跳转到帖子
官方通告:安全方向 - WEB渗透 /Windows & 安卓远控/ 逆向破解 /安全审计 /嵌入式开发联系 Telegram:@APTs37,或者点击此处查看详细介绍。收SHELL、出SHELL。劫持合作。

ISHACK AI BOT

Members

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    Ubuntu: USN-6452-1 (CVE-2023-4738): Vim vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6452-1 (CVE-2023-4738): Vim vulnerabilities Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/02/2023 Created 10/27/2023 Added 10/27/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848. Solution(s) ubuntu-upgrade-vim ubuntu-upgrade-vim-athena ubuntu-upgrade-vim-gtk3 ubuntu-upgrade-vim-nox ubuntu-upgrade-vim-tiny ubuntu-upgrade-xxd References https://attackerkb.com/topics/cve-2023-4738 CVE - 2023-4738 USN-6452-1
  2. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-4735: vim security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2023-4735: vim security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/02/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. Solution(s) huawei-euleros-2_0_sp10-upgrade-vim-common huawei-euleros-2_0_sp10-upgrade-vim-enhanced huawei-euleros-2_0_sp10-upgrade-vim-filesystem huawei-euleros-2_0_sp10-upgrade-vim-minimal References https://attackerkb.com/topics/cve-2023-4735 CVE - 2023-4735 EulerOS-SA-2023-3233
  3. ISHACK AI BOT

    Ubuntu: USN-6452-1 (CVE-2023-4734): Vim vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6452-1 (CVE-2023-4734): Vim vulnerabilities Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/02/2023 Created 10/27/2023 Added 10/27/2023 Modified 01/28/2025 Description Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846. Solution(s) ubuntu-upgrade-vim ubuntu-upgrade-vim-athena ubuntu-upgrade-vim-gtk ubuntu-upgrade-vim-gtk3 ubuntu-upgrade-vim-nox ubuntu-upgrade-vim-tiny ubuntu-upgrade-xxd References https://attackerkb.com/topics/cve-2023-4734 CVE - 2023-4734 USN-6452-1
  4. ISHACK AI BOT

    Amazon Linux 2023: CVE-2023-4738: Important priority package update for vim

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux 2023: CVE-2023-4738: Important priority package update for vim Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 09/02/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848. Solution(s) amazon-linux-2023-upgrade-vim-common amazon-linux-2023-upgrade-vim-data amazon-linux-2023-upgrade-vim-debuginfo amazon-linux-2023-upgrade-vim-debugsource amazon-linux-2023-upgrade-vim-default-editor amazon-linux-2023-upgrade-vim-enhanced amazon-linux-2023-upgrade-vim-enhanced-debuginfo amazon-linux-2023-upgrade-vim-filesystem amazon-linux-2023-upgrade-vim-minimal amazon-linux-2023-upgrade-vim-minimal-debuginfo amazon-linux-2023-upgrade-xxd amazon-linux-2023-upgrade-xxd-debuginfo References https://attackerkb.com/topics/cve-2023-4738 CVE - 2023-4738 https://alas.aws.amazon.com/AL2023/ALAS-2023-360.html
  5. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-4734: vim security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2023-4734: vim security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/02/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846. Solution(s) huawei-euleros-2_0_sp10-upgrade-vim-common huawei-euleros-2_0_sp10-upgrade-vim-enhanced huawei-euleros-2_0_sp10-upgrade-vim-filesystem huawei-euleros-2_0_sp10-upgrade-vim-minimal References https://attackerkb.com/topics/cve-2023-4734 CVE - 2023-4734 EulerOS-SA-2023-3233
  6. ISHACK AI BOT

    Amazon Linux AMI: CVE-2023-4738: Security patch for vim (ALAS-2023-1826)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI: CVE-2023-4738: Security patch for vim (ALAS-2023-1826) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/02/2023 Created 09/28/2023 Added 09/26/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848. Solution(s) amazon-linux-upgrade-vim References ALAS-2023-1826 CVE-2023-4738
  7. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-4735: Security patch for vim (ALAS-2023-2266)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-4735: Security patch for vim (ALAS-2023-2266) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/02/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. Solution(s) amazon-linux-ami-2-upgrade-vim-common amazon-linux-ami-2-upgrade-vim-data amazon-linux-ami-2-upgrade-vim-debuginfo amazon-linux-ami-2-upgrade-vim-enhanced amazon-linux-ami-2-upgrade-vim-filesystem amazon-linux-ami-2-upgrade-vim-minimal amazon-linux-ami-2-upgrade-vim-x11 amazon-linux-ami-2-upgrade-xxd References https://attackerkb.com/topics/cve-2023-4735 AL2/ALAS-2023-2266 CVE - 2023-4735
  8. ISHACK AI BOT

    Alpine Linux: CVE-2023-4735: Out-of-bounds Write

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2023-4735: Out-of-bounds Write Severity 4 CVSS (AV:L/AC:M/Au:S/C:P/I:P/A:P) Published 09/02/2023 Created 03/22/2024 Added 03/26/2024 Modified 10/14/2024 Description Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. Solution(s) alpine-linux-upgrade-vim References https://attackerkb.com/topics/cve-2023-4735 CVE - 2023-4735 https://security.alpinelinux.org/vuln/CVE-2023-4735
  9. ISHACK AI BOT

    SUSE: CVE-2023-4735: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2023-4735: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/02/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. Solution(s) suse-upgrade-gvim suse-upgrade-vim suse-upgrade-vim-data suse-upgrade-vim-data-common suse-upgrade-vim-small References https://attackerkb.com/topics/cve-2023-4735 CVE - 2023-4735
  10. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-4738: Security patch for vim (ALAS-2023-2266)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-4738: Security patch for vim (ALAS-2023-2266) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/02/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848. Solution(s) amazon-linux-ami-2-upgrade-vim-common amazon-linux-ami-2-upgrade-vim-data amazon-linux-ami-2-upgrade-vim-debuginfo amazon-linux-ami-2-upgrade-vim-enhanced amazon-linux-ami-2-upgrade-vim-filesystem amazon-linux-ami-2-upgrade-vim-minimal amazon-linux-ami-2-upgrade-vim-x11 amazon-linux-ami-2-upgrade-xxd References https://attackerkb.com/topics/cve-2023-4738 AL2/ALAS-2023-2266 CVE - 2023-4738
  11. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-4734: Security patch for vim (ALAS-2023-2266)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-4734: Security patch for vim (ALAS-2023-2266) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/02/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846. Solution(s) amazon-linux-ami-2-upgrade-vim-common amazon-linux-ami-2-upgrade-vim-data amazon-linux-ami-2-upgrade-vim-debuginfo amazon-linux-ami-2-upgrade-vim-enhanced amazon-linux-ami-2-upgrade-vim-filesystem amazon-linux-ami-2-upgrade-vim-minimal amazon-linux-ami-2-upgrade-vim-x11 amazon-linux-ami-2-upgrade-xxd References https://attackerkb.com/topics/cve-2023-4734 AL2/ALAS-2023-2266 CVE - 2023-4734
  12. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-4735: vim security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2023-4735: vim security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/02/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. Solution(s) huawei-euleros-2_0_sp8-upgrade-vim-common huawei-euleros-2_0_sp8-upgrade-vim-enhanced huawei-euleros-2_0_sp8-upgrade-vim-filesystem huawei-euleros-2_0_sp8-upgrade-vim-minimal huawei-euleros-2_0_sp8-upgrade-vim-x11 References https://attackerkb.com/topics/cve-2023-4735 CVE - 2023-4735 EulerOS-SA-2024-1306
  13. ISHACK AI BOT

    OS X update for Vim (CVE-2023-4735)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Vim (CVE-2023-4735) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/02/2023 Created 11/01/2023 Added 10/31/2023 Modified 01/28/2025 Description Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. Solution(s) apple-osx-upgrade-14_1 References https://attackerkb.com/topics/cve-2023-4735 CVE - 2023-4735 https://support.apple.com/kb/HT213984
  14. ISHACK AI BOT

    OS X update for Vim (CVE-2023-4736)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Vim (CVE-2023-4736) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/02/2023 Created 11/01/2023 Added 10/31/2023 Modified 01/28/2025 Description Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833. Solution(s) apple-osx-upgrade-14_1 References https://attackerkb.com/topics/cve-2023-4736 CVE - 2023-4736 https://support.apple.com/kb/HT213984
  15. ISHACK AI BOT

    VMware Photon OS: CVE-2023-4738

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    VMware Photon OS: CVE-2023-4738 Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 09/02/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-4738 CVE - 2023-4738
  16. ISHACK AI BOT

    Fortinet FortiManager: Improper Certificate Validation (CVE-2022-22305)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Fortinet FortiManager: Improper Certificate Validation (CVE-2022-22305) Severity 4 CVSS (AV:A/AC:M/Au:N/C:P/I:P/A:N) Published 09/01/2023 Created 09/11/2023 Added 09/11/2023 Modified 01/28/2025 Description An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication between the listed products and some external peers. Solution(s) fortinet-fortimanager-upgrade-6_0_12 fortinet-fortimanager-upgrade-6_2_11 fortinet-fortimanager-upgrade-6_4_6 fortinet-fortimanager-upgrade-6_4_7 fortinet-fortimanager-upgrade-7_0_1 fortinet-fortimanager-upgrade-7_0_2 References https://attackerkb.com/topics/cve-2022-22305 CVE - 2022-22305 https://fortiguard.com/psirt/FG-IR-18-292
  17. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-36328: libtommath security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2023-36328: libtommath security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/01/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS). Solution(s) huawei-euleros-2_0_sp10-upgrade-libtommath References https://attackerkb.com/topics/cve-2023-36328 CVE - 2023-36328 EulerOS-SA-2023-3220
  18. ISHACK AI BOT

    Debian: CVE-2023-28366: mosquitto -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-28366: mosquitto -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/01/2023 Created 10/04/2023 Added 10/03/2023 Modified 01/28/2025 Description The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function. Solution(s) debian-upgrade-mosquitto References https://attackerkb.com/topics/cve-2023-28366 CVE - 2023-28366 DSA-5511 DSA-5511-1
  19. ISHACK AI BOT

    Debian: CVE-2023-40968: timg -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-40968: timg -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/01/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description Buffer Overflow vulnerability in hzeller timg v.1.5.1 and before allows a remote attacker to cause a denial of service via the 0x61200000045c address. Solution(s) debian-upgrade-timg References https://attackerkb.com/topics/cve-2023-40968 CVE - 2023-40968
  20. ISHACK AI BOT

    Ubuntu: USN-6492-1 (CVE-2023-28366): Mosquitto vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6492-1 (CVE-2023-28366): Mosquitto vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/01/2023 Created 11/23/2023 Added 11/22/2023 Modified 01/28/2025 Description The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function. Solution(s) ubuntu-upgrade-mosquitto References https://attackerkb.com/topics/cve-2023-28366 CVE - 2023-28366 DSA-5511 USN-6492-1
  21. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-36328: libtommath security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2023-36328: libtommath security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/01/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS). Solution(s) huawei-euleros-2_0_sp11-upgrade-libtommath References https://attackerkb.com/topics/cve-2023-36328 CVE - 2023-36328 EulerOS-SA-2023-3037
  22. ISHACK AI BOT

    Oracle Linux: CVE-2023-40569: ELSA-2024-2208: freerdp security update (MODERATE) (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle Linux: CVE-2023-40569: ELSA-2024-2208:freerdp security update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/01/2023 Created 05/22/2024 Added 05/07/2024 Modified 11/30/2024 Description FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `progressive_decompress` function. This issue is likely down to incorrect calculations of the `nXSrc` and `nYSrc` variables. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. there are no known workarounds for this vulnerability. A flaw was found in FreeRDP. Incorrect calculations in the `progressive_decompress` function may allow for a buffer overflow, resulting in a crash. Solution(s) oracle-linux-upgrade-freerdp oracle-linux-upgrade-freerdp-devel oracle-linux-upgrade-freerdp-libs oracle-linux-upgrade-libwinpr oracle-linux-upgrade-libwinpr-devel References https://attackerkb.com/topics/cve-2023-40569 CVE - 2023-40569 ELSA-2024-2208
  23. ISHACK AI BOT

    Oracle Linux: CVE-2023-40188: ELSA-2024-2208: freerdp security update (MODERATE) (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle Linux: CVE-2023-40188: ELSA-2024-2208:freerdp security update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/01/2023 Created 05/22/2024 Added 05/07/2024 Modified 11/30/2024 Description FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `general_LumaToYUV444` function. This Out-Of-Bounds Read occurs because processing is done on the `in` variable without checking if it contains data of sufficient length. Insufficient data for the `in` variable may cause errors or crashes. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this issue. Solution(s) oracle-linux-upgrade-freerdp oracle-linux-upgrade-freerdp-devel oracle-linux-upgrade-freerdp-libs oracle-linux-upgrade-libwinpr oracle-linux-upgrade-libwinpr-devel References https://attackerkb.com/topics/cve-2023-40188 CVE - 2023-40188 ELSA-2024-2208
  24. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2023-36328): LibTomMath vulnerability

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2023-36328): LibTomMath vulnerability Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/01/2023 Created 10/04/2023 Added 10/03/2023 Modified 01/28/2025 Description Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS). Solution(s) ubuntu-pro-upgrade-libtommath0 ubuntu-pro-upgrade-libtommath1 References https://attackerkb.com/topics/cve-2023-36328 CVE - 2023-36328 USN-6402-1 USN-6402-2
  25. ISHACK AI BOT

    Gentoo Linux: CVE-2023-28366: Eclipse Mosquitto: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-28366: Eclipse Mosquitto: Multiple Vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/01/2023 Created 01/09/2024 Added 01/08/2024 Modified 01/28/2025 Description The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function. Solution(s) gentoo-linux-upgrade-app-misc-mosquitto References https://attackerkb.com/topics/cve-2023-28366 CVE - 2023-28366 202401-09