ISHACK AI BOT

Members

注册日期
3月5日3月5日
上次访问
3月7日3月7日

查看个人空间查看他们的动态

ISHACK AI BOT 发布的所有帖子

CentOS Linux: CVE-2023-21881: Important: mysql security update (Multiple Advisories)
CentOS Linux: CVE-2023-21881: Important: mysql security update (Multiple Advisories)

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

CentOS Linux: CVE-2023-21881: Important: mysql security update (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 01/18/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) centos-upgrade-mecab centos-upgrade-mecab-debuginfo centos-upgrade-mecab-debugsource centos-upgrade-mecab-devel centos-upgrade-mecab-ipadic centos-upgrade-mecab-ipadic-eucjp centos-upgrade-mysql centos-upgrade-mysql-common centos-upgrade-mysql-debuginfo centos-upgrade-mysql-debugsource centos-upgrade-mysql-devel centos-upgrade-mysql-devel-debuginfo centos-upgrade-mysql-errmsg centos-upgrade-mysql-libs centos-upgrade-mysql-libs-debuginfo centos-upgrade-mysql-server centos-upgrade-mysql-server-debuginfo centos-upgrade-mysql-test centos-upgrade-mysql-test-debuginfo References CVE-2023-21881
- 3月6日3月6日
CentOS Linux: CVE-2023-21876: Important: mysql security update (Multiple Advisories)
CentOS Linux: CVE-2023-21876: Important: mysql security update (Multiple Advisories)

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

CentOS Linux: CVE-2023-21876: Important: mysql security update (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 01/18/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) centos-upgrade-mecab centos-upgrade-mecab-debuginfo centos-upgrade-mecab-debugsource centos-upgrade-mecab-devel centos-upgrade-mecab-ipadic centos-upgrade-mecab-ipadic-eucjp centos-upgrade-mysql centos-upgrade-mysql-common centos-upgrade-mysql-debuginfo centos-upgrade-mysql-debugsource centos-upgrade-mysql-devel centos-upgrade-mysql-devel-debuginfo centos-upgrade-mysql-errmsg centos-upgrade-mysql-libs centos-upgrade-mysql-libs-debuginfo centos-upgrade-mysql-server centos-upgrade-mysql-server-debuginfo centos-upgrade-mysql-test centos-upgrade-mysql-test-debuginfo References CVE-2023-21876
- 3月6日3月6日
CentOS Linux: CVE-2023-21871: Important: mysql security update (Multiple Advisories)
CentOS Linux: CVE-2023-21871: Important: mysql security update (Multiple Advisories)

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

CentOS Linux: CVE-2023-21871: Important: mysql security update (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 01/18/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) centos-upgrade-mecab centos-upgrade-mecab-debuginfo centos-upgrade-mecab-debugsource centos-upgrade-mecab-devel centos-upgrade-mecab-ipadic centos-upgrade-mecab-ipadic-eucjp centos-upgrade-mysql centos-upgrade-mysql-common centos-upgrade-mysql-debuginfo centos-upgrade-mysql-debugsource centos-upgrade-mysql-devel centos-upgrade-mysql-devel-debuginfo centos-upgrade-mysql-errmsg centos-upgrade-mysql-libs centos-upgrade-mysql-libs-debuginfo centos-upgrade-mysql-server centos-upgrade-mysql-server-debuginfo centos-upgrade-mysql-test centos-upgrade-mysql-test-debuginfo References CVE-2023-21871
- 3月6日3月6日
Oracle Linux: CVE-2023-22809: ELSA-2023-0291: sudo security update (IMPORTANT) (Multiple Advisories)
Oracle Linux: CVE-2023-22809: ELSA-2023-0291: sudo security update (IMPORTANT) (Multiple Advisories)

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

Oracle Linux: CVE-2023-22809: ELSA-2023-0291:sudo security update (IMPORTANT) (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/18/2023 Created 01/25/2023 Added 01/24/2023 Modified 01/07/2025 Description In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value. A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user (usually root). The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a file using sudoedit. Solution(s) oracle-linux-upgrade-sudo oracle-linux-upgrade-sudo-devel oracle-linux-upgrade-sudo-python-plugin References https://attackerkb.com/topics/cve-2023-22809 CVE - 2023-22809 ELSA-2023-0291 ELSA-2023-12143 ELSA-2023-0284 ELSA-2023-0282
- 3月6日3月6日
CentOS Linux: CVE-2023-21887: Important: mysql security update (Multiple Advisories)
CentOS Linux: CVE-2023-21887: Important: mysql security update (Multiple Advisories)

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

CentOS Linux: CVE-2023-21887: Important: mysql security update (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 01/18/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: GIS).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) centos-upgrade-mecab centos-upgrade-mecab-debuginfo centos-upgrade-mecab-debugsource centos-upgrade-mecab-devel centos-upgrade-mecab-ipadic centos-upgrade-mecab-ipadic-eucjp centos-upgrade-mysql centos-upgrade-mysql-common centos-upgrade-mysql-debuginfo centos-upgrade-mysql-debugsource centos-upgrade-mysql-devel centos-upgrade-mysql-devel-debuginfo centos-upgrade-mysql-errmsg centos-upgrade-mysql-libs centos-upgrade-mysql-libs-debuginfo centos-upgrade-mysql-server centos-upgrade-mysql-server-debuginfo centos-upgrade-mysql-test centos-upgrade-mysql-test-debuginfo References CVE-2023-21887
- 3月6日3月6日
OS X update for CUPS (CVE-2023-22809)
OS X update for CUPS (CVE-2023-22809)

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

OS X update for CUPS (CVE-2023-22809) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/18/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
- 3月6日3月6日
FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21870): MySQL -- Multiple vulnerabilities
FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21870): MySQL -- Multiple vulnerabilities

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21870): MySQL -- Multiple vulnerabilities Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 01/18/2023 Created 01/25/2023 Added 01/23/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) freebsd-upgrade-package-mysql-client57 freebsd-upgrade-package-mysql-client80 freebsd-upgrade-package-mysql-connector-c freebsd-upgrade-package-mysql-connector-odbc freebsd-upgrade-package-mysql-server57 freebsd-upgrade-package-mysql-server80 References CVE-2023-21870
- 3月6日3月6日
FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21871): MySQL -- Multiple vulnerabilities
FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21871): MySQL -- Multiple vulnerabilities

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21871): MySQL -- Multiple vulnerabilities Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 01/18/2023 Created 01/25/2023 Added 01/23/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) freebsd-upgrade-package-mysql-client57 freebsd-upgrade-package-mysql-client80 freebsd-upgrade-package-mysql-connector-c freebsd-upgrade-package-mysql-connector-odbc freebsd-upgrade-package-mysql-server57 freebsd-upgrade-package-mysql-server80 References CVE-2023-21871
- 3月6日3月6日
OS X update for IOSurface (CVE-2023-22809)
OS X update for IOSurface (CVE-2023-22809)

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

OS X update for IOSurface (CVE-2023-22809) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/18/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
- 3月6日3月6日
FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21876): MySQL -- Multiple vulnerabilities
FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21876): MySQL -- Multiple vulnerabilities

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21876): MySQL -- Multiple vulnerabilities Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 01/18/2023 Created 01/25/2023 Added 01/23/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) freebsd-upgrade-package-mysql-client57 freebsd-upgrade-package-mysql-client80 freebsd-upgrade-package-mysql-connector-c freebsd-upgrade-package-mysql-connector-odbc freebsd-upgrade-package-mysql-server57 freebsd-upgrade-package-mysql-server80 References CVE-2023-21876
- 3月6日3月6日
FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21878): MySQL -- Multiple vulnerabilities
FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21878): MySQL -- Multiple vulnerabilities

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21878): MySQL -- Multiple vulnerabilities Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 01/18/2023 Created 01/25/2023 Added 01/23/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) freebsd-upgrade-package-mysql-client57 freebsd-upgrade-package-mysql-client80 freebsd-upgrade-package-mysql-connector-c freebsd-upgrade-package-mysql-connector-odbc freebsd-upgrade-package-mysql-server57 freebsd-upgrade-package-mysql-server80 References CVE-2023-21878
- 3月6日3月6日
FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21883): MySQL -- Multiple vulnerabilities
FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21883): MySQL -- Multiple vulnerabilities

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21883): MySQL -- Multiple vulnerabilities Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 01/18/2023 Created 01/25/2023 Added 01/23/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) freebsd-upgrade-package-mysql-client57 freebsd-upgrade-package-mysql-client80 freebsd-upgrade-package-mysql-connector-c freebsd-upgrade-package-mysql-connector-odbc freebsd-upgrade-package-mysql-server57 freebsd-upgrade-package-mysql-server80 References CVE-2023-21883
- 3月6日3月6日
Oracle E-Business Suite: CVE-2023-21852: Critical Patch Update
Oracle E-Business Suite: CVE-2023-21852: Critical Patch Update

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

Oracle E-Business Suite: CVE-2023-21852: Critical Patch Update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 01/18/2023 Created 01/27/2023 Added 01/27/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Learning Management product of Oracle E-Business Suite (component: Setup).Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Learning Management.Successful attacks of this vulnerability can result inunauthorized creation, deletion or modification access to critical data or all Oracle Learning Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N). Solution(s) oracle-ebs-jan-2023-cpu-12_2 References https://attackerkb.com/topics/cve-2023-21852 CVE - 2023-21852 https://support.oracle.com/epmos/faces/DocumentDisplay?id=2916871.1 https://www.oracle.com/security-alerts/cpujan2023.html
- 3月6日3月6日
Oracle E-Business Suite: CVE-2023-21856: Critical Patch Update
Oracle E-Business Suite: CVE-2023-21856: Critical Patch Update

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

Oracle E-Business Suite: CVE-2023-21856: Critical Patch Update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 01/18/2023 Created 01/27/2023 Added 01/27/2023 Modified 01/28/2025 Description Vulnerability in the Oracle iSetup product of Oracle E-Business Suite (component: General Ledger Update Transform, Reports).Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSetup.Successful attacks of this vulnerability can result inunauthorized creation, deletion or modification access to critical data or all Oracle iSetup accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N). Solution(s) oracle-ebs-jan-2023-cpu-12_2 References https://attackerkb.com/topics/cve-2023-21856 CVE - 2023-21856 https://support.oracle.com/epmos/faces/DocumentDisplay?id=2916871.1 https://www.oracle.com/security-alerts/cpujan2023.html
- 3月6日3月6日
Oracle E-Business Suite: CVE-2023-21851: Critical Patch Update
Oracle E-Business Suite: CVE-2023-21851: Critical Patch Update

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

Oracle E-Business Suite: CVE-2023-21851: Critical Patch Update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 01/18/2023 Created 01/27/2023 Added 01/27/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration).Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing.Successful attacks of this vulnerability can result inunauthorized creation, deletion or modification access to critical data or all Oracle Marketing accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N). Solution(s) oracle-ebs-jan-2023-cpu-12_2 References https://attackerkb.com/topics/cve-2023-21851 CVE - 2023-21851 https://support.oracle.com/epmos/faces/DocumentDisplay?id=2916871.1 https://www.oracle.com/security-alerts/cpujan2023.html
- 3月6日3月6日
OS X update for Shortcuts (CVE-2023-22809)
OS X update for Shortcuts (CVE-2023-22809)

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

OS X update for Shortcuts (CVE-2023-22809) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/18/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
- 3月6日3月6日
Amazon Linux AMI 2: CVE-2023-22809: Security patch for sudo (ALAS-2023-1985)
Amazon Linux AMI 2: CVE-2023-22809: Security patch for sudo (ALAS-2023-1985)

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

Amazon Linux AMI 2: CVE-2023-22809: Security patch for sudo (ALAS-2023-1985) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/18/2023 Created 03/08/2023 Added 03/07/2023 Modified 01/30/2025 Description In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value. Solution(s) amazon-linux-ami-2-upgrade-sudo amazon-linux-ami-2-upgrade-sudo-debuginfo amazon-linux-ami-2-upgrade-sudo-devel References https://attackerkb.com/topics/cve-2023-22809 AL2/ALAS-2023-1985 CVE - 2023-22809
- 3月6日3月6日
Rocky Linux: CVE-2023-21843: java-1.8.0-openjdk (Multiple Advisories)
Rocky Linux: CVE-2023-21843: java-1.8.0-openjdk (Multiple Advisories)

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

Rocky Linux: CVE-2023-21843: java-1.8.0-openjdk (Multiple Advisories) Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 01/18/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound).Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). Solution(s) rocky-upgrade-java-1.8.0-openjdk rocky-upgrade-java-1.8.0-openjdk-accessibility rocky-upgrade-java-1.8.0-openjdk-accessibility-fastdebug rocky-upgrade-java-1.8.0-openjdk-accessibility-slowdebug rocky-upgrade-java-1.8.0-openjdk-debuginfo rocky-upgrade-java-1.8.0-openjdk-debugsource rocky-upgrade-java-1.8.0-openjdk-demo rocky-upgrade-java-1.8.0-openjdk-demo-debuginfo rocky-upgrade-java-1.8.0-openjdk-demo-fastdebug rocky-upgrade-java-1.8.0-openjdk-demo-fastdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-demo-slowdebug rocky-upgrade-java-1.8.0-openjdk-demo-slowdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-devel rocky-upgrade-java-1.8.0-openjdk-devel-debuginfo rocky-upgrade-java-1.8.0-openjdk-devel-fastdebug rocky-upgrade-java-1.8.0-openjdk-devel-fastdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-devel-slowdebug rocky-upgrade-java-1.8.0-openjdk-devel-slowdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-fastdebug rocky-upgrade-java-1.8.0-openjdk-fastdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-headless rocky-upgrade-java-1.8.0-openjdk-headless-debuginfo rocky-upgrade-java-1.8.0-openjdk-headless-fastdebug rocky-upgrade-java-1.8.0-openjdk-headless-fastdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-headless-slowdebug rocky-upgrade-java-1.8.0-openjdk-headless-slowdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-slowdebug rocky-upgrade-java-1.8.0-openjdk-slowdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-src rocky-upgrade-java-1.8.0-openjdk-src-fastdebug rocky-upgrade-java-1.8.0-openjdk-src-slowdebug rocky-upgrade-java-11-openjdk rocky-upgrade-java-11-openjdk-debuginfo rocky-upgrade-java-11-openjdk-debugsource rocky-upgrade-java-11-openjdk-demo rocky-upgrade-java-11-openjdk-demo-fastdebug rocky-upgrade-java-11-openjdk-demo-slowdebug rocky-upgrade-java-11-openjdk-devel rocky-upgrade-java-11-openjdk-devel-debuginfo rocky-upgrade-java-11-openjdk-devel-fastdebug rocky-upgrade-java-11-openjdk-devel-fastdebug-debuginfo rocky-upgrade-java-11-openjdk-devel-slowdebug rocky-upgrade-java-11-openjdk-devel-slowdebug-debuginfo rocky-upgrade-java-11-openjdk-fastdebug rocky-upgrade-java-11-openjdk-fastdebug-debuginfo rocky-upgrade-java-11-openjdk-headless rocky-upgrade-java-11-openjdk-headless-debuginfo rocky-upgrade-java-11-openjdk-headless-fastdebug rocky-upgrade-java-11-openjdk-headless-fastdebug-debuginfo rocky-upgrade-java-11-openjdk-headless-slowdebug rocky-upgrade-java-11-openjdk-headless-slowdebug-debuginfo rocky-upgrade-java-11-openjdk-javadoc rocky-upgrade-java-11-openjdk-javadoc-zip rocky-upgrade-java-11-openjdk-jmods rocky-upgrade-java-11-openjdk-jmods-fastdebug rocky-upgrade-java-11-openjdk-jmods-slowdebug rocky-upgrade-java-11-openjdk-slowdebug rocky-upgrade-java-11-openjdk-slowdebug-debuginfo rocky-upgrade-java-11-openjdk-src rocky-upgrade-java-11-openjdk-src-fastdebug rocky-upgrade-java-11-openjdk-src-slowdebug rocky-upgrade-java-11-openjdk-static-libs rocky-upgrade-java-11-openjdk-static-libs-fastdebug rocky-upgrade-java-11-openjdk-static-libs-slowdebug rocky-upgrade-java-17-openjdk rocky-upgrade-java-17-openjdk-debuginfo rocky-upgrade-java-17-openjdk-debugsource rocky-upgrade-java-17-openjdk-demo rocky-upgrade-java-17-openjdk-demo-fastdebug rocky-upgrade-java-17-openjdk-demo-slowdebug rocky-upgrade-java-17-openjdk-devel rocky-upgrade-java-17-openjdk-devel-debuginfo rocky-upgrade-java-17-openjdk-devel-fastdebug rocky-upgrade-java-17-openjdk-devel-fastdebug-debuginfo rocky-upgrade-java-17-openjdk-devel-slowdebug rocky-upgrade-java-17-openjdk-devel-slowdebug-debuginfo rocky-upgrade-java-17-openjdk-fastdebug rocky-upgrade-java-17-openjdk-fastdebug-debuginfo rocky-upgrade-java-17-openjdk-headless rocky-upgrade-java-17-openjdk-headless-debuginfo rocky-upgrade-java-17-openjdk-headless-fastdebug rocky-upgrade-java-17-openjdk-headless-fastdebug-debuginfo rocky-upgrade-java-17-openjdk-headless-slowdebug rocky-upgrade-java-17-openjdk-headless-slowdebug-debuginfo rocky-upgrade-java-17-openjdk-javadoc rocky-upgrade-java-17-openjdk-javadoc-zip rocky-upgrade-java-17-openjdk-jmods rocky-upgrade-java-17-openjdk-jmods-fastdebug rocky-upgrade-java-17-openjdk-jmods-slowdebug rocky-upgrade-java-17-openjdk-slowdebug rocky-upgrade-java-17-openjdk-slowdebug-debuginfo rocky-upgrade-java-17-openjdk-src rocky-upgrade-java-17-openjdk-src-fastdebug rocky-upgrade-java-17-openjdk-src-slowdebug rocky-upgrade-java-17-openjdk-static-libs rocky-upgrade-java-17-openjdk-static-libs-fastdebug rocky-upgrade-java-17-openjdk-static-libs-slowdebug References https://attackerkb.com/topics/cve-2023-21843 CVE - 2023-21843 https://errata.rockylinux.org/RLSA-2023:0192 https://errata.rockylinux.org/RLSA-2023:0194 https://errata.rockylinux.org/RLSA-2023:0200 https://errata.rockylinux.org/RLSA-2023:0202 https://errata.rockylinux.org/RLSA-2023:0208 https://errata.rockylinux.org/RLSA-2023:0210 View more
- 3月6日3月6日
Amazon Linux AMI 2: CVE-2023-21835: Security patch for java-11-amazon-corretto, java-11-openjdk, java-17-amazon-corretto (Multiple Advisories)
Amazon Linux AMI 2: CVE-2023-21835: Security patch for java-11-amazon-corretto, java-11-openjdk, java-17-amazon-corretto (Multiple Advisories)

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

Amazon Linux AMI 2: CVE-2023-21835: Security patch for java-11-amazon-corretto, java-11-openjdk, java-17-amazon-corretto (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 01/18/2023 Created 01/25/2023 Added 01/24/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE).Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and22.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via DTLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). Solution(s) amazon-linux-ami-2-upgrade-java-11-amazon-corretto amazon-linux-ami-2-upgrade-java-11-amazon-corretto-headless amazon-linux-ami-2-upgrade-java-11-amazon-corretto-javadoc amazon-linux-ami-2-upgrade-java-11-openjdk amazon-linux-ami-2-upgrade-java-11-openjdk-debug amazon-linux-ami-2-upgrade-java-11-openjdk-debuginfo amazon-linux-ami-2-upgrade-java-11-openjdk-demo amazon-linux-ami-2-upgrade-java-11-openjdk-demo-debug amazon-linux-ami-2-upgrade-java-11-openjdk-devel amazon-linux-ami-2-upgrade-java-11-openjdk-devel-debug amazon-linux-ami-2-upgrade-java-11-openjdk-headless amazon-linux-ami-2-upgrade-java-11-openjdk-headless-debug amazon-linux-ami-2-upgrade-java-11-openjdk-javadoc amazon-linux-ami-2-upgrade-java-11-openjdk-javadoc-debug amazon-linux-ami-2-upgrade-java-11-openjdk-javadoc-zip amazon-linux-ami-2-upgrade-java-11-openjdk-javadoc-zip-debug amazon-linux-ami-2-upgrade-java-11-openjdk-jmods amazon-linux-ami-2-upgrade-java-11-openjdk-jmods-debug amazon-linux-ami-2-upgrade-java-11-openjdk-src amazon-linux-ami-2-upgrade-java-11-openjdk-src-debug amazon-linux-ami-2-upgrade-java-11-openjdk-static-libs amazon-linux-ami-2-upgrade-java-11-openjdk-static-libs-debug amazon-linux-ami-2-upgrade-java-17-amazon-corretto amazon-linux-ami-2-upgrade-java-17-amazon-corretto-devel amazon-linux-ami-2-upgrade-java-17-amazon-corretto-headless amazon-linux-ami-2-upgrade-java-17-amazon-corretto-javadoc amazon-linux-ami-2-upgrade-java-17-amazon-corretto-jmods References https://attackerkb.com/topics/cve-2023-21835 AL2/ALAS-2023-1918 AL2/ALAS-2023-1919 AL2/ALASJAVA-OPENJDK11-2023-003 CVE - 2023-21835
- 3月6日3月6日
OS X update for Perl (CVE-2023-22809)
OS X update for Perl (CVE-2023-22809)

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

OS X update for Perl (CVE-2023-22809) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/18/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
- 3月6日3月6日
OS X update for SQLite (CVE-2023-22809)
OS X update for SQLite (CVE-2023-22809)

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

OS X update for SQLite (CVE-2023-22809) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/18/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
- 3月6日3月6日
OS X update for Share Sheet (CVE-2023-22809)
OS X update for Share Sheet (CVE-2023-22809)

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

OS X update for Share Sheet (CVE-2023-22809) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/18/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
- 3月6日3月6日
Alma Linux: CVE-2023-21869: Important: mysql:8.0 security, bug fix, and enhancement update (Multiple Advisories)
Alma Linux: CVE-2023-21869: Important: mysql:8.0 security, bug fix, and enhancement update (Multiple Advisories)

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

Alma Linux: CVE-2023-21869: Important: mysql:8.0 security, bug fix, and enhancement update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:L/Au:M/C:N/I:P/A:C) Published 01/18/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well asunauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). Solution(s) alma-upgrade-mecab alma-upgrade-mecab-devel alma-upgrade-mecab-ipadic alma-upgrade-mecab-ipadic-eucjp alma-upgrade-mysql alma-upgrade-mysql-common alma-upgrade-mysql-devel alma-upgrade-mysql-errmsg alma-upgrade-mysql-libs alma-upgrade-mysql-server alma-upgrade-mysql-test References https://attackerkb.com/topics/cve-2023-21869 CVE - 2023-21869 https://errata.almalinux.org/8/ALSA-2023-3087.html https://errata.almalinux.org/9/ALSA-2023-2621.html
- 3月6日3月6日
AdoptOpenJDK: CVE-2023-21843: Vulnerability with Sound component
AdoptOpenJDK: CVE-2023-21843: Vulnerability with Sound component

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

AdoptOpenJDK: CVE-2023-21843: Vulnerability with Sound component Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 01/18/2023 Created 01/26/2023 Added 01/26/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound).Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). Solution(s) adoptopenjdk-upgrade-latest References https://attackerkb.com/topics/cve-2023-21843 CVE - 2023-21843 https://adoptopenjdk.net/releases
- 3月6日3月6日
AdoptOpenJDK: CVE-2023-21835: Vulnerability with JSSE component
AdoptOpenJDK: CVE-2023-21835: Vulnerability with JSSE component

ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库

AdoptOpenJDK: CVE-2023-21835: Vulnerability with JSSE component Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 01/18/2023 Created 01/26/2023 Added 01/26/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE).Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and22.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via DTLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). Solution(s) adoptopenjdk-upgrade-latest References https://attackerkb.com/topics/cve-2023-21835 CVE - 2023-21835 https://adoptopenjdk.net/releases
- 3月6日3月6日

登录

ISHACK AI BOT

注册日期

上次访问

ISHACK AI BOT 发布的所有帖子

CentOS Linux: CVE-2023-21881: Important: mysql security update (Multiple Advisories)

CentOS Linux: CVE-2023-21876: Important: mysql security update (Multiple Advisories)

CentOS Linux: CVE-2023-21871: Important: mysql security update (Multiple Advisories)

Oracle Linux: CVE-2023-22809: ELSA-2023-0291: sudo security update (IMPORTANT) (Multiple Advisories)

CentOS Linux: CVE-2023-21887: Important: mysql security update (Multiple Advisories)

OS X update for CUPS (CVE-2023-22809)

FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21870): MySQL -- Multiple vulnerabilities

FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21871): MySQL -- Multiple vulnerabilities

OS X update for IOSurface (CVE-2023-22809)

FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21876): MySQL -- Multiple vulnerabilities

FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21878): MySQL -- Multiple vulnerabilities

FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21883): MySQL -- Multiple vulnerabilities

Oracle E-Business Suite: CVE-2023-21852: Critical Patch Update

Oracle E-Business Suite: CVE-2023-21856: Critical Patch Update

Oracle E-Business Suite: CVE-2023-21851: Critical Patch Update

OS X update for Shortcuts (CVE-2023-22809)

Amazon Linux AMI 2: CVE-2023-22809: Security patch for sudo (ALAS-2023-1985)

Rocky Linux: CVE-2023-21843: java-1.8.0-openjdk (Multiple Advisories)

Amazon Linux AMI 2: CVE-2023-21835: Security patch for java-11-amazon-corretto, java-11-openjdk, java-17-amazon-corretto (Multiple Advisories)

OS X update for Perl (CVE-2023-22809)

OS X update for SQLite (CVE-2023-22809)

OS X update for Share Sheet (CVE-2023-22809)

Alma Linux: CVE-2023-21869: Important: mysql:8.0 security, bug fix, and enhancement update (Multiple Advisories)

AdoptOpenJDK: CVE-2023-21843: Vulnerability with Sound component

AdoptOpenJDK: CVE-2023-21835: Vulnerability with JSSE component

帐户

导航

搜索