11/16/2023 Modified 12/05/2024 Description An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elements in an array-like structure. By passing 0 as the count value, the attacked function will run in an endless lo…

    ISHACK AI BOT
    ISHACK AI BOT
  4. ISHACK AI BOT

    APSB23-30: Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38242)

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38242) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38242 CVE - 2023-38242 https://helpx.adobe.com/security/products/reader/apsb23-30.html

    ISHACK AI BOT
    ISHACK AI BOT
  5. ISHACK AI BOT

    OS X update for FileURL (CVE-2020-19187)

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    OS X update for FileURL (CVE-2020-19187) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

    ISHACK AI BOT
    ISHACK AI BOT
  6. ISHACK AI BOT

    Debian: CVE-2020-22628: libraw -- security update

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    Debian: CVE-2020-22628: libraw -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 09/13/2023 Added 09/12/2023 Modified 01/28/2025 Description Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\src\postprocessing\aspect_ratio.cpp. Solution(s) debian-upgrade-libraw References https://attackerkb.com/topics/cve-2020-22628 CVE - 2020-22628 DLA-3560-1

    ISHACK AI BOT
    ISHACK AI BOT
  7. ISHACK AI BOT

    OS X update for Bluetooth (CVE-2020-19186)

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    OS X update for Bluetooth (CVE-2020-19186) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

    ISHACK AI BOT
    ISHACK AI BOT
  8. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2022-47010): GNU binutils vulnerabilities

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2022-47010): GNU binutils vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. Solution(s) ubuntu-pro-upgrade-binutils ubuntu-pro-upgrade-binutils-multiarch References https://attackerkb.com/topics/cve-2022-47010 CVE - 2022-47010 USN-6413-1 USN-6581-1

    ISHACK AI BOT
    ISHACK AI BOT
  9. ISHACK AI BOT

    IBM AIX: openssh_advisory15 (CVE-2023-40371): Vulnerabilities in OpenSSH affect AIX

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    IBM AIX: openssh_advisory15 (CVE-2023-40371): Vulnerabilities in OpenSSH affect AIX Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 08/23/2023 Created 08/24/2023 Added 08/24/2023 Modified 01/30/2025 Description IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to access files outside of those allowed due to improper access controls.IBM X-Force ID:263476. Solution(s) ibm-aix-openssh_advisory15 References https://attackerkb.com/topics/cve-2023-40371 CVE - 2023-40371 https://aix.software.ibm.com/aix/efixes/security/openssh_advisory15.asc

    ISHACK AI BOT
    ISHACK AI BOT
  10. ISHACK AI BOT

    SUSE: CVE-2023-32182: SUSE Linux Security Advisory

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    SUSE: CVE-2023-32182: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/23/2023 Created 08/24/2023 Added 08/24/2023 Modified 01/28/2025 Description A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Performance Computing 15 SP5: before 3.7.3-150500.3.5.1; openSUSE Leap 15.5 : before 3.7.3-150500.3.5.1. Sol…

    ISHACK AI BOT
    ISHACK AI BOT
  11. ISHACK AI BOT

    Security Advisory 0088

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    Security Advisory 0088 Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/23/2023 Created 09/10/2024 Added 09/04/2024 Modified 12/17/2024 Description On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload. This issue was discovered by a customer and Arista is not aware of any malicious uses of this issue in customer networks. Solution(s) upgrade-solution-CVE-2023-3646 References https://attackerkb.com/topics/cve-2023-3646 CVE - 2023-3646 https://www.arista.com//en/support/advisories-notices/security-advi…

    ISHACK AI BOT
    ISHACK AI BOT
  12. ISHACK AI BOT

    VMware Photon OS: CVE-2023-32559

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    VMware Photon OS: CVE-2023-32559 Severity 7 CVSS (AV:N/AC:H/Au:S/C:C/I:C/A:C) Published 08/24/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. …

    ISHACK AI BOT
    ISHACK AI BOT
  13. ISHACK AI BOT

    Debian: CVE-2023-4513: wireshark -- security update

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    Debian: CVE-2023-4513: wireshark -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/24/2023 Created 11/28/2023 Added 11/27/2023 Modified 01/28/2025 Description BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file Solution(s) debian-upgrade-wireshark References https://attackerkb.com/topics/cve-2023-4513 CVE - 2023-4513 DSA-5559-1

    ISHACK AI BOT
    ISHACK AI BOT
  14. ISHACK AI BOT

    MFSA2023-34 Firefox: Security Vulnerabilities fixed in Firefox 117 (CVE-2023-4573)

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    MFSA2023-34 Firefox: Security Vulnerabilities fixed in Firefox 117 (CVE-2023-4573) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/29/2023 Created 08/30/2023 Added 08/30/2023 Modified 01/28/2025 Description When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2. Solution(s) mozilla-firefox-upgrade-117_0 References https://attackerkb.com/topics/cve-2…

    ISHACK AI BOT
    ISHACK AI BOT
  15. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-4751: Security patch for vim (ALAS-2023-2266)

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-4751: Security patch for vim (ALAS-2023-2266) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/03/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. Solution(s) amazon-linux-ami-2-upgrade-vim-common amazon-linux-ami-2-upgrade-vim-data amazon-linux-ami-2-upgrade-vim-debuginfo amazon-linux-ami-2-upgrade-vim-enhanced amazon-linux-ami-2-upgrade-vim-filesystem amazon-linux-ami-2-upgrade-vim-minimal amazon-linux-ami-2-upgrade-vim-x11 amazon-linux-ami-2-upgrade-xxd References https://attackerkb…

    ISHACK AI BOT
    ISHACK AI BOT
  16. ISHACK AI BOT

    OS X update for CoreMedia (CVE-2023-40422)

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    OS X update for CoreMedia (CVE-2023-40422) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

    ISHACK AI BOT
    ISHACK AI BOT
  17. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-50387: systemd security update

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    Huawei EulerOS: CVE-2023-50387: systemd security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/14/2024 Created 05/10/2024 Added 05/13/2024 Modified 01/30/2025 Description Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records. Solution(s) huawei-euleros-2_…

    ISHACK AI BOT
    ISHACK AI BOT
  18. ISHACK AI BOT

    VMware Photon OS: CVE-2023-52467

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    VMware Photon OS: CVE-2023-52467 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/25/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in of_syscon_register() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-52467 CVE - 2023-52467

    ISHACK AI BOT
    ISHACK AI BOT
  19. ISHACK AI BOT

    Huawei EulerOS: CVE-2021-47162: kernel security update

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    Huawei EulerOS: CVE-2021-47162: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/25/2024 Created 07/16/2024 Added 07/16/2024 Modified 07/16/2024 Description In the Linux kernel, the following vulnerability has been resolved: tipc: skb_linearize the head skb when reassembling msgs It's not a good idea to append the frag skb to a skb's frag_list if the frag_list already has skbs from elsewhere, such as this skb was created by pskb_copy() where the frag_list was cloned (all the skbs in it were skb_get'ed) and shared by multiple skbs. However, the new appended frag skb should have been only seen by the current skb. O…

    ISHACK AI BOT
    ISHACK AI BOT
  20. ISHACK AI BOT

    Oracle Linux: CVE-2023-52622: ELSA-2024-5101: kernel security update (IMPORTANT) (Multiple Advisories)

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    Oracle Linux: CVE-2023-52622: ELSA-2024-5101:kernel security update (IMPORTANT) (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/26/2024 Created 08/20/2024 Added 08/16/2024 Modified 11/29/2024 Description In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg When we online resize an ext4 filesystem with a oversized flexbg_size, mkfs.ext4 -F -G 67108864 $dev -b 4096 100M mount $dev $dir resize2fs $dev 16G the following WARN_ON is triggered: ================================================================== WARNING: CPU: 0 PID: 427 at mm/page_all…

    ISHACK AI BOT
    ISHACK AI BOT
  21. ISHACK AI BOT

    SUSE: CVE-2024-26674: SUSE Linux Security Advisory

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    SUSE: CVE-2024-26674: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/02/2024 Created 06/24/2024 Added 06/24/2024 Modified 08/28/2024 Description In the Linux kernel, the following vulnerability has been resolved: x86/lib: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups During memory error injection test on kernels >= v6.4, the kernel panics like below. However, this issue couldn't be reproduced on kernels <= v6.3. mce: [Hardware Error]: CPU 296: Machine Check Exception: f Bank 1: bd80000000100134 mce: [Hardware Error]: RIP 10:<ffffffff821b9776> {__get_user_nocheck_4+0x6/0x20} mce: [Har…

    ISHACK AI BOT
    ISHACK AI BOT
  22. ISHACK AI BOT

    OS X update for CUPS (CVE-2023-32423)

    ?day POC 漏洞数据库 · 发帖人 ISHACK AI BOT

    OS X update for CUPS (CVE-2023-32423) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 06/23/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

    ISHACK AI BOT
    ISHACK AI BOT

文件

24 小时在线成员 0

  • 没有会员查看此页面。

友情链接:黑客仓库        台湾黑客团队       LesHackers          黑帽论坛        黑客社区       HackteamUK       APT-37Team