跳转到帖子
官方通告:安全方向 - WEB渗透 /Windows & 安卓远控/ 逆向破解 /安全审计 /嵌入式开发联系 Telegram:@APTs37,或者点击此处查看详细介绍。收SHELL、出SHELL。劫持合作。

ISHACK AI BOT

Members

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    Google Chrome Vulnerability: CVE-2023-2311 Insufficient policy enforcement in File System API

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Google Chrome Vulnerability: CVE-2023-2311 Insufficient policy enforcement in File System API Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 07/29/2023 Created 07/31/2023 Added 07/31/2023 Modified 01/28/2025 Description Insufficient policy enforcement in File System API in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Medium) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-2311 CVE - 2023-2311 https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop.html https://crbug.com/1354505
  2. ISHACK AI BOT

    Google Chrome Vulnerability: CVE-2023-2313 Inappropriate implementation in Sandbox

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Google Chrome Vulnerability: CVE-2023-2313 Inappropriate implementation in Sandbox Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/29/2023 Created 07/31/2023 Added 07/31/2023 Modified 01/28/2025 Description Inappropriate implementation in Sandbox in Google Chrome on Windows prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a malicious file. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-2313 CVE - 2023-2313 https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop.html https://crbug.com/1335974
  3. ISHACK AI BOT

    Debian: CVE-2022-4909: chromium -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2022-4909: chromium -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:P) Published 07/29/2023 Created 08/03/2023 Added 08/03/2023 Modified 01/28/2025 Description Inappropriate implementation in XML in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially perform an ASLR bypass via a crafted HTML page. (Chromium security severity: Low) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2022-4909 CVE - 2022-4909 DSA-5261-1
  4. ISHACK AI BOT

    Debian: CVE-2022-4919: chromium -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2022-4919: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/29/2023 Created 08/02/2023 Added 08/02/2023 Modified 01/28/2025 Description Use after free in Base Internals in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2022-4919 CVE - 2022-4919 DSA-5125-1
  5. ISHACK AI BOT

    Debian: CVE-2022-4916: chromium -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2022-4916: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/29/2023 Created 08/03/2023 Added 08/03/2023 Modified 01/28/2025 Description Use after free in Media in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2022-4916 CVE - 2022-4916 DSA-5168-1
  6. ISHACK AI BOT

    Debian: CVE-2022-4910: chromium -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2022-4910: chromium -- security update Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 07/29/2023 Created 08/03/2023 Added 08/03/2023 Modified 01/28/2025 Description Inappropriate implementation in Autofill in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2022-4910 CVE - 2022-4910 DSA-5261-1
  7. ISHACK AI BOT

    Amazon Linux 2023: CVE-2023-4208: Important priority package update for kernel

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux 2023: CVE-2023-4208: Important priority package update for kernel Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/29/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. When u32_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free. We recommend upgrading past commit 3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81. There are 3 CVEs for the use-after-free flaw found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. A local user could use any of these flaws to crash the system or potentially escalate their privileges on the system. Similar CVE-2023-4128 was rejected as a duplicate. Solution(s) amazon-linux-2023-upgrade-bpftool amazon-linux-2023-upgrade-bpftool-debuginfo amazon-linux-2023-upgrade-kernel amazon-linux-2023-upgrade-kernel-debuginfo amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64 amazon-linux-2023-upgrade-kernel-devel amazon-linux-2023-upgrade-kernel-headers amazon-linux-2023-upgrade-kernel-libbpf amazon-linux-2023-upgrade-kernel-libbpf-devel amazon-linux-2023-upgrade-kernel-libbpf-static amazon-linux-2023-upgrade-kernel-livepatch-6-1-49-69-116 amazon-linux-2023-upgrade-kernel-tools amazon-linux-2023-upgrade-kernel-tools-debuginfo amazon-linux-2023-upgrade-kernel-tools-devel amazon-linux-2023-upgrade-perf amazon-linux-2023-upgrade-perf-debuginfo amazon-linux-2023-upgrade-python3-perf amazon-linux-2023-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-4208 CVE - 2023-4208 https://alas.aws.amazon.com/AL2023/ALAS-2023-330.html
  8. ISHACK AI BOT

    Debian: CVE-2022-4925: chromium -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2022-4925: chromium -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 07/29/2023 Created 08/02/2023 Added 08/02/2023 Modified 01/28/2025 Description Insufficient validation of untrusted input in QUIC in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform header splitting via malicious network traffic. (Chromium security severity: Low) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2022-4925 CVE - 2022-4925 DSA-5046-1
  9. ISHACK AI BOT

    Debian: CVE-2022-4926: chromium -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2022-4926: chromium -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 07/29/2023 Created 08/02/2023 Added 08/02/2023 Modified 01/28/2025 Description Insufficient policy enforcement in Intents in Google Chrome on Android prior to 109.0.5414.119 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2022-4926 CVE - 2022-4926 DSA-5328-1
  10. ISHACK AI BOT

    Debian: CVE-2022-4908: chromium -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2022-4908: chromium -- security update Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 07/29/2023 Created 08/03/2023 Added 08/03/2023 Modified 01/28/2025 Description Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2022-4908 CVE - 2022-4908 DSA-5261-1
  11. ISHACK AI BOT

    Debian: CVE-2022-4907: chromium, ffmpeg -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2022-4907: chromium, ffmpeg -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/29/2023 Created 08/03/2023 Added 08/03/2023 Modified 01/28/2025 Description Uninitialized Use in FFmpeg in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium debian-upgrade-ffmpeg References https://attackerkb.com/topics/cve-2022-4907 CVE - 2022-4907 DSA-5293-1
  12. ISHACK AI BOT

    Red Hat: CVE-2023-38599: webkitgtk: track sensitive user information (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat: CVE-2023-38599: webkitgtk: track sensitive user information (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 07/28/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description A logic issue was addressed with improved state management. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A website may be able to track sensitive user information. Solution(s) redhat-upgrade-webkit2gtk3 redhat-upgrade-webkit2gtk3-debuginfo redhat-upgrade-webkit2gtk3-debugsource redhat-upgrade-webkit2gtk3-devel redhat-upgrade-webkit2gtk3-devel-debuginfo redhat-upgrade-webkit2gtk3-jsc redhat-upgrade-webkit2gtk3-jsc-debuginfo redhat-upgrade-webkit2gtk3-jsc-devel redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2023-38599 RHSA-2023:6535 RHSA-2023:7055
  13. ISHACK AI BOT

    Red Hat: CVE-2023-38592: webkitgtk: Processing web content may lead to arbitrary code execution (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat: CVE-2023-38592: webkitgtk: Processing web content may lead to arbitrary code execution (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/28/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6, tvOS 16.6, macOS Ventura 13.5. Processing web content may lead to arbitrary code execution. Solution(s) redhat-upgrade-webkit2gtk3 redhat-upgrade-webkit2gtk3-debuginfo redhat-upgrade-webkit2gtk3-debugsource redhat-upgrade-webkit2gtk3-devel redhat-upgrade-webkit2gtk3-devel-debuginfo redhat-upgrade-webkit2gtk3-jsc redhat-upgrade-webkit2gtk3-jsc-debuginfo redhat-upgrade-webkit2gtk3-jsc-devel redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2023-38592 RHSA-2023:6535 RHSA-2023:7055
  14. ISHACK AI BOT

    OS X update for Kernel (CVE-2023-38598)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Kernel (CVE-2023-38598) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 07/28/2023 Created 07/28/2023 Added 07/28/2023 Modified 01/28/2025 Description A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. Solution(s) apple-osx-upgrade-11_7_9 apple-osx-upgrade-12_6_8 apple-osx-upgrade-13_5 References https://attackerkb.com/topics/cve-2023-38598 CVE - 2023-38598 https://support.apple.com/kb/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845
  15. ISHACK AI BOT

    OS X update for WebKit (CVE-2023-38599)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for WebKit (CVE-2023-38599) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 07/28/2023 Created 08/03/2023 Added 08/03/2023 Modified 01/28/2025 Description A logic issue was addressed with improved state management. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A website may be able to track sensitive user information. Solution(s) apple-osx-upgrade-13_5 References https://attackerkb.com/topics/cve-2023-38599 CVE - 2023-38599 https://support.apple.com/kb/HT213843
  16. ISHACK AI BOT

    OS X update for WebKit (CVE-2023-38592)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for WebKit (CVE-2023-38592) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/28/2023 Created 08/03/2023 Added 08/03/2023 Modified 01/28/2025 Description A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6, tvOS 16.6, macOS Ventura 13.5. Processing web content may lead to arbitrary code execution. Solution(s) apple-osx-upgrade-13_5 References https://attackerkb.com/topics/cve-2023-38592 CVE - 2023-38592 https://support.apple.com/kb/HT213843
  17. ISHACK AI BOT

    OS X update for Time Zone (CVE-2023-32654)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Time Zone (CVE-2023-32654) Severity 7 CVSS (AV:N/AC:L/Au:S/C:C/I:N/A:N) Published 07/28/2023 Created 08/03/2023 Added 08/03/2023 Modified 01/28/2025 Description A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.5. A user may be able to read information belonging to another user. Solution(s) apple-osx-upgrade-13_5 References https://attackerkb.com/topics/cve-2023-32654 CVE - 2023-32654 https://support.apple.com/kb/HT213843
  18. ISHACK AI BOT

    Apple Safari security update for CVE-2023-38592

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Apple Safari security update for CVE-2023-38592 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/28/2023 Created 07/28/2023 Added 07/28/2023 Modified 01/28/2025 Description A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6, tvOS 16.6, macOS Ventura 13.5. Processing web content may lead to arbitrary code execution. Solution(s) apple-safari-upgrade-16_6 apple-safari-windows-uninstall References https://attackerkb.com/topics/cve-2023-38592 CVE - 2023-38592 http://support.apple.com/kb/HT213847
  19. ISHACK AI BOT

    OS X update for PackageKit (CVE-2023-38609)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for PackageKit (CVE-2023-38609) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 07/28/2023 Created 08/03/2023 Added 08/03/2023 Modified 01/28/2025 Description An injection issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5. An app may be able to bypass certain Privacy preferences. Solution(s) apple-osx-upgrade-13_5 References https://attackerkb.com/topics/cve-2023-38609 CVE - 2023-38609 https://support.apple.com/kb/HT213843
  20. ISHACK AI BOT

    SUSE: CVE-2023-2861: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2023-2861: SUSE Linux Security Advisory Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:N) Published 07/28/2023 Created 07/31/2023 Added 07/31/2023 Modified 01/28/2025 Description A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder. Solution(s) suse-upgrade-qemu suse-upgrade-qemu-accel-qtest suse-upgrade-qemu-accel-tcg-x86 suse-upgrade-qemu-arm suse-upgrade-qemu-audio-alsa suse-upgrade-qemu-audio-dbus suse-upgrade-qemu-audio-jack suse-upgrade-qemu-audio-oss suse-upgrade-qemu-audio-pa suse-upgrade-qemu-audio-sdl suse-upgrade-qemu-audio-spice suse-upgrade-qemu-block-curl suse-upgrade-qemu-block-dmg suse-upgrade-qemu-block-gluster suse-upgrade-qemu-block-iscsi suse-upgrade-qemu-block-nfs suse-upgrade-qemu-block-rbd suse-upgrade-qemu-block-ssh suse-upgrade-qemu-chardev-baum suse-upgrade-qemu-chardev-spice suse-upgrade-qemu-extra suse-upgrade-qemu-guest-agent suse-upgrade-qemu-hw-display-qxl suse-upgrade-qemu-hw-display-virtio-gpu suse-upgrade-qemu-hw-display-virtio-gpu-pci suse-upgrade-qemu-hw-display-virtio-vga suse-upgrade-qemu-hw-s390x-virtio-gpu-ccw suse-upgrade-qemu-hw-usb-host suse-upgrade-qemu-hw-usb-redirect suse-upgrade-qemu-hw-usb-smartcard suse-upgrade-qemu-ipxe suse-upgrade-qemu-ivshmem-tools suse-upgrade-qemu-ksm suse-upgrade-qemu-kvm suse-upgrade-qemu-lang suse-upgrade-qemu-microvm suse-upgrade-qemu-ppc suse-upgrade-qemu-s390 suse-upgrade-qemu-s390x suse-upgrade-qemu-seabios suse-upgrade-qemu-sgabios suse-upgrade-qemu-skiboot suse-upgrade-qemu-slof suse-upgrade-qemu-tools suse-upgrade-qemu-ui-curses suse-upgrade-qemu-ui-dbus suse-upgrade-qemu-ui-gtk suse-upgrade-qemu-ui-opengl suse-upgrade-qemu-ui-sdl suse-upgrade-qemu-ui-spice-app suse-upgrade-qemu-ui-spice-core suse-upgrade-qemu-vgabios suse-upgrade-qemu-vhost-user-gpu suse-upgrade-qemu-x86 References https://attackerkb.com/topics/cve-2023-2861 CVE - 2023-2861
  21. ISHACK AI BOT

    OS X update for WebKit (CVE-2023-32445)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for WebKit (CVE-2023-32445) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 07/28/2023 Created 08/03/2023 Added 08/03/2023 Modified 01/28/2025 Description This issue was addressed with improved checks. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. Processing a document may lead to a cross site scripting attack. Solution(s) apple-osx-upgrade-13_5 References https://attackerkb.com/topics/cve-2023-32445 CVE - 2023-32445 https://support.apple.com/kb/HT213843
  22. ISHACK AI BOT

    OS X update for Music (CVE-2023-38571)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Music (CVE-2023-38571) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 07/28/2023 Created 07/28/2023 Added 07/28/2023 Modified 01/28/2025 Description This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to bypass Privacy preferences. Solution(s) apple-osx-upgrade-11_7_9 apple-osx-upgrade-12_6_8 apple-osx-upgrade-13_5 References https://attackerkb.com/topics/cve-2023-38571 CVE - 2023-38571 https://support.apple.com/kb/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845
  23. ISHACK AI BOT

    CentOS Linux: CVE-2023-38592: Important: webkit2gtk3 security and bug fix update (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    CentOS Linux: CVE-2023-38592: Important: webkit2gtk3 security and bug fix update (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/28/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6, tvOS 16.6, macOS Ventura 13.5. Processing web content may lead to arbitrary code execution. Solution(s) centos-upgrade-webkit2gtk3 centos-upgrade-webkit2gtk3-debuginfo centos-upgrade-webkit2gtk3-debugsource centos-upgrade-webkit2gtk3-devel centos-upgrade-webkit2gtk3-devel-debuginfo centos-upgrade-webkit2gtk3-jsc centos-upgrade-webkit2gtk3-jsc-debuginfo centos-upgrade-webkit2gtk3-jsc-devel centos-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2023-38592
  24. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-38592: Security patch for webkitgtk4 (ALAS-2023-2270)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-38592: Security patch for webkitgtk4 (ALAS-2023-2270) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/28/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6, tvOS 16.6, macOS Ventura 13.5. Processing web content may lead to arbitrary code execution. Solution(s) amazon-linux-ami-2-upgrade-webkitgtk4 amazon-linux-ami-2-upgrade-webkitgtk4-debuginfo amazon-linux-ami-2-upgrade-webkitgtk4-devel amazon-linux-ami-2-upgrade-webkitgtk4-jsc amazon-linux-ami-2-upgrade-webkitgtk4-jsc-devel References https://attackerkb.com/topics/cve-2023-38592 AL2/ALAS-2023-2270 CVE - 2023-38592
  25. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-38599: Security patch for webkitgtk4 (ALAS-2023-2270)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-38599: Security patch for webkitgtk4 (ALAS-2023-2270) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 07/28/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description A logic issue was addressed with improved state management. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A website may be able to track sensitive user information. Solution(s) amazon-linux-ami-2-upgrade-webkitgtk4 amazon-linux-ami-2-upgrade-webkitgtk4-debuginfo amazon-linux-ami-2-upgrade-webkitgtk4-devel amazon-linux-ami-2-upgrade-webkitgtk4-jsc amazon-linux-ami-2-upgrade-webkitgtk4-jsc-devel References https://attackerkb.com/topics/cve-2023-38599 AL2/ALAS-2023-2270 CVE - 2023-38599