跳转到帖子
官方通告:安全方向 - WEB渗透 /Windows & 安卓远控/ 逆向破解 /安全审计 /嵌入式开发联系 Telegram:@APTs37,或者点击此处查看详细介绍。收SHELL、出SHELL。劫持合作。

ISHACK AI BOT

Members

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    Gentoo Linux: CVE-2023-37212: Mozilla Firefox: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-37212: Mozilla Firefox: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/05/2023 Created 01/09/2024 Added 01/08/2024 Modified 01/28/2025 Description Memory safety bugs present in Firefox 114. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115. Solution(s) gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2023-37212 CVE - 2023-37212 202401-10
  2. ISHACK AI BOT

    Gentoo Linux: CVE-2023-37209: Mozilla Firefox: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-37209: Mozilla Firefox: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/05/2023 Created 01/09/2024 Added 01/08/2024 Modified 01/28/2025 Description A use-after-free condition existed in `NotifyOnHistoryReload` where a `LoadingSessionHistoryEntry` object was freed and a reference to that object remained.This resulted in a potentially exploitable condition when the reference to that object was later reused. This vulnerability affects Firefox < 115. Solution(s) gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2023-37209 CVE - 2023-37209 202401-10
  3. ISHACK AI BOT

    Gentoo Linux: CVE-2023-3482: Mozilla Firefox: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-3482: Mozilla Firefox: Multiple Vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 07/05/2023 Created 01/09/2024 Added 01/08/2024 Modified 01/30/2025 Description When Firefox is configured to block storage of all cookies, it was still possible to store data in localstorage by using an iframe with a source of 'about:blank'. This could have led to malicious websites storing tracking data without permission. This vulnerability affects Firefox < 115. Solution(s) gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2023-3482 CVE - 2023-3482 202401-10
  4. ISHACK AI BOT

    Gentoo Linux: CVE-2023-37201: Mozilla Thunderbird: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-37201: Mozilla Thunderbird: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/05/2023 Created 02/22/2024 Added 02/21/2024 Modified 01/28/2025 Description An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. Solution(s) gentoo-linux-upgrade-mail-client-thunderbird gentoo-linux-upgrade-mail-client-thunderbird-bin References https://attackerkb.com/topics/cve-2023-37201 CVE - 2023-37201 202402-25
  5. ISHACK AI BOT

    Gentoo Linux: CVE-2023-37207: Mozilla Thunderbird: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-37207: Mozilla Thunderbird: Multiple Vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 07/05/2023 Created 02/22/2024 Added 02/21/2024 Modified 01/28/2025 Description A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. Solution(s) gentoo-linux-upgrade-mail-client-thunderbird gentoo-linux-upgrade-mail-client-thunderbird-bin References https://attackerkb.com/topics/cve-2023-37207 CVE - 2023-37207 202402-25
  6. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2023-35001): Linux kernel vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2023-35001): Linux kernel vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/05/2023 Created 07/26/2023 Added 07/26/2023 Modified 01/28/2025 Description Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace Solution(s) ubuntu-upgrade-linux-image-3-13-0-194-generic ubuntu-upgrade-linux-image-3-13-0-194-lowlatency ubuntu-upgrade-linux-image-4-15-0-1068-dell300x ubuntu-upgrade-linux-image-4-15-0-1122-oracle ubuntu-upgrade-linux-image-4-15-0-1143-kvm ubuntu-upgrade-linux-image-4-15-0-1153-gcp ubuntu-upgrade-linux-image-4-15-0-1153-snapdragon ubuntu-upgrade-linux-image-4-15-0-1159-aws ubuntu-upgrade-linux-image-4-15-0-1168-azure ubuntu-upgrade-linux-image-4-15-0-214-generic ubuntu-upgrade-linux-image-4-15-0-214-generic-lpae ubuntu-upgrade-linux-image-4-15-0-214-lowlatency ubuntu-upgrade-linux-image-4-4-0-1121-aws ubuntu-upgrade-linux-image-4-4-0-1122-kvm ubuntu-upgrade-linux-image-4-4-0-1159-aws ubuntu-upgrade-linux-image-4-4-0-243-generic ubuntu-upgrade-linux-image-4-4-0-243-lowlatency ubuntu-upgrade-linux-image-5-15-0-1024-gkeop ubuntu-upgrade-linux-image-5-15-0-1029-nvidia ubuntu-upgrade-linux-image-5-15-0-1029-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1034-ibm ubuntu-upgrade-linux-image-5-15-0-1034-raspi ubuntu-upgrade-linux-image-5-15-0-1034-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1036-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1038-gcp ubuntu-upgrade-linux-image-5-15-0-1038-gke ubuntu-upgrade-linux-image-5-15-0-1038-kvm ubuntu-upgrade-linux-image-5-15-0-1039-oracle ubuntu-upgrade-linux-image-5-15-0-1040-aws ubuntu-upgrade-linux-image-5-15-0-1042-azure ubuntu-upgrade-linux-image-5-15-0-1042-azure-fde ubuntu-upgrade-linux-image-5-15-0-78-generic ubuntu-upgrade-linux-image-5-15-0-78-generic-64k ubuntu-upgrade-linux-image-5-15-0-78-generic-lpae ubuntu-upgrade-linux-image-5-15-0-78-lowlatency ubuntu-upgrade-linux-image-5-15-0-78-lowlatency-64k ubuntu-upgrade-linux-image-5-17-0-1035-oem ubuntu-upgrade-linux-image-5-19-0-1029-aws ubuntu-upgrade-linux-image-5-19-0-1030-gcp ubuntu-upgrade-linux-image-5-19-0-50-generic ubuntu-upgrade-linux-image-5-19-0-50-generic-64k ubuntu-upgrade-linux-image-5-19-0-50-generic-lpae ubuntu-upgrade-linux-image-5-4-0-1018-iot ubuntu-upgrade-linux-image-5-4-0-1026-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1053-ibm ubuntu-upgrade-linux-image-5-4-0-1073-gkeop ubuntu-upgrade-linux-image-5-4-0-1090-raspi ubuntu-upgrade-linux-image-5-4-0-1095-kvm ubuntu-upgrade-linux-image-5-4-0-1104-gke ubuntu-upgrade-linux-image-5-4-0-1105-oracle ubuntu-upgrade-linux-image-5-4-0-1106-aws ubuntu-upgrade-linux-image-5-4-0-1109-gcp ubuntu-upgrade-linux-image-5-4-0-1112-azure ubuntu-upgrade-linux-image-5-4-0-155-generic ubuntu-upgrade-linux-image-5-4-0-155-generic-lpae ubuntu-upgrade-linux-image-5-4-0-155-lowlatency ubuntu-upgrade-linux-image-6-0-0-1020-oem ubuntu-upgrade-linux-image-6-1-0-1019-oem ubuntu-upgrade-linux-image-6-2-0-1006-ibm ubuntu-upgrade-linux-image-6-2-0-1008-aws ubuntu-upgrade-linux-image-6-2-0-1008-azure ubuntu-upgrade-linux-image-6-2-0-1008-oracle ubuntu-upgrade-linux-image-6-2-0-1009-kvm ubuntu-upgrade-linux-image-6-2-0-1009-lowlatency ubuntu-upgrade-linux-image-6-2-0-1009-lowlatency-64k ubuntu-upgrade-linux-image-6-2-0-1009-raspi ubuntu-upgrade-linux-image-6-2-0-1010-gcp ubuntu-upgrade-linux-image-6-2-0-26-generic ubuntu-upgrade-linux-image-6-2-0-26-generic-64k ubuntu-upgrade-linux-image-6-2-0-26-generic-lpae ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-dell300x ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-18-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-generic-lts-trusty ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gke-5-4 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-server ubuntu-upgrade-linux-image-snapdragon ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-lts-xenial ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-35001 CVE - 2023-35001 USN-6246-1 USN-6247-1 USN-6248-1 USN-6250-1 USN-6251-1 USN-6252-1 USN-6254-1 USN-6255-1 USN-6260-1 USN-6261-1 USN-6285-1 USN-6460-1 View more
  7. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2023-37201): Firefox vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2023-37201): Firefox vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/05/2023 Created 07/06/2023 Added 07/06/2023 Modified 01/28/2025 Description An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. Solution(s) ubuntu-upgrade-firefox ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-37201 CVE - 2023-37201 USN-6201-1 USN-6214-1
  8. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2023-37207): Firefox vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2023-37207): Firefox vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 07/05/2023 Created 07/06/2023 Added 07/06/2023 Modified 01/28/2025 Description A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. Solution(s) ubuntu-upgrade-firefox ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-37207 CVE - 2023-37207 USN-6201-1 USN-6214-1
  9. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2023-31248): Linux kernel vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2023-31248): Linux kernel vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/05/2023 Created 07/26/2023 Added 07/26/2023 Modified 01/28/2025 Description Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace Solution(s) ubuntu-upgrade-linux-image-5-15-0-1024-gkeop ubuntu-upgrade-linux-image-5-15-0-1029-nvidia ubuntu-upgrade-linux-image-5-15-0-1029-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1034-ibm ubuntu-upgrade-linux-image-5-15-0-1034-raspi ubuntu-upgrade-linux-image-5-15-0-1034-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1036-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1038-gcp ubuntu-upgrade-linux-image-5-15-0-1038-gke ubuntu-upgrade-linux-image-5-15-0-1038-kvm ubuntu-upgrade-linux-image-5-15-0-1039-oracle ubuntu-upgrade-linux-image-5-15-0-1040-aws ubuntu-upgrade-linux-image-5-15-0-1042-azure ubuntu-upgrade-linux-image-5-15-0-1042-azure-fde ubuntu-upgrade-linux-image-5-15-0-78-generic ubuntu-upgrade-linux-image-5-15-0-78-generic-64k ubuntu-upgrade-linux-image-5-15-0-78-generic-lpae ubuntu-upgrade-linux-image-5-15-0-78-lowlatency ubuntu-upgrade-linux-image-5-15-0-78-lowlatency-64k ubuntu-upgrade-linux-image-5-17-0-1035-oem ubuntu-upgrade-linux-image-5-19-0-1029-aws ubuntu-upgrade-linux-image-5-19-0-1030-gcp ubuntu-upgrade-linux-image-5-19-0-50-generic ubuntu-upgrade-linux-image-5-19-0-50-generic-64k ubuntu-upgrade-linux-image-5-19-0-50-generic-lpae ubuntu-upgrade-linux-image-6-0-0-1020-oem ubuntu-upgrade-linux-image-6-1-0-1019-oem ubuntu-upgrade-linux-image-6-2-0-1006-ibm ubuntu-upgrade-linux-image-6-2-0-1008-aws ubuntu-upgrade-linux-image-6-2-0-1008-azure ubuntu-upgrade-linux-image-6-2-0-1008-oracle ubuntu-upgrade-linux-image-6-2-0-1009-kvm ubuntu-upgrade-linux-image-6-2-0-1009-lowlatency ubuntu-upgrade-linux-image-6-2-0-1009-lowlatency-64k ubuntu-upgrade-linux-image-6-2-0-1009-raspi ubuntu-upgrade-linux-image-6-2-0-1010-gcp ubuntu-upgrade-linux-image-6-2-0-26-generic ubuntu-upgrade-linux-image-6-2-0-26-generic-64k ubuntu-upgrade-linux-image-6-2-0-26-generic-lpae ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 References https://attackerkb.com/topics/cve-2023-31248 CVE - 2023-31248 USN-6246-1 USN-6247-1 USN-6248-1 USN-6250-1 USN-6255-1 USN-6260-1 USN-6285-1 View more
  10. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2023-37211): Firefox vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2023-37211): Firefox vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/05/2023 Created 07/06/2023 Added 07/06/2023 Modified 01/28/2025 Description Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. Solution(s) ubuntu-upgrade-firefox ubuntu-upgrade-libmozjs-102-0 ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-37211 CVE - 2023-37211 USN-6201-1 USN-6214-1 USN-6227-1
  11. ISHACK AI BOT

    Ubuntu: USN-6201-1 (CVE-2023-3482): Firefox vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6201-1 (CVE-2023-3482): Firefox vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 07/05/2023 Created 07/06/2023 Added 07/06/2023 Modified 01/30/2025 Description When Firefox is configured to block storage of all cookies, it was still possible to store data in localstorage by using an iframe with a source of 'about:blank'. This could have led to malicious websites storing tracking data without permission. This vulnerability affects Firefox < 115. Solution(s) ubuntu-upgrade-firefox References https://attackerkb.com/topics/cve-2023-3482 CVE - 2023-3482 USN-6201-1
  12. ISHACK AI BOT

    Amazon Linux 2023: CVE-2023-35001: Important priority package update for kernel

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux 2023: CVE-2023-35001: Important priority package update for kernel Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/05/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace An out-of-bounds (OOB) memory access flaw was found in the Netfilter module in the Linux kernel&apos;s nft_byteorder_eval in net/netfilter/nft_byteorder.c. A bound check failure allows a local attacker with CAP_NET_ADMIN access to cause a local privilege escalation issue due to incorrect data alignment. Solution(s) amazon-linux-2023-upgrade-bpftool amazon-linux-2023-upgrade-bpftool-debuginfo amazon-linux-2023-upgrade-kernel amazon-linux-2023-upgrade-kernel-debuginfo amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64 amazon-linux-2023-upgrade-kernel-devel amazon-linux-2023-upgrade-kernel-headers amazon-linux-2023-upgrade-kernel-libbpf amazon-linux-2023-upgrade-kernel-libbpf-devel amazon-linux-2023-upgrade-kernel-libbpf-static amazon-linux-2023-upgrade-kernel-livepatch-6-1-38-59-109 amazon-linux-2023-upgrade-kernel-tools amazon-linux-2023-upgrade-kernel-tools-debuginfo amazon-linux-2023-upgrade-kernel-tools-devel amazon-linux-2023-upgrade-perf amazon-linux-2023-upgrade-perf-debuginfo amazon-linux-2023-upgrade-python3-perf amazon-linux-2023-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-35001 CVE - 2023-35001 https://alas.aws.amazon.com/AL2023/ALAS-2023-251.html
  13. ISHACK AI BOT

    Debian: CVE-2023-35001: linux -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-35001: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/05/2023 Created 07/25/2023 Added 07/24/2023 Modified 01/28/2025 Description Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-35001 CVE - 2023-35001 DSA-5453-1
  14. ISHACK AI BOT

    Alpine Linux: CVE-2023-37207: Unsafe Reflection

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2023-37207: Unsafe Reflection Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 07/05/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. Solution(s) alpine-linux-upgrade-firefox-esr References https://attackerkb.com/topics/cve-2023-37207 CVE - 2023-37207 https://security.alpinelinux.org/vuln/CVE-2023-37207
  15. ISHACK AI BOT

    Debian: CVE-2023-33201: bouncycastle -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-33201: bouncycastle -- security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 07/05/2023 Created 08/03/2023 Added 08/03/2023 Modified 01/30/2025 Description Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability. Solution(s) debian-upgrade-bouncycastle References https://attackerkb.com/topics/cve-2023-33201 CVE - 2023-33201 DLA-3514-1
  16. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-35001: Security patch for kernel (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-35001: Security patch for kernel (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/05/2023 Created 07/21/2023 Added 07/21/2023 Modified 01/28/2025 Description Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-320-242-534 amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-184-175-749 amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-120-74-144 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-35001 AL2/ALAS-2023-2130 AL2/ALASKERNEL-5.10-2023-037 AL2/ALASKERNEL-5.15-2023-024 AL2/ALASKERNEL-5.4-2023-049 CVE - 2023-35001
  17. ISHACK AI BOT

    Cisco NX-OS: CVE-2023-20185: Cisco ACI Multi-Site CloudSec Encryption Information Disclosure Vulnerability

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Cisco NX-OS: CVE-2023-20185: Cisco ACI Multi-Site CloudSec Encryption Information Disclosure Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:N) Published 07/05/2023 Created 04/18/2024 Added 04/04/2024 Modified 07/12/2024 Description A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, remote attacker to read or modify intersite encrypted traffic. This vulnerability is due to an issue with the implementation of the ciphers that are used by the CloudSec encryption feature on affected switches. An attacker with an on-path position between the ACI sites could exploit this vulnerability by intercepting intersite encrypted traffic and using cryptanalytic techniques to break the encryption. A successful exploit could allow the attacker to read or modify the traffic that is transmitted between the sites. Cisco has not released and will not release software updates that address this vulnerability. Solution(s) cisco-nx-update-latest References https://attackerkb.com/topics/cve-2023-20185 CVE - 2023-20185 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-cloudsec-enc-Vs5Wn2sX cisco-sa-aci-cloudsec-enc-Vs5Wn2sX
  18. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-37211: Security patch for firefox, thunderbird (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-37211: Security patch for firefox, thunderbird (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/05/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/28/2025 Description Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. Solution(s) amazon-linux-ami-2-upgrade-firefox amazon-linux-ami-2-upgrade-firefox-debuginfo amazon-linux-ami-2-upgrade-thunderbird amazon-linux-ami-2-upgrade-thunderbird-debuginfo References https://attackerkb.com/topics/cve-2023-37211 AL2/ALAS-2023-2156 AL2/ALASFIREFOX-2023-001 CVE - 2023-37211
  19. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-37209: Security patch for firefox (ALASFIREFOX-2023-017)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-37209: Security patch for firefox (ALASFIREFOX-2023-017) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/05/2023 Created 11/18/2023 Added 11/17/2023 Modified 01/28/2025 Description A use-after-free condition existed in `NotifyOnHistoryReload` where a `LoadingSessionHistoryEntry` object was freed and a reference to that object remained.This resulted in a potentially exploitable condition when the reference to that object was later reused. This vulnerability affects Firefox < 115. Solution(s) amazon-linux-ami-2-upgrade-firefox amazon-linux-ami-2-upgrade-firefox-debuginfo References https://attackerkb.com/topics/cve-2023-37209 AL2/ALASFIREFOX-2023-017 CVE - 2023-37209
  20. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-37207: Security patch for firefox, thunderbird (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-37207: Security patch for firefox, thunderbird (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 07/05/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/28/2025 Description A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. Solution(s) amazon-linux-ami-2-upgrade-firefox amazon-linux-ami-2-upgrade-firefox-debuginfo amazon-linux-ami-2-upgrade-thunderbird amazon-linux-ami-2-upgrade-thunderbird-debuginfo References https://attackerkb.com/topics/cve-2023-37207 AL2/ALAS-2023-2156 AL2/ALASFIREFOX-2023-001 CVE - 2023-37207
  21. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-37201: Security patch for firefox, thunderbird (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-37201: Security patch for firefox, thunderbird (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/05/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/28/2025 Description An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. Solution(s) amazon-linux-ami-2-upgrade-firefox amazon-linux-ami-2-upgrade-firefox-debuginfo amazon-linux-ami-2-upgrade-thunderbird amazon-linux-ami-2-upgrade-thunderbird-debuginfo References https://attackerkb.com/topics/cve-2023-37201 AL2/ALAS-2023-2156 AL2/ALASFIREFOX-2023-001 CVE - 2023-37201
  22. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-3482: Security patch for firefox (ALASFIREFOX-2023-017)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-3482: Security patch for firefox (ALASFIREFOX-2023-017) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 07/05/2023 Created 11/18/2023 Added 11/17/2023 Modified 01/30/2025 Description When Firefox is configured to block storage of all cookies, it was still possible to store data in localstorage by using an iframe with a source of 'about:blank'. This could have led to malicious websites storing tracking data without permission. This vulnerability affects Firefox < 115. Solution(s) amazon-linux-ami-2-upgrade-firefox amazon-linux-ami-2-upgrade-firefox-debuginfo References https://attackerkb.com/topics/cve-2023-3482 AL2/ALASFIREFOX-2023-017 CVE - 2023-3482
  23. ISHACK AI BOT

    Debian: CVE-2023-30207: kodi -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-30207: kodi -- security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 07/05/2023 Created 01/23/2024 Added 01/22/2024 Modified 01/28/2025 Description A divide by zero issue discovered in Kodi Home Theater Software 19.5 and earlier allows attackers to cause a denial of service via use of crafted mp3 file. Solution(s) debian-upgrade-kodi References https://attackerkb.com/topics/cve-2023-30207 CVE - 2023-30207 DLA-3712-1
  24. ISHACK AI BOT

    Oracle Linux: CVE-2023-31248: ELSA-2023-5069: kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle Linux: CVE-2023-31248: ELSA-2023-5069:kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/05/2023 Created 09/18/2023 Added 09/15/2023 Modified 11/30/2024 Description Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace A use-after-free flaw was found in the Linux kernel&apos;s Netfilter module in net/netfilter/nf_tables_api.c in nft_chain_lookup_byid. This flaw allows a local attacker to cause a local privilege escalation issue due to a missing cleanup. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2023-31248 CVE - 2023-31248 ELSA-2023-5069
  25. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-35001: kernel security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2023-35001: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/05/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace Solution(s) huawei-euleros-2_0_sp10-upgrade-kernel huawei-euleros-2_0_sp10-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp10-upgrade-kernel-tools huawei-euleros-2_0_sp10-upgrade-kernel-tools-libs References https://attackerkb.com/topics/cve-2023-35001 CVE - 2023-35001 EulerOS-SA-2023-2811