跳转到帖子

ISHACK AI BOT

Members

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2022-47521): Linux kernel vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2022-47521): Linux kernel vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 12/18/2022 Created 03/29/2023 Added 03/22/2023 Modified 01/28/2025 Description An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi management frames. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1016-gkeop ubuntu-upgrade-linux-image-5-15-0-1025-raspi ubuntu-upgrade-linux-image-5-15-0-1025-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1026-ibm ubuntu-upgrade-linux-image-5-15-0-1026-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1028-gke ubuntu-upgrade-linux-image-5-15-0-1029-kvm ubuntu-upgrade-linux-image-5-15-0-1030-gcp ubuntu-upgrade-linux-image-5-15-0-1030-oracle ubuntu-upgrade-linux-image-5-15-0-1031-aws ubuntu-upgrade-linux-image-5-15-0-1034-azure ubuntu-upgrade-linux-image-5-15-0-1034-azure-fde ubuntu-upgrade-linux-image-5-15-0-67-generic ubuntu-upgrade-linux-image-5-15-0-67-generic-64k ubuntu-upgrade-linux-image-5-15-0-67-generic-lpae ubuntu-upgrade-linux-image-5-15-0-67-lowlatency ubuntu-upgrade-linux-image-5-15-0-67-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1014-raspi ubuntu-upgrade-linux-image-5-19-0-1014-raspi-nolpae ubuntu-upgrade-linux-image-5-19-0-1018-gcp ubuntu-upgrade-linux-image-5-19-0-1018-ibm ubuntu-upgrade-linux-image-5-19-0-1018-lowlatency ubuntu-upgrade-linux-image-5-19-0-1018-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1018-oracle ubuntu-upgrade-linux-image-5-19-0-1019-kvm ubuntu-upgrade-linux-image-5-19-0-1020-aws ubuntu-upgrade-linux-image-5-19-0-1021-azure ubuntu-upgrade-linux-image-5-19-0-35-generic ubuntu-upgrade-linux-image-5-19-0-35-generic-64k ubuntu-upgrade-linux-image-5-19-0-35-generic-lpae ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 References https://attackerkb.com/topics/cve-2022-47521 CVE - 2022-47521 USN-5911-1 USN-5912-1 USN-5929-1 USN-5935-1 USN-5938-1 USN-5941-1 USN-5950-1 USN-5962-1 View more
  2. ISHACK AI BOT

    Alpine Linux: CVE-2022-4603: Improper Restriction of Operations within the Bounds of a Memory Buffer

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2022-4603: Improper Restriction of Operations within the Bounds of a Memory Buffer Severity 4 CVSS (AV:A/AC:H/Au:S/C:P/I:P/A:P) Published 12/18/2022 Created 04/09/2024 Added 03/26/2024 Modified 10/14/2024 Description A vulnerability classified as problematic has been found in ppp. Affected is the function dumpppp of the file pppdump/pppdump.c of the component pppdump. The manipulation of the argument spkt.buf/rpkt.buf leads to improper validation of array index. The real existence of this vulnerability is still doubted at the moment. The name of the patch is a75fb7b198eed50d769c80c36629f38346882cbf. It is recommended to apply a patch to fix this issue. VDB-216198 is the identifier assigned to this vulnerability. NOTE: pppdump is not used in normal process of setting up a PPP connection, is not installed setuid-root, and is not invoked automatically in any scenario. Solution(s) alpine-linux-upgrade-ppp References https://attackerkb.com/topics/cve-2022-4603 CVE - 2022-4603 https://security.alpinelinux.org/vuln/CVE-2022-4603
  3. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2022-47518): Linux kernel vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2022-47518): Linux kernel vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 12/18/2022 Created 03/29/2023 Added 03/22/2023 Modified 01/28/2025 Description An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1016-gkeop ubuntu-upgrade-linux-image-5-15-0-1025-raspi ubuntu-upgrade-linux-image-5-15-0-1025-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1026-ibm ubuntu-upgrade-linux-image-5-15-0-1026-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1028-gke ubuntu-upgrade-linux-image-5-15-0-1029-kvm ubuntu-upgrade-linux-image-5-15-0-1030-gcp ubuntu-upgrade-linux-image-5-15-0-1030-oracle ubuntu-upgrade-linux-image-5-15-0-1031-aws ubuntu-upgrade-linux-image-5-15-0-1034-azure ubuntu-upgrade-linux-image-5-15-0-1034-azure-fde ubuntu-upgrade-linux-image-5-15-0-67-generic ubuntu-upgrade-linux-image-5-15-0-67-generic-64k ubuntu-upgrade-linux-image-5-15-0-67-generic-lpae ubuntu-upgrade-linux-image-5-15-0-67-lowlatency ubuntu-upgrade-linux-image-5-15-0-67-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1014-raspi ubuntu-upgrade-linux-image-5-19-0-1014-raspi-nolpae ubuntu-upgrade-linux-image-5-19-0-1018-gcp ubuntu-upgrade-linux-image-5-19-0-1018-ibm ubuntu-upgrade-linux-image-5-19-0-1018-lowlatency ubuntu-upgrade-linux-image-5-19-0-1018-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1018-oracle ubuntu-upgrade-linux-image-5-19-0-1019-kvm ubuntu-upgrade-linux-image-5-19-0-1020-aws ubuntu-upgrade-linux-image-5-19-0-1021-azure ubuntu-upgrade-linux-image-5-19-0-35-generic ubuntu-upgrade-linux-image-5-19-0-35-generic-64k ubuntu-upgrade-linux-image-5-19-0-35-generic-lpae ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 References https://attackerkb.com/topics/cve-2022-47518 CVE - 2022-47518 USN-5911-1 USN-5912-1 USN-5929-1 USN-5935-1 USN-5938-1 USN-5941-1 USN-5950-1 USN-5962-1 View more
  4. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2022-47520): Linux kernel vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2022-47520): Linux kernel vulnerabilities Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 12/18/2022 Created 03/29/2023 Added 03/22/2023 Modified 01/28/2025 Description An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet. Solution(s) ubuntu-upgrade-linux-image-5-14-0-1058-oem ubuntu-upgrade-linux-image-5-15-0-1016-gkeop ubuntu-upgrade-linux-image-5-15-0-1025-raspi ubuntu-upgrade-linux-image-5-15-0-1025-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1026-ibm ubuntu-upgrade-linux-image-5-15-0-1026-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1028-gke ubuntu-upgrade-linux-image-5-15-0-1029-kvm ubuntu-upgrade-linux-image-5-15-0-1030-gcp ubuntu-upgrade-linux-image-5-15-0-1030-oracle ubuntu-upgrade-linux-image-5-15-0-1031-aws ubuntu-upgrade-linux-image-5-15-0-1034-azure ubuntu-upgrade-linux-image-5-15-0-1034-azure-fde ubuntu-upgrade-linux-image-5-15-0-67-generic ubuntu-upgrade-linux-image-5-15-0-67-generic-64k ubuntu-upgrade-linux-image-5-15-0-67-generic-lpae ubuntu-upgrade-linux-image-5-15-0-67-lowlatency ubuntu-upgrade-linux-image-5-15-0-67-lowlatency-64k ubuntu-upgrade-linux-image-5-17-0-1028-oem ubuntu-upgrade-linux-image-5-19-0-1014-raspi ubuntu-upgrade-linux-image-5-19-0-1014-raspi-nolpae ubuntu-upgrade-linux-image-5-19-0-1018-gcp ubuntu-upgrade-linux-image-5-19-0-1018-ibm ubuntu-upgrade-linux-image-5-19-0-1018-lowlatency ubuntu-upgrade-linux-image-5-19-0-1018-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1018-oracle ubuntu-upgrade-linux-image-5-19-0-1019-kvm ubuntu-upgrade-linux-image-5-19-0-1020-aws ubuntu-upgrade-linux-image-5-19-0-1021-azure ubuntu-upgrade-linux-image-5-19-0-35-generic ubuntu-upgrade-linux-image-5-19-0-35-generic-64k ubuntu-upgrade-linux-image-5-19-0-35-generic-lpae ubuntu-upgrade-linux-image-5-4-0-1045-ibm ubuntu-upgrade-linux-image-5-4-0-1059-bluefield ubuntu-upgrade-linux-image-5-4-0-1065-gkeop ubuntu-upgrade-linux-image-5-4-0-1081-raspi ubuntu-upgrade-linux-image-5-4-0-1087-kvm ubuntu-upgrade-linux-image-5-4-0-1094-oracle ubuntu-upgrade-linux-image-5-4-0-1095-gke ubuntu-upgrade-linux-image-5-4-0-1097-aws ubuntu-upgrade-linux-image-5-4-0-1101-gcp ubuntu-upgrade-linux-image-5-4-0-1104-azure ubuntu-upgrade-linux-image-5-4-0-144-generic ubuntu-upgrade-linux-image-5-4-0-144-generic-lpae ubuntu-upgrade-linux-image-5-4-0-144-lowlatency ubuntu-upgrade-linux-image-6-0-0-1012-oem ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-18-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gke-5-4 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 References https://attackerkb.com/topics/cve-2022-47520 CVE - 2022-47520 USN-5911-1 USN-5912-1 USN-5913-1 USN-5914-1 USN-5917-1 USN-5929-1 USN-5934-1 USN-5935-1 USN-5938-1 USN-5939-1 USN-5940-1 USN-5941-1 USN-5950-1 USN-5951-1 USN-5962-1 USN-6000-1 View more
  5. ISHACK AI BOT

    Debian: CVE-2022-47520: linux -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2022-47520: linux -- security update Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 12/18/2022 Created 12/23/2022 Added 12/22/2022 Modified 01/28/2025 Description An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2022-47520 CVE - 2022-47520 DLA-3244-1
  6. ISHACK AI BOT

    Debian: CVE-2022-47516: sofia-sip -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2022-47516: sofia-sip -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/18/2022 Created 02/24/2023 Added 02/24/2023 Modified 01/28/2025 Description An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.20. It allows remote attackers to cause a denial of service (daemon crash) via a crafted UDP message that leads to a failure of the libsofia-sip-ua/tport/tport.c self assertion. Solution(s) debian-upgrade-sofia-sip References https://attackerkb.com/topics/cve-2022-47516 CVE - 2022-47516 DLA-3334-1 DSA-5410
  7. ISHACK AI BOT

    SUSE: CVE-2022-47520: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2022-47520: SUSE Linux Security Advisory Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 12/18/2022 Created 01/27/2023 Added 01/27/2023 Modified 01/28/2025 Description An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-al suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-dtb-zte suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-optional suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default References https://attackerkb.com/topics/cve-2022-47520 CVE - 2022-47520
  8. ISHACK AI BOT

    VMware Photon OS: CVE-2022-47520

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    VMware Photon OS: CVE-2022-47520 Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 12/18/2022 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2022-47520 CVE - 2022-47520
  9. ISHACK AI BOT

    macOS Dirty Cow Arbitrary File Write Local Privilege Escalation

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    macOS Dirty Cow Arbitrary File Write Local Privilege Escalation Disclosed 12/17/2022 Created 02/02/2023 Description An app may be able to execute arbitrary code with kernel privileges Author(s) Ian Beer Zhuowei Zhang timwr Platform OSX Architectures x64 Development Source Code History
  10. ISHACK AI BOT

    Huawei EulerOS: CVE-2022-4603: ppp security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2022-4603: ppp security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 12/18/2022 Created 03/22/2023 Added 03/20/2023 Modified 01/28/2025 Description A vulnerability classified as problematic has been found in ppp. Affected is the function dumpppp of the file pppdump/pppdump.c of the component pppdump. The manipulation of the argument spkt.buf/rpkt.buf leads to improper validation of array index. The real existence of this vulnerability is still doubted at the moment. The name of the patch is a75fb7b198eed50d769c80c36629f38346882cbf. It is recommended to apply a patch to fix this issue. VDB-216198 is the identifier assigned to this vulnerability. NOTE: pppdump is not used in normal process of setting up a PPP connection, is not installed setuid-root, and is not invoked automatically in any scenario. Solution(s) huawei-euleros-2_0_sp10-upgrade-ppp References https://attackerkb.com/topics/cve-2022-4603 CVE - 2022-4603 EulerOS-SA-2023-1560
  11. ISHACK AI BOT

    SUSE: CVE-2022-2602: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2022-2602: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 12/16/2022 Created 12/20/2022 Added 12/19/2022 Modified 01/28/2025 Description io_uring UAF, Unix SCM garbage collection Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-preempt suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-preempt suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-al suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-dtb-zte suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-preempt suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-optional suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-preempt-extra suse-upgrade-kernel-preempt-livepatch-devel suse-upgrade-kernel-preempt-optional suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-preempt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-preempt suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-preempt References https://attackerkb.com/topics/cve-2022-2602 CVE - 2022-2602
  12. ISHACK AI BOT

    Amazon Linux 2023: CVE-2022-38023: Important priority package update for samba

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux 2023: CVE-2022-38023: Important priority package update for samba Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 12/16/2022 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Netlogon RPC Elevation of Privilege Vulnerability A flaw was found in samba. The Netlogon RPC implementations may use the rc4-hmac encryption algorithm, which is considered weak and should be avoided even if the client supports more modern encryption types. This issue could allow an attacker who knows the plain text content communicated between the samba client and server to craft data with the same MD5 calculation and replace it without being detected. Solution(s) amazon-linux-2023-upgrade-libnetapi amazon-linux-2023-upgrade-libnetapi-debuginfo amazon-linux-2023-upgrade-libnetapi-devel amazon-linux-2023-upgrade-libsmbclient amazon-linux-2023-upgrade-libsmbclient-debuginfo amazon-linux-2023-upgrade-libsmbclient-devel amazon-linux-2023-upgrade-libwbclient amazon-linux-2023-upgrade-libwbclient-debuginfo amazon-linux-2023-upgrade-libwbclient-devel amazon-linux-2023-upgrade-python3-samba amazon-linux-2023-upgrade-python3-samba-debuginfo amazon-linux-2023-upgrade-python3-samba-devel amazon-linux-2023-upgrade-python3-samba-test amazon-linux-2023-upgrade-samba amazon-linux-2023-upgrade-samba-client amazon-linux-2023-upgrade-samba-client-debuginfo amazon-linux-2023-upgrade-samba-client-libs amazon-linux-2023-upgrade-samba-client-libs-debuginfo amazon-linux-2023-upgrade-samba-common amazon-linux-2023-upgrade-samba-common-libs amazon-linux-2023-upgrade-samba-common-libs-debuginfo amazon-linux-2023-upgrade-samba-common-tools amazon-linux-2023-upgrade-samba-common-tools-debuginfo amazon-linux-2023-upgrade-samba-dcerpc amazon-linux-2023-upgrade-samba-dcerpc-debuginfo amazon-linux-2023-upgrade-samba-dc-libs amazon-linux-2023-upgrade-samba-dc-libs-debuginfo amazon-linux-2023-upgrade-samba-debuginfo amazon-linux-2023-upgrade-samba-debugsource amazon-linux-2023-upgrade-samba-devel amazon-linux-2023-upgrade-samba-krb5-printing amazon-linux-2023-upgrade-samba-krb5-printing-debuginfo amazon-linux-2023-upgrade-samba-ldb-ldap-modules amazon-linux-2023-upgrade-samba-ldb-ldap-modules-debuginfo amazon-linux-2023-upgrade-samba-libs amazon-linux-2023-upgrade-samba-libs-debuginfo amazon-linux-2023-upgrade-samba-pidl amazon-linux-2023-upgrade-samba-test amazon-linux-2023-upgrade-samba-test-debuginfo amazon-linux-2023-upgrade-samba-test-libs amazon-linux-2023-upgrade-samba-test-libs-debuginfo amazon-linux-2023-upgrade-samba-usershares amazon-linux-2023-upgrade-samba-vfs-iouring amazon-linux-2023-upgrade-samba-vfs-iouring-debuginfo amazon-linux-2023-upgrade-samba-winbind amazon-linux-2023-upgrade-samba-winbind-clients amazon-linux-2023-upgrade-samba-winbind-clients-debuginfo amazon-linux-2023-upgrade-samba-winbind-debuginfo amazon-linux-2023-upgrade-samba-winbind-krb5-locator amazon-linux-2023-upgrade-samba-winbind-krb5-locator-debuginfo amazon-linux-2023-upgrade-samba-winbind-modules amazon-linux-2023-upgrade-samba-winbind-modules-debuginfo References https://attackerkb.com/topics/cve-2022-38023 CVE - 2022-38023 https://alas.aws.amazon.com/AL2023/ALAS-2023-032.html
  13. ISHACK AI BOT

    CentOS Linux: CVE-2022-46881: Important: firefox security update (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    CentOS Linux: CVE-2022-46881: Important: firefox security update (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 12/16/2022 Created 12/16/2022 Added 12/16/2022 Modified 01/28/2025 Description An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. *Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 106. This vulnerability affects Firefox < 106, Firefox ESR < 102.6, and Thunderbird < 102.6. Solution(s) centos-upgrade-firefox centos-upgrade-firefox-debuginfo centos-upgrade-firefox-debugsource centos-upgrade-thunderbird centos-upgrade-thunderbird-debuginfo centos-upgrade-thunderbird-debugsource References CVE-2022-46881
  14. ISHACK AI BOT

    SUSE: CVE-2022-41858: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2022-41858: SUSE Linux Security Advisory Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 12/16/2022 Created 12/20/2022 Added 12/19/2022 Modified 01/28/2025 Description A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-preempt suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-preempt suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-al suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-dtb-zte suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-preempt suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-base suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-debug suse-upgrade-kernel-debug-base suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-man suse-upgrade-kernel-default-optional suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-ec2 suse-upgrade-kernel-ec2-base suse-upgrade-kernel-ec2-devel suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-base suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-preempt-extra suse-upgrade-kernel-preempt-livepatch-devel suse-upgrade-kernel-preempt-optional suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-trace suse-upgrade-kernel-trace-base suse-upgrade-kernel-trace-devel suse-upgrade-kernel-vanilla suse-upgrade-kernel-vanilla-base suse-upgrade-kernel-vanilla-devel suse-upgrade-kernel-vanilla-livepatch-devel suse-upgrade-kernel-xen suse-upgrade-kernel-xen-base suse-upgrade-kernel-xen-devel suse-upgrade-kernel-zfcpdump suse-upgrade-kernel-zfcpdump-man suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-preempt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-preempt suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-preempt References https://attackerkb.com/topics/cve-2022-41858 CVE - 2022-41858
  15. ISHACK AI BOT

    CentOS Linux: CVE-2022-4130: Important: Satellite 6.14 security and bug fix update (CESA-2023:6818)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    CentOS Linux: CVE-2022-4130: Important: Satellite 6.14 security and bug fix update (CESA-2023:6818) Severity 6 CVSS (AV:N/AC:M/Au:M/C:N/I:C/A:N) Published 12/16/2022 Created 11/14/2023 Added 11/13/2023 Modified 01/28/2025 Description A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server. Solution(s) centos-upgrade-foreman-cli centos-upgrade-python39-pulp_manifest centos-upgrade-rubygem-amazing_print centos-upgrade-rubygem-apipie-bindings centos-upgrade-rubygem-clamp centos-upgrade-rubygem-domain_name centos-upgrade-rubygem-fast_gettext centos-upgrade-rubygem-ffi centos-upgrade-rubygem-ffi-debuginfo centos-upgrade-rubygem-ffi-debugsource centos-upgrade-rubygem-foreman_maintain centos-upgrade-rubygem-gssapi centos-upgrade-rubygem-hammer_cli centos-upgrade-rubygem-hammer_cli_foreman centos-upgrade-rubygem-hammer_cli_foreman_admin centos-upgrade-rubygem-hammer_cli_foreman_ansible centos-upgrade-rubygem-hammer_cli_foreman_azure_rm centos-upgrade-rubygem-hammer_cli_foreman_bootdisk centos-upgrade-rubygem-hammer_cli_foreman_discovery centos-upgrade-rubygem-hammer_cli_foreman_google centos-upgrade-rubygem-hammer_cli_foreman_openscap centos-upgrade-rubygem-hammer_cli_foreman_remote_execution centos-upgrade-rubygem-hammer_cli_foreman_tasks centos-upgrade-rubygem-hammer_cli_foreman_templates centos-upgrade-rubygem-hammer_cli_foreman_virt_who_configure centos-upgrade-rubygem-hammer_cli_foreman_webhooks centos-upgrade-rubygem-hammer_cli_katello centos-upgrade-rubygem-hashie centos-upgrade-rubygem-highline centos-upgrade-rubygem-http-accept centos-upgrade-rubygem-http-cookie centos-upgrade-rubygem-jwt centos-upgrade-rubygem-little-plugger centos-upgrade-rubygem-locale centos-upgrade-rubygem-logging centos-upgrade-rubygem-mime-types centos-upgrade-rubygem-mime-types-data centos-upgrade-rubygem-multi_json centos-upgrade-rubygem-netrc centos-upgrade-rubygem-oauth centos-upgrade-rubygem-oauth-tty centos-upgrade-rubygem-powerbar centos-upgrade-rubygem-rest-client centos-upgrade-rubygem-snaky_hash centos-upgrade-rubygem-unf centos-upgrade-rubygem-unf_ext centos-upgrade-rubygem-unf_ext-debuginfo centos-upgrade-rubygem-unf_ext-debugsource centos-upgrade-rubygem-unicode centos-upgrade-rubygem-unicode-debuginfo centos-upgrade-rubygem-unicode-debugsource centos-upgrade-rubygem-unicode-display_width centos-upgrade-rubygem-version_gem centos-upgrade-satellite centos-upgrade-satellite-branding centos-upgrade-satellite-cli centos-upgrade-satellite-clone centos-upgrade-satellite-maintain References CVE-2022-4130
  16. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2022-20572): Linux kernel (AWS) vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2022-20572): Linux kernel (AWS) vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 12/16/2022 Created 05/05/2023 Added 04/10/2023 Modified 01/28/2025 Description In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel Solution(s) ubuntu-upgrade-linux-image-4-4-0-1117-aws ubuntu-upgrade-linux-image-4-4-0-1118-kvm ubuntu-upgrade-linux-image-4-4-0-1155-aws ubuntu-upgrade-linux-image-4-4-0-239-generic ubuntu-upgrade-linux-image-4-4-0-239-lowlatency ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-lts-xenial References https://attackerkb.com/topics/cve-2022-20572 CVE - 2022-20572 USN-6001-1 USN-6013-1 USN-6014-1
  17. ISHACK AI BOT

    Red Hat: CVE-2022-46700: memory corruption issue leading to arbitrary code execution (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat: CVE-2022-46700: memory corruption issue leading to arbitrary code execution (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 12/15/2022 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. Solution(s) redhat-upgrade-webkit2gtk3 redhat-upgrade-webkit2gtk3-debuginfo redhat-upgrade-webkit2gtk3-debugsource redhat-upgrade-webkit2gtk3-devel redhat-upgrade-webkit2gtk3-devel-debuginfo redhat-upgrade-webkit2gtk3-jsc redhat-upgrade-webkit2gtk3-jsc-debuginfo redhat-upgrade-webkit2gtk3-jsc-devel redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2022-46700 RHSA-2023:2256 RHSA-2023:2834
  18. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2022-20567): Linux kernel vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2022-20567): Linux kernel vulnerabilities Severity 6 CVSS (AV:L/AC:M/Au:M/C:C/I:C/A:C) Published 12/16/2022 Created 03/20/2024 Added 03/19/2024 Modified 01/28/2025 Description In pppol2tp_create of l2tp_ppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-186777253References: Upstream kernel Solution(s) ubuntu-upgrade-linux-image-4-4-0-1129-aws ubuntu-upgrade-linux-image-4-4-0-1130-kvm ubuntu-upgrade-linux-image-4-4-0-1167-aws ubuntu-upgrade-linux-image-4-4-0-252-generic ubuntu-upgrade-linux-image-4-4-0-252-lowlatency ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-lts-xenial References https://attackerkb.com/topics/cve-2022-20567 CVE - 2022-20567 USN-6700-1 USN-6700-2
  19. ISHACK AI BOT

    Red Hat: CVE-2022-46691: memory corruption issue leading to arbitrary code execution (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat: CVE-2022-46691: memory corruption issue leading to arbitrary code execution (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 12/15/2022 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. Solution(s) redhat-upgrade-webkit2gtk3 redhat-upgrade-webkit2gtk3-debuginfo redhat-upgrade-webkit2gtk3-debugsource redhat-upgrade-webkit2gtk3-devel redhat-upgrade-webkit2gtk3-devel-debuginfo redhat-upgrade-webkit2gtk3-jsc redhat-upgrade-webkit2gtk3-jsc-debuginfo redhat-upgrade-webkit2gtk3-jsc-devel redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2022-46691 RHSA-2023:2256 RHSA-2023:2834
  20. ISHACK AI BOT

    Red Hat: CVE-2022-45414: CVE-2022-45414 Mozilla: Quoting from an HTML email with certain tags will trigger network requests and load remote content, regardless of a configuration to block remote content (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat: CVE-2022-45414: CVE-2022-45414 Mozilla: Quoting from an HTML email with certain tags will trigger network requests and load remote content, regardless of a configuration to block remote content (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:N) Published 12/15/2022 Created 12/16/2022 Added 12/16/2022 Modified 01/28/2025 Description If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER attribute or an OBJECT tag with a DATA attribute, a network request to the referenced remote URL was performed, regardless of a configuration to block remote content. An image loaded from the POSTER attribute was shown in the composer window. These issues could have given an attacker additional capabilities when targetting releases that did not yet have a fix for CVE-2022-3033 which was reported around three months ago. This vulnerability affects Thunderbird < 102.5.1. Solution(s) redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2022-45414 RHSA-2022:9074 RHSA-2022:9075 RHSA-2022:9078 RHSA-2022:9079 RHSA-2022:9080 RHSA-2022:9081 View more
  21. ISHACK AI BOT

    Google Chrome Vulnerability: CVE-2022-4440 Use after free in Profiles

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Google Chrome Vulnerability: CVE-2022-4440 Use after free in Profiles Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 12/15/2022 Created 12/15/2022 Added 12/15/2022 Modified 01/28/2025 Description Use after free in Profiles in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2022-4440 CVE - 2022-4440 https://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop_13.html https://crbug.com/1382761
  22. ISHACK AI BOT

    Red Hat: CVE-2022-46692: Same Origin Policy bypass issue (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat: CVE-2022-46692: Same Origin Policy bypass issue (Multiple Advisories) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 12/15/2022 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy. Solution(s) redhat-upgrade-webkit2gtk3 redhat-upgrade-webkit2gtk3-debuginfo redhat-upgrade-webkit2gtk3-debugsource redhat-upgrade-webkit2gtk3-devel redhat-upgrade-webkit2gtk3-devel-debuginfo redhat-upgrade-webkit2gtk3-jsc redhat-upgrade-webkit2gtk3-jsc-debuginfo redhat-upgrade-webkit2gtk3-jsc-devel redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2022-46692 RHSA-2023:2256 RHSA-2023:2834
  23. ISHACK AI BOT

    OS X update for Accounts (CVE-2022-42837)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Accounts (CVE-2022-42837) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/15/2022 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  24. ISHACK AI BOT

    OS X update for AMD (CVE-2022-32942)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for AMD (CVE-2022-32942) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 12/15/2022 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  25. ISHACK AI BOT

    OS X update for AppleMobileFileIntegrity (CVE-2022-42840)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for AppleMobileFileIntegrity (CVE-2022-42840) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 12/15/2022 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)