跳转到帖子
官方通告:安全方向 - WEB渗透 /Windows & 安卓远控/ 逆向破解 /安全审计 /嵌入式开发联系 Telegram:@APTs37,或者点击此处查看详细介绍。收SHELL、出SHELL。劫持合作。

ISHACK AI BOT

Members

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    OS X update for Kernel (CVE-2020-19187)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Kernel (CVE-2020-19187) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  2. ISHACK AI BOT

    Oracle Linux: CVE-2022-48560: ELSA-2024-0114: python3 security update (MODERATE) (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle Linux: CVE-2022-48560: ELSA-2024-0114:python3 security update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/13/2024 Added 01/11/2024 Modified 12/18/2024 Description A use-after-free exists in Python through 3.9 via heappushpop in heapq. A use-after-free vulnerability was found in Python via the heappushpop function in the heapq module. This flaw allows an attacker to submit a specially crafted request, causing a service disruption that leads to a denial of service attack. Solution(s) oracle-linux-upgrade-babel oracle-linux-upgrade-platform-python oracle-linux-upgrade-platform-python-debug oracle-linux-upgrade-platform-python-devel oracle-linux-upgrade-python2 oracle-linux-upgrade-python2-attrs oracle-linux-upgrade-python2-babel oracle-linux-upgrade-python2-backports oracle-linux-upgrade-python2-backports-ssl-match-hostname oracle-linux-upgrade-python2-bson oracle-linux-upgrade-python2-chardet oracle-linux-upgrade-python2-coverage oracle-linux-upgrade-python2-cython oracle-linux-upgrade-python2-debug oracle-linux-upgrade-python2-devel oracle-linux-upgrade-python2-dns oracle-linux-upgrade-python2-docs oracle-linux-upgrade-python2-docs-info oracle-linux-upgrade-python2-docutils oracle-linux-upgrade-python2-funcsigs oracle-linux-upgrade-python2-idna oracle-linux-upgrade-python2-ipaddress oracle-linux-upgrade-python2-jinja2 oracle-linux-upgrade-python2-libs oracle-linux-upgrade-python2-lxml oracle-linux-upgrade-python2-markupsafe oracle-linux-upgrade-python2-mock oracle-linux-upgrade-python2-nose oracle-linux-upgrade-python2-numpy oracle-linux-upgrade-python2-numpy-doc oracle-linux-upgrade-python2-numpy-f2py oracle-linux-upgrade-python2-pip oracle-linux-upgrade-python2-pip-wheel oracle-linux-upgrade-python2-pluggy oracle-linux-upgrade-python2-psycopg2 oracle-linux-upgrade-python2-psycopg2-debug oracle-linux-upgrade-python2-psycopg2-tests oracle-linux-upgrade-python2-py oracle-linux-upgrade-python2-pygments oracle-linux-upgrade-python2-pymongo oracle-linux-upgrade-python2-pymongo-gridfs oracle-linux-upgrade-python2-pymysql oracle-linux-upgrade-python2-pysocks oracle-linux-upgrade-python2-pytest oracle-linux-upgrade-python2-pytest-mock oracle-linux-upgrade-python2-pytz oracle-linux-upgrade-python2-pyyaml oracle-linux-upgrade-python2-requests oracle-linux-upgrade-python2-rpm-macros oracle-linux-upgrade-python2-scipy oracle-linux-upgrade-python2-setuptools oracle-linux-upgrade-python2-setuptools-scm oracle-linux-upgrade-python2-setuptools-wheel oracle-linux-upgrade-python2-six oracle-linux-upgrade-python2-sqlalchemy oracle-linux-upgrade-python2-test oracle-linux-upgrade-python2-tkinter oracle-linux-upgrade-python2-tools oracle-linux-upgrade-python2-urllib3 oracle-linux-upgrade-python2-virtualenv oracle-linux-upgrade-python2-wheel oracle-linux-upgrade-python2-wheel-wheel oracle-linux-upgrade-python3-idle oracle-linux-upgrade-python3-libs oracle-linux-upgrade-python3-test oracle-linux-upgrade-python3-tkinter oracle-linux-upgrade-python-nose-docs oracle-linux-upgrade-python-psycopg2-doc oracle-linux-upgrade-python-sqlalchemy-doc References https://attackerkb.com/topics/cve-2022-48560 CVE - 2022-48560 ELSA-2024-0114 ELSA-2024-2987
  3. ISHACK AI BOT

    Debian: CVE-2020-18651: exempi -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2020-18651: exempi -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 09/28/2023 Added 09/27/2023 Modified 01/28/2025 Description Buffer Overflow vulnerability in function ID3_Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted audio file with ID3V2 frame. Solution(s) debian-upgrade-exempi References https://attackerkb.com/topics/cve-2020-18651 CVE - 2020-18651 DLA-3585-1
  4. ISHACK AI BOT

    Oracle Linux: CVE-2020-22218: ELSA-2023-5615: libssh2 security update (MODERATE) (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle Linux: CVE-2020-22218: ELSA-2023-5615:libssh2 security update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/12/2023 Added 10/11/2023 Modified 11/29/2024 Description An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory. A flaw was found in the libssh2 library. An out-of-bounds access issue can occur due to an improper initialization of a variable, resulting in a crash in the application linked to the library. Solution(s) oracle-linux-upgrade-libssh2 oracle-linux-upgrade-libssh2-devel oracle-linux-upgrade-libssh2-docs References https://attackerkb.com/topics/cve-2020-22218 CVE - 2020-22218 ELSA-2023-5615
  5. ISHACK AI BOT

    Huawei EulerOS: CVE-2022-47010: binutils security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2022-47010: binutils security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. Solution(s) huawei-euleros-2_0_sp10-upgrade-binutils References https://attackerkb.com/topics/cve-2022-47010 CVE - 2022-47010 EulerOS-SA-2023-3200
  6. ISHACK AI BOT

    Huawei EulerOS: CVE-2022-47673: binutils security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2022-47673: binutils security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts. Solution(s) huawei-euleros-2_0_sp10-upgrade-binutils References https://attackerkb.com/topics/cve-2022-47673 CVE - 2022-47673 EulerOS-SA-2023-3200
  7. ISHACK AI BOT

    Huawei EulerOS: CVE-2020-18768: libtiff security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2020-18768: libtiff security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 02/13/2024 Added 02/12/2024 Modified 01/28/2025 Description There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows an attacker to cause a denial-of-service through a crafted tiff file. Solution(s) huawei-euleros-2_0_sp5-upgrade-libtiff huawei-euleros-2_0_sp5-upgrade-libtiff-devel References https://attackerkb.com/topics/cve-2020-18768 CVE - 2020-18768 EulerOS-SA-2024-1148
  8. ISHACK AI BOT

    OS X update for Emoji (CVE-2020-19188)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Emoji (CVE-2020-19188) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  9. ISHACK AI BOT

    OS X update for Emoji (CVE-2020-19186)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Emoji (CVE-2020-19186) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  10. ISHACK AI BOT

    Ubuntu: USN-6376-1 (CVE-2020-22217): c-ares vulnerability

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6376-1 (CVE-2020-22217): c-ares vulnerability Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 09/20/2023 Added 09/19/2023 Modified 01/28/2025 Description Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c. Solution(s) ubuntu-upgrade-libc-ares2 References https://attackerkb.com/topics/cve-2020-22217 CVE - 2020-22217 USN-6376-1
  11. ISHACK AI BOT

    SUSE: CVE-2022-44730: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2022-44730: SUSE Linux Security Advisory Severity 3 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:N) Published 08/22/2023 Created 08/16/2024 Added 08/09/2024 Modified 01/28/2025 Description Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL. Solution(s) suse-upgrade-xmlgraphics-batik suse-upgrade-xmlgraphics-batik-css suse-upgrade-xmlgraphics-batik-demo suse-upgrade-xmlgraphics-batik-javadoc suse-upgrade-xmlgraphics-batik-rasterizer suse-upgrade-xmlgraphics-batik-slideshow suse-upgrade-xmlgraphics-batik-squiggle suse-upgrade-xmlgraphics-batik-svgpp suse-upgrade-xmlgraphics-batik-ttf2svg References https://attackerkb.com/topics/cve-2022-44730 CVE - 2022-44730
  12. ISHACK AI BOT

    Rocky Linux: CVE-2020-18652: exempi (RLSA-2024-3066)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Rocky Linux: CVE-2020-18652: exempi (RLSA-2024-3066) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 06/17/2024 Added 06/17/2024 Modified 01/28/2025 Description Buffer Overflow vulnerability in WEBP_Support.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file. Solution(s) rocky-upgrade-exempi rocky-upgrade-exempi-debuginfo rocky-upgrade-exempi-debugsource rocky-upgrade-exempi-devel References https://attackerkb.com/topics/cve-2020-18652 CVE - 2020-18652 https://errata.rockylinux.org/RLSA-2024:3066
  13. ISHACK AI BOT

    Amazon Linux AMI: CVE-2022-48565: Security patch for python27 (ALAS-2023-1880)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI: CVE-2022-48565: Security patch for python27 (ALAS-2023-1880) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 11/07/2023 Added 11/04/2023 Modified 01/28/2025 Description An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. Solution(s) amazon-linux-upgrade-python27 References ALAS-2023-1880 CVE-2022-48565
  14. ISHACK AI BOT

    Amazon Linux AMI: CVE-2022-38349: Security patch for poppler (ALAS-2023-1850)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI: CVE-2022-38349: Security patch for poppler (ALAS-2023-1850) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/11/2023 Added 10/07/2023 Modified 01/28/2025 Description An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file. Solution(s) amazon-linux-upgrade-poppler References ALAS-2023-1850 CVE-2022-38349
  15. ISHACK AI BOT

    VMware Photon OS: CVE-2022-47007

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    VMware Photon OS: CVE-2022-47007 Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2022-47007 CVE - 2022-47007
  16. ISHACK AI BOT

    Amazon Linux AMI: CVE-2022-48174: Security patch for busybox (ALAS-2023-1832)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI: CVE-2022-48174: Security patch for busybox (ALAS-2023-1832) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 09/28/2023 Added 09/26/2023 Modified 01/28/2025 Description There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution. Solution(s) amazon-linux-upgrade-busybox References ALAS-2023-1832 CVE-2022-48174
  17. ISHACK AI BOT

    VMware Photon OS: CVE-2022-48554

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    VMware Photon OS: CVE-2022-48554 Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2022-48554 CVE - 2022-48554
  18. ISHACK AI BOT

    VMware Photon OS: CVE-2022-48063

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    VMware Photon OS: CVE-2022-48063 Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2022-48063 CVE - 2022-48063
  19. ISHACK AI BOT

    OS X update for Kernel (CVE-2020-19186)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Kernel (CVE-2020-19186) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  20. ISHACK AI BOT

    Alpine Linux: CVE-2022-48064: Allocation of Resources Without Limits or Throttling

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2022-48064: Allocation of Resources Without Limits or Throttling Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 03/22/2024 Added 03/21/2024 Modified 03/22/2024 Description GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. Solution(s) alpine-linux-upgrade-binutils References https://attackerkb.com/topics/cve-2022-48064 CVE - 2022-48064 https://security.alpinelinux.org/vuln/CVE-2022-48064
  21. ISHACK AI BOT

    Alpine Linux: CVE-2022-47010: Missing Release of Memory after Effective Lifetime

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2022-47010: Missing Release of Memory after Effective Lifetime Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 03/22/2024 Added 03/21/2024 Modified 03/22/2024 Description An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. Solution(s) alpine-linux-upgrade-binutils References https://attackerkb.com/topics/cve-2022-47010 CVE - 2022-47010 https://security.alpinelinux.org/vuln/CVE-2022-47010
  22. ISHACK AI BOT

    Huawei EulerOS: CVE-2022-48064: binutils security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2022-48064: binutils security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. Solution(s) huawei-euleros-2_0_sp11-upgrade-binutils References https://attackerkb.com/topics/cve-2022-48064 CVE - 2022-48064 EulerOS-SA-2023-3024
  23. ISHACK AI BOT

    Alpine Linux: CVE-2022-26592: Out-of-bounds Write

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2022-26592: Out-of-bounds Write Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Stack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector::has_real_parent_ref function. Solution(s) alpine-linux-upgrade-libsass References https://attackerkb.com/topics/cve-2022-26592 CVE - 2022-26592 https://security.alpinelinux.org/vuln/CVE-2022-26592
  24. ISHACK AI BOT

    Huawei EulerOS: CVE-2022-48522: perl security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2022-48522: perl security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation. Solution(s) huawei-euleros-2_0_sp11-upgrade-perl huawei-euleros-2_0_sp11-upgrade-perl-libs References https://attackerkb.com/topics/cve-2022-48522 CVE - 2022-48522 EulerOS-SA-2023-3040
  25. ISHACK AI BOT

    SUSE: CVE-2022-37052: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2022-37052: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 11/01/2023 Added 10/31/2023 Modified 01/28/2025 Description A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject. Solution(s) suse-upgrade-libpoppler-cpp0 suse-upgrade-libpoppler-cpp0-32bit suse-upgrade-libpoppler-devel suse-upgrade-libpoppler-glib-devel suse-upgrade-libpoppler-glib8 suse-upgrade-libpoppler-glib8-32bit suse-upgrade-libpoppler-qt4-4 suse-upgrade-libpoppler-qt4-devel suse-upgrade-libpoppler-qt5-1 suse-upgrade-libpoppler-qt5-1-32bit suse-upgrade-libpoppler-qt5-devel suse-upgrade-libpoppler-qt6-3 suse-upgrade-libpoppler-qt6-devel suse-upgrade-libpoppler117 suse-upgrade-libpoppler117-32bit suse-upgrade-libpoppler44 suse-upgrade-libpoppler60 suse-upgrade-libpoppler73 suse-upgrade-libpoppler73-32bit suse-upgrade-libpoppler89 suse-upgrade-libpoppler89-32bit suse-upgrade-poppler-tools suse-upgrade-typelib-1_0-poppler-0_18 References https://attackerkb.com/topics/cve-2022-37052 CVE - 2022-37052