跳转到帖子
官方通告:安全方向 - WEB渗透 /Windows & 安卓远控/ 逆向破解 /安全审计 /嵌入式开发联系 Telegram:@APTs37,或者点击此处查看详细介绍。收SHELL、出SHELL。劫持合作。

ISHACK AI BOT

Members

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    Ubuntu: USN-6512-1 (CVE-2023-3576): LibTIFF vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6512-1 (CVE-2023-3576): LibTIFF vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 10/04/2023 Created 11/25/2023 Added 11/24/2023 Modified 01/30/2025 Description A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an application crash, eventually leading to a denial of service. Solution(s) ubuntu-pro-upgrade-libtiff-tools ubuntu-pro-upgrade-libtiff5 References https://attackerkb.com/topics/cve-2023-3576 CVE - 2023-3576 USN-6512-1
  2. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2023-3865): Linux kernel vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2023-3865): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/04/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/23/2025 Description It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service (excessive CPU consumption). (CVE-2023-1206) Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2023-20569) It was discovered that the IPv6 RPL protocol implementation in the Linux kernel did not properly handle user-supplied data. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-2156) Davide Ornaghi discovered that the DECnet network protocol implementation in the Linux kernel contained a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Please note that kernel support for the DECnet has been removed to resolve this CVE. (CVE-2023-3338) Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate command payload size, leading to a out-of-bounds read vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-38432) It was discovered that the NFC implementation in the Linux kernel contained a use-after-free vulnerability when performing peer-to-peer communication in certain conditions. A privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3863) Laurence Wit discovered that the KSMBD implementation in the Linux kernel did not properly validate a buffer size in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-3865) Laurence Wit discovered that the KSMBD implementation in the Linux kernel contained a null pointer dereference vulnerability when handling handling chained requests. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-3866) It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel did not properly handle device initialization failures in certain situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2023-4132) Andy Nguyen discovered that the KVM implementation for AMD processors in the Linux kernel with Secure Encrypted Virtualization (SEV) contained a race condition when accessing the GHCB page. A local attacker in a SEV guest VM could possibly use this to cause a denial of service (host system crash). (CVE-2023-4155) It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-4194) Maxim Suhanov discovered that the exFAT file system implementation in the Linux kernel did not properly check a file name length, leading to an out- of-bounds write vulnerability. An attacker could use this to construct a malicious exFAT image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4273) Thelford Williams discovered that the Ceph file system messenger protocol implementation in the Linux kernel did not properly validate frame segment length in certain situation, leading to a buffer overflow vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-44466) Solution(s) ubuntu-upgrade-linux-image-5-15-0-1030-gkeop ubuntu-upgrade-linux-image-5-15-0-1037-nvidia ubuntu-upgrade-linux-image-5-15-0-1037-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1040-ibm ubuntu-upgrade-linux-image-5-15-0-1040-raspi ubuntu-upgrade-linux-image-5-15-0-1043-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1044-gcp ubuntu-upgrade-linux-image-5-15-0-1044-gke ubuntu-upgrade-linux-image-5-15-0-1044-kvm ubuntu-upgrade-linux-image-5-15-0-1045-oracle ubuntu-upgrade-linux-image-5-15-0-1047-aws ubuntu-upgrade-linux-image-5-15-0-1049-azure ubuntu-upgrade-linux-image-5-15-0-1049-azure-fde ubuntu-upgrade-linux-image-5-15-0-86-generic ubuntu-upgrade-linux-image-5-15-0-86-generic-64k ubuntu-upgrade-linux-image-5-15-0-86-generic-lpae ubuntu-upgrade-linux-image-5-15-0-86-lowlatency ubuntu-upgrade-linux-image-5-15-0-86-lowlatency-64k ubuntu-upgrade-linux-image-6-2-0-1008-starfive ubuntu-upgrade-linux-image-6-2-0-1009-starfive ubuntu-upgrade-linux-image-6-2-0-1011-nvidia ubuntu-upgrade-linux-image-6-2-0-1011-nvidia-64k ubuntu-upgrade-linux-image-6-2-0-1015-aws ubuntu-upgrade-linux-image-6-2-0-1015-oracle ubuntu-upgrade-linux-image-6-2-0-1016-azure ubuntu-upgrade-linux-image-6-2-0-1016-azure-fde ubuntu-upgrade-linux-image-6-2-0-1016-kvm ubuntu-upgrade-linux-image-6-2-0-1016-lowlatency ubuntu-upgrade-linux-image-6-2-0-1016-lowlatency-64k ubuntu-upgrade-linux-image-6-2-0-1016-raspi ubuntu-upgrade-linux-image-6-2-0-1018-gcp ubuntu-upgrade-linux-image-6-2-0-36-generic ubuntu-upgrade-linux-image-6-2-0-36-generic-64k ubuntu-upgrade-linux-image-6-2-0-36-generic-lpae ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-2 ubuntu-upgrade-linux-image-nvidia-64k-6-2 ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-starfive ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 References https://attackerkb.com/topics/cve-2023-3865 CVE - 2023-3865 USN-6416-1 USN-6416-2 USN-6416-3 USN-6445-1 USN-6445-2 USN-6464-1 USN-6466-1 USN-6520-1 View more
  3. ISHACK AI BOT

    Ubuntu: USN-6410-1 (CVE-2023-4693): GRUB2 vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6410-1 (CVE-2023-4693): GRUB2 vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 10/04/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/30/2025 Description An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk. Solution(s) ubuntu-upgrade-grub-efi-amd64 ubuntu-upgrade-grub-efi-amd64-bin ubuntu-upgrade-grub-efi-amd64-signed ubuntu-upgrade-grub-efi-arm64 ubuntu-upgrade-grub-efi-arm64-bin ubuntu-upgrade-grub-efi-arm64-signed References https://attackerkb.com/topics/cve-2023-4693 CVE - 2023-4693 USN-6410-1
  4. ISHACK AI BOT

    Amazon Linux 2023: CVE-2023-4693: Important priority package update for grub2 (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux 2023: CVE-2023-4693: Important priority package update for grub2 (Multiple Advisories) Severity 4 CVSS (AV:L/AC:H/Au:M/C:C/I:N/A:N) Published 10/03/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk. Solution(s) amazon-linux-2023-upgrade-grub2-common amazon-linux-2023-upgrade-grub2-debuginfo amazon-linux-2023-upgrade-grub2-debugsource amazon-linux-2023-upgrade-grub2-efi-aa64 amazon-linux-2023-upgrade-grub2-efi-aa64-cdboot amazon-linux-2023-upgrade-grub2-efi-aa64-ec2 amazon-linux-2023-upgrade-grub2-efi-aa64-modules amazon-linux-2023-upgrade-grub2-efi-x64 amazon-linux-2023-upgrade-grub2-efi-x64-cdboot amazon-linux-2023-upgrade-grub2-efi-x64-ec2 amazon-linux-2023-upgrade-grub2-efi-x64-modules amazon-linux-2023-upgrade-grub2-emu amazon-linux-2023-upgrade-grub2-emu-debuginfo amazon-linux-2023-upgrade-grub2-emu-modules amazon-linux-2023-upgrade-grub2-pc amazon-linux-2023-upgrade-grub2-pc-modules amazon-linux-2023-upgrade-grub2-tools amazon-linux-2023-upgrade-grub2-tools-debuginfo amazon-linux-2023-upgrade-grub2-tools-efi amazon-linux-2023-upgrade-grub2-tools-efi-debuginfo amazon-linux-2023-upgrade-grub2-tools-extra amazon-linux-2023-upgrade-grub2-tools-extra-debuginfo amazon-linux-2023-upgrade-grub2-tools-minimal amazon-linux-2023-upgrade-grub2-tools-minimal-debuginfo References https://attackerkb.com/topics/cve-2023-4693 CVE - 2023-4693 https://alas.aws.amazon.com/AL2023/ALAS-2023-408.html https://alas.aws.amazon.com/AL2023/ALAS-2023-409.html
  5. ISHACK AI BOT

    Amazon Linux 2023: CVE-2023-4911: Important priority package update for glibc

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux 2023: CVE-2023-4911: Important priority package update for glibc Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/03/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. Solution(s) amazon-linux-2023-upgrade-compat-libpthread-nonshared amazon-linux-2023-upgrade-glibc amazon-linux-2023-upgrade-glibc-all-langpacks amazon-linux-2023-upgrade-glibc-benchtests amazon-linux-2023-upgrade-glibc-benchtests-debuginfo amazon-linux-2023-upgrade-glibc-common amazon-linux-2023-upgrade-glibc-common-debuginfo amazon-linux-2023-upgrade-glibc-debuginfo amazon-linux-2023-upgrade-glibc-debugsource amazon-linux-2023-upgrade-glibc-devel amazon-linux-2023-upgrade-glibc-doc amazon-linux-2023-upgrade-glibc-gconv-extra amazon-linux-2023-upgrade-glibc-gconv-extra-debuginfo amazon-linux-2023-upgrade-glibc-headers-x86 amazon-linux-2023-upgrade-glibc-langpack-aa amazon-linux-2023-upgrade-glibc-langpack-af amazon-linux-2023-upgrade-glibc-langpack-agr amazon-linux-2023-upgrade-glibc-langpack-ak amazon-linux-2023-upgrade-glibc-langpack-am amazon-linux-2023-upgrade-glibc-langpack-an amazon-linux-2023-upgrade-glibc-langpack-anp amazon-linux-2023-upgrade-glibc-langpack-ar amazon-linux-2023-upgrade-glibc-langpack-as amazon-linux-2023-upgrade-glibc-langpack-ast amazon-linux-2023-upgrade-glibc-langpack-ayc amazon-linux-2023-upgrade-glibc-langpack-az amazon-linux-2023-upgrade-glibc-langpack-be amazon-linux-2023-upgrade-glibc-langpack-bem amazon-linux-2023-upgrade-glibc-langpack-ber amazon-linux-2023-upgrade-glibc-langpack-bg amazon-linux-2023-upgrade-glibc-langpack-bhb amazon-linux-2023-upgrade-glibc-langpack-bho amazon-linux-2023-upgrade-glibc-langpack-bi amazon-linux-2023-upgrade-glibc-langpack-bn amazon-linux-2023-upgrade-glibc-langpack-bo amazon-linux-2023-upgrade-glibc-langpack-br amazon-linux-2023-upgrade-glibc-langpack-brx amazon-linux-2023-upgrade-glibc-langpack-bs amazon-linux-2023-upgrade-glibc-langpack-byn amazon-linux-2023-upgrade-glibc-langpack-ca amazon-linux-2023-upgrade-glibc-langpack-ce amazon-linux-2023-upgrade-glibc-langpack-chr amazon-linux-2023-upgrade-glibc-langpack-ckb amazon-linux-2023-upgrade-glibc-langpack-cmn amazon-linux-2023-upgrade-glibc-langpack-crh amazon-linux-2023-upgrade-glibc-langpack-cs amazon-linux-2023-upgrade-glibc-langpack-csb amazon-linux-2023-upgrade-glibc-langpack-cv amazon-linux-2023-upgrade-glibc-langpack-cy amazon-linux-2023-upgrade-glibc-langpack-da amazon-linux-2023-upgrade-glibc-langpack-de amazon-linux-2023-upgrade-glibc-langpack-doi amazon-linux-2023-upgrade-glibc-langpack-dsb amazon-linux-2023-upgrade-glibc-langpack-dv amazon-linux-2023-upgrade-glibc-langpack-dz amazon-linux-2023-upgrade-glibc-langpack-el amazon-linux-2023-upgrade-glibc-langpack-en amazon-linux-2023-upgrade-glibc-langpack-eo amazon-linux-2023-upgrade-glibc-langpack-es amazon-linux-2023-upgrade-glibc-langpack-et amazon-linux-2023-upgrade-glibc-langpack-eu amazon-linux-2023-upgrade-glibc-langpack-fa amazon-linux-2023-upgrade-glibc-langpack-ff amazon-linux-2023-upgrade-glibc-langpack-fi amazon-linux-2023-upgrade-glibc-langpack-fil amazon-linux-2023-upgrade-glibc-langpack-fo amazon-linux-2023-upgrade-glibc-langpack-fr amazon-linux-2023-upgrade-glibc-langpack-fur amazon-linux-2023-upgrade-glibc-langpack-fy amazon-linux-2023-upgrade-glibc-langpack-ga amazon-linux-2023-upgrade-glibc-langpack-gd amazon-linux-2023-upgrade-glibc-langpack-gez amazon-linux-2023-upgrade-glibc-langpack-gl amazon-linux-2023-upgrade-glibc-langpack-gu amazon-linux-2023-upgrade-glibc-langpack-gv amazon-linux-2023-upgrade-glibc-langpack-ha amazon-linux-2023-upgrade-glibc-langpack-hak amazon-linux-2023-upgrade-glibc-langpack-he amazon-linux-2023-upgrade-glibc-langpack-hi amazon-linux-2023-upgrade-glibc-langpack-hif amazon-linux-2023-upgrade-glibc-langpack-hne amazon-linux-2023-upgrade-glibc-langpack-hr amazon-linux-2023-upgrade-glibc-langpack-hsb amazon-linux-2023-upgrade-glibc-langpack-ht amazon-linux-2023-upgrade-glibc-langpack-hu amazon-linux-2023-upgrade-glibc-langpack-hy amazon-linux-2023-upgrade-glibc-langpack-ia amazon-linux-2023-upgrade-glibc-langpack-id amazon-linux-2023-upgrade-glibc-langpack-ig amazon-linux-2023-upgrade-glibc-langpack-ik amazon-linux-2023-upgrade-glibc-langpack-is amazon-linux-2023-upgrade-glibc-langpack-it amazon-linux-2023-upgrade-glibc-langpack-iu amazon-linux-2023-upgrade-glibc-langpack-ja amazon-linux-2023-upgrade-glibc-langpack-ka amazon-linux-2023-upgrade-glibc-langpack-kab amazon-linux-2023-upgrade-glibc-langpack-kk amazon-linux-2023-upgrade-glibc-langpack-kl amazon-linux-2023-upgrade-glibc-langpack-km amazon-linux-2023-upgrade-glibc-langpack-kn amazon-linux-2023-upgrade-glibc-langpack-ko amazon-linux-2023-upgrade-glibc-langpack-kok amazon-linux-2023-upgrade-glibc-langpack-ks amazon-linux-2023-upgrade-glibc-langpack-ku amazon-linux-2023-upgrade-glibc-langpack-kw amazon-linux-2023-upgrade-glibc-langpack-ky amazon-linux-2023-upgrade-glibc-langpack-lb amazon-linux-2023-upgrade-glibc-langpack-lg amazon-linux-2023-upgrade-glibc-langpack-li amazon-linux-2023-upgrade-glibc-langpack-lij amazon-linux-2023-upgrade-glibc-langpack-ln amazon-linux-2023-upgrade-glibc-langpack-lo amazon-linux-2023-upgrade-glibc-langpack-lt amazon-linux-2023-upgrade-glibc-langpack-lv amazon-linux-2023-upgrade-glibc-langpack-lzh amazon-linux-2023-upgrade-glibc-langpack-mag amazon-linux-2023-upgrade-glibc-langpack-mai amazon-linux-2023-upgrade-glibc-langpack-mfe amazon-linux-2023-upgrade-glibc-langpack-mg amazon-linux-2023-upgrade-glibc-langpack-mhr amazon-linux-2023-upgrade-glibc-langpack-mi amazon-linux-2023-upgrade-glibc-langpack-miq amazon-linux-2023-upgrade-glibc-langpack-mjw amazon-linux-2023-upgrade-glibc-langpack-mk amazon-linux-2023-upgrade-glibc-langpack-ml amazon-linux-2023-upgrade-glibc-langpack-mn amazon-linux-2023-upgrade-glibc-langpack-mni amazon-linux-2023-upgrade-glibc-langpack-mnw amazon-linux-2023-upgrade-glibc-langpack-mr amazon-linux-2023-upgrade-glibc-langpack-ms amazon-linux-2023-upgrade-glibc-langpack-mt amazon-linux-2023-upgrade-glibc-langpack-my amazon-linux-2023-upgrade-glibc-langpack-nan amazon-linux-2023-upgrade-glibc-langpack-nb amazon-linux-2023-upgrade-glibc-langpack-nds amazon-linux-2023-upgrade-glibc-langpack-ne amazon-linux-2023-upgrade-glibc-langpack-nhn amazon-linux-2023-upgrade-glibc-langpack-niu amazon-linux-2023-upgrade-glibc-langpack-nl amazon-linux-2023-upgrade-glibc-langpack-nn amazon-linux-2023-upgrade-glibc-langpack-nr amazon-linux-2023-upgrade-glibc-langpack-nso amazon-linux-2023-upgrade-glibc-langpack-oc amazon-linux-2023-upgrade-glibc-langpack-om amazon-linux-2023-upgrade-glibc-langpack-or amazon-linux-2023-upgrade-glibc-langpack-os amazon-linux-2023-upgrade-glibc-langpack-pa amazon-linux-2023-upgrade-glibc-langpack-pap amazon-linux-2023-upgrade-glibc-langpack-pl amazon-linux-2023-upgrade-glibc-langpack-ps amazon-linux-2023-upgrade-glibc-langpack-pt amazon-linux-2023-upgrade-glibc-langpack-quz amazon-linux-2023-upgrade-glibc-langpack-raj amazon-linux-2023-upgrade-glibc-langpack-ro amazon-linux-2023-upgrade-glibc-langpack-ru amazon-linux-2023-upgrade-glibc-langpack-rw amazon-linux-2023-upgrade-glibc-langpack-sa amazon-linux-2023-upgrade-glibc-langpack-sah amazon-linux-2023-upgrade-glibc-langpack-sat amazon-linux-2023-upgrade-glibc-langpack-sc amazon-linux-2023-upgrade-glibc-langpack-sd amazon-linux-2023-upgrade-glibc-langpack-se amazon-linux-2023-upgrade-glibc-langpack-sgs amazon-linux-2023-upgrade-glibc-langpack-shn amazon-linux-2023-upgrade-glibc-langpack-shs amazon-linux-2023-upgrade-glibc-langpack-si amazon-linux-2023-upgrade-glibc-langpack-sid amazon-linux-2023-upgrade-glibc-langpack-sk amazon-linux-2023-upgrade-glibc-langpack-sl amazon-linux-2023-upgrade-glibc-langpack-sm amazon-linux-2023-upgrade-glibc-langpack-so amazon-linux-2023-upgrade-glibc-langpack-sq amazon-linux-2023-upgrade-glibc-langpack-sr amazon-linux-2023-upgrade-glibc-langpack-ss amazon-linux-2023-upgrade-glibc-langpack-st amazon-linux-2023-upgrade-glibc-langpack-sv amazon-linux-2023-upgrade-glibc-langpack-sw amazon-linux-2023-upgrade-glibc-langpack-szl amazon-linux-2023-upgrade-glibc-langpack-ta amazon-linux-2023-upgrade-glibc-langpack-tcy amazon-linux-2023-upgrade-glibc-langpack-te amazon-linux-2023-upgrade-glibc-langpack-tg amazon-linux-2023-upgrade-glibc-langpack-th amazon-linux-2023-upgrade-glibc-langpack-the amazon-linux-2023-upgrade-glibc-langpack-ti amazon-linux-2023-upgrade-glibc-langpack-tig amazon-linux-2023-upgrade-glibc-langpack-tk amazon-linux-2023-upgrade-glibc-langpack-tl amazon-linux-2023-upgrade-glibc-langpack-tn amazon-linux-2023-upgrade-glibc-langpack-to amazon-linux-2023-upgrade-glibc-langpack-tpi amazon-linux-2023-upgrade-glibc-langpack-tr amazon-linux-2023-upgrade-glibc-langpack-ts amazon-linux-2023-upgrade-glibc-langpack-tt amazon-linux-2023-upgrade-glibc-langpack-ug amazon-linux-2023-upgrade-glibc-langpack-uk amazon-linux-2023-upgrade-glibc-langpack-unm amazon-linux-2023-upgrade-glibc-langpack-ur amazon-linux-2023-upgrade-glibc-langpack-uz amazon-linux-2023-upgrade-glibc-langpack-ve amazon-linux-2023-upgrade-glibc-langpack-vi amazon-linux-2023-upgrade-glibc-langpack-wa amazon-linux-2023-upgrade-glibc-langpack-wae amazon-linux-2023-upgrade-glibc-langpack-wal amazon-linux-2023-upgrade-glibc-langpack-wo amazon-linux-2023-upgrade-glibc-langpack-xh amazon-linux-2023-upgrade-glibc-langpack-yi amazon-linux-2023-upgrade-glibc-langpack-yo amazon-linux-2023-upgrade-glibc-langpack-yue amazon-linux-2023-upgrade-glibc-langpack-yuw amazon-linux-2023-upgrade-glibc-langpack-zh amazon-linux-2023-upgrade-glibc-langpack-zu amazon-linux-2023-upgrade-glibc-locale-source amazon-linux-2023-upgrade-glibc-minimal-langpack amazon-linux-2023-upgrade-glibc-nss-devel amazon-linux-2023-upgrade-glibc-static amazon-linux-2023-upgrade-glibc-utils amazon-linux-2023-upgrade-glibc-utils-debuginfo amazon-linux-2023-upgrade-libnsl amazon-linux-2023-upgrade-libnsl-debuginfo amazon-linux-2023-upgrade-nscd amazon-linux-2023-upgrade-nscd-debuginfo amazon-linux-2023-upgrade-nss-db amazon-linux-2023-upgrade-nss-db-debuginfo amazon-linux-2023-upgrade-nss-hesiod amazon-linux-2023-upgrade-nss-hesiod-debuginfo amazon-linux-2023-upgrade-sysroot-aarch64-fc34-glibc amazon-linux-2023-upgrade-sysroot-x86-64-fc34-glibc References https://attackerkb.com/topics/cve-2023-4911 CVE - 2023-4911 https://alas.aws.amazon.com/AL2023/ALAS-2023-359.html
  6. ISHACK AI BOT

    Alpine Linux: CVE-2023-43898: NULL Pointer Dereference

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2023-43898: NULL Pointer Dereference Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 10/03/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbi__convert_format. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted pic file. Solution(s) alpine-linux-upgrade-stb References https://attackerkb.com/topics/cve-2023-43898 CVE - 2023-43898 https://security.alpinelinux.org/vuln/CVE-2023-43898
  7. ISHACK AI BOT

    Oracle Linux: CVE-2023-40548: ELSA-2024-1903: shim bug fix update (IMPORTANT) (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle Linux: CVE-2023-40548: ELSA-2024-1903:shim bug fix update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:N/C:C/I:C/A:C) Published 10/03/2023 Created 05/22/2024 Added 04/24/2024 Modified 01/07/2025 Description A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This flaw causes memory corruption and can lead to a crash or data integrity issues during the boot phase. Solution(s) oracle-linux-upgrade-mokutil oracle-linux-upgrade-shim-aa64 oracle-linux-upgrade-shim-ia32 oracle-linux-upgrade-shim-unsigned-x64 oracle-linux-upgrade-shim-x64 References https://attackerkb.com/topics/cve-2023-40548 CVE - 2023-40548 ELSA-2024-1903 ELSA-2024-1959 ELSA-2024-1902
  8. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-4732: Security patch for kernel (ALASKERNEL-5.10-2022-004)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-4732: Security patch for kernel (ALASKERNEL-5.10-2022-004) Severity 4 CVSS (AV:L/AC:M/Au:S/C:N/I:N/A:C) Published 10/03/2023 Created 12/06/2023 Added 12/05/2023 Modified 01/28/2025 Description A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-59-52-142 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-4732 AL2/ALASKERNEL-5.10-2022-004 CVE - 2023-4732
  9. ISHACK AI BOT

    Oracle Linux: CVE-2023-4911: ELSA-2023-5453: glibc security update (IMPORTANT) (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle Linux: CVE-2023-4911: ELSA-2023-5453:glibc security update (IMPORTANT) (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/03/2023 Created 10/06/2023 Added 10/05/2023 Modified 02/14/2025 Description A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. Solution(s) oracle-linux-upgrade-compat-libpthread-nonshared oracle-linux-upgrade-glibc oracle-linux-upgrade-glibc-all-langpacks oracle-linux-upgrade-glibc-benchtests oracle-linux-upgrade-glibc-common oracle-linux-upgrade-glibc-devel oracle-linux-upgrade-glibc-doc oracle-linux-upgrade-glibc-gconv-extra oracle-linux-upgrade-glibc-headers oracle-linux-upgrade-glibc-langpack-aa oracle-linux-upgrade-glibc-langpack-af oracle-linux-upgrade-glibc-langpack-agr oracle-linux-upgrade-glibc-langpack-ak oracle-linux-upgrade-glibc-langpack-am oracle-linux-upgrade-glibc-langpack-an oracle-linux-upgrade-glibc-langpack-anp oracle-linux-upgrade-glibc-langpack-ar oracle-linux-upgrade-glibc-langpack-as oracle-linux-upgrade-glibc-langpack-ast oracle-linux-upgrade-glibc-langpack-ayc oracle-linux-upgrade-glibc-langpack-az oracle-linux-upgrade-glibc-langpack-be oracle-linux-upgrade-glibc-langpack-bem oracle-linux-upgrade-glibc-langpack-ber oracle-linux-upgrade-glibc-langpack-bg oracle-linux-upgrade-glibc-langpack-bhb oracle-linux-upgrade-glibc-langpack-bho oracle-linux-upgrade-glibc-langpack-bi oracle-linux-upgrade-glibc-langpack-bn oracle-linux-upgrade-glibc-langpack-bo oracle-linux-upgrade-glibc-langpack-br oracle-linux-upgrade-glibc-langpack-brx oracle-linux-upgrade-glibc-langpack-bs oracle-linux-upgrade-glibc-langpack-byn oracle-linux-upgrade-glibc-langpack-ca oracle-linux-upgrade-glibc-langpack-ce oracle-linux-upgrade-glibc-langpack-chr oracle-linux-upgrade-glibc-langpack-ckb oracle-linux-upgrade-glibc-langpack-cmn oracle-linux-upgrade-glibc-langpack-crh oracle-linux-upgrade-glibc-langpack-cs oracle-linux-upgrade-glibc-langpack-csb oracle-linux-upgrade-glibc-langpack-cv oracle-linux-upgrade-glibc-langpack-cy oracle-linux-upgrade-glibc-langpack-da oracle-linux-upgrade-glibc-langpack-de oracle-linux-upgrade-glibc-langpack-doi oracle-linux-upgrade-glibc-langpack-dsb oracle-linux-upgrade-glibc-langpack-dv oracle-linux-upgrade-glibc-langpack-dz oracle-linux-upgrade-glibc-langpack-el oracle-linux-upgrade-glibc-langpack-en oracle-linux-upgrade-glibc-langpack-eo oracle-linux-upgrade-glibc-langpack-es oracle-linux-upgrade-glibc-langpack-et oracle-linux-upgrade-glibc-langpack-eu oracle-linux-upgrade-glibc-langpack-fa oracle-linux-upgrade-glibc-langpack-ff oracle-linux-upgrade-glibc-langpack-fi oracle-linux-upgrade-glibc-langpack-fil oracle-linux-upgrade-glibc-langpack-fo oracle-linux-upgrade-glibc-langpack-fr oracle-linux-upgrade-glibc-langpack-fur oracle-linux-upgrade-glibc-langpack-fy oracle-linux-upgrade-glibc-langpack-ga oracle-linux-upgrade-glibc-langpack-gd oracle-linux-upgrade-glibc-langpack-gez oracle-linux-upgrade-glibc-langpack-gl oracle-linux-upgrade-glibc-langpack-gu oracle-linux-upgrade-glibc-langpack-gv oracle-linux-upgrade-glibc-langpack-ha oracle-linux-upgrade-glibc-langpack-hak oracle-linux-upgrade-glibc-langpack-he oracle-linux-upgrade-glibc-langpack-hi oracle-linux-upgrade-glibc-langpack-hif oracle-linux-upgrade-glibc-langpack-hne oracle-linux-upgrade-glibc-langpack-hr oracle-linux-upgrade-glibc-langpack-hsb oracle-linux-upgrade-glibc-langpack-ht oracle-linux-upgrade-glibc-langpack-hu oracle-linux-upgrade-glibc-langpack-hy oracle-linux-upgrade-glibc-langpack-ia oracle-linux-upgrade-glibc-langpack-id oracle-linux-upgrade-glibc-langpack-ig oracle-linux-upgrade-glibc-langpack-ik oracle-linux-upgrade-glibc-langpack-is oracle-linux-upgrade-glibc-langpack-it oracle-linux-upgrade-glibc-langpack-iu oracle-linux-upgrade-glibc-langpack-ja oracle-linux-upgrade-glibc-langpack-ka oracle-linux-upgrade-glibc-langpack-kab oracle-linux-upgrade-glibc-langpack-kk oracle-linux-upgrade-glibc-langpack-kl oracle-linux-upgrade-glibc-langpack-km oracle-linux-upgrade-glibc-langpack-kn oracle-linux-upgrade-glibc-langpack-ko oracle-linux-upgrade-glibc-langpack-kok oracle-linux-upgrade-glibc-langpack-ks oracle-linux-upgrade-glibc-langpack-ku oracle-linux-upgrade-glibc-langpack-kw oracle-linux-upgrade-glibc-langpack-ky oracle-linux-upgrade-glibc-langpack-lb oracle-linux-upgrade-glibc-langpack-lg oracle-linux-upgrade-glibc-langpack-li oracle-linux-upgrade-glibc-langpack-lij oracle-linux-upgrade-glibc-langpack-ln oracle-linux-upgrade-glibc-langpack-lo oracle-linux-upgrade-glibc-langpack-lt oracle-linux-upgrade-glibc-langpack-lv oracle-linux-upgrade-glibc-langpack-lzh oracle-linux-upgrade-glibc-langpack-mag oracle-linux-upgrade-glibc-langpack-mai oracle-linux-upgrade-glibc-langpack-mfe oracle-linux-upgrade-glibc-langpack-mg oracle-linux-upgrade-glibc-langpack-mhr oracle-linux-upgrade-glibc-langpack-mi oracle-linux-upgrade-glibc-langpack-miq oracle-linux-upgrade-glibc-langpack-mjw oracle-linux-upgrade-glibc-langpack-mk oracle-linux-upgrade-glibc-langpack-ml oracle-linux-upgrade-glibc-langpack-mn oracle-linux-upgrade-glibc-langpack-mni oracle-linux-upgrade-glibc-langpack-mnw oracle-linux-upgrade-glibc-langpack-mr oracle-linux-upgrade-glibc-langpack-ms oracle-linux-upgrade-glibc-langpack-mt oracle-linux-upgrade-glibc-langpack-my oracle-linux-upgrade-glibc-langpack-nan oracle-linux-upgrade-glibc-langpack-nb oracle-linux-upgrade-glibc-langpack-nds oracle-linux-upgrade-glibc-langpack-ne oracle-linux-upgrade-glibc-langpack-nhn oracle-linux-upgrade-glibc-langpack-niu oracle-linux-upgrade-glibc-langpack-nl oracle-linux-upgrade-glibc-langpack-nn oracle-linux-upgrade-glibc-langpack-nr oracle-linux-upgrade-glibc-langpack-nso oracle-linux-upgrade-glibc-langpack-oc oracle-linux-upgrade-glibc-langpack-om oracle-linux-upgrade-glibc-langpack-or oracle-linux-upgrade-glibc-langpack-os oracle-linux-upgrade-glibc-langpack-pa oracle-linux-upgrade-glibc-langpack-pap oracle-linux-upgrade-glibc-langpack-pl oracle-linux-upgrade-glibc-langpack-ps oracle-linux-upgrade-glibc-langpack-pt oracle-linux-upgrade-glibc-langpack-quz oracle-linux-upgrade-glibc-langpack-raj oracle-linux-upgrade-glibc-langpack-ro oracle-linux-upgrade-glibc-langpack-ru oracle-linux-upgrade-glibc-langpack-rw oracle-linux-upgrade-glibc-langpack-sa oracle-linux-upgrade-glibc-langpack-sah oracle-linux-upgrade-glibc-langpack-sat oracle-linux-upgrade-glibc-langpack-sc oracle-linux-upgrade-glibc-langpack-sd oracle-linux-upgrade-glibc-langpack-se oracle-linux-upgrade-glibc-langpack-sgs oracle-linux-upgrade-glibc-langpack-shn oracle-linux-upgrade-glibc-langpack-shs oracle-linux-upgrade-glibc-langpack-si oracle-linux-upgrade-glibc-langpack-sid oracle-linux-upgrade-glibc-langpack-sk oracle-linux-upgrade-glibc-langpack-sl oracle-linux-upgrade-glibc-langpack-sm oracle-linux-upgrade-glibc-langpack-so oracle-linux-upgrade-glibc-langpack-sq oracle-linux-upgrade-glibc-langpack-sr oracle-linux-upgrade-glibc-langpack-ss oracle-linux-upgrade-glibc-langpack-st oracle-linux-upgrade-glibc-langpack-sv oracle-linux-upgrade-glibc-langpack-sw oracle-linux-upgrade-glibc-langpack-szl oracle-linux-upgrade-glibc-langpack-ta oracle-linux-upgrade-glibc-langpack-tcy oracle-linux-upgrade-glibc-langpack-te oracle-linux-upgrade-glibc-langpack-tg oracle-linux-upgrade-glibc-langpack-th oracle-linux-upgrade-glibc-langpack-the oracle-linux-upgrade-glibc-langpack-ti oracle-linux-upgrade-glibc-langpack-tig oracle-linux-upgrade-glibc-langpack-tk oracle-linux-upgrade-glibc-langpack-tl oracle-linux-upgrade-glibc-langpack-tn oracle-linux-upgrade-glibc-langpack-to oracle-linux-upgrade-glibc-langpack-tpi oracle-linux-upgrade-glibc-langpack-tr oracle-linux-upgrade-glibc-langpack-ts oracle-linux-upgrade-glibc-langpack-tt oracle-linux-upgrade-glibc-langpack-ug oracle-linux-upgrade-glibc-langpack-uk oracle-linux-upgrade-glibc-langpack-unm oracle-linux-upgrade-glibc-langpack-ur oracle-linux-upgrade-glibc-langpack-uz oracle-linux-upgrade-glibc-langpack-ve oracle-linux-upgrade-glibc-langpack-vi oracle-linux-upgrade-glibc-langpack-wa oracle-linux-upgrade-glibc-langpack-wae oracle-linux-upgrade-glibc-langpack-wal oracle-linux-upgrade-glibc-langpack-wo oracle-linux-upgrade-glibc-langpack-xh oracle-linux-upgrade-glibc-langpack-yi oracle-linux-upgrade-glibc-langpack-yo oracle-linux-upgrade-glibc-langpack-yue oracle-linux-upgrade-glibc-langpack-yuw oracle-linux-upgrade-glibc-langpack-zh oracle-linux-upgrade-glibc-langpack-zu oracle-linux-upgrade-glibc-locale-source oracle-linux-upgrade-glibc-minimal-langpack oracle-linux-upgrade-glibc-nss-devel oracle-linux-upgrade-glibc-static oracle-linux-upgrade-glibc-utils oracle-linux-upgrade-libnsl oracle-linux-upgrade-nscd oracle-linux-upgrade-nss-db oracle-linux-upgrade-nss-hesiod References https://attackerkb.com/topics/cve-2023-4911 CVE - 2023-4911 ELSA-2023-5453 ELSA-2023-12851 ELSA-2023-12854 ELSA-2023-12873 ELSA-2023-12853 ELSA-2023-12850 ELSA-2023-5455 ELSA-2023-12872 View more
  10. ISHACK AI BOT

    CentOS Linux: CVE-2023-4732: Important: kernel-rt security, bug fix, and enhancement update (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    CentOS Linux: CVE-2023-4732: Important: kernel-rt security, bug fix, and enhancement update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:S/C:N/I:N/A:C) Published 10/03/2023 Created 11/16/2023 Added 11/15/2023 Modified 01/28/2025 Description A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x. Solution(s) centos-upgrade-kernel centos-upgrade-kernel-rt References CVE-2023-4732
  11. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2023-43785): libx11 vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2023-43785): libx11 vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 10/03/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system. Solution(s) ubuntu-pro-upgrade-libx11-6 References https://attackerkb.com/topics/cve-2023-43785 CVE - 2023-43785 USN-6407-1 USN-6407-2
  12. ISHACK AI BOT

    CentOS Linux: CVE-2023-4886: Moderate: Satellite 6.14.1 Async Security Update (CESA-2023:7851)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    CentOS Linux: CVE-2023-4886: Moderate: Satellite 6.14.1 Async Security Update (CESA-2023:7851) Severity 4 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:N) Published 10/03/2023 Created 12/20/2023 Added 12/19/2023 Modified 01/28/2025 Description A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable. Solution(s) centos-upgrade-foreman-cli centos-upgrade-satellite centos-upgrade-satellite-branding centos-upgrade-satellite-cli References CVE-2023-4886
  13. ISHACK AI BOT

    Debian: CVE-2023-3592: mosquitto -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-3592: mosquitto -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/03/2023 Created 10/04/2023 Added 10/03/2023 Modified 01/28/2025 Description In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types. Solution(s) debian-upgrade-mosquitto References https://attackerkb.com/topics/cve-2023-3592 CVE - 2023-3592 DSA-5511-1
  14. ISHACK AI BOT

    CentOS Linux: CVE-2023-5345: Important: kpatch-patch security update (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    CentOS Linux: CVE-2023-5345: Important: kpatch-patch security update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/03/2023 Created 12/14/2023 Added 12/13/2023 Modified 01/28/2025 Description A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705. Solution(s) centos-upgrade-kernel centos-upgrade-kpatch-patch-5_14_0-362_8_1 centos-upgrade-kpatch-patch-5_14_0-362_8_1-debuginfo centos-upgrade-kpatch-patch-5_14_0-362_8_1-debugsource References CVE-2023-5345
  15. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2023-43789): libXpm vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2023-43789): libXpm vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 10/03/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system. Solution(s) ubuntu-pro-upgrade-libxpm4 References https://attackerkb.com/topics/cve-2023-43789 CVE - 2023-43789 USN-6408-1 USN-6408-2
  16. ISHACK AI BOT

    OS X update for Share Sheet (CVE-2023-5344)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Share Sheet (CVE-2023-5344) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/02/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  17. ISHACK AI BOT

    Amazon Linux 2023: CVE-2023-5341: Medium priority package update for ImageMagick

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux 2023: CVE-2023-5341: Medium priority package update for ImageMagick Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 10/02/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A heap use-after-free flaw was found in coders/bmp.c in ImageMagick. Solution(s) amazon-linux-2023-upgrade-imagemagick amazon-linux-2023-upgrade-imagemagick-c amazon-linux-2023-upgrade-imagemagick-c-debuginfo amazon-linux-2023-upgrade-imagemagick-c-devel amazon-linux-2023-upgrade-imagemagick-debuginfo amazon-linux-2023-upgrade-imagemagick-debugsource amazon-linux-2023-upgrade-imagemagick-devel amazon-linux-2023-upgrade-imagemagick-doc amazon-linux-2023-upgrade-imagemagick-libs amazon-linux-2023-upgrade-imagemagick-libs-debuginfo amazon-linux-2023-upgrade-imagemagick-perl amazon-linux-2023-upgrade-imagemagick-perl-debuginfo References https://attackerkb.com/topics/cve-2023-5341 CVE - 2023-5341 https://alas.aws.amazon.com/AL2023/ALAS-2023-379.html
  18. ISHACK AI BOT

    OS X update for AppleEvents (CVE-2023-5344)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for AppleEvents (CVE-2023-5344) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/02/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  19. ISHACK AI BOT

    Amazon Linux 2023: CVE-2023-5345: Important priority package update for kernel

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux 2023: CVE-2023-5345: Important priority package update for kernel Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/02/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705. A flaw was found in the SMB client component in the Linux kernel. In case of an error in smb3_fs_context_parse_param, `ctx->password` was freed, but the field was not set to NULL, potentially leading to a use-after-free vulnerability. This flaw allows a local user to crash or potentially escalate their privileges on the system. Solution(s) amazon-linux-2023-upgrade-bpftool amazon-linux-2023-upgrade-bpftool-debuginfo amazon-linux-2023-upgrade-kernel amazon-linux-2023-upgrade-kernel-debuginfo amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64 amazon-linux-2023-upgrade-kernel-devel amazon-linux-2023-upgrade-kernel-headers amazon-linux-2023-upgrade-kernel-libbpf amazon-linux-2023-upgrade-kernel-libbpf-devel amazon-linux-2023-upgrade-kernel-libbpf-static amazon-linux-2023-upgrade-kernel-livepatch-6-1-56-82-125 amazon-linux-2023-upgrade-kernel-modules-extra amazon-linux-2023-upgrade-kernel-tools amazon-linux-2023-upgrade-kernel-tools-debuginfo amazon-linux-2023-upgrade-kernel-tools-devel amazon-linux-2023-upgrade-perf amazon-linux-2023-upgrade-perf-debuginfo amazon-linux-2023-upgrade-python3-perf amazon-linux-2023-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-5345 CVE - 2023-5345 https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html
  20. ISHACK AI BOT

    VMware Photon OS: CVE-2023-5344

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    VMware Photon OS: CVE-2023-5344 Severity 2 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:P) Published 10/02/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-5344 CVE - 2023-5344
  21. ISHACK AI BOT

    OS X update for Accessibility (CVE-2023-5344)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Accessibility (CVE-2023-5344) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/02/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  22. ISHACK AI BOT

    OS X update for Automation (CVE-2023-5344)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Automation (CVE-2023-5344) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/02/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  23. ISHACK AI BOT

    Ubuntu: USN-6492-1 (CVE-2023-0809): Mosquitto vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6492-1 (CVE-2023-0809): Mosquitto vulnerabilities Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 10/02/2023 Created 11/23/2023 Added 11/22/2023 Modified 01/28/2025 Description In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets. Solution(s) ubuntu-pro-upgrade-mosquitto References https://attackerkb.com/topics/cve-2023-0809 CVE - 2023-0809 USN-6492-1
  24. ISHACK AI BOT

    Alpine Linux: CVE-2023-43361: Out-of-bounds Write

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2023-43361: Out-of-bounds Write Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/02/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files. Solution(s) alpine-linux-upgrade-vorbis-tools References https://attackerkb.com/topics/cve-2023-43361 CVE - 2023-43361 https://security.alpinelinux.org/vuln/CVE-2023-43361
  25. ISHACK AI BOT

    Alpine Linux: CVE-2023-3592: Missing Release of Memory after Effective Lifetime

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2023-3592: Missing Release of Memory after Effective Lifetime Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 10/02/2023 Created 03/22/2024 Added 03/26/2024 Modified 10/14/2024 Description In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types. Solution(s) alpine-linux-upgrade-mosquitto References https://attackerkb.com/topics/cve-2023-3592 CVE - 2023-3592 https://security.alpinelinux.org/vuln/CVE-2023-3592