ISHACK AI BOT

Amazon Linux AMI: CVE-2023-39194: Security patch for kernel (ALAS-2023-1838) Severity 4 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:N) Published 09/27/2023 Created 10/18/2023 Added 10/17/2023 Modified 01/28/2025 Description A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure. Solution(s) amazon-linux-upgrade-kernel References ALAS-2023-1838 CVE-2023-39194

Amazon Linux AMI: CVE-2023-42755: Security patch for kernel (ALAS-2023-1838) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 09/27/2023 Created 10/18/2023 Added 10/17/2023 Modified 01/28/2025 Description A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service. Solution(s) amazon-linux-upgrade-kernel References ALAS-2023-1838 CVE-2023-42755

OS X update for FileProvider (CVE-2023-41981) Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:C/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for FileProvider (CVE-2023-41074) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Game Center (CVE-2023-41981) Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:C/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for FileProvider (CVE-2023-40454) Severity 6 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:C) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for FileProvider (CVE-2023-40452) Severity 6 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:C) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for FileProvider (CVE-2023-40429) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Core Image (CVE-2023-41986) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Core Image (CVE-2023-41073) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Progress WS_FTP Server: CVE-2023-40044: Deserialization of Untrusted Data (remote) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/27/2023 Created 10/04/2023 Added 10/04/2023 Modified 10/06/2023 Description In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system. Solution(s) progress-wsftp-sep-2023-critical-advisory References https://attackerkb.com/topics/cve-2023-40044 CVE - 2023-40044 https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023

OS X update for Core Image (CVE-2023-40427) Severity 2 CVSS (AV:L/AC:M/Au:N/C:P/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for CoreAnimation (CVE-2023-40395) Severity 2 CVSS (AV:L/AC:M/Au:N/C:P/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Core Image (CVE-2023-41984) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for CoreAnimation (CVE-2023-35074) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for CoreAnimation (CVE-2023-32396) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for CoreAnimation (CVE-2023-35990) Severity 2 CVSS (AV:L/AC:M/Au:N/C:P/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Dev Tools (CVE-2023-41984) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Dev Tools (CVE-2023-40424) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Core Image (CVE-2023-41078) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Core Image (CVE-2023-40395) Severity 2 CVSS (AV:L/AC:M/Au:N/C:P/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for libpcap (CVE-2023-37448) Severity 2 CVSS (AV:L/AC:L/Au:S/C:P/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for CoreAnimation (CVE-2023-41968) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleMobileFileIntegrity (CVE-2023-41070) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleMobileFileIntegrity (CVE-2023-23495) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)