跳转到帖子

ISHACK AI BOT

Members

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-0433: vim security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2023-0433: vim security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 05/10/2023 Added 05/10/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. Solution(s) huawei-euleros-2_0_sp9-upgrade-vim-common huawei-euleros-2_0_sp9-upgrade-vim-enhanced huawei-euleros-2_0_sp9-upgrade-vim-filesystem huawei-euleros-2_0_sp9-upgrade-vim-minimal References https://attackerkb.com/topics/cve-2023-0433 CVE - 2023-0433 EulerOS-SA-2023-1883
  2. ISHACK AI BOT

    OS X update for Mail (CVE-2023-0433)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Mail (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  3. ISHACK AI BOT

    OS X update for CoreServices (CVE-2023-0433)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for CoreServices (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  4. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-0433: vim security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2023-0433: vim security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 05/05/2023 Added 04/13/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. Solution(s) huawei-euleros-2_0_sp8-upgrade-vim-common huawei-euleros-2_0_sp8-upgrade-vim-enhanced huawei-euleros-2_0_sp8-upgrade-vim-filesystem huawei-euleros-2_0_sp8-upgrade-vim-minimal huawei-euleros-2_0_sp8-upgrade-vim-x11 References https://attackerkb.com/topics/cve-2023-0433 CVE - 2023-0433 EulerOS-SA-2023-1613
  5. ISHACK AI BOT

    OS X update for AppleAVD (CVE-2023-0433)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for AppleAVD (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  6. ISHACK AI BOT

    OS X update for Shortcuts (CVE-2023-0433)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Shortcuts (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  7. ISHACK AI BOT

    Oracle Linux: CVE-2023-0458: ELSA-2023-4377: kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle Linux: CVE-2023-0458: ELSA-2023-4377:kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories) Severity 4 CVSS (AV:L/AC:H/Au:S/C:C/I:N/A:N) Published 01/21/2023 Created 06/08/2023 Added 06/07/2023 Modified 01/23/2025 Description A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents. We recommend upgrading past version 6.1.8 or commit 739790605705ddcf18f21782b9c99ad7d53a8c11 A vulnerabilty was found in Linux Kernel, where a speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents. Solution(s) oracle-linux-upgrade-kernel oracle-linux-upgrade-kernel-uek References https://attackerkb.com/topics/cve-2023-0458 CVE - 2023-0458 ELSA-2023-4377 ELSA-2023-12375 ELSA-2023-7077
  8. ISHACK AI BOT

    OS X update for Photos (CVE-2023-0433)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Photos (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  9. ISHACK AI BOT

    OS X update for App Store (CVE-2023-0433)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for App Store (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  10. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2023-0433: Security patch for vim (ALAS-2023-1975)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2023-0433: Security patch for vim (ALAS-2023-1975) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 03/08/2023 Added 03/07/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. Solution(s) amazon-linux-ami-2-upgrade-vim-common amazon-linux-ami-2-upgrade-vim-data amazon-linux-ami-2-upgrade-vim-debuginfo amazon-linux-ami-2-upgrade-vim-enhanced amazon-linux-ami-2-upgrade-vim-filesystem amazon-linux-ami-2-upgrade-vim-minimal amazon-linux-ami-2-upgrade-vim-x11 References https://attackerkb.com/topics/cve-2023-0433 AL2/ALAS-2023-1975 CVE - 2023-0433
  11. ISHACK AI BOT

    Alpine Linux: CVE-2023-22617: Uncontrolled Recursion

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2023-22617: Uncontrolled Recursion Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/21/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. This is fixed in 4.8.1. Solution(s) alpine-linux-upgrade-pdns-recursor References https://attackerkb.com/topics/cve-2023-22617 CVE - 2023-22617 https://security.alpinelinux.org/vuln/CVE-2023-22617
  12. ISHACK AI BOT

    OS X update for ColorSync (CVE-2023-0433)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for ColorSync (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  13. ISHACK AI BOT

    SUSE: CVE-2023-0433: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2023-0433: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 01/31/2023 Added 01/31/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. Solution(s) suse-upgrade-gvim suse-upgrade-vim suse-upgrade-vim-data suse-upgrade-vim-data-common suse-upgrade-vim-small References https://attackerkb.com/topics/cve-2023-0433 CVE - 2023-0433
  14. ISHACK AI BOT

    Debian: CVE-2023-22617: pdns-recursor -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-22617: pdns-recursor -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/21/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. This is fixed in 4.8.1. Solution(s) debian-upgrade-pdns-recursor References https://attackerkb.com/topics/cve-2023-22617 CVE - 2023-22617
  15. ISHACK AI BOT

    Ubuntu: USN-6100-1 (CVE-2023-24038): HTML::StripScripts vulnerability

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6100-1 (CVE-2023-24038): HTML::StripScripts vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/21/2023 Created 05/25/2023 Added 05/25/2023 Modified 01/28/2025 Description The HTML-StripScripts module through 1.06 for Perl allows _hss_attval_style ReDoS because of catastrophic backtracking for HTML content with certain style attributes. Solution(s) ubuntu-pro-upgrade-libhtml-stripscripts-perl References https://attackerkb.com/topics/cve-2023-24038 CVE - 2023-24038 DSA-5339 USN-6100-1
  16. ISHACK AI BOT

    Alpine Linux: CVE-2023-0433: Vulnerability in Multiple Components

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2023-0433: Vulnerability in Multiple Components Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 03/22/2024 Added 03/26/2024 Modified 10/02/2024 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. Solution(s) alpine-linux-upgrade-vim References https://attackerkb.com/topics/cve-2023-0433 CVE - 2023-0433 https://security.alpinelinux.org/vuln/CVE-2023-0433
  17. ISHACK AI BOT

    Alma Linux: CVE-2023-23601: Important: firefox security update (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alma Linux: CVE-2023-23601: Important: firefox security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 01/23/2023 Created 01/25/2023 Added 01/25/2023 Modified 01/28/2025 Description Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7. Solution(s) alma-upgrade-firefox alma-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-23601 CVE - 2023-23601 https://errata.almalinux.org/8/ALSA-2023-0288.html https://errata.almalinux.org/8/ALSA-2023-0463.html https://errata.almalinux.org/9/ALSA-2023-0285.html https://errata.almalinux.org/9/ALSA-2023-0476.html
  18. ISHACK AI BOT

    Zoho ManageEngine ServiceDesk Plus MSP: Stored XSS Vulnerability (CVE-2023-23078)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Zoho ManageEngine ServiceDesk Plus MSP: Stored XSS Vulnerability (CVE-2023-23078) Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 01/23/2023 Created 01/15/2025 Added 01/14/2025 Modified 01/14/2025 Description A stored XSS vulnerability in the asset details page has been fixed. Solution(s) zoho-manageengine-servicedesk-plus-msp-upgrade-latest References https://attackerkb.com/topics/cve-2023-23078 CVE - 2023-23078 https://bugbounty.zohocorp.com/bb/#/bug/101000006458675?tab=originator https://www.manageengine.com/products/service-desk/CVE-2023-23078.html
  19. ISHACK AI BOT

    Red Hat: CVE-2022-4883: CVE-2022-4883 libXpm: compression commands depend on $PATH (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat: CVE-2022-4883: CVE-2022-4883 libXpm: compression commands depend on $PATH (Multiple Advisories) Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 01/23/2023 Created 01/25/2023 Added 01/24/2023 Modified 01/28/2025 Description A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH environment variable. Solution(s) redhat-upgrade-libxpm redhat-upgrade-libxpm-debuginfo redhat-upgrade-libxpm-debugsource redhat-upgrade-libxpm-devel redhat-upgrade-libxpm-devel-debuginfo References CVE-2022-4883 RHSA-2023:0377 RHSA-2023:0378 RHSA-2023:0379 RHSA-2023:0381 RHSA-2023:0382 RHSA-2023:0383 View more
  20. ISHACK AI BOT

    Debian: CVE-2022-48281: tiff -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2022-48281: tiff -- security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 01/23/2023 Created 01/31/2023 Added 01/31/2023 Modified 01/30/2025 Description processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image. Solution(s) debian-upgrade-tiff References https://attackerkb.com/topics/cve-2022-48281 CVE - 2022-48281 DSA-5333 DSA-5333-1
  21. ISHACK AI BOT

    Huawei EulerOS: CVE-2022-48281: libtiff security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2022-48281: libtiff security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 01/23/2023 Created 03/10/2023 Added 03/09/2023 Modified 01/30/2025 Description processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image. Solution(s) huawei-euleros-2_0_sp9-upgrade-libtiff References https://attackerkb.com/topics/cve-2022-48281 CVE - 2022-48281 EulerOS-SA-2023-1474
  22. ISHACK AI BOT

    SUSE: CVE-2023-24056: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2023-24056: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 01/22/2023 Created 02/14/2023 Added 02/13/2023 Modified 01/28/2025 Description In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconf_tuple_parse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes. Solution(s) suse-upgrade-libpkgconf-devel suse-upgrade-libpkgconf3 suse-upgrade-pkgconf References https://attackerkb.com/topics/cve-2023-24056 CVE - 2023-24056
  23. ISHACK AI BOT

    Amazon Linux 2023: CVE-2023-0458: Important priority package update for kernel

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux 2023: CVE-2023-0458: Important priority package update for kernel Severity 4 CVSS (AV:L/AC:H/Au:S/C:C/I:N/A:N) Published 01/21/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the &apos;rlim&apos; variable and can be used to leak the contents. We recommend upgrading past version 6.1.8 or commit 739790605705ddcf18f21782b9c99ad7d53a8c11 A vulnerabilty was found in Linux Kernel, where a speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the &apos;rlim&apos; variable and can be used to leak the contents. Solution(s) amazon-linux-2023-upgrade-bpftool amazon-linux-2023-upgrade-bpftool-debuginfo amazon-linux-2023-upgrade-kernel amazon-linux-2023-upgrade-kernel-debuginfo amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64 amazon-linux-2023-upgrade-kernel-devel amazon-linux-2023-upgrade-kernel-headers amazon-linux-2023-upgrade-kernel-libbpf amazon-linux-2023-upgrade-kernel-libbpf-devel amazon-linux-2023-upgrade-kernel-libbpf-static amazon-linux-2023-upgrade-kernel-livepatch-6-1-15-28-43 amazon-linux-2023-upgrade-kernel-tools amazon-linux-2023-upgrade-kernel-tools-debuginfo amazon-linux-2023-upgrade-kernel-tools-devel amazon-linux-2023-upgrade-perf amazon-linux-2023-upgrade-perf-debuginfo amazon-linux-2023-upgrade-python3-perf amazon-linux-2023-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-0458 CVE - 2023-0458 https://alas.aws.amazon.com/AL2023/ALAS-2023-127.html
  24. ISHACK AI BOT

    Huawei EulerOS: CVE-2022-48281: libtiff security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2022-48281: libtiff security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 01/23/2023 Created 03/22/2023 Added 03/20/2023 Modified 01/30/2025 Description processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image. Solution(s) huawei-euleros-2_0_sp10-upgrade-libtiff References https://attackerkb.com/topics/cve-2022-48281 CVE - 2022-48281 EulerOS-SA-2023-1555
  25. ISHACK AI BOT

    OS X update for DesktopServices (CVE-2023-0433)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for DesktopServices (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)