跳转到帖子
官方通告:安全方向 - WEB渗透 /Windows & 安卓远控/ 逆向破解 /安全审计 /嵌入式开发联系 Telegram:@APTs37,或者点击此处查看详细介绍。收SHELL、出SHELL。劫持合作。

ISHACK AI BOT

Members

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    Debian: CVE-2023-39950: efibootguard -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-39950: efibootguard -- security update Severity 6 CVSS (AV:L/AC:L/Au:N/C:N/I:C/A:P) Published 08/14/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/30/2025 Description efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into `bg_setenv`) or programs using `libebgenv`. This is triggered when the affected components try to modify a manipulated environment, in particular its user variables. Furthermore, `bg_printenv` may crash over invalid read accesses or report invalid results. Not affected by this issue is EFI Boot Guard's bootloader EFI binary. EFI Boot Guard release v0.15 contains required patches to sanitize and validate the bootloader environment prior to processing it in userspace. Its library and tools should be updated, so should programs statically linked against it. An update of the bootloader EFI executable is not required. The only way to prevent the issue with an unpatched EFI Boot Guard version is to avoid accesses to user variables, specifically modifications to them. Solution(s) debian-upgrade-efibootguard References https://attackerkb.com/topics/cve-2023-39950 CVE - 2023-39950
  2. ISHACK AI BOT

    OS X update for ATS (CVE-2022-42828)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for ATS (CVE-2022-42828) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  3. ISHACK AI BOT

    OS X update for SMB (CVE-2022-42828)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for SMB (CVE-2022-42828) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  4. ISHACK AI BOT

    OS X update for SharedFileList (CVE-2023-32358)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for SharedFileList (CVE-2023-32358) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  5. ISHACK AI BOT

    OS X update for ATS (CVE-2022-32876)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for ATS (CVE-2022-32876) Severity 2 CVSS (AV:L/AC:L/Au:S/C:P/I:N/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  6. ISHACK AI BOT

    OS X update for Accelerate Framework (CVE-2022-32876)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Accelerate Framework (CVE-2022-32876) Severity 2 CVSS (AV:L/AC:L/Au:S/C:P/I:N/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  7. ISHACK AI BOT

    OS X update for Carbon Core (CVE-2023-28198)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Carbon Core (CVE-2023-28198) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  8. ISHACK AI BOT

    OS X update for CoreCapture (CVE-2023-28198)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for CoreCapture (CVE-2023-28198) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  9. ISHACK AI BOT

    OS X update for Camera (CVE-2023-27947)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Camera (CVE-2023-27947) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  10. ISHACK AI BOT

    OS X update for Camera (CVE-2023-32358)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Camera (CVE-2023-32358) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  11. ISHACK AI BOT

    OS X update for ColorSync (CVE-2023-27948)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for ColorSync (CVE-2023-27948) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  12. ISHACK AI BOT

    OS X update for Carbon Core (CVE-2023-27948)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Carbon Core (CVE-2023-27948) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  13. ISHACK AI BOT

    OS X update for CFNetwork (CVE-2022-26699)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for CFNetwork (CVE-2022-26699) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  14. ISHACK AI BOT

    OS X update for AppleMobileFileIntegrity (CVE-2023-27947)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for AppleMobileFileIntegrity (CVE-2023-27947) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  15. ISHACK AI BOT

    OS X update for Apple Neural Engine (CVE-2022-42828)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Apple Neural Engine (CVE-2022-42828) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  16. ISHACK AI BOT

    OS X update for Calendar (CVE-2023-28198)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Calendar (CVE-2023-28198) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  17. ISHACK AI BOT

    OS X update for Identity Services (CVE-2023-27939)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Identity Services (CVE-2023-27939) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  18. ISHACK AI BOT

    OS X update for AMD (CVE-2023-27948)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for AMD (CVE-2023-27948) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  19. ISHACK AI BOT

    OS X update for libc (CVE-2023-28198)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for libc (CVE-2023-28198) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  20. ISHACK AI BOT

    OS X update for FontParser (CVE-2023-32358)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for FontParser (CVE-2023-32358) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  21. ISHACK AI BOT

    Amazon Linux 2023: CVE-2023-4569: Important priority package update for kernel

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux 2023: CVE-2023-4569: Important priority package update for kernel Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 08/12/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak. Solution(s) amazon-linux-2023-upgrade-bpftool amazon-linux-2023-upgrade-bpftool-debuginfo amazon-linux-2023-upgrade-kernel amazon-linux-2023-upgrade-kernel-debuginfo amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64 amazon-linux-2023-upgrade-kernel-devel amazon-linux-2023-upgrade-kernel-headers amazon-linux-2023-upgrade-kernel-libbpf amazon-linux-2023-upgrade-kernel-libbpf-devel amazon-linux-2023-upgrade-kernel-libbpf-static amazon-linux-2023-upgrade-kernel-livepatch-6-1-49-69-116 amazon-linux-2023-upgrade-kernel-tools amazon-linux-2023-upgrade-kernel-tools-debuginfo amazon-linux-2023-upgrade-kernel-tools-devel amazon-linux-2023-upgrade-perf amazon-linux-2023-upgrade-perf-debuginfo amazon-linux-2023-upgrade-python3-perf amazon-linux-2023-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-4569 CVE - 2023-4569 https://alas.aws.amazon.com/AL2023/ALAS-2023-330.html
  22. ISHACK AI BOT

    Red Hat: CVE-2022-27635: Improper access control for some Intel(R) PROSet/Wireless WiFi (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat: CVE-2022-27635: Improper access control for some Intel(R) PROSet/Wireless WiFi (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 08/11/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) redhat-upgrade-iwl100-firmware redhat-upgrade-iwl1000-firmware redhat-upgrade-iwl105-firmware redhat-upgrade-iwl135-firmware redhat-upgrade-iwl2000-firmware redhat-upgrade-iwl2030-firmware redhat-upgrade-iwl3160-firmware redhat-upgrade-iwl3945-firmware redhat-upgrade-iwl4965-firmware redhat-upgrade-iwl5000-firmware redhat-upgrade-iwl5150-firmware redhat-upgrade-iwl6000-firmware redhat-upgrade-iwl6000g2a-firmware redhat-upgrade-iwl6000g2b-firmware redhat-upgrade-iwl6050-firmware redhat-upgrade-iwl7260-firmware redhat-upgrade-libertas-sd8787-firmware redhat-upgrade-linux-firmware redhat-upgrade-linux-firmware-whence redhat-upgrade-netronome-firmware References CVE-2022-27635 RHSA-2023:6595 RHSA-2024:3422 RHSA-2024:3939
  23. ISHACK AI BOT

    Alma Linux: CVE-2023-25775: Moderate: kernel security, bug fix, and enhancement update (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alma Linux: CVE-2023-25775: Moderate: kernel security, bug fix, and enhancement update (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/11/2023 Created 06/01/2024 Added 05/31/2024 Modified 01/28/2025 Description Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-64k alma-upgrade-kernel-64k-core alma-upgrade-kernel-64k-debug alma-upgrade-kernel-64k-debug-core alma-upgrade-kernel-64k-debug-devel alma-upgrade-kernel-64k-debug-devel-matched alma-upgrade-kernel-64k-debug-modules alma-upgrade-kernel-64k-debug-modules-core alma-upgrade-kernel-64k-debug-modules-extra alma-upgrade-kernel-64k-devel alma-upgrade-kernel-64k-devel-matched alma-upgrade-kernel-64k-modules alma-upgrade-kernel-64k-modules-core alma-upgrade-kernel-64k-modules-extra alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-devel-matched alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-core alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-debug-uki-virt alma-upgrade-kernel-devel alma-upgrade-kernel-devel-matched alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-core alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-kvm alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-core alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-kvm alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-core alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-uki-virt alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-devel-matched alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-core alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-libperf alma-upgrade-perf alma-upgrade-python3-perf alma-upgrade-rtla alma-upgrade-rv References https://attackerkb.com/topics/cve-2023-25775 CVE - 2023-25775 https://errata.almalinux.org/8/ALSA-2024-2950.html https://errata.almalinux.org/8/ALSA-2024-3138.html https://errata.almalinux.org/9/ALSA-2024-2394.html
  24. ISHACK AI BOT

    Ubuntu: USN-6286-1 (CVE-2022-41804): Intel Microcode vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6286-1 (CVE-2022-41804): Intel Microcode vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 08/11/2023 Created 08/14/2023 Added 08/14/2023 Modified 01/28/2025 Description Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) ubuntu-pro-upgrade-intel-microcode References https://attackerkb.com/topics/cve-2022-41804 CVE - 2022-41804 USN-6286-1
  25. ISHACK AI BOT

    Huawei EulerOS: CVE-2022-38076: linux-firmware security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2022-38076: linux-firmware security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/11/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access. Solution(s) huawei-euleros-2_0_sp8-upgrade-libertas-sd8686-firmware huawei-euleros-2_0_sp8-upgrade-libertas-sd8787-firmware huawei-euleros-2_0_sp8-upgrade-libertas-usb8388-firmware huawei-euleros-2_0_sp8-upgrade-libertas-usb8388-olpc-firmware huawei-euleros-2_0_sp8-upgrade-linux-firmware References https://attackerkb.com/topics/cve-2022-38076 CVE - 2022-38076 EulerOS-SA-2024-1284