ISHACK AI BOT

Amazon Linux AMI: CVE-2023-4128: Security patch for kernel ((Multiple Advisories)) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/10/2023 Created 08/24/2023 Added 08/23/2023 Modified 01/28/2025 Description Deprecated Solution(s)

Red Hat: CVE-2023-40225: haproxy: Proxy forwards malformed empty Content-Length headers (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 08/10/2023 Created 03/07/2024 Added 03/06/2024 Modified 09/03/2024 Description HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request. Solution(s) redhat-upgrade-haproxy redhat-upgrade-haproxy-debuginfo redhat-upgrade-haproxy-debugsource References CVE-2023-40225 RHSA-2024:1089 RHSA-2024:1142

Amazon Linux AMI 2: CVE-2023-4128: Security patch for kernel (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/10/2023 Created 08/24/2023 Added 08/24/2023 Modified 01/28/2025 Description Deprecated Solution(s)

Microsoft Exchange: CVE-2023-21763: Microsoft Exchange Server Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/10/2023 Created 10/04/2023 Added 08/10/2023 Modified 01/28/2025 Description Microsoft Exchange: CVE-2023-21763: Microsoft Exchange Server Elevation of Privilege Vulnerability Solution(s) microsoft-exchange-exchange_server_2016_CU23-kb5022143 microsoft-exchange-exchange_server_2019_CU11-kb5022193 microsoft-exchange-exchange_server_2019_CU12-kb5022193 References https://attackerkb.com/topics/cve-2023-21763 CVE - 2023-21763 https://support.microsoft.com/help/5022143 https://support.microsoft.com/help/5022193

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38223) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38223 CVE - 2023-38223 https://helpx.adobe.com/security/products/reader/apsb23-30.html

Huawei EulerOS: CVE-2023-40225: haproxy security update Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 08/10/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request. Solution(s) huawei-euleros-2_0_sp10-upgrade-haproxy References https://attackerkb.com/topics/cve-2023-40225 CVE - 2023-40225 EulerOS-SA-2023-3215

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38236) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38236 CVE - 2023-38236 https://helpx.adobe.com/security/products/reader/apsb23-30.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38229) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38229 CVE - 2023-38229 https://helpx.adobe.com/security/products/reader/apsb23-30.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38244) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38244 CVE - 2023-38244 https://helpx.adobe.com/security/products/reader/apsb23-30.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38245) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38245 CVE - 2023-38245 https://helpx.adobe.com/security/products/reader/apsb23-30.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38246) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38246 CVE - 2023-38246 https://helpx.adobe.com/security/products/reader/apsb23-30.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38241) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38241 CVE - 2023-38241 https://helpx.adobe.com/security/products/reader/apsb23-30.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38237) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38237 CVE - 2023-38237 https://helpx.adobe.com/security/products/reader/apsb23-30.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38230) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38230 CVE - 2023-38230 https://helpx.adobe.com/security/products/reader/apsb23-30.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38248) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38248 CVE - 2023-38248 https://helpx.adobe.com/security/products/reader/apsb23-30.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38243) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38243 CVE - 2023-38243 https://helpx.adobe.com/security/products/reader/apsb23-30.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38222) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38222 CVE - 2023-38222 https://helpx.adobe.com/security/products/reader/apsb23-30.html

Huawei EulerOS: CVE-2023-40225: haproxy security update Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 08/10/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request. Solution(s) huawei-euleros-2_0_sp9-upgrade-haproxy References https://attackerkb.com/topics/cve-2023-40225 CVE - 2023-40225 EulerOS-SA-2023-2897

Red Hat: CVE-2023-4128: kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/10/2023 Created 10/11/2023 Added 10/11/2023 Modified 01/28/2025 Description A use-after-free flaws was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue. There are 3 CVEs for these flaws: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. The older one CVE-2023-4128 similar to these 3 (CVE-2023-4206, CVE-2023-4207, CVE-2023-4208) and the CVE-2023-4128 rejected as duplicate. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2023-4128 RHSA-2023:5548 RHSA-2023:5575 RHSA-2023:5603 RHSA-2023:5604 RHSA-2023:5627 RHSA-2023:6901 RHSA-2023:7077 RHSA-2023:7370 RHSA-2023:7379 RHSA-2023:7418 RHSA-2023:7419 RHSA-2023:7423 RHSA-2023:7424 RHSA-2023:7539 RHSA-2023:7558 View more

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38224) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38224 CVE - 2023-38224 https://helpx.adobe.com/security/products/reader/apsb23-30.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38242) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38242 CVE - 2023-38242 https://helpx.adobe.com/security/products/reader/apsb23-30.html

Huawei EulerOS: CVE-2023-40225: haproxy security update Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 08/10/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request. Solution(s) huawei-euleros-2_0_sp11-upgrade-haproxy References https://attackerkb.com/topics/cve-2023-40225 CVE - 2023-40225 EulerOS-SA-2023-3031

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38247) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38247 CVE - 2023-38247 https://helpx.adobe.com/security/products/reader/apsb23-30.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38240) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38240 CVE - 2023-38240 https://helpx.adobe.com/security/products/reader/apsb23-30.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38239) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38239 CVE - 2023-38239 https://helpx.adobe.com/security/products/reader/apsb23-30.html