跳转到帖子

ISHACK AI BOT

Members

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-26768: Security patch for liblouis (ALAS-2023-2013)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-26768: Security patch for liblouis (ALAS-2023-2013) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/16/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/28/2025 Description Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the compileTranslationTable.c and lou_setDataPath functions. Solution(s) amazon-linux-ami-2-upgrade-liblouis amazon-linux-ami-2-upgrade-liblouis-debuginfo amazon-linux-ami-2-upgrade-liblouis-devel amazon-linux-ami-2-upgrade-liblouis-doc amazon-linux-ami-2-upgrade-liblouis-utils amazon-linux-ami-2-upgrade-python2-louis amazon-linux-ami-2-upgrade-python3-louis References https://attackerkb.com/topics/cve-2023-26768 AL2/ALAS-2023-2013 CVE - 2023-26768
  2. ISHACK AI BOT

    Alma Linux: CVE-2023-26768: Moderate: liblouis security update (ALSA-2023-6385)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alma Linux: CVE-2023-26768: Moderate: liblouis security update (ALSA-2023-6385) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/16/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the compileTranslationTable.c and lou_setDataPath functions. Solution(s) alma-upgrade-liblouis alma-upgrade-python3-louis References https://attackerkb.com/topics/cve-2023-26768 CVE - 2023-26768 https://errata.almalinux.org/9/ALSA-2023-6385.html
  3. ISHACK AI BOT

    Amazon Linux 2023: CVE-2023-22652: Important priority package update for libeconf

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux 2023: CVE-2023-22652: Important priority package update for libeconf Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/16/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2. A flaw was found in the libeconf library. This issue occurs when parsing a specially crafted configuration file, causing a stack-based buffer overflow, resulting in a denial of service. Solution(s) amazon-linux-2023-upgrade-libeconf amazon-linux-2023-upgrade-libeconf-debuginfo amazon-linux-2023-upgrade-libeconf-debugsource amazon-linux-2023-upgrade-libeconf-devel amazon-linux-2023-upgrade-libeconf-utils amazon-linux-2023-upgrade-libeconf-utils-debuginfo References https://attackerkb.com/topics/cve-2023-22652 CVE - 2023-22652 https://alas.aws.amazon.com/AL2023/ALAS-2023-227.html
  4. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-26767: Security patch for liblouis (ALAS-2023-2013)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-26767: Security patch for liblouis (ALAS-2023-2013) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/16/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/28/2025 Description Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the lou_logFile function at logginc.c endpoint. Solution(s) amazon-linux-ami-2-upgrade-liblouis amazon-linux-ami-2-upgrade-liblouis-debuginfo amazon-linux-ami-2-upgrade-liblouis-devel amazon-linux-ami-2-upgrade-liblouis-doc amazon-linux-ami-2-upgrade-liblouis-utils amazon-linux-ami-2-upgrade-python2-louis amazon-linux-ami-2-upgrade-python3-louis References https://attackerkb.com/topics/cve-2023-26767 AL2/ALAS-2023-2013 CVE - 2023-26767
  5. ISHACK AI BOT

    Microsoft Defender Elevation of Privilege Vulnerability (CVE-2023-23389)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Microsoft Defender Elevation of Privilege Vulnerability (CVE-2023-23389) Severity 6 CVSS (AV:L/AC:M/Au:S/C:N/I:C/A:C) Published 03/16/2023 Created 03/16/2023 Added 03/16/2023 Modified 01/28/2025 Description Microsoft Defender Elevation of Privilege Vulnerability Solution(s) windows-defender-upgrade-latest References https://attackerkb.com/topics/cve-2023-23389 CVE - 2023-23389 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-23389
  6. ISHACK AI BOT

    D-Link DIR (CVE-2023-25280): D-Link DIR-820 Router OS Command Injection Vulnerability

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    D-Link DIR (CVE-2023-25280): D-Link DIR-820 Router OS Command Injection Vulnerability Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/16/2023 Created 11/29/2024 Added 11/28/2024 Modified 11/29/2024 Description OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp. Solution(s) dlink-retire-device References https://attackerkb.com/topics/cve-2023-25280 CVE - 2023-25280 https://www.dlink.com/en/security-bulletin/
  7. ISHACK AI BOT

    Amazon Linux 2023: CVE-2023-32181: Important priority package update for libeconf

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux 2023: CVE-2023-32181: Important priority package update for libeconf Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/16/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf allows for DoS via malformed configuration files This issue affects libeconf: before 0.5.2. A flaw was found in the libeconf library. This issue occurs when parsing a specially crafted configuration file, causing a stack-based buffer overflow, resulting in a denial of service. Solution(s) amazon-linux-2023-upgrade-libeconf amazon-linux-2023-upgrade-libeconf-debuginfo amazon-linux-2023-upgrade-libeconf-debugsource amazon-linux-2023-upgrade-libeconf-devel amazon-linux-2023-upgrade-libeconf-utils amazon-linux-2023-upgrade-libeconf-utils-debuginfo References https://attackerkb.com/topics/cve-2023-32181 CVE - 2023-32181 https://alas.aws.amazon.com/AL2023/ALAS-2023-227.html
  8. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-1390: Security patch for kernel (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-1390: Security patch for kernel (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/16/2023 Created 05/28/2024 Added 05/28/2024 Modified 01/28/2025 Description A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-219-161-340 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-1390 AL2/ALAS-2021-1600 AL2/ALASKERNEL-5.10-2024-058 AL2/ALASKERNEL-5.4-2022-020 CVE - 2023-1390
  9. ISHACK AI BOT

    Rocky Linux: CVE-2023-28101: flatpak (RLSA-2023-6518)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Rocky Linux: CVE-2023-28101: flatpak (RLSA-2023-6518) Severity 4 CVSS (AV:N/AC:L/Au:S/C:N/I:P/A:N) Published 03/16/2023 Created 05/13/2024 Added 05/13/2024 Modified 01/28/2025 Description Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4, if an attacker publishes a Flatpak app with elevated permissions, they can hide those permissions from users of the `flatpak(1)` command-line interface by setting other permissions to crafted values that contain non-printable control characters such as `ESC`. A fix is available in versions 1.10.8, 1.12.8, 1.14.4, and 1.15.4. As a workaround, use a GUI like GNOME Software rather than the command-line interface, or only install apps whose maintainers you trust. Solution(s) rocky-upgrade-flatpak rocky-upgrade-flatpak-debuginfo rocky-upgrade-flatpak-debugsource rocky-upgrade-flatpak-devel rocky-upgrade-flatpak-libs rocky-upgrade-flatpak-libs-debuginfo rocky-upgrade-flatpak-session-helper rocky-upgrade-flatpak-session-helper-debuginfo References https://attackerkb.com/topics/cve-2023-28101 CVE - 2023-28101 https://errata.rockylinux.org/RLSA-2023:6518
  10. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-28486: Security patch for sudo (ALAS-2023-2301)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-28486: Security patch for sudo (ALAS-2023-2301) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 03/16/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/28/2025 Description Sudo before 1.9.13 does not escape control characters in log messages. Solution(s) amazon-linux-ami-2-upgrade-sudo amazon-linux-ami-2-upgrade-sudo-debuginfo amazon-linux-ami-2-upgrade-sudo-devel References https://attackerkb.com/topics/cve-2023-28486 AL2/ALAS-2023-2301 CVE - 2023-28486
  11. ISHACK AI BOT

    SUSE: CVE-2023-28486: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2023-28486: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 03/16/2023 Created 03/30/2023 Added 03/30/2023 Modified 01/28/2025 Description Sudo before 1.9.13 does not escape control characters in log messages. Solution(s) suse-upgrade-sudo suse-upgrade-sudo-devel suse-upgrade-sudo-plugin-python suse-upgrade-sudo-test References https://attackerkb.com/topics/cve-2023-28486 CVE - 2023-28486
  12. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-28487: sudo security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2023-28487: sudo security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 03/16/2023 Created 07/17/2024 Added 07/17/2024 Modified 01/28/2025 Description Sudo before 1.9.13 does not escape control characters in sudoreplay output. Solution(s) huawei-euleros-2_0_sp9-upgrade-sudo References https://attackerkb.com/topics/cve-2023-28487 CVE - 2023-28487 EulerOS-SA-2024-1973
  13. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-28486: sudo security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2023-28486: sudo security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 03/16/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Sudo before 1.9.13 does not escape control characters in log messages. Solution(s) huawei-euleros-2_0_sp11-upgrade-sudo References https://attackerkb.com/topics/cve-2023-28486 CVE - 2023-28486 EulerOS-SA-2023-2712
  14. ISHACK AI BOT

    Ubuntu: USN-6045-1 (CVE-2023-1390): Linux kernel vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6045-1 (CVE-2023-1390): Linux kernel vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/16/2023 Created 05/05/2023 Added 05/01/2023 Modified 01/28/2025 Description A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition. Solution(s) ubuntu-upgrade-linux-image-4-4-0-1118-aws ubuntu-upgrade-linux-image-4-4-0-1119-kvm ubuntu-upgrade-linux-image-4-4-0-1156-aws ubuntu-upgrade-linux-image-4-4-0-240-generic ubuntu-upgrade-linux-image-4-4-0-240-lowlatency ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-lts-xenial References https://attackerkb.com/topics/cve-2023-1390 CVE - 2023-1390 USN-6045-1
  15. ISHACK AI BOT

    Alpine Linux: CVE-2023-28487: Improper Encoding or Escaping of Output

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2023-28487: Improper Encoding or Escaping of Output Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 03/16/2023 Created 03/22/2024 Added 03/21/2024 Modified 01/28/2025 Description Sudo before 1.9.13 does not escape control characters in sudoreplay output. Solution(s) alpine-linux-upgrade-sudo References https://attackerkb.com/topics/cve-2023-28487 CVE - 2023-28487 https://security.alpinelinux.org/vuln/CVE-2023-28487
  16. ISHACK AI BOT

    Debian: CVE-2022-43441: node-sqlite3 -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2022-43441: node-sqlite3 -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/16/2023 Created 03/16/2023 Added 03/16/2023 Modified 01/28/2025 Description A code execution vulnerability exists in the Statement Bindings functionality of Ghost Foundation node-sqlite3 5.1.1. A specially-crafted Javascript file can lead to arbitrary code execution. An attacker can provide malicious input to trigger this vulnerability. Solution(s) debian-upgrade-node-sqlite3 References https://attackerkb.com/topics/cve-2022-43441 CVE - 2022-43441 DSA-5373-1
  17. ISHACK AI BOT

    Gentoo Linux: CVE-2023-28487: sudo: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-28487: sudo: Multiple Vulnerabilities Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 03/16/2023 Created 10/03/2023 Added 10/02/2023 Modified 01/28/2025 Description Sudo before 1.9.13 does not escape control characters in sudoreplay output. Solution(s) gentoo-linux-upgrade-app-admin-sudo References https://attackerkb.com/topics/cve-2023-28487 CVE - 2023-28487 202309-12
  18. ISHACK AI BOT

    SUSE: CVE-2023-28100: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2023-28100: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/16/2023 Created 04/04/2023 Added 04/03/2023 Modified 01/28/2025 Description Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4 contain a vulnerability similar to CVE-2017-5226, but using the `TIOCLINUX` ioctl command instead of `TIOCSTI`. If a Flatpak app is run on a Linux virtual console such as `/dev/tty1`, it can copy text from the virtual console and paste it into the command buffer, from which the command might be run after the Flatpak app has exited. Ordinary graphical terminal emulators like xterm, gnome-terminal and Konsole are unaffected. This vulnerability is specific to the Linux virtual consoles `/dev/tty1`, `/dev/tty2` and so on. A patch is available in versions 1.10.8, 1.12.8, 1.14.4, and 1.15.4. As a workaround, don't run Flatpak on a Linux virtual console. Flatpak is primarily designed to be used in a Wayland or X11 graphical environment. Solution(s) suse-upgrade-flatpak suse-upgrade-flatpak-devel suse-upgrade-flatpak-remote-flathub suse-upgrade-flatpak-zsh-completion suse-upgrade-libflatpak0 suse-upgrade-system-user-flatpak suse-upgrade-typelib-1_0-flatpak-1_0 References https://attackerkb.com/topics/cve-2023-28100 CVE - 2023-28100
  19. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-28487: Security patch for sudo (ALAS-2023-2301)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-28487: Security patch for sudo (ALAS-2023-2301) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 03/16/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/28/2025 Description Sudo before 1.9.13 does not escape control characters in sudoreplay output. Solution(s) amazon-linux-ami-2-upgrade-sudo amazon-linux-ami-2-upgrade-sudo-debuginfo amazon-linux-ami-2-upgrade-sudo-devel References https://attackerkb.com/topics/cve-2023-28487 AL2/ALAS-2023-2301 CVE - 2023-28487
  20. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-26769: Security patch for liblouis (ALAS-2023-2013)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-26769: Security patch for liblouis (ALAS-2023-2013) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/16/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/28/2025 Description Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 allows a remote attacker to cause a denial of service via the resolveSubtable function at compileTranslationTabel.c. Solution(s) amazon-linux-ami-2-upgrade-liblouis amazon-linux-ami-2-upgrade-liblouis-debuginfo amazon-linux-ami-2-upgrade-liblouis-devel amazon-linux-ami-2-upgrade-liblouis-doc amazon-linux-ami-2-upgrade-liblouis-utils amazon-linux-ami-2-upgrade-python2-louis amazon-linux-ami-2-upgrade-python3-louis References https://attackerkb.com/topics/cve-2023-26769 AL2/ALAS-2023-2013 CVE - 2023-26769
  21. ISHACK AI BOT

    Red Hat: CVE-2023-26767: buffer overflow in lou_logFile function at logginc.c (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat: CVE-2023-26767: buffer overflow in lou_logFile function at logginc.c (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/16/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the lou_logFile function at logginc.c endpoint. Solution(s) redhat-upgrade-liblouis redhat-upgrade-liblouis-debuginfo redhat-upgrade-liblouis-debugsource redhat-upgrade-liblouis-utils-debuginfo redhat-upgrade-python3-louis References CVE-2023-26767 RHSA-2023:6385
  22. ISHACK AI BOT

    Gentoo Linux: CVE-2023-26767: liblouis: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-26767: liblouis: Multiple Vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/16/2023 Created 09/24/2024 Added 09/23/2024 Modified 01/28/2025 Description Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the lou_logFile function at logginc.c endpoint. Solution(s) gentoo-linux-upgrade-dev-libs-liblouis References https://attackerkb.com/topics/cve-2023-26767 CVE - 2023-26767 202409-18
  23. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-28466: kernel security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2023-28466: kernel security update Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 03/16/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference). Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-28466 CVE - 2023-28466 EulerOS-SA-2023-2689
  24. ISHACK AI BOT

    Debian: CVE-2023-28487: sudo -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-28487: sudo -- security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 03/16/2023 Created 02/06/2024 Added 02/05/2024 Modified 01/28/2025 Description Sudo before 1.9.13 does not escape control characters in sudoreplay output. Solution(s) debian-upgrade-sudo References https://attackerkb.com/topics/cve-2023-28487 CVE - 2023-28487 DLA-3732-1
  25. ISHACK AI BOT

    Oracle Linux: CVE-2023-2194: ELSA-2023-3723: kernel security and bug fix update (IMPORTANT) (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle Linux: CVE-2023-2194: ELSA-2023-3723:kernel security and bug fix update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 03/16/2023 Created 07/26/2023 Added 07/25/2023 Modified 12/06/2024 Description An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution. An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not limited to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This issue could allow a local privileged user to crash the system or potentially achieve code execution. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2023-2194 CVE - 2023-2194 ELSA-2023-3723 ELSA-2023-4517