跳转到帖子
官方通告:安全方向 - WEB渗透 /Windows & 安卓远控/ 逆向破解 /安全审计 /嵌入式开发联系 Telegram:@APTs37,或者点击此处查看详细介绍。收SHELL、出SHELL。劫持合作。

ISHACK AI BOT

Members

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    Microsoft Edge Chromium: CVE-2023-21720

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Microsoft Edge Chromium: CVE-2023-21720 Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 05/16/2023 Created 05/18/2023 Added 05/16/2023 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Tampering Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-21720 CVE - 2023-21720 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21720
  2. ISHACK AI BOT

    Debian: CVE-2023-2724: chromium -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-2724: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 05/19/2023 Added 05/19/2023 Modified 01/28/2025 Description Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-2724 CVE - 2023-2724 DSA-5404-1
  3. ISHACK AI BOT

    Debian: CVE-2023-2722: chromium -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-2722: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 05/19/2023 Added 05/19/2023 Modified 01/28/2025 Description Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-2722 CVE - 2023-2722 DSA-5404-1
  4. ISHACK AI BOT

    Oracle Linux: CVE-2023-2603: ELSA-2023-5071: libcap security update (MODERATE) (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle Linux: CVE-2023-2603: ELSA-2023-5071:libcap security update (MODERATE) (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 05/16/2023 Created 08/10/2023 Added 08/09/2023 Modified 11/29/2024 Description A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB. Solution(s) oracle-linux-upgrade-libcap oracle-linux-upgrade-libcap-devel References https://attackerkb.com/topics/cve-2023-2603 CVE - 2023-2603 ELSA-2023-5071 ELSA-2023-4524
  5. ISHACK AI BOT

    FreeBSD: (Multiple Advisories) (CVE-2023-2721): electron22 -- multiple vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    FreeBSD: (Multiple Advisories) (CVE-2023-2721): electron22 -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 05/19/2023 Added 05/18/2023 Modified 01/28/2025 Description Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-electron22 freebsd-upgrade-package-electron23 freebsd-upgrade-package-ungoogled-chromium References CVE-2023-2721
  6. ISHACK AI BOT

    FreeBSD: (Multiple Advisories) (CVE-2023-2724): electron22 -- multiple vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    FreeBSD: (Multiple Advisories) (CVE-2023-2724): electron22 -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 05/19/2023 Added 05/18/2023 Modified 01/28/2025 Description Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-electron22 freebsd-upgrade-package-electron23 freebsd-upgrade-package-ungoogled-chromium References CVE-2023-2724
  7. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2023-0459): Linux kernel vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2023-0459): Linux kernel vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 05/16/2023 Created 05/17/2023 Added 05/17/2023 Modified 01/30/2025 Description Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commit 74e19ef0ff8061ef55957c3abd71614ef0f42f47 Solution(s) ubuntu-upgrade-linux-image-4-15-0-1119-oracle ubuntu-upgrade-linux-image-4-15-0-1132-raspi2 ubuntu-upgrade-linux-image-4-15-0-1140-kvm ubuntu-upgrade-linux-image-4-15-0-1150-gcp ubuntu-upgrade-linux-image-4-15-0-1150-snapdragon ubuntu-upgrade-linux-image-4-15-0-1156-aws ubuntu-upgrade-linux-image-4-15-0-1165-azure ubuntu-upgrade-linux-image-4-15-0-211-generic ubuntu-upgrade-linux-image-4-15-0-211-generic-lpae ubuntu-upgrade-linux-image-4-15-0-211-lowlatency ubuntu-upgrade-linux-image-5-15-0-1020-gkeop ubuntu-upgrade-linux-image-5-15-0-1029-raspi ubuntu-upgrade-linux-image-5-15-0-1029-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1030-ibm ubuntu-upgrade-linux-image-5-15-0-1030-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1033-gke ubuntu-upgrade-linux-image-5-15-0-1033-kvm ubuntu-upgrade-linux-image-5-15-0-1034-gcp ubuntu-upgrade-linux-image-5-15-0-1035-oracle ubuntu-upgrade-linux-image-5-15-0-1036-aws ubuntu-upgrade-linux-image-5-15-0-1038-azure ubuntu-upgrade-linux-image-5-15-0-1038-azure-fde ubuntu-upgrade-linux-image-5-15-0-72-generic ubuntu-upgrade-linux-image-5-15-0-72-generic-64k ubuntu-upgrade-linux-image-5-15-0-72-generic-lpae ubuntu-upgrade-linux-image-5-15-0-72-lowlatency ubuntu-upgrade-linux-image-5-15-0-72-lowlatency-64k ubuntu-upgrade-linux-image-5-17-0-1033-oem ubuntu-upgrade-linux-image-5-19-0-1018-raspi ubuntu-upgrade-linux-image-5-19-0-1018-raspi-nolpae ubuntu-upgrade-linux-image-5-19-0-1022-ibm ubuntu-upgrade-linux-image-5-19-0-1023-kvm ubuntu-upgrade-linux-image-5-19-0-1023-oracle ubuntu-upgrade-linux-image-5-19-0-1024-gcp ubuntu-upgrade-linux-image-5-19-0-1024-lowlatency ubuntu-upgrade-linux-image-5-19-0-1024-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1025-aws ubuntu-upgrade-linux-image-5-19-0-1026-azure ubuntu-upgrade-linux-image-5-19-0-42-generic ubuntu-upgrade-linux-image-5-19-0-42-generic-64k ubuntu-upgrade-linux-image-5-19-0-42-generic-lpae ubuntu-upgrade-linux-image-5-4-0-1017-iot ubuntu-upgrade-linux-image-5-4-0-1024-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1049-ibm ubuntu-upgrade-linux-image-5-4-0-1064-bluefield ubuntu-upgrade-linux-image-5-4-0-1069-gkeop ubuntu-upgrade-linux-image-5-4-0-1085-raspi ubuntu-upgrade-linux-image-5-4-0-1091-kvm ubuntu-upgrade-linux-image-5-4-0-1099-gke ubuntu-upgrade-linux-image-5-4-0-1101-oracle ubuntu-upgrade-linux-image-5-4-0-1102-aws ubuntu-upgrade-linux-image-5-4-0-1103-aws ubuntu-upgrade-linux-image-5-4-0-1105-gcp ubuntu-upgrade-linux-image-5-4-0-1108-azure ubuntu-upgrade-linux-image-5-4-0-149-generic ubuntu-upgrade-linux-image-5-4-0-149-generic-lpae ubuntu-upgrade-linux-image-5-4-0-149-lowlatency ubuntu-upgrade-linux-image-6-0-0-1019-oem ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-18-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gke-5-4 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-0459 CVE - 2023-0459 USN-6079-1 USN-6080-1 USN-6081-1 USN-6084-1 USN-6085-1 USN-6090-1 USN-6091-1 USN-6092-1 USN-6094-1 USN-6095-1 USN-6096-1 USN-6109-1 USN-6118-1 USN-6132-1 USN-6133-1 USN-6134-1 USN-6174-1 USN-6222-1 USN-6235-1 USN-6256-1 View more
  8. ISHACK AI BOT

    Oracle Linux: CVE-2023-2602: ELSA-2023-5071: libcap security update (MODERATE) (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle Linux: CVE-2023-2602: ELSA-2023-5071:libcap security update (MODERATE) (Multiple Advisories) Severity 2 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:P) Published 05/16/2023 Created 08/10/2023 Added 08/09/2023 Modified 11/29/2024 Description A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory. Solution(s) oracle-linux-upgrade-libcap oracle-linux-upgrade-libcap-devel References https://attackerkb.com/topics/cve-2023-2602 CVE - 2023-2602 ELSA-2023-5071 ELSA-2023-4524
  9. ISHACK AI BOT

    Red Hat OpenShift: CVE-2023-32977: jenkins-2-plugin: workflow-job: Stored XSS vulnerability in Pipeline: Job Plugin

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat OpenShift: CVE-2023-32977: jenkins-2-plugin: workflow-job: Stored XSS vulnerability in Pipeline: Job Plugin Severity 5 CVSS (AV:N/AC:M/Au:S/C:P/I:P/A:N) Published 05/16/2023 Created 06/27/2023 Added 06/26/2023 Modified 01/28/2025 Description Jenkins Pipeline: Job Plugin does not escape the display name of the build that caused an earlier build to be aborted, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to set build display names immediately. Solution(s) linuxrpm-upgrade-jenkins-2-plugins References https://attackerkb.com/topics/cve-2023-32977 CVE - 2023-32977 RHSA-2023:3610 RHSA-2023:3625 RHSA-2023:3663
  10. ISHACK AI BOT

    Gentoo Linux: CVE-2023-2721: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-2721: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 10/03/2023 Added 10/02/2023 Modified 01/28/2025 Description Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) Solution(s) gentoo-linux-upgrade-dev-qt-qtwebengine gentoo-linux-upgrade-www-client-chromium gentoo-linux-upgrade-www-client-chromium-bin gentoo-linux-upgrade-www-client-google-chrome gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-2721 CVE - 2023-2721 202309-17 202311-11
  11. ISHACK AI BOT

    Gentoo Linux: CVE-2023-2725: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-2725: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 10/03/2023 Added 10/02/2023 Modified 01/28/2025 Description Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) gentoo-linux-upgrade-dev-qt-qtwebengine gentoo-linux-upgrade-www-client-chromium gentoo-linux-upgrade-www-client-chromium-bin gentoo-linux-upgrade-www-client-google-chrome gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-2725 CVE - 2023-2725 202309-17 202311-11
  12. ISHACK AI BOT

    Debian: CVE-2023-2725: chromium -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-2725: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 05/19/2023 Added 05/19/2023 Modified 01/28/2025 Description Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-2725 CVE - 2023-2725 DSA-5404-1
  13. ISHACK AI BOT

    Gentoo Linux: CVE-2023-2726: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-2726: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 10/03/2023 Added 10/02/2023 Modified 01/28/2025 Description Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium) Solution(s) gentoo-linux-upgrade-dev-qt-qtwebengine gentoo-linux-upgrade-www-client-chromium gentoo-linux-upgrade-www-client-chromium-bin gentoo-linux-upgrade-www-client-google-chrome gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-2726 CVE - 2023-2726 202309-17 202311-11
  14. ISHACK AI BOT

    Microsoft Edge Chromium: CVE-2023-2723 Use after free in DevTools

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Microsoft Edge Chromium: CVE-2023-2723 Use after free in DevTools Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 05/19/2023 Added 05/19/2023 Modified 01/28/2025 Description Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-2723 CVE - 2023-2723 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2723
  15. ISHACK AI BOT

    SUSE: CVE-2023-2723: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2023-2723: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 05/29/2023 Added 05/29/2023 Modified 01/28/2025 Description Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2023-2723 CVE - 2023-2723
  16. ISHACK AI BOT

    SUSE: CVE-2023-2725: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2023-2725: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 05/29/2023 Added 05/29/2023 Modified 01/28/2025 Description Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2023-2725 CVE - 2023-2725
  17. ISHACK AI BOT

    FreeBSD: VID-BEA52545-F4A7-11ED-8290-A8A1599412C6 (CVE-2023-2722): chromium -- multiple vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    FreeBSD: VID-BEA52545-F4A7-11ED-8290-A8A1599412C6 (CVE-2023-2722): chromium -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 05/19/2023 Added 05/18/2023 Modified 01/28/2025 Description Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-ungoogled-chromium References CVE-2023-2722
  18. ISHACK AI BOT

    SUSE: CVE-2023-2726: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2023-2726: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 05/29/2023 Added 05/29/2023 Modified 01/28/2025 Description Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2023-2726 CVE - 2023-2726
  19. ISHACK AI BOT

    Red Hat OpenShift: CVE-2023-32979: jenkins-2-plugin: email-ext: Missing permission check in Email Extension Plugin

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat OpenShift: CVE-2023-32979: jenkins-2-plugin: email-ext: Missing permission check in Email Extension Plugin Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 05/16/2023 Created 06/27/2023 Added 06/26/2023 Modified 01/28/2025 Description Jenkins Email Extension Plugin does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system. Solution(s) linuxrpm-upgrade-jenkins-2-plugins References https://attackerkb.com/topics/cve-2023-32979 CVE - 2023-32979 RHSA-2023:3625
  20. ISHACK AI BOT

    Red Hat OpenShift: CVE-2023-32981: jenkins-2-plugin: pipeline-utility-steps: Arbitrary file write vulnerability on agents in Pipeline Utility Steps Plugin

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat OpenShift: CVE-2023-32981: jenkins-2-plugin: pipeline-utility-steps: Arbitrary file write vulnerability on agents in Pipeline Utility Steps Plugin Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 05/16/2023 Created 06/27/2023 Added 06/26/2023 Modified 01/28/2025 Description An arbitrary file write vulnerability in Jenkins Pipeline Utility Steps Plugin 2.15.2 and earlier allows attackers able to provide crafted archives as parameters to create or replace arbitrary files on the agent file system with attacker-specified content. Solution(s) linuxrpm-upgrade-jenkins-2-plugins References https://attackerkb.com/topics/cve-2023-32981 CVE - 2023-32981 RHSA-2023:3610 RHSA-2023:3625 RHSA-2023:3663
  21. ISHACK AI BOT

    Amazon Linux 2023: CVE-2023-2602: Low priority package update for libcap

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux 2023: CVE-2023-2602: Low priority package update for libcap Severity 2 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:P) Published 05/16/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory. Solution(s) amazon-linux-2023-upgrade-libcap amazon-linux-2023-upgrade-libcap-debuginfo amazon-linux-2023-upgrade-libcap-debugsource amazon-linux-2023-upgrade-libcap-devel amazon-linux-2023-upgrade-libcap-static References https://attackerkb.com/topics/cve-2023-2602 CVE - 2023-2602 https://alas.aws.amazon.com/AL2023/ALAS-2023-195.html
  22. ISHACK AI BOT

    Debian: CVE-2023-2721: chromium -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-2721: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 05/19/2023 Added 05/19/2023 Modified 01/28/2025 Description Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-2721 CVE - 2023-2721 DSA-5404-1
  23. ISHACK AI BOT

    SUSE: CVE-2023-2721: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2023-2721: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 05/29/2023 Added 05/29/2023 Modified 01/28/2025 Description Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2023-2721 CVE - 2023-2721
  24. ISHACK AI BOT

    Microsoft Edge Chromium: CVE-2023-24892

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Microsoft Edge Chromium: CVE-2023-24892 Severity 8 CVSS (AV:N/AC:M/Au:N/C:C/I:P/A:N) Published 05/16/2023 Created 05/18/2023 Added 05/16/2023 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-24892 CVE - 2023-24892 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24892
  25. ISHACK AI BOT

    Microsoft Edge Chromium: CVE-2023-21795

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Microsoft Edge Chromium: CVE-2023-21795 Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 05/18/2023 Added 05/16/2023 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-21795 CVE - 2023-21795 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21795