ISHACK AI BOT

OS X update for Messages (CVE-2023-41993) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Photos Storage (CVE-2023-41993) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Security (CVE-2023-41991) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 09/21/2023 Created 09/26/2023 Added 09/26/2023 Modified 01/28/2025 Description A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. Solution(s) apple-osx-upgrade-13_6 References https://attackerkb.com/topics/cve-2023-41991 CVE - 2023-41991 https://support.apple.com/kb/HT213931

OS X update for System Preferences (CVE-2023-41993) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for FileProvider (CVE-2023-41993) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Kernel (CVE-2023-41993) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Debian: CVE-2015-8371: composer -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/21/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description Composer before 2016-02-10 allows cache poisoning from other projects built on the same host. This results in attacker-controlled code entering a server-side build process. The issue occurs because of the way that dist packages are cached. The cache key is derived from the package name, the dist type, and certain other data from the package repository (which may simply be a commit hash, and thus can be found by an attacker). Versions through 1.0.0-alpha11 are affected, and 1.0.0 is unaffected. Solution(s) debian-upgrade-composer References https://attackerkb.com/topics/cve-2015-8371 CVE - 2015-8371

OS X update for CoreMedia (CVE-2023-41993) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Red Hat: CVE-2023-41993: processing malicious web content may lead to arbitrary code execution (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/21/2023 Created 10/03/2023 Added 10/02/2023 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. Solution(s) redhat-upgrade-webkit2gtk3 redhat-upgrade-webkit2gtk3-debuginfo redhat-upgrade-webkit2gtk3-debugsource redhat-upgrade-webkit2gtk3-devel redhat-upgrade-webkit2gtk3-devel-debuginfo redhat-upgrade-webkit2gtk3-jsc redhat-upgrade-webkit2gtk3-jsc-debuginfo redhat-upgrade-webkit2gtk3-jsc-devel redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2023-41993 RHSA-2023:4201 RHSA-2023:4202

Huawei EulerOS: CVE-2023-4504: cups security update Severity 6 CVSS (AV:L/AC:H/Au:N/C:C/I:C/A:C) Published 09/21/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023. Solution(s) huawei-euleros-2_0_sp9-upgrade-cups-libs References https://attackerkb.com/topics/cve-2023-4504 CVE - 2023-4504 EulerOS-SA-2023-3325

OS X update for System Settings (CVE-2023-41993) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Bluetooth (CVE-2023-41993) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Amazon Linux AMI 2: CVE-2023-4641: Security patch for shadow-utils (ALAS-2023-2247) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 09/21/2023 Created 09/21/2023 Added 09/21/2023 Modified 01/28/2025 Description A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory. Solution(s) amazon-linux-ami-2-upgrade-shadow-utils amazon-linux-ami-2-upgrade-shadow-utils-debuginfo References https://attackerkb.com/topics/cve-2023-4641 AL2/ALAS-2023-2247 CVE - 2023-4641

Amazon Linux AMI 2: CVE-2019-19450: Security patch for python-reportlab (ALAS-2023-2285) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/20/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/30/2025 Description paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626. Solution(s) amazon-linux-ami-2-upgrade-python-reportlab amazon-linux-ami-2-upgrade-python-reportlab-debuginfo amazon-linux-ami-2-upgrade-python-reportlab-docs References https://attackerkb.com/topics/cve-2019-19450 AL2/ALAS-2023-2285 CVE - 2019-19450

Red Hat: CVE-2023-40475: gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with AES3 audio (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 09/20/2023 Created 05/01/2024 Added 05/01/2024 Modified 12/19/2024 Description GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-21661. Solution(s) redhat-upgrade-gstreamer1-plugins-bad-free redhat-upgrade-gstreamer1-plugins-bad-free-debuginfo redhat-upgrade-gstreamer1-plugins-bad-free-debugsource redhat-upgrade-gstreamer1-plugins-bad-free-devel References CVE-2023-40475 RHSA-2024:2287 RHSA-2024:3060

Red Hat: CVE-2019-19450: code injection in paraparser.py allows code execution (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/20/2023 Created 10/11/2023 Added 10/11/2023 Modified 01/30/2025 Description paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626. Solution(s) redhat-upgrade-python-reportlab redhat-upgrade-python-reportlab-debuginfo redhat-upgrade-python-reportlab-debugsource redhat-upgrade-python-reportlab-docs redhat-upgrade-python3-reportlab redhat-upgrade-python3-reportlab-debuginfo References CVE-2019-19450 RHSA-2023:5616 RHSA-2023:5786 RHSA-2023:5790

Progress MOVEit Transfer: CVE-2023-42660: MOVEit Transfer Machine Interface SQL Injection Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 09/20/2023 Created 12/14/2024 Added 12/13/2024 Modified 01/30/2025 Description A SQL injection vulnerability has been identified in the MOVEit Transfer machine interface that could allow an authenticated attacker to gain unauthorized access to the MOVEit Transfer database. An attacker could submit a crafted payload to the MOVEit Transfer machine interface which could result in modification and disclosure of MOVEit database content. Solution(s) progress-moveit-transfer-cve-2023-42660-solution References https://attackerkb.com/topics/cve-2023-42660 CVE - 2023-42660 https://community.progress.com/s/article/ka74Q000000Cg8oQAC

Progress MOVEit Transfer: CVE-2023-40043: MOVEit Transfer System Administrator SQL Injection Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 09/20/2023 Created 12/14/2024 Added 12/13/2024 Modified 01/30/2025 Description A SQL injection vulnerability has been identified in the MOVEit Transfer web interface that could allow a MOVEit system administrator account to gain unauthorized access to the MOVEit Transfer database. A MOVEit system administrator could submit a crafted payload to the MOVEit Transfer web interface which could result in modification and disclosure of MOVEit database content. Solution(s) progress-moveit-transfer-cve-2023-40043-solution References https://attackerkb.com/topics/cve-2023-40043 CVE - 2023-40043 https://community.progress.com/s/article/ka74Q000000Cg8oQAC

SUSE: CVE-2023-3153: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 09/20/2023 Created 09/21/2023 Added 09/21/2023 Modified 01/28/2025 Description A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured. Solution(s) suse-upgrade-libopenvswitch-3_1-0 suse-upgrade-libovn-23_03-0 suse-upgrade-openvswitch3 suse-upgrade-openvswitch3-devel suse-upgrade-openvswitch3-doc suse-upgrade-openvswitch3-ipsec suse-upgrade-openvswitch3-pki suse-upgrade-openvswitch3-test suse-upgrade-openvswitch3-vtep suse-upgrade-ovn3 suse-upgrade-ovn3-central suse-upgrade-ovn3-devel suse-upgrade-ovn3-doc suse-upgrade-ovn3-docker suse-upgrade-ovn3-host suse-upgrade-ovn3-vtep suse-upgrade-python3-ovs3 References https://attackerkb.com/topics/cve-2023-3153 CVE - 2023-3153

Huawei EulerOS: CVE-2023-3341: bind security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/20/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/30/2025 Description The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary. This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1. Solution(s) huawei-euleros-2_0_sp10-upgrade-bind huawei-euleros-2_0_sp10-upgrade-bind-chroot huawei-euleros-2_0_sp10-upgrade-bind-export-libs huawei-euleros-2_0_sp10-upgrade-bind-libs huawei-euleros-2_0_sp10-upgrade-bind-libs-lite huawei-euleros-2_0_sp10-upgrade-bind-pkcs11 huawei-euleros-2_0_sp10-upgrade-bind-utils huawei-euleros-2_0_sp10-upgrade-python3-bind References https://attackerkb.com/topics/cve-2023-3341 CVE - 2023-3341 EulerOS-SA-2023-3199

Amazon Linux 2023: CVE-2023-4504: Medium priority package update for cups Severity 6 CVSS (AV:L/AC:H/Au:N/C:C/I:C/A:C) Published 09/20/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023. A vulnerability was found in OpenPrinting CUPS. The security flaw occurs due to failure in validating the length provided by an attacker-crafted CUPS document, possibly leading to a heap-based buffer overflow and code execution. Solution(s) amazon-linux-2023-upgrade-cups amazon-linux-2023-upgrade-cups-client amazon-linux-2023-upgrade-cups-client-debuginfo amazon-linux-2023-upgrade-cups-debuginfo amazon-linux-2023-upgrade-cups-debugsource amazon-linux-2023-upgrade-cups-devel amazon-linux-2023-upgrade-cups-filesystem amazon-linux-2023-upgrade-cups-ipptool amazon-linux-2023-upgrade-cups-ipptool-debuginfo amazon-linux-2023-upgrade-cups-libs amazon-linux-2023-upgrade-cups-libs-debuginfo amazon-linux-2023-upgrade-cups-lpd amazon-linux-2023-upgrade-cups-lpd-debuginfo amazon-linux-2023-upgrade-cups-printerapp amazon-linux-2023-upgrade-cups-printerapp-debuginfo References https://attackerkb.com/topics/cve-2023-4504 CVE - 2023-4504 https://alas.aws.amazon.com/AL2023/ALAS-2023-361.html

Debian: CVE-2019-19450: python-reportlab -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/20/2023 Created 10/03/2023 Added 10/02/2023 Modified 01/30/2025 Description paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626. Solution(s) debian-upgrade-python-reportlab References https://attackerkb.com/topics/cve-2019-19450 CVE - 2019-19450 DLA-3590-1

SUSE: CVE-2023-42464: SUSE Linux Security Advisory Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/20/2023 Created 09/28/2023 Added 09/27/2023 Modified 01/28/2025 Description A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the underlying protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a malicious actor may be able to fully control the value of the pointer and theoretically achieve Remote Code Execution on the host. This issue is similar to CVE-2023-34967. Solution(s) suse-upgrade-libatalk12 suse-upgrade-netatalk suse-upgrade-netatalk-devel References https://attackerkb.com/topics/cve-2023-42464 CVE - 2023-42464 DSA-5503

Debian: CVE-2023-2163: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/20/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-2163 CVE - 2023-2163

CentOS Linux: CVE-2019-19450: Important: python-reportlab security update (CESA-2023:5616) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/20/2023 Created 10/11/2023 Added 10/11/2023 Modified 01/28/2025 Description paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626. Solution(s) centos-upgrade-python-reportlab centos-upgrade-python-reportlab-debuginfo centos-upgrade-python-reportlab-docs References CVE-2019-19450