ISHACK AI BOT

Huawei EulerOS: CVE-2023-4750: vim security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/04/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Use After Free in GitHub repository vim/vim prior to 9.0.1857. Solution(s) huawei-euleros-2_0_sp10-upgrade-vim-common huawei-euleros-2_0_sp10-upgrade-vim-enhanced huawei-euleros-2_0_sp10-upgrade-vim-filesystem huawei-euleros-2_0_sp10-upgrade-vim-minimal References https://attackerkb.com/topics/cve-2023-4750 CVE - 2023-4750 EulerOS-SA-2023-3233

VMware Photon OS: CVE-2023-4752 Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 09/04/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Use After Free in GitHub repository vim/vim prior to 9.0.1858. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-4752 CVE - 2023-4752

OS X update for Vim (CVE-2023-4733) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/04/2023 Created 11/01/2023 Added 10/31/2023 Modified 01/28/2025 Description Use After Free in GitHub repository vim/vim prior to 9.0.1840. Solution(s) apple-osx-upgrade-14_1 References https://attackerkb.com/topics/cve-2023-4733 CVE - 2023-4733 https://support.apple.com/kb/HT213984

SUSE: CVE-2023-4752: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/04/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description Use After Free in GitHub repository vim/vim prior to 9.0.1858. Solution(s) suse-upgrade-gvim suse-upgrade-vim suse-upgrade-vim-data suse-upgrade-vim-data-common suse-upgrade-vim-small References https://attackerkb.com/topics/cve-2023-4752 CVE - 2023-4752

Ubuntu: USN-6452-1 (CVE-2023-4752): Vim vulnerabilities Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/04/2023 Created 10/27/2023 Added 10/27/2023 Modified 01/28/2025 Description Use After Free in GitHub repository vim/vim prior to 9.0.1858. Solution(s) ubuntu-pro-upgrade-vim ubuntu-pro-upgrade-vim-athena ubuntu-pro-upgrade-vim-gtk ubuntu-pro-upgrade-vim-gtk3 ubuntu-pro-upgrade-vim-nox ubuntu-pro-upgrade-vim-tiny ubuntu-pro-upgrade-xxd References https://attackerkb.com/topics/cve-2023-4752 CVE - 2023-4752 USN-6452-1

Alma Linux: CVE-2023-4580: Important: firefox security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 09/04/2023 Created 09/07/2023 Added 09/07/2023 Modified 01/28/2025 Description Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. Solution(s) alma-upgrade-firefox alma-upgrade-firefox-x11 alma-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-4580 CVE - 2023-4580 https://errata.almalinux.org/8/ALSA-2023-4952.html https://errata.almalinux.org/8/ALSA-2023-4954.html https://errata.almalinux.org/9/ALSA-2023-4955.html https://errata.almalinux.org/9/ALSA-2023-4958.html

Alma Linux: CVE-2023-4577: Important: firefox security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 09/04/2023 Created 09/07/2023 Added 09/07/2023 Modified 01/28/2025 Description When `UpdateRegExpStatics` attempted to access `initialStringHeap` it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. Solution(s) alma-upgrade-firefox alma-upgrade-firefox-x11 alma-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-4577 CVE - 2023-4577 https://errata.almalinux.org/8/ALSA-2023-4952.html https://errata.almalinux.org/8/ALSA-2023-4954.html https://errata.almalinux.org/9/ALSA-2023-4955.html https://errata.almalinux.org/9/ALSA-2023-4958.html

Alma Linux: CVE-2023-4578: Important: firefox security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 09/04/2023 Created 09/07/2023 Added 09/07/2023 Modified 01/28/2025 Description When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in calling `convertToRuntimeErrorAndClear`. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Syntax Error. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. Solution(s) alma-upgrade-firefox alma-upgrade-firefox-x11 alma-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-4578 CVE - 2023-4578 https://errata.almalinux.org/8/ALSA-2023-4952.html https://errata.almalinux.org/8/ALSA-2023-4954.html https://errata.almalinux.org/9/ALSA-2023-4955.html https://errata.almalinux.org/9/ALSA-2023-4958.html

Red Hat: CVE-2023-4585: Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2 (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/04/2023 Created 09/05/2023 Added 09/05/2023 Modified 01/28/2025 Description Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2023-4585 RHSA-2023:4945 RHSA-2023:4947 RHSA-2023:4950 RHSA-2023:4952 RHSA-2023:4954 RHSA-2023:4955 RHSA-2023:4958 RHSA-2023:4959 RHSA-2023:5019 View more

Red Hat: CVE-2023-4580: Push notifications saved to disk unencrypted (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 09/04/2023 Created 09/05/2023 Added 09/05/2023 Modified 01/28/2025 Description Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2023-4580 RHSA-2023:4945 RHSA-2023:4947 RHSA-2023:4950 RHSA-2023:4952 RHSA-2023:4954 RHSA-2023:4955 RHSA-2023:4958 RHSA-2023:4959 RHSA-2023:5019 View more

Red Hat: CVE-2023-4574: Memory corruption in IPC ColorPickerShownCallback (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 09/04/2023 Created 09/05/2023 Added 09/05/2023 Modified 01/28/2025 Description When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2023-4574 RHSA-2023:4945 RHSA-2023:4947 RHSA-2023:4950 RHSA-2023:4952 RHSA-2023:4954 RHSA-2023:4955 RHSA-2023:4958 RHSA-2023:4959 RHSA-2023:5019 View more

Red Hat: CVE-2023-4573: Memory corruption in IPC CanvasTranslator (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 09/04/2023 Created 09/05/2023 Added 09/05/2023 Modified 01/28/2025 Description When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2023-4573 RHSA-2023:4945 RHSA-2023:4947 RHSA-2023:4950 RHSA-2023:4952 RHSA-2023:4954 RHSA-2023:4955 RHSA-2023:4958 RHSA-2023:4959 RHSA-2023:5019 View more

Huawei EulerOS: CVE-2023-4750: vim security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/04/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Use After Free in GitHub repository vim/vim prior to 9.0.1857. Solution(s) huawei-euleros-2_0_sp9-upgrade-vim-common huawei-euleros-2_0_sp9-upgrade-vim-enhanced huawei-euleros-2_0_sp9-upgrade-vim-filesystem huawei-euleros-2_0_sp9-upgrade-vim-minimal References https://attackerkb.com/topics/cve-2023-4750 CVE - 2023-4750 EulerOS-SA-2023-3352

Huawei EulerOS: CVE-2023-4751: vim security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/03/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. Solution(s) huawei-euleros-2_0_sp10-upgrade-vim-common huawei-euleros-2_0_sp10-upgrade-vim-enhanced huawei-euleros-2_0_sp10-upgrade-vim-filesystem huawei-euleros-2_0_sp10-upgrade-vim-minimal References https://attackerkb.com/topics/cve-2023-4751 CVE - 2023-4751 EulerOS-SA-2023-3233

Ubuntu: USN-6452-1 (CVE-2023-4751): Vim vulnerabilities Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/03/2023 Created 10/27/2023 Added 10/27/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. Solution(s) ubuntu-pro-upgrade-vim ubuntu-pro-upgrade-vim-athena ubuntu-pro-upgrade-vim-gtk ubuntu-pro-upgrade-vim-gtk3 ubuntu-pro-upgrade-vim-nox ubuntu-pro-upgrade-vim-tiny ubuntu-pro-upgrade-xxd References https://attackerkb.com/topics/cve-2023-4751 CVE - 2023-4751 USN-6452-1

Amazon Linux AMI: CVE-2023-4751: Security patch for vim (ALAS-2023-1826) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/03/2023 Created 09/28/2023 Added 09/26/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. Solution(s) amazon-linux-upgrade-vim References ALAS-2023-1826 CVE-2023-4751

Huawei EulerOS: CVE-2023-4751: vim security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/03/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. Solution(s) huawei-euleros-2_0_sp9-upgrade-vim-common huawei-euleros-2_0_sp9-upgrade-vim-enhanced huawei-euleros-2_0_sp9-upgrade-vim-filesystem huawei-euleros-2_0_sp9-upgrade-vim-minimal References https://attackerkb.com/topics/cve-2023-4751 CVE - 2023-4751 EulerOS-SA-2023-3352

VMware Photon OS: CVE-2023-4751 Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 09/03/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-4751 CVE - 2023-4751

Huawei EulerOS: CVE-2023-4751: vim security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/03/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. Solution(s) huawei-euleros-2_0_sp11-upgrade-vim-common huawei-euleros-2_0_sp11-upgrade-vim-enhanced huawei-euleros-2_0_sp11-upgrade-vim-filesystem huawei-euleros-2_0_sp11-upgrade-vim-minimal References https://attackerkb.com/topics/cve-2023-4751 CVE - 2023-4751 EulerOS-SA-2023-3288

Alpine Linux: CVE-2023-4751: Vulnerability in Vim Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/03/2023 Created 03/22/2024 Added 03/21/2024 Modified 03/22/2024 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. Solution(s) alpine-linux-upgrade-vim References https://attackerkb.com/topics/cve-2023-4751 CVE - 2023-4751 https://security.alpinelinux.org/vuln/CVE-2023-4751

OS X update for Vim (CVE-2023-4751) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/03/2023 Created 11/01/2023 Added 10/31/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. Solution(s) apple-osx-upgrade-14_1 References https://attackerkb.com/topics/cve-2023-4751 CVE - 2023-4751 https://support.apple.com/kb/HT213984

Amazon Linux AMI 2: CVE-2023-4751: Security patch for vim (ALAS-2023-2266) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/03/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. Solution(s) amazon-linux-ami-2-upgrade-vim-common amazon-linux-ami-2-upgrade-vim-data amazon-linux-ami-2-upgrade-vim-debuginfo amazon-linux-ami-2-upgrade-vim-enhanced amazon-linux-ami-2-upgrade-vim-filesystem amazon-linux-ami-2-upgrade-vim-minimal amazon-linux-ami-2-upgrade-vim-x11 amazon-linux-ami-2-upgrade-xxd References https://attackerkb.com/topics/cve-2023-4751 AL2/ALAS-2023-2266 CVE - 2023-4751

Amazon Linux 2023: CVE-2023-4751: Important priority package update for vim Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 09/03/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. Solution(s) amazon-linux-2023-upgrade-vim-common amazon-linux-2023-upgrade-vim-data amazon-linux-2023-upgrade-vim-debuginfo amazon-linux-2023-upgrade-vim-debugsource amazon-linux-2023-upgrade-vim-default-editor amazon-linux-2023-upgrade-vim-enhanced amazon-linux-2023-upgrade-vim-enhanced-debuginfo amazon-linux-2023-upgrade-vim-filesystem amazon-linux-2023-upgrade-vim-minimal amazon-linux-2023-upgrade-vim-minimal-debuginfo amazon-linux-2023-upgrade-xxd amazon-linux-2023-upgrade-xxd-debuginfo References https://attackerkb.com/topics/cve-2023-4751 CVE - 2023-4751 https://alas.aws.amazon.com/AL2023/ALAS-2023-360.html

Huawei EulerOS: CVE-2023-4751: vim security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/03/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. Solution(s) huawei-euleros-2_0_sp8-upgrade-vim-common huawei-euleros-2_0_sp8-upgrade-vim-enhanced huawei-euleros-2_0_sp8-upgrade-vim-filesystem huawei-euleros-2_0_sp8-upgrade-vim-minimal huawei-euleros-2_0_sp8-upgrade-vim-x11 References https://attackerkb.com/topics/cve-2023-4751 CVE - 2023-4751 EulerOS-SA-2024-1306

Amazon Linux AMI: CVE-2023-4735: Security patch for vim (ALAS-2023-1826) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/02/2023 Created 09/28/2023 Added 09/26/2023 Modified 01/28/2025 Description Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. Solution(s) amazon-linux-upgrade-vim References ALAS-2023-1826 CVE-2023-4735