ISHACK AI BOT

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38231) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38231 CVE - 2023-38231 https://helpx.adobe.com/security/products/reader/apsb23-30.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-29320) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-29320 CVE - 2023-29320 https://helpx.adobe.com/security/products/reader/apsb23-30.html

Microsoft Exchange: CVE-2023-32031: Microsoft Exchange Server Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 08/10/2023 Created 10/04/2023 Added 08/10/2023 Modified 01/28/2025 Description Microsoft Exchange: CVE-2023-32031: Microsoft Exchange Server Remote Code Execution Vulnerability Solution(s) microsoft-exchange-exchange_server_2016_CU23-kb5025903 microsoft-exchange-exchange_server_2019_CU12-kb5026261 microsoft-exchange-exchange_server_2019_CU13-kb5026261 References https://attackerkb.com/topics/cve-2023-32031 CVE - 2023-32031 https://support.microsoft.com/help/5025903 https://support.microsoft.com/help/5026261

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38232) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38232 CVE - 2023-38232 https://helpx.adobe.com/security/products/reader/apsb23-30.html

Microsoft Exchange: CVE-2023-21709: Microsoft Exchange Server Elevation of Privilege Vulnerability Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/10/2023 Created 10/04/2023 Added 08/10/2023 Modified 01/28/2025 Description Microsoft Exchange: CVE-2023-21709: Microsoft Exchange Server Elevation of Privilege Vulnerability Solution(s) microsoft-exchange-exchange_server_2016_CU23-kb5030524 microsoft-exchange-exchange_server_2019_CU12-kb5030524 microsoft-exchange-exchange_server_2019_CU13-kb5030524 References https://attackerkb.com/topics/cve-2023-21709 CVE - 2023-21709 https://support.microsoft.com/help/5029388 https://support.microsoft.com/help/5030524

Microsoft Exchange: CVE-2023-21710: Microsoft Exchange Server Remote Code Execution Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 08/10/2023 Created 10/04/2023 Added 08/10/2023 Modified 01/28/2025 Description Microsoft Exchange: CVE-2023-21710: Microsoft Exchange Server Remote Code Execution Vulnerability Solution(s) microsoft-exchange-exchange_server_2016_CU23-kb5023038 microsoft-exchange-exchange_server_2019_CU11-kb5023038 microsoft-exchange-exchange_server_2019_CU12-kb5023038 References https://attackerkb.com/topics/cve-2023-21710 CVE - 2023-21710 https://support.microsoft.com/help/5023038

Microsoft Exchange: CVE-2023-21745: Microsoft Exchange Server Spoofing Vulnerability Severity 8 CVSS (AV:A/AC:L/Au:S/C:C/I:C/A:C) Published 08/10/2023 Created 10/04/2023 Added 08/10/2023 Modified 01/28/2025 Description Microsoft Exchange: CVE-2023-21745: Microsoft Exchange Server Spoofing Vulnerability Solution(s) microsoft-exchange-exchange_server_2016_CU23-kb5022143 microsoft-exchange-exchange_server_2019_CU11-kb5022193 microsoft-exchange-exchange_server_2019_CU12-kb5022193 References https://attackerkb.com/topics/cve-2023-21745 CVE - 2023-21745 https://support.microsoft.com/help/5022143 https://support.microsoft.com/help/5022193

Ubuntu: (Multiple Advisories) (CVE-2023-4128): Linux kernel (OEM) vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/10/2023 Created 09/18/2023 Added 09/18/2023 Modified 01/28/2025 Description Deprecated Solution(s)

Alma Linux: CVE-2023-40225: Moderate: haproxy security update (ALSA-2024-1142) Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 08/10/2023 Created 03/09/2024 Added 03/08/2024 Modified 01/28/2025 Description HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request. Solution(s) alma-upgrade-haproxy References https://attackerkb.com/topics/cve-2023-40225 CVE - 2023-40225 https://errata.almalinux.org/9/ALSA-2024-1142.html

Alpine Linux: CVE-2023-40225: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 08/10/2023 Created 03/22/2024 Added 03/21/2024 Modified 03/22/2024 Description HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request. Solution(s) alpine-linux-upgrade-haproxy References https://attackerkb.com/topics/cve-2023-40225 CVE - 2023-40225 https://security.alpinelinux.org/vuln/CVE-2023-40225

Amazon Linux 2023: CVE-2023-39418: Medium priority package update for postgresql15 Severity 2 CVSS (AV:N/AC:H/Au:S/C:N/I:P/A:N) Published 08/10/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows. Solution(s) amazon-linux-2023-upgrade-postgresql15 amazon-linux-2023-upgrade-postgresql15-contrib amazon-linux-2023-upgrade-postgresql15-contrib-debuginfo amazon-linux-2023-upgrade-postgresql15-debuginfo amazon-linux-2023-upgrade-postgresql15-debugsource amazon-linux-2023-upgrade-postgresql15-docs amazon-linux-2023-upgrade-postgresql15-docs-debuginfo amazon-linux-2023-upgrade-postgresql15-llvmjit amazon-linux-2023-upgrade-postgresql15-llvmjit-debuginfo amazon-linux-2023-upgrade-postgresql15-plperl amazon-linux-2023-upgrade-postgresql15-plperl-debuginfo amazon-linux-2023-upgrade-postgresql15-plpython3 amazon-linux-2023-upgrade-postgresql15-plpython3-debuginfo amazon-linux-2023-upgrade-postgresql15-pltcl amazon-linux-2023-upgrade-postgresql15-pltcl-debuginfo amazon-linux-2023-upgrade-postgresql15-private-devel amazon-linux-2023-upgrade-postgresql15-private-libs amazon-linux-2023-upgrade-postgresql15-private-libs-debuginfo amazon-linux-2023-upgrade-postgresql15-server amazon-linux-2023-upgrade-postgresql15-server-debuginfo amazon-linux-2023-upgrade-postgresql15-server-devel amazon-linux-2023-upgrade-postgresql15-server-devel-debuginfo amazon-linux-2023-upgrade-postgresql15-static amazon-linux-2023-upgrade-postgresql15-test amazon-linux-2023-upgrade-postgresql15-test-debuginfo amazon-linux-2023-upgrade-postgresql15-test-rpm-macros amazon-linux-2023-upgrade-postgresql15-upgrade amazon-linux-2023-upgrade-postgresql15-upgrade-debuginfo amazon-linux-2023-upgrade-postgresql15-upgrade-devel amazon-linux-2023-upgrade-postgresql15-upgrade-devel-debuginfo References https://attackerkb.com/topics/cve-2023-39418 CVE - 2023-39418 https://alas.aws.amazon.com/AL2023/ALAS-2023-387.html

Microsoft Exchange: CVE-2023-21764: Microsoft Exchange Server Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/10/2023 Created 10/04/2023 Added 08/10/2023 Modified 01/28/2025 Description Microsoft Exchange: CVE-2023-21764: Microsoft Exchange Server Elevation of Privilege Vulnerability Solution(s) microsoft-exchange-exchange_server_2016_CU23-kb5022143 microsoft-exchange-exchange_server_2019_CU11-kb5022193 microsoft-exchange-exchange_server_2019_CU12-kb5022193 References https://attackerkb.com/topics/cve-2023-21764 CVE - 2023-21764 https://support.microsoft.com/help/5022143 https://support.microsoft.com/help/5022193

Microsoft Exchange: CVE-2023-35368: Microsoft Exchange Remote Code Execution Vulnerability Severity 8 CVSS (AV:A/AC:L/Au:N/C:C/I:C/A:C) Published 08/10/2023 Created 10/04/2023 Added 08/10/2023 Modified 01/28/2025 Description Microsoft Exchange: CVE-2023-35368: Microsoft Exchange Remote Code Execution Vulnerability Solution(s) microsoft-exchange-exchange_server_2016_CU23-kb5030524 microsoft-exchange-exchange_server_2019_CU12-kb5030524 microsoft-exchange-exchange_server_2019_CU13-kb5030524 References https://attackerkb.com/topics/cve-2023-35368 CVE - 2023-35368 https://support.microsoft.com/help/5029388 https://support.microsoft.com/help/5030524

Microsoft Exchange: CVE-2023-35388: Microsoft Exchange Server Remote Code Execution Vulnerability Severity 8 CVSS (AV:A/AC:L/Au:S/C:C/I:C/A:C) Published 08/10/2023 Created 10/04/2023 Added 08/10/2023 Modified 01/28/2025 Description Microsoft Exchange: CVE-2023-35388: Microsoft Exchange Server Remote Code Execution Vulnerability Solution(s) microsoft-exchange-exchange_server_2016_CU23-kb5030524 microsoft-exchange-exchange_server_2019_CU12-kb5030524 microsoft-exchange-exchange_server_2019_CU13-kb5030524 References https://attackerkb.com/topics/cve-2023-35388 CVE - 2023-35388 https://support.microsoft.com/help/5029388 https://support.microsoft.com/help/5030524

Microsoft Exchange: CVE-2023-28310: Microsoft Exchange Server Remote Code Execution Vulnerability Severity 8 CVSS (AV:A/AC:L/Au:S/C:C/I:C/A:C) Published 08/10/2023 Created 10/04/2023 Added 08/10/2023 Modified 01/28/2025 Description Microsoft Exchange: CVE-2023-28310: Microsoft Exchange Server Remote Code Execution Vulnerability Solution(s) microsoft-exchange-exchange_server_2016_CU23-kb5025903 microsoft-exchange-exchange_server_2019_CU12-kb5026261 microsoft-exchange-exchange_server_2019_CU13-kb5026261 References https://attackerkb.com/topics/cve-2023-28310 CVE - 2023-28310 https://support.microsoft.com/help/5025903 https://support.microsoft.com/help/5026261

Microsoft Exchange: CVE-2023-21706: Microsoft Exchange Server Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 08/10/2023 Created 10/04/2023 Added 08/10/2023 Modified 01/28/2025 Description Microsoft Exchange: CVE-2023-21706: Microsoft Exchange Server Remote Code Execution Vulnerability Solution(s) microsoft-exchange-exchange_server_2016_CU23-kb5023038 microsoft-exchange-exchange_server_2019_CU11-kb5023038 microsoft-exchange-exchange_server_2019_CU12-kb5023038 References https://attackerkb.com/topics/cve-2023-21706 CVE - 2023-21706 https://support.microsoft.com/help/5023038

Microsoft Exchange: CVE-2023-21529: Microsoft Exchange Server Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 08/10/2023 Created 10/04/2023 Added 08/10/2023 Modified 01/28/2025 Description Microsoft Exchange: CVE-2023-21529: Microsoft Exchange Server Remote Code Execution Vulnerability Solution(s) microsoft-exchange-exchange_server_2016_CU23-kb5023038 microsoft-exchange-exchange_server_2019_CU11-kb5023038 microsoft-exchange-exchange_server_2019_CU12-kb5023038 References https://attackerkb.com/topics/cve-2023-21529 CVE - 2023-21529 https://support.microsoft.com/help/5023038

Microsoft Exchange: CVE-2023-21707: Microsoft Exchange Server Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 08/10/2023 Created 10/04/2023 Added 08/10/2023 Modified 01/28/2025 Description Microsoft Exchange: CVE-2023-21707: Microsoft Exchange Server Remote Code Execution Vulnerability Solution(s) microsoft-exchange-exchange_server_2016_CU23-kb5024296 microsoft-exchange-exchange_server_2019_CU11-kb5024296 microsoft-exchange-exchange_server_2019_CU12-kb5024296 References https://attackerkb.com/topics/cve-2023-21707 CVE - 2023-21707 https://support.microsoft.com/help/5024296

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38227) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38227 CVE - 2023-38227 https://helpx.adobe.com/security/products/reader/apsb23-30.html

Amazon Linux 2023: CVE-2023-39417: Important priority package update for postgresql15 Severity 7 CVSS (AV:N/AC:H/Au:S/C:C/I:C/A:C) Published 08/10/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser. Solution(s) amazon-linux-2023-upgrade-postgresql15 amazon-linux-2023-upgrade-postgresql15-contrib amazon-linux-2023-upgrade-postgresql15-contrib-debuginfo amazon-linux-2023-upgrade-postgresql15-debuginfo amazon-linux-2023-upgrade-postgresql15-debugsource amazon-linux-2023-upgrade-postgresql15-docs amazon-linux-2023-upgrade-postgresql15-docs-debuginfo amazon-linux-2023-upgrade-postgresql15-llvmjit amazon-linux-2023-upgrade-postgresql15-llvmjit-debuginfo amazon-linux-2023-upgrade-postgresql15-plperl amazon-linux-2023-upgrade-postgresql15-plperl-debuginfo amazon-linux-2023-upgrade-postgresql15-plpython3 amazon-linux-2023-upgrade-postgresql15-plpython3-debuginfo amazon-linux-2023-upgrade-postgresql15-pltcl amazon-linux-2023-upgrade-postgresql15-pltcl-debuginfo amazon-linux-2023-upgrade-postgresql15-private-devel amazon-linux-2023-upgrade-postgresql15-private-libs amazon-linux-2023-upgrade-postgresql15-private-libs-debuginfo amazon-linux-2023-upgrade-postgresql15-server amazon-linux-2023-upgrade-postgresql15-server-debuginfo amazon-linux-2023-upgrade-postgresql15-server-devel amazon-linux-2023-upgrade-postgresql15-server-devel-debuginfo amazon-linux-2023-upgrade-postgresql15-static amazon-linux-2023-upgrade-postgresql15-test amazon-linux-2023-upgrade-postgresql15-test-debuginfo amazon-linux-2023-upgrade-postgresql15-test-rpm-macros amazon-linux-2023-upgrade-postgresql15-upgrade amazon-linux-2023-upgrade-postgresql15-upgrade-debuginfo amazon-linux-2023-upgrade-postgresql15-upgrade-devel amazon-linux-2023-upgrade-postgresql15-upgrade-devel-debuginfo References https://attackerkb.com/topics/cve-2023-39417 CVE - 2023-39417 https://alas.aws.amazon.com/AL2023/ALAS-2023-322.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38226) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38226 CVE - 2023-38226 https://helpx.adobe.com/security/products/reader/apsb23-30.html

CentOS Linux: CVE-2023-4128: Important: kpatch-patch security update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/10/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description Deprecated Solution(s)

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38228) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38228 CVE - 2023-38228 https://helpx.adobe.com/security/products/reader/apsb23-30.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38235) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38235 CVE - 2023-38235 https://helpx.adobe.com/security/products/reader/apsb23-30.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-29299) Severity 4 CVSS (AV:L/AC:H/Au:N/C:N/I:N/A:C) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-29299 CVE - 2023-29299 https://helpx.adobe.com/security/products/reader/apsb23-30.html