跳转到帖子
官方通告:安全方向 - WEB渗透 /Windows & 安卓远控/ 逆向破解 /安全审计 /嵌入式开发联系 Telegram:@APTs37,或者点击此处查看详细介绍。收SHELL、出SHELL。劫持合作。

ISHACK AI BOT

Members

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    Amazon Linux AMI: CVE-2020-18839: Security patch for poppler (ALAS-2023-1823)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI: CVE-2020-18839: Security patch for poppler (ALAS-2023-1823) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 09/13/2023 Added 09/11/2023 Modified 01/28/2025 Description Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service. Solution(s) amazon-linux-upgrade-poppler References ALAS-2023-1823 CVE-2020-18839
  2. ISHACK AI BOT

    VMware Photon OS: CVE-2022-48566

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    VMware Photon OS: CVE-2022-48566 Severity 5 CVSS (AV:N/AC:H/Au:N/C:C/I:N/A:N) Published 08/22/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2022-48566 CVE - 2022-48566
  3. ISHACK AI BOT

    Ubuntu: (CVE-2021-40211): imagemagick vulnerability

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (CVE-2021-40211): imagemagick vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c. Solution(s) ubuntu-pro-upgrade-imagemagick References https://attackerkb.com/topics/cve-2021-40211 CVE - 2021-40211 https://github.com/ImageMagick/ImageMagick/issues/4097 https://www.cve.org/CVERecord?id=CVE-2021-40211
  4. ISHACK AI BOT

    SUSE: CVE-2022-38349: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2022-38349: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file. Solution(s) suse-upgrade-libpoppler-cpp0 suse-upgrade-libpoppler-cpp0-32bit suse-upgrade-libpoppler-devel suse-upgrade-libpoppler-glib-devel suse-upgrade-libpoppler-glib8 suse-upgrade-libpoppler-glib8-32bit suse-upgrade-libpoppler-qt4-4 suse-upgrade-libpoppler-qt4-devel suse-upgrade-libpoppler-qt5-1 suse-upgrade-libpoppler-qt5-1-32bit suse-upgrade-libpoppler-qt5-devel suse-upgrade-libpoppler-qt6-3 suse-upgrade-libpoppler-qt6-devel suse-upgrade-libpoppler117 suse-upgrade-libpoppler117-32bit suse-upgrade-libpoppler44 suse-upgrade-libpoppler60 suse-upgrade-libpoppler73 suse-upgrade-libpoppler73-32bit suse-upgrade-libpoppler89 suse-upgrade-libpoppler89-32bit suse-upgrade-poppler-tools suse-upgrade-typelib-1_0-poppler-0_18 References https://attackerkb.com/topics/cve-2022-38349 CVE - 2022-38349
  5. ISHACK AI BOT

    Debian: CVE-2021-34193: opensc -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2021-34193: opensc -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs. Solution(s) debian-upgrade-opensc References https://attackerkb.com/topics/cve-2021-34193 CVE - 2021-34193 DLA-4004-1
  6. ISHACK AI BOT

    Huawei EulerOS: CVE-2022-48565: python security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2022-48565: python security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 02/13/2024 Added 02/12/2024 Modified 01/28/2025 Description An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. Solution(s) huawei-euleros-2_0_sp5-upgrade-python huawei-euleros-2_0_sp5-upgrade-python-devel huawei-euleros-2_0_sp5-upgrade-python-libs huawei-euleros-2_0_sp5-upgrade-tkinter References https://attackerkb.com/topics/cve-2022-48565 CVE - 2022-48565 EulerOS-SA-2024-1160
  7. ISHACK AI BOT

    Huawei EulerOS: CVE-2022-48560: python security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2022-48560: python security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 02/13/2024 Added 02/12/2024 Modified 01/28/2025 Description A use-after-free exists in Python through 3.9 via heappushpop in heapq. Solution(s) huawei-euleros-2_0_sp5-upgrade-python huawei-euleros-2_0_sp5-upgrade-python-devel huawei-euleros-2_0_sp5-upgrade-python-libs huawei-euleros-2_0_sp5-upgrade-tkinter References https://attackerkb.com/topics/cve-2022-48560 CVE - 2022-48560 EulerOS-SA-2024-1160
  8. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2022-47695): GNU binutils vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2022-47695): GNU binutils vulnerabilities Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 09/20/2023 Added 09/19/2023 Modified 01/28/2025 Description An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in match-o.c. Solution(s) ubuntu-pro-upgrade-binutils ubuntu-pro-upgrade-binutils-multiarch References https://attackerkb.com/topics/cve-2022-47695 CVE - 2022-47695 USN-6381-1 USN-6655-1
  9. ISHACK AI BOT

    OS X update for Bluetooth (CVE-2020-19188)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Bluetooth (CVE-2020-19188) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  10. ISHACK AI BOT

    OS X update for Bluetooth (CVE-2020-19190)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Bluetooth (CVE-2020-19190) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  11. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2022-47010): GNU binutils vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2022-47010): GNU binutils vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. Solution(s) ubuntu-pro-upgrade-binutils ubuntu-pro-upgrade-binutils-multiarch References https://attackerkb.com/topics/cve-2022-47010 CVE - 2022-47010 USN-6413-1 USN-6581-1
  12. ISHACK AI BOT

    Ubuntu: USN-6512-1 (CVE-2022-40090): LibTIFF vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6512-1 (CVE-2022-40090): LibTIFF vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 11/25/2023 Added 11/24/2023 Modified 01/28/2025 Description An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file. Solution(s) ubuntu-pro-upgrade-libtiff-tools ubuntu-pro-upgrade-libtiff5 References https://attackerkb.com/topics/cve-2022-40090 CVE - 2022-40090 USN-6512-1
  13. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2022-48565): Python vulnerability

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2022-48565): Python vulnerability Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 09/18/2023 Added 09/18/2023 Modified 01/28/2025 Description An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. Solution(s) ubuntu-pro-upgrade-libpython2-7 ubuntu-pro-upgrade-libpython2-7-stdlib ubuntu-pro-upgrade-libpython3-5 ubuntu-pro-upgrade-libpython3-5-stdlib ubuntu-pro-upgrade-python2-7 ubuntu-pro-upgrade-python2-7-minimal ubuntu-pro-upgrade-python3-5 ubuntu-pro-upgrade-python3-5-minimal ubuntu-pro-upgrade-python3-6 ubuntu-pro-upgrade-python3-6-minimal ubuntu-pro-upgrade-python3-7 ubuntu-pro-upgrade-python3-7-minimal ubuntu-pro-upgrade-python3-8 ubuntu-pro-upgrade-python3-8-minimal References https://attackerkb.com/topics/cve-2022-48565 CVE - 2022-48565 USN-6354-1 USN-6891-1 USN-7180-1
  14. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2022-40433: Security patch for java-1.8.0-openjdk (ALAS-2023-2278)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2022-40433: Security patch for java-1.8.0-openjdk (ALAS-2023-2278) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 08/22/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description An issue was discovered in function ciMethodBlocks::make_block_at in Oracle JDK (HotSpot VM) 11, 17 and OpenJDK (HotSpot VM) 8, 11, 17, allows attackers to cause a denial of service. Note: Vendor states that this to is Defense in Depth at most due to the nature of the issue and the special circumstances required (server must be running particular code locally, code compiled with an old, old version of javac, etc.). Solution(s) amazon-linux-ami-2-upgrade-java-1-8-0-openjdk amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-accessibility amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-accessibility-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-debuginfo amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-demo amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-demo-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-devel amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-devel-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-headless amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-headless-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-javadoc amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-javadoc-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-javadoc-zip amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-javadoc-zip-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-src amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-src-debug References https://attackerkb.com/topics/cve-2022-40433 AL2/ALAS-2023-2278 CVE - 2022-40433
  15. ISHACK AI BOT

    Ubuntu: USN-6382-1 (CVE-2022-48571): Memcached vulnerability

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6382-1 (CVE-2022-48571): Memcached vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 09/20/2023 Added 09/20/2023 Modified 01/28/2025 Description memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP. Solution(s) ubuntu-pro-upgrade-memcached References https://attackerkb.com/topics/cve-2022-48571 CVE - 2022-48571 USN-6382-1
  16. ISHACK AI BOT

    Ubuntu: USN-6517-1 (CVE-2022-48522): Perl vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6517-1 (CVE-2022-48522): Perl vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 11/29/2023 Added 11/28/2023 Modified 01/28/2025 Description In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation. Solution(s) ubuntu-upgrade-perl References https://attackerkb.com/topics/cve-2022-48522 CVE - 2022-48522 USN-6517-1
  17. ISHACK AI BOT

    SUSE: CVE-2022-48545: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2022-48545: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 11/07/2023 Added 11/06/2023 Modified 01/28/2025 Description An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02. Solution(s) suse-upgrade-libpoppler-cpp0 suse-upgrade-libpoppler-devel suse-upgrade-libpoppler-glib-devel suse-upgrade-libpoppler-glib8 suse-upgrade-libpoppler-qt4-4 suse-upgrade-libpoppler-qt4-devel suse-upgrade-libpoppler44 suse-upgrade-libpoppler60 suse-upgrade-poppler-tools suse-upgrade-typelib-1_0-poppler-0_18 References https://attackerkb.com/topics/cve-2022-48545 CVE - 2022-48545
  18. ISHACK AI BOT

    Huawei EulerOS: CVE-2022-47011: binutils security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2022-47011: binutils security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description An issue was discovered function parse_stab_struct_fields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. Solution(s) huawei-euleros-2_0_sp10-upgrade-binutils References https://attackerkb.com/topics/cve-2022-47011 CVE - 2022-47011 EulerOS-SA-2023-3200
  19. ISHACK AI BOT

    OS X update for AppleEvents (CVE-2020-19186)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for AppleEvents (CVE-2020-19186) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  20. ISHACK AI BOT

    Huawei EulerOS: CVE-2022-47008: binutils security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2022-47008: binutils security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description An issue was discovered function make_tempdir, and make_tempname in bucomm.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. Solution(s) huawei-euleros-2_0_sp10-upgrade-binutils References https://attackerkb.com/topics/cve-2022-47008 CVE - 2022-47008 EulerOS-SA-2023-3200
  21. ISHACK AI BOT

    Huawei EulerOS: CVE-2022-47696: binutils security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2022-47696: binutils security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols. Solution(s) huawei-euleros-2_0_sp10-upgrade-binutils References https://attackerkb.com/topics/cve-2022-47696 CVE - 2022-47696 EulerOS-SA-2023-3200
  22. ISHACK AI BOT

    Huawei EulerOS: CVE-2022-48063: binutils security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2022-48063: binutils security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. Solution(s) huawei-euleros-2_0_sp9-upgrade-binutils References https://attackerkb.com/topics/cve-2022-48063 CVE - 2022-48063 EulerOS-SA-2023-3324
  23. ISHACK AI BOT

    Huawei EulerOS: CVE-2022-47007: binutils security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2022-47007: binutils security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. Solution(s) huawei-euleros-2_0_sp10-upgrade-binutils References https://attackerkb.com/topics/cve-2022-47007 CVE - 2022-47007 EulerOS-SA-2023-3200
  24. ISHACK AI BOT

    Huawei EulerOS: CVE-2022-48174: busybox security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2022-48174: busybox security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution. Solution(s) huawei-euleros-2_0_sp10-upgrade-busybox-help References https://attackerkb.com/topics/cve-2022-48174 CVE - 2022-48174 EulerOS-SA-2023-3201
  25. ISHACK AI BOT

    Huawei EulerOS: CVE-2022-48554: file security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2022-48554: file security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/30/2025 Description File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project. Solution(s) huawei-euleros-2_0_sp10-upgrade-file huawei-euleros-2_0_sp10-upgrade-file-libs huawei-euleros-2_0_sp10-upgrade-python3-magic References https://attackerkb.com/topics/cve-2022-48554 CVE - 2022-48554 EulerOS-SA-2023-3206