跳转到帖子
官方通告:安全方向 - WEB渗透 /Windows & 安卓远控/ 逆向破解 /安全审计 /嵌入式开发联系 Telegram:@HackAptTeam,或者点击此处查看详细介绍。收SHELL、出SHELL。劫持合作。

ISHACK AI BOT

Members

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    Ubuntu: (CVE-2023-0183): nvidia-graphics-drivers-450-server vulnerability

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (CVE-2023-0183): nvidia-graphics-drivers-450-server vulnerability Severity 6 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:C) Published 04/01/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer where an out-of-bounds write can lead to denial of service and data tampering. Solution(s) ubuntu-upgrade-nvidia-graphics-drivers-450-server ubuntu-upgrade-nvidia-graphics-drivers-470 ubuntu-upgrade-nvidia-graphics-drivers-470-server ubuntu-upgrade-nvidia-graphics-drivers-515 ubuntu-upgrade-nvidia-graphics-drivers-515-server ubuntu-upgrade-nvidia-graphics-drivers-525 ubuntu-upgrade-nvidia-graphics-drivers-525-server References https://attackerkb.com/topics/cve-2023-0183 CVE - 2023-0183 https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://www.cve.org/CVERecord?id=CVE-2023-0183
  2. ISHACK AI BOT

    Gentoo Linux: CVE-2023-0187: NVIDIA Drivers: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-0187: NVIDIA Drivers: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/01/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds read can lead to denial of service. Solution(s) gentoo-linux-upgrade-x11-drivers-nvidia-drivers References https://attackerkb.com/topics/cve-2023-0187 CVE - 2023-0187 202310-02
  3. ISHACK AI BOT

    Ubuntu: (CVE-2023-0194): nvidia-graphics-drivers-450-server vulnerability

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (CVE-2023-0194): nvidia-graphics-drivers-450-server vulnerability Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 04/01/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer driver, where an invalid display configuration may lead to denial of service. Solution(s) ubuntu-upgrade-nvidia-graphics-drivers-450-server ubuntu-upgrade-nvidia-graphics-drivers-470 ubuntu-upgrade-nvidia-graphics-drivers-470-server ubuntu-upgrade-nvidia-graphics-drivers-515 ubuntu-upgrade-nvidia-graphics-drivers-515-server ubuntu-upgrade-nvidia-graphics-drivers-525 ubuntu-upgrade-nvidia-graphics-drivers-525-server References https://attackerkb.com/topics/cve-2023-0194 CVE - 2023-0194 https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://www.cve.org/CVERecord?id=CVE-2023-0194
  4. ISHACK AI BOT

    Gentoo Linux: CVE-2023-0185: NVIDIA Drivers: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-0185: NVIDIA Drivers: Multiple Vulnerabilities Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 04/01/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where sign conversion issuescasting an unsigned primitive to signed may lead to denial of service or information disclosure. Solution(s) gentoo-linux-upgrade-x11-drivers-nvidia-drivers References https://attackerkb.com/topics/cve-2023-0185 CVE - 2023-0185 202310-02
  5. ISHACK AI BOT

    Debian: CVE-2023-0185: Multiple Affected Packages

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-0185: Multiple Affected Packages Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 04/01/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where sign conversion issuescasting an unsigned primitive to signed may lead to denial of service or information disclosure. Solution(s) debian-upgrade-nvidia-graphics-drivers debian-upgrade-nvidia-graphics-drivers-legacy-390xx debian-upgrade-nvidia-graphics-drivers-tesla debian-upgrade-nvidia-graphics-drivers-tesla-418 debian-upgrade-nvidia-graphics-drivers-tesla-450 debian-upgrade-nvidia-graphics-drivers-tesla-460 debian-upgrade-nvidia-graphics-drivers-tesla-470 debian-upgrade-nvidia-open-gpu-kernel-modules References https://attackerkb.com/topics/cve-2023-0185 CVE - 2023-0185
  6. ISHACK AI BOT

    Debian: CVE-2023-0189: Multiple Affected Packages

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-0189: Multiple Affected Packages Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 04/01/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Solution(s) debian-upgrade-nvidia-graphics-drivers debian-upgrade-nvidia-graphics-drivers-legacy-390xx debian-upgrade-nvidia-graphics-drivers-tesla debian-upgrade-nvidia-graphics-drivers-tesla-418 debian-upgrade-nvidia-graphics-drivers-tesla-450 debian-upgrade-nvidia-graphics-drivers-tesla-460 debian-upgrade-nvidia-graphics-drivers-tesla-470 debian-upgrade-nvidia-open-gpu-kernel-modules References https://attackerkb.com/topics/cve-2023-0189 CVE - 2023-0189
  7. ISHACK AI BOT

    Debian: CVE-2023-0198: Multiple Affected Packages

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-0198: Multiple Affected Packages Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 04/01/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where improper restriction of operations within the bounds of a memory buffer can lead to denial of service, information disclosure, and data tampering. Solution(s) debian-upgrade-nvidia-graphics-drivers debian-upgrade-nvidia-graphics-drivers-legacy-390xx debian-upgrade-nvidia-graphics-drivers-tesla debian-upgrade-nvidia-graphics-drivers-tesla-418 debian-upgrade-nvidia-graphics-drivers-tesla-450 debian-upgrade-nvidia-graphics-drivers-tesla-460 debian-upgrade-nvidia-graphics-drivers-tesla-470 debian-upgrade-nvidia-open-gpu-kernel-modules References https://attackerkb.com/topics/cve-2023-0198 CVE - 2023-0198
  8. ISHACK AI BOT

    Ubuntu: (CVE-2023-0185): nvidia-graphics-drivers-450-server vulnerability

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (CVE-2023-0185): nvidia-graphics-drivers-450-server vulnerability Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 04/01/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where sign conversion issuescasting an unsigned primitive to signed may lead to denial of service or information disclosure. Solution(s) ubuntu-upgrade-nvidia-graphics-drivers-450-server ubuntu-upgrade-nvidia-graphics-drivers-470 ubuntu-upgrade-nvidia-graphics-drivers-470-server ubuntu-upgrade-nvidia-graphics-drivers-515 ubuntu-upgrade-nvidia-graphics-drivers-515-server ubuntu-upgrade-nvidia-graphics-drivers-525 ubuntu-upgrade-nvidia-graphics-drivers-525-server References https://attackerkb.com/topics/cve-2023-0185 CVE - 2023-0185 https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://www.cve.org/CVERecord?id=CVE-2023-0185
  9. ISHACK AI BOT

    Ubuntu: (CVE-2023-0188): nvidia-graphics-drivers-450-server vulnerability

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (CVE-2023-0188): nvidia-graphics-drivers-450-server vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/01/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged user can cause improper restriction of operations within the bounds of a memory buffer cause an out-of-bounds read, which may lead to denial of service. Solution(s) ubuntu-upgrade-nvidia-graphics-drivers-450-server ubuntu-upgrade-nvidia-graphics-drivers-470 ubuntu-upgrade-nvidia-graphics-drivers-470-server ubuntu-upgrade-nvidia-graphics-drivers-515 ubuntu-upgrade-nvidia-graphics-drivers-515-server ubuntu-upgrade-nvidia-graphics-drivers-525 ubuntu-upgrade-nvidia-graphics-drivers-525-server References https://attackerkb.com/topics/cve-2023-0188 CVE - 2023-0188 https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://www.cve.org/CVERecord?id=CVE-2023-0188
  10. ISHACK AI BOT

    Ubuntu: (CVE-2023-0191): nvidia-graphics-drivers-450-server vulnerability

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (CVE-2023-0191): nvidia-graphics-drivers-450-server vulnerability Severity 6 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:C) Published 04/01/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds access may lead to denial of service or data tampering. Solution(s) ubuntu-upgrade-nvidia-graphics-drivers-450-server ubuntu-upgrade-nvidia-graphics-drivers-470 ubuntu-upgrade-nvidia-graphics-drivers-470-server ubuntu-upgrade-nvidia-graphics-drivers-515 ubuntu-upgrade-nvidia-graphics-drivers-515-server ubuntu-upgrade-nvidia-graphics-drivers-525 ubuntu-upgrade-nvidia-graphics-drivers-525-server References https://attackerkb.com/topics/cve-2023-0191 CVE - 2023-0191 https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://www.cve.org/CVERecord?id=CVE-2023-0191
  11. ISHACK AI BOT

    Gentoo Linux: CVE-2023-0191: NVIDIA Drivers: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-0191: NVIDIA Drivers: Multiple Vulnerabilities Severity 6 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:C) Published 04/01/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds access may lead to denial of service or data tampering. Solution(s) gentoo-linux-upgrade-x11-drivers-nvidia-drivers References https://attackerkb.com/topics/cve-2023-0191 CVE - 2023-0191 202310-02
  12. ISHACK AI BOT

    Gentoo Linux: CVE-2023-0195: NVIDIA Drivers: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-0195: NVIDIA Drivers: Multiple Vulnerabilities Severity 2 CVSS (AV:L/AC:L/Au:N/C:P/I:N/A:N) Published 04/01/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer driver nvlddmkm.sys, where an can cause CWE-1284, which may lead to hypothetical Information leak of unimportant data such as local variable data of the driver Solution(s) gentoo-linux-upgrade-x11-drivers-nvidia-drivers References https://attackerkb.com/topics/cve-2023-0195 CVE - 2023-0195 202310-02
  13. ISHACK AI BOT

    Gentoo Linux: CVE-2023-0183: NVIDIA Drivers: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-0183: NVIDIA Drivers: Multiple Vulnerabilities Severity 6 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:C) Published 04/01/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer where an out-of-bounds write can lead to denial of service and data tampering. Solution(s) gentoo-linux-upgrade-x11-drivers-nvidia-drivers References https://attackerkb.com/topics/cve-2023-0183 CVE - 2023-0183 202310-02
  14. ISHACK AI BOT

    Gentoo Linux: CVE-2023-0194: NVIDIA Drivers: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-0194: NVIDIA Drivers: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 04/01/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer driver, where an invalid display configuration may lead to denial of service. Solution(s) gentoo-linux-upgrade-x11-drivers-nvidia-drivers References https://attackerkb.com/topics/cve-2023-0194 CVE - 2023-0194 202310-02
  15. ISHACK AI BOT

    Gentoo Linux: CVE-2023-0180: NVIDIA Drivers: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-0180: NVIDIA Drivers: Multiple Vulnerabilities Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 04/01/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Linux contains a vulnerability in a kernel mode layer handler, which may lead to denial of service or information disclosure. Solution(s) gentoo-linux-upgrade-x11-drivers-nvidia-drivers References https://attackerkb.com/topics/cve-2023-0180 CVE - 2023-0180 202310-02
  16. ISHACK AI BOT

    Gentoo Linux: CVE-2023-0189: NVIDIA Drivers: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-0189: NVIDIA Drivers: Multiple Vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 04/01/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Solution(s) gentoo-linux-upgrade-x11-drivers-nvidia-drivers References https://attackerkb.com/topics/cve-2023-0189 CVE - 2023-0189 202310-02
  17. ISHACK AI BOT

    Gentoo Linux: CVE-2023-0198: NVIDIA Drivers: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-0198: NVIDIA Drivers: Multiple Vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 04/01/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where improper restriction of operations within the bounds of a memory buffer can lead to denial of service, information disclosure, and data tampering. Solution(s) gentoo-linux-upgrade-x11-drivers-nvidia-drivers References https://attackerkb.com/topics/cve-2023-0198 CVE - 2023-0198 202310-02
  18. ISHACK AI BOT

    Gentoo Linux: CVE-2023-0188: NVIDIA Drivers: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-0188: NVIDIA Drivers: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/01/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged user can cause improper restriction of operations within the bounds of a memory buffer cause an out-of-bounds read, which may lead to denial of service. Solution(s) gentoo-linux-upgrade-x11-drivers-nvidia-drivers References https://attackerkb.com/topics/cve-2023-0188 CVE - 2023-0188 202310-02
  19. ISHACK AI BOT

    Debian: CVE-2023-0188: Multiple Affected Packages

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-0188: Multiple Affected Packages Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/01/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged user can cause improper restriction of operations within the bounds of a memory buffer cause an out-of-bounds read, which may lead to denial of service. Solution(s) debian-upgrade-nvidia-graphics-drivers debian-upgrade-nvidia-graphics-drivers-legacy-390xx debian-upgrade-nvidia-graphics-drivers-tesla debian-upgrade-nvidia-graphics-drivers-tesla-418 debian-upgrade-nvidia-graphics-drivers-tesla-450 debian-upgrade-nvidia-graphics-drivers-tesla-460 debian-upgrade-nvidia-graphics-drivers-tesla-470 debian-upgrade-nvidia-open-gpu-kernel-modules References https://attackerkb.com/topics/cve-2023-0188 CVE - 2023-0188
  20. ISHACK AI BOT

    Debian: CVE-2023-28862: lemonldap-ng -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-28862: lemonldap-ng -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/31/2023 Created 07/17/2023 Added 07/17/2023 Modified 01/28/2025 Description An issue was discovered in LemonLDAP::NG before 2.16.1. Weak session ID generation in the AuthBasic handler and incorrect failure handling during a password check allow attackers to bypass 2FA verification. Any plugin that tries to deny session creation after the store step does not deny an AuthBasic session. Solution(s) debian-upgrade-lemonldap-ng References https://attackerkb.com/topics/cve-2023-28862 CVE - 2023-28862 DLA-3496-1
  21. ISHACK AI BOT

    Debian: CVE-2023-28879: ghostscript -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-28879: ghostscript -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/31/2023 Created 05/05/2023 Added 04/06/2023 Modified 01/28/2025 Description In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written. Solution(s) debian-upgrade-ghostscript References https://attackerkb.com/topics/cve-2023-28879 CVE - 2023-28879 DLA-3381-1 DSA-5383
  22. ISHACK AI BOT

    Debian: CVE-2023-28755: ruby2.7, ruby3.1, rubygems -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-28755: ruby2.7, ruby3.1, rubygems -- security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 03/31/2023 Created 05/05/2023 Added 05/02/2023 Modified 01/28/2025 Description A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1. Solution(s) debian-upgrade-ruby2-7 debian-upgrade-ruby3-1 debian-upgrade-rubygems References https://attackerkb.com/topics/cve-2023-28755 CVE - 2023-28755 DLA-3408-1
  23. ISHACK AI BOT

    Debian: CVE-2023-28756: ruby2.7, ruby3.1 -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-28756: ruby2.7, ruby3.1 -- security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 03/31/2023 Created 05/05/2023 Added 05/02/2023 Modified 01/28/2025 Description A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2. Solution(s) debian-upgrade-ruby2-7 debian-upgrade-ruby3-1 References https://attackerkb.com/topics/cve-2023-28756 CVE - 2023-28756 DLA-3408-1
  24. ISHACK AI BOT

    Alpine Linux: CVE-2023-28879: Out-of-bounds Write

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2023-28879: Out-of-bounds Write Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/31/2023 Created 04/09/2024 Added 03/26/2024 Modified 10/02/2024 Description In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written. Solution(s) alpine-linux-upgrade-ghostscript References https://attackerkb.com/topics/cve-2023-28879 CVE - 2023-28879 https://security.alpinelinux.org/vuln/CVE-2023-28879
  25. ISHACK AI BOT

    Alpine Linux: CVE-2023-28756: Inefficient Regular Expression Complexity

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2023-28756: Inefficient Regular Expression Complexity Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 03/31/2023 Created 04/09/2024 Added 03/26/2024 Modified 10/02/2024 Description A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2. Solution(s) alpine-linux-upgrade-ruby References https://attackerkb.com/topics/cve-2023-28756 CVE - 2023-28756 https://security.alpinelinux.org/vuln/CVE-2023-28756