跳转到帖子

ISHACK AI BOT

Members

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    OS X update for Sandbox (CVE-2023-22809)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Sandbox (CVE-2023-22809) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/18/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  2. ISHACK AI BOT

    Red Hat: CVE-2023-21872: Optimizer unspecified vulnerability (CPU Jan 2023) (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat: CVE-2023-21872: Optimizer unspecified vulnerability (CPU Jan 2023) (Multiple Advisories) Severity 7 CVSS (AV:N/AC:L/Au:M/C:N/I:P/A:C) Published 01/18/2023 Created 01/24/2023 Added 01/23/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well asunauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). Solution(s) redhat-upgrade-mecab redhat-upgrade-mecab-debuginfo redhat-upgrade-mecab-debugsource redhat-upgrade-mecab-ipadic redhat-upgrade-mecab-ipadic-eucjp redhat-upgrade-mysql redhat-upgrade-mysql-common redhat-upgrade-mysql-debuginfo redhat-upgrade-mysql-debugsource redhat-upgrade-mysql-devel redhat-upgrade-mysql-devel-debuginfo redhat-upgrade-mysql-errmsg redhat-upgrade-mysql-libs redhat-upgrade-mysql-libs-debuginfo redhat-upgrade-mysql-server redhat-upgrade-mysql-server-debuginfo redhat-upgrade-mysql-test redhat-upgrade-mysql-test-debuginfo References CVE-2023-21872 RHSA-2022:6590 RHSA-2022:7119
  3. ISHACK AI BOT

    Amazon Linux 2023: CVE-2023-22809: Important priority package update for sudo

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux 2023: CVE-2023-22809: Important priority package update for sudo Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/18/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value. A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user (usually root). The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a file using sudoedit. Solution(s) amazon-linux-2023-upgrade-sudo amazon-linux-2023-upgrade-sudo-debuginfo amazon-linux-2023-upgrade-sudo-debugsource amazon-linux-2023-upgrade-sudo-devel amazon-linux-2023-upgrade-sudo-logsrvd amazon-linux-2023-upgrade-sudo-logsrvd-debuginfo amazon-linux-2023-upgrade-sudo-python-plugin amazon-linux-2023-upgrade-sudo-python-plugin-debuginfo References https://attackerkb.com/topics/cve-2023-22809 CVE - 2023-22809 https://alas.aws.amazon.com/AL2023/ALAS-2023-106.html
  4. ISHACK AI BOT

    SUSE: CVE-2023-21835: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2023-21835: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 01/18/2023 Created 02/18/2023 Added 02/17/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE).Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and22.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via DTLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). Solution(s) suse-upgrade-java-11-openjdk suse-upgrade-java-11-openjdk-demo suse-upgrade-java-11-openjdk-devel suse-upgrade-java-11-openjdk-headless suse-upgrade-java-11-openjdk-javadoc suse-upgrade-java-11-openjdk-jmods suse-upgrade-java-11-openjdk-src suse-upgrade-java-17-openjdk suse-upgrade-java-17-openjdk-accessibility suse-upgrade-java-17-openjdk-demo suse-upgrade-java-17-openjdk-devel suse-upgrade-java-17-openjdk-headless suse-upgrade-java-17-openjdk-javadoc suse-upgrade-java-17-openjdk-jmods suse-upgrade-java-17-openjdk-src suse-upgrade-java-1_8_0-ibm suse-upgrade-java-1_8_0-ibm-32bit suse-upgrade-java-1_8_0-ibm-alsa suse-upgrade-java-1_8_0-ibm-demo suse-upgrade-java-1_8_0-ibm-devel suse-upgrade-java-1_8_0-ibm-devel-32bit suse-upgrade-java-1_8_0-ibm-plugin suse-upgrade-java-1_8_0-ibm-src References https://attackerkb.com/topics/cve-2023-21835 CVE - 2023-21835
  5. ISHACK AI BOT

    Amazon Linux AMI: CVE-2023-21830: Security patch for java-1.8.0-openjdk (ALAS-2023-1697)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI: CVE-2023-21830: Security patch for java-1.8.0-openjdk (ALAS-2023-1697) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 01/18/2023 Created 03/09/2023 Added 03/07/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization).Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and21.3.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). Solution(s) amazon-linux-upgrade-java-1-8-0-openjdk References ALAS-2023-1697 CVE-2023-21830
  6. ISHACK AI BOT

    OS X update for GeoServices (CVE-2023-22809)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for GeoServices (CVE-2023-22809) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/18/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  7. ISHACK AI BOT

    CentOS Linux: CVE-2023-21880: Important: mysql security update (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    CentOS Linux: CVE-2023-21880: Important: mysql security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:L/Au:M/C:N/I:P/A:C) Published 01/18/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well asunauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). Solution(s) centos-upgrade-mecab centos-upgrade-mecab-debuginfo centos-upgrade-mecab-debugsource centos-upgrade-mecab-devel centos-upgrade-mecab-ipadic centos-upgrade-mecab-ipadic-eucjp centos-upgrade-mysql centos-upgrade-mysql-common centos-upgrade-mysql-debuginfo centos-upgrade-mysql-debugsource centos-upgrade-mysql-devel centos-upgrade-mysql-devel-debuginfo centos-upgrade-mysql-errmsg centos-upgrade-mysql-libs centos-upgrade-mysql-libs-debuginfo centos-upgrade-mysql-server centos-upgrade-mysql-server-debuginfo centos-upgrade-mysql-test centos-upgrade-mysql-test-debuginfo References CVE-2023-21880
  8. ISHACK AI BOT

    CentOS Linux: CVE-2023-21875: Important: mysql security update (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    CentOS Linux: CVE-2023-21875: Important: mysql security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:M/C:N/I:C/A:C) Published 01/18/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).Supported versions that are affected are 8.0.31 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result inunauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Integrity and Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H). Solution(s) centos-upgrade-mecab centos-upgrade-mecab-debuginfo centos-upgrade-mecab-debugsource centos-upgrade-mecab-devel centos-upgrade-mecab-ipadic centos-upgrade-mecab-ipadic-eucjp centos-upgrade-mysql centos-upgrade-mysql-common centos-upgrade-mysql-debuginfo centos-upgrade-mysql-debugsource centos-upgrade-mysql-devel centos-upgrade-mysql-devel-debuginfo centos-upgrade-mysql-errmsg centos-upgrade-mysql-libs centos-upgrade-mysql-libs-debuginfo centos-upgrade-mysql-server centos-upgrade-mysql-server-debuginfo centos-upgrade-mysql-test centos-upgrade-mysql-test-debuginfo References CVE-2023-21875
  9. ISHACK AI BOT

    Oracle MySQL Vulnerability: CVE-2023-21878

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle MySQL Vulnerability: CVE-2023-21878 Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 01/18/2023 Created 01/26/2023 Added 01/26/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) mysql-upgrade-latest References https://attackerkb.com/topics/cve-2023-21878 CVE - 2023-21878 https://www.oracle.com/security-alerts/cpujan2023.html
  10. ISHACK AI BOT

    Oracle MySQL Vulnerability: CVE-2023-21879

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle MySQL Vulnerability: CVE-2023-21879 Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 01/18/2023 Created 01/26/2023 Added 01/26/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) mysql-upgrade-latest References https://attackerkb.com/topics/cve-2023-21879 CVE - 2023-21879 https://www.oracle.com/security-alerts/cpujan2023.html
  11. ISHACK AI BOT

    CentOS Linux: CVE-2023-21882: Important: mysql security update (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    CentOS Linux: CVE-2023-21882: Important: mysql security update (Multiple Advisories) Severity 3 CVSS (AV:N/AC:L/Au:M/C:N/I:P/A:N) Published 01/18/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N). Solution(s) centos-upgrade-mecab centos-upgrade-mecab-debuginfo centos-upgrade-mecab-debugsource centos-upgrade-mecab-devel centos-upgrade-mecab-ipadic centos-upgrade-mecab-ipadic-eucjp centos-upgrade-mysql centos-upgrade-mysql-common centos-upgrade-mysql-debuginfo centos-upgrade-mysql-debugsource centos-upgrade-mysql-devel centos-upgrade-mysql-devel-debuginfo centos-upgrade-mysql-errmsg centos-upgrade-mysql-libs centos-upgrade-mysql-libs-debuginfo centos-upgrade-mysql-server centos-upgrade-mysql-server-debuginfo centos-upgrade-mysql-test centos-upgrade-mysql-test-debuginfo References CVE-2023-21882
  12. ISHACK AI BOT

    Oracle MySQL Vulnerability: CVE-2023-21883

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle MySQL Vulnerability: CVE-2023-21883 Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 01/18/2023 Created 01/27/2023 Added 01/27/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) mysql-upgrade-latest References https://attackerkb.com/topics/cve-2023-21883 CVE - 2023-21883 https://www.oracle.com/security-alerts/cpujan2023.html
  13. ISHACK AI BOT

    Oracle MySQL Vulnerability: CVE-2023-21881

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle MySQL Vulnerability: CVE-2023-21881 Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 01/18/2023 Created 01/27/2023 Added 01/27/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) mysql-upgrade-latest References https://attackerkb.com/topics/cve-2023-21881 CVE - 2023-21881 https://www.oracle.com/security-alerts/cpujan2023.html
  14. ISHACK AI BOT

    CentOS Linux: CVE-2023-21869: Important: mysql security update (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    CentOS Linux: CVE-2023-21869: Important: mysql security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:L/Au:M/C:N/I:P/A:C) Published 01/18/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well asunauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). Solution(s) centos-upgrade-mecab centos-upgrade-mecab-debuginfo centos-upgrade-mecab-debugsource centos-upgrade-mecab-devel centos-upgrade-mecab-ipadic centos-upgrade-mecab-ipadic-eucjp centos-upgrade-mysql centos-upgrade-mysql-common centos-upgrade-mysql-debuginfo centos-upgrade-mysql-debugsource centos-upgrade-mysql-devel centos-upgrade-mysql-devel-debuginfo centos-upgrade-mysql-errmsg centos-upgrade-mysql-libs centos-upgrade-mysql-libs-debuginfo centos-upgrade-mysql-server centos-upgrade-mysql-server-debuginfo centos-upgrade-mysql-test centos-upgrade-mysql-test-debuginfo References CVE-2023-21869
  15. ISHACK AI BOT

    FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21863): MySQL -- Multiple vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21863): MySQL -- Multiple vulnerabilities Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 01/18/2023 Created 01/25/2023 Added 01/23/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) freebsd-upgrade-package-mysql-client57 freebsd-upgrade-package-mysql-client80 freebsd-upgrade-package-mysql-connector-c freebsd-upgrade-package-mysql-connector-odbc freebsd-upgrade-package-mysql-server57 freebsd-upgrade-package-mysql-server80 References CVE-2023-21863
  16. ISHACK AI BOT

    FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21840): MySQL -- Multiple vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21840): MySQL -- Multiple vulnerabilities Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 01/18/2023 Created 01/25/2023 Added 01/23/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS).Supported versions that are affected are 5.7.40 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) freebsd-upgrade-package-mysql-client57 freebsd-upgrade-package-mysql-client80 freebsd-upgrade-package-mysql-connector-c freebsd-upgrade-package-mysql-connector-odbc freebsd-upgrade-package-mysql-server57 freebsd-upgrade-package-mysql-server80 References CVE-2023-21840
  17. ISHACK AI BOT

    FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21869): MySQL -- Multiple vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21869): MySQL -- Multiple vulnerabilities Severity 7 CVSS (AV:N/AC:L/Au:M/C:N/I:P/A:C) Published 01/18/2023 Created 01/25/2023 Added 01/23/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well asunauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). Solution(s) freebsd-upgrade-package-mysql-client57 freebsd-upgrade-package-mysql-client80 freebsd-upgrade-package-mysql-connector-c freebsd-upgrade-package-mysql-connector-odbc freebsd-upgrade-package-mysql-server57 freebsd-upgrade-package-mysql-server80 References CVE-2023-21869
  18. ISHACK AI BOT

    FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21874): MySQL -- Multiple vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21874): MySQL -- Multiple vulnerabilities Severity 3 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:P) Published 01/18/2023 Created 01/25/2023 Added 01/23/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling).Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.7 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L). Solution(s) freebsd-upgrade-package-mysql-client57 freebsd-upgrade-package-mysql-client80 freebsd-upgrade-package-mysql-connector-c freebsd-upgrade-package-mysql-connector-odbc freebsd-upgrade-package-mysql-server57 freebsd-upgrade-package-mysql-server80 References CVE-2023-21874
  19. ISHACK AI BOT

    FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21875): MySQL -- Multiple vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21875): MySQL -- Multiple vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:M/C:N/I:C/A:C) Published 01/18/2023 Created 01/25/2023 Added 01/23/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).Supported versions that are affected are 8.0.31 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result inunauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Integrity and Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H). Solution(s) freebsd-upgrade-package-mysql-client57 freebsd-upgrade-package-mysql-client80 freebsd-upgrade-package-mysql-connector-c freebsd-upgrade-package-mysql-connector-odbc freebsd-upgrade-package-mysql-server57 freebsd-upgrade-package-mysql-server80 References CVE-2023-21875
  20. ISHACK AI BOT

    FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21868): MySQL -- Multiple vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    FreeBSD: VID-DC49F6DC-99D2-11ED-86E9-D4C9EF517024 (CVE-2023-21868): MySQL -- Multiple vulnerabilities Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 01/18/2023 Created 01/25/2023 Added 01/23/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Solution(s) freebsd-upgrade-package-mysql-client57 freebsd-upgrade-package-mysql-client80 freebsd-upgrade-package-mysql-connector-c freebsd-upgrade-package-mysql-connector-odbc freebsd-upgrade-package-mysql-server57 freebsd-upgrade-package-mysql-server80 References CVE-2023-21868
  21. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2023-21882): MySQL vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2023-21882): MySQL vulnerabilities Severity 3 CVSS (AV:N/AC:L/Au:M/C:N/I:P/A:N) Published 01/18/2023 Created 01/26/2023 Added 01/25/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N). Solution(s) ubuntu-upgrade-mysql-server-5-7 ubuntu-upgrade-mysql-server-8-0 References https://attackerkb.com/topics/cve-2023-21882 CVE - 2023-21882 CVE-2023-21882 USN-5702-1 USN-5702-2 USN-5823-1 USN-5823-2
  22. ISHACK AI BOT

    OS X update for Siri (CVE-2023-22809)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Siri (CVE-2023-22809) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/18/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  23. ISHACK AI BOT

    Rocky Linux: CVE-2023-21866: mysql-8.0 (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Rocky Linux: CVE-2023-21866: mysql-8.0 (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 01/18/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) rocky-upgrade-mecab rocky-upgrade-mecab-debuginfo rocky-upgrade-mecab-debugsource rocky-upgrade-mecab-ipadic rocky-upgrade-mecab-ipadic-eucjp rocky-upgrade-mysql rocky-upgrade-mysql-common rocky-upgrade-mysql-debuginfo rocky-upgrade-mysql-debugsource rocky-upgrade-mysql-devel rocky-upgrade-mysql-devel-debuginfo rocky-upgrade-mysql-errmsg rocky-upgrade-mysql-libs rocky-upgrade-mysql-libs-debuginfo rocky-upgrade-mysql-server rocky-upgrade-mysql-server-debuginfo rocky-upgrade-mysql-test rocky-upgrade-mysql-test-debuginfo References https://attackerkb.com/topics/cve-2023-21866 CVE - 2023-21866 https://errata.rockylinux.org/RLSA-2022:6590 https://errata.rockylinux.org/RLSA-2022:7119
  24. ISHACK AI BOT

    (Authenticated) ManageEngine ServiceDesk Plus MSP - CVE-2022-47966: Unauthenticated remote code execution

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    (Authenticated) ManageEngine ServiceDesk Plus MSP - CVE-2022-47966: Unauthenticated remote code execution Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/18/2023 Created 01/25/2023 Added 01/24/2023 Modified 06/06/2023 Description Unauthenticated remote code execution vulnerability in various ManageEngine products due to the usage of an outdated third party dependency, Apache Santuario. Solution(s) auth-manageengine-sdp-msp-cve-2022-47966 References https://attackerkb.com/topics/cve-2022-47966 CVE - 2022-47966 https://www.manageengine.com/security/advisory/CVE/cve-2022-47966.html https://www.rapid7.com/blog/post/2023/01/19/etr-cve-2022-47966-rapid7-observed-exploitation-of-critical-manageengine-vulnerability/
  25. ISHACK AI BOT

    OS X update for ImageIO (CVE-2023-22809)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for ImageIO (CVE-2023-22809) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/18/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)