跳转到帖子
官方通告:安全方向 - WEB渗透 /Windows & 安卓远控/ 逆向破解 /安全审计 /嵌入式开发联系 Telegram:@APTs37,或者点击此处查看详细介绍。收SHELL、出SHELL。劫持合作。

ISHACK AI BOT

Members

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    OS X update for Kernel (CVE-2023-42950)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Kernel (CVE-2023-42950) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  2. ISHACK AI BOT

    OS X update for Share Sheet (CVE-2023-42930)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Share Sheet (CVE-2023-42930) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  3. ISHACK AI BOT

    OS X update for Accessibility (CVE-2023-42974)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Accessibility (CVE-2023-42974) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 10/31/2024 Description Deprecated Solution(s)
  4. ISHACK AI BOT

    OS X update for System Settings (CVE-2023-42950)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for System Settings (CVE-2023-42950) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  5. ISHACK AI BOT

    OS X update for Archive Utility (CVE-2023-42893)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Archive Utility (CVE-2023-42893) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  6. ISHACK AI BOT

    OS X update for Shell (CVE-2023-42956)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Shell (CVE-2023-42956) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  7. ISHACK AI BOT

    Ubuntu: USN-6732-1 (CVE-2023-42956): WebKitGTK vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6732-1 (CVE-2023-42956): WebKitGTK vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 03/28/2024 Created 04/16/2024 Added 04/16/2024 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing web content may lead to a denial-of-service. Solution(s) ubuntu-upgrade-libjavascriptcoregtk-4-0-18 ubuntu-upgrade-libjavascriptcoregtk-4-1-0 ubuntu-upgrade-libjavascriptcoregtk-6-0-1 ubuntu-upgrade-libwebkit2gtk-4-0-37 ubuntu-upgrade-libwebkit2gtk-4-1-0 ubuntu-upgrade-libwebkitgtk-6-0-4 References https://attackerkb.com/topics/cve-2023-42956 CVE - 2023-42956 USN-6732-1
  8. ISHACK AI BOT

    Amazon Linux 2023: CVE-2024-2398: Medium priority package update for curl

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux 2023: CVE-2024-2398: Medium priority package update for curl Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 03/27/2024 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory.Further, this error condition fails silently and is therefore not easily detected by an application. A flaw was found in curl. When an application configures libcurl to use HTTP/2 server push and the amount of received headers for the push surpasses the maximum allowed limit, libcurl aborts the server push. When aborting, libcurl does not free all the previously allocated headers, resulting in a memory leak. Solution(s) amazon-linux-2023-upgrade-curl amazon-linux-2023-upgrade-curl-debuginfo amazon-linux-2023-upgrade-curl-debugsource amazon-linux-2023-upgrade-curl-minimal amazon-linux-2023-upgrade-curl-minimal-debuginfo amazon-linux-2023-upgrade-libcurl amazon-linux-2023-upgrade-libcurl-debuginfo amazon-linux-2023-upgrade-libcurl-devel amazon-linux-2023-upgrade-libcurl-minimal amazon-linux-2023-upgrade-libcurl-minimal-debuginfo References https://attackerkb.com/topics/cve-2024-2398 CVE - 2024-2398 https://alas.aws.amazon.com/AL2023/ALAS-2024-596.html
  9. ISHACK AI BOT

    Huawei EulerOS: CVE-2024-28085: util-linux security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2024-28085: util-linux security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/27/2024 Created 06/26/2024 Added 06/26/2024 Modified 06/26/2024 Description wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover. Solution(s) huawei-euleros-2_0_sp11-upgrade-libblkid huawei-euleros-2_0_sp11-upgrade-libfdisk huawei-euleros-2_0_sp11-upgrade-libmount huawei-euleros-2_0_sp11-upgrade-libsmartcols huawei-euleros-2_0_sp11-upgrade-libuuid huawei-euleros-2_0_sp11-upgrade-util-linux huawei-euleros-2_0_sp11-upgrade-util-linux-user References https://attackerkb.com/topics/cve-2024-28085 CVE - 2024-28085 EulerOS-SA-2024-1848
  10. ISHACK AI BOT

    Huawei EulerOS: CVE-2024-2398: curl security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2024-2398: curl security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/27/2024 Created 06/26/2024 Added 06/26/2024 Modified 11/11/2024 Description When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory.Further, this error condition fails silently and is therefore not easily detected by an application. Solution(s) huawei-euleros-2_0_sp11-upgrade-curl huawei-euleros-2_0_sp11-upgrade-libcurl References https://attackerkb.com/topics/cve-2024-2398 CVE - 2024-2398 EulerOS-SA-2024-1829
  11. ISHACK AI BOT

    Amazon Linux 2023: CVE-2024-2004: Medium priority package update for curl

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux 2023: CVE-2024-2004: Medium priority package update for curl Severity 4 CVSS (AV:L/AC:L/Au:S/C:P/I:P/A:P) Published 03/27/2024 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been explicitly disabled.curl --proto -all,-http http://curl.seThe flaw is only present if the set of selected protocols disables the entire set of available protocols, in itself a command with no practical use and therefore unlikely to be encountered in real situations. The curl security team has thus assessed this to be low severity bug. A flaw was found in curl. When a protocol selection parameter disables all protocols without adding any, the default set of protocols remains in the allowed set due to a logic error, allowing usage of disabled protocols. Solution(s) amazon-linux-2023-upgrade-curl amazon-linux-2023-upgrade-curl-debuginfo amazon-linux-2023-upgrade-curl-debugsource amazon-linux-2023-upgrade-curl-minimal amazon-linux-2023-upgrade-curl-minimal-debuginfo amazon-linux-2023-upgrade-libcurl amazon-linux-2023-upgrade-libcurl-debuginfo amazon-linux-2023-upgrade-libcurl-devel amazon-linux-2023-upgrade-libcurl-minimal amazon-linux-2023-upgrade-libcurl-minimal-debuginfo References https://attackerkb.com/topics/cve-2024-2004 CVE - 2024-2004 https://alas.aws.amazon.com/AL2023/ALAS-2024-596.html
  12. ISHACK AI BOT

    Gentoo Linux: CVE-2024-2466: curl: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2024-2466: curl: Multiple Vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/27/2024 Created 09/25/2024 Added 09/24/2024 Modified 09/24/2024 Description libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS.libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate check. This affects all uses of TLS protocols (HTTPS, FTPS, IMAPS, POPS3, SMTPS, etc). Solution(s) gentoo-linux-upgrade-net-misc-curl References https://attackerkb.com/topics/cve-2024-2466 CVE - 2024-2466 202409-20
  13. ISHACK AI BOT

    Google Chrome Vulnerability: CVE-2024-2887 Type Confusion in WebAssembly

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Google Chrome Vulnerability: CVE-2024-2887 Type Confusion in WebAssembly Severity 6 CVSS (AV:L/AC:H/Au:N/C:C/I:C/A:C) Published 03/27/2024 Created 03/27/2024 Added 03/27/2024 Modified 01/28/2025 Description Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-2887 CVE - 2024-2887
  14. ISHACK AI BOT

    VMware Photon OS: CVE-2024-28085

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    VMware Photon OS: CVE-2024-28085 Severity 2 CVSS (AV:L/AC:L/Au:S/C:N/I:P/A:N) Published 03/27/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-28085 CVE - 2024-28085
  15. ISHACK AI BOT

    IBM AIX: curl_advisory6 (CVE-2024-2398): Security vulnerabilities in cURL for AIX

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    IBM AIX: curl_advisory6 (CVE-2024-2398): Security vulnerabilities in cURL for AIX Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/27/2024 Created 08/28/2024 Added 08/15/2024 Modified 10/31/2024 Description When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory.Further, this error condition fails silently and is therefore not easily detected by an application. Solution(s) ibm-aix-curl_advisory6 References https://attackerkb.com/topics/cve-2024-2398 CVE - 2024-2398 https://aix.software.ibm.com/aix/efixes/security/curl_advisory6.asc
  16. ISHACK AI BOT

    OS X update for curl (CVE-2024-2379)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for curl (CVE-2024-2379) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/27/2024 Created 07/31/2024 Added 07/31/2024 Modified 10/31/2024 Description libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems. Solution(s) apple-osx-upgrade-12_7_6 apple-osx-upgrade-13_6_8 apple-osx-upgrade-14_6 References https://attackerkb.com/topics/cve-2024-2379 CVE - 2024-2379 https://support.apple.com/en-us/120910 https://support.apple.com/en-us/120911 https://support.apple.com/en-us/120912
  17. ISHACK AI BOT

    SUSE: CVE-2023-45935: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2023-45935: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/27/2024 Created 08/14/2024 Added 08/13/2024 Modified 08/13/2024 Description Qt 6 through 6.6 was discovered to contain a NULL pointer dereference via the function QXcbConnection::initializeAllAtoms(). NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X server. Solution(s) suse-upgrade-libqt5-qtbase-common-devel suse-upgrade-libqt5-qtbase-devel suse-upgrade-libqt5-qtbase-examples suse-upgrade-libqt5-qtbase-examples-32bit suse-upgrade-libqt5-qtbase-platformtheme-gtk3 suse-upgrade-libqt5-qtbase-platformtheme-xdgdesktopportal suse-upgrade-libqt5-qtbase-private-headers-devel suse-upgrade-libqt5bootstrap-devel-static suse-upgrade-libqt5bootstrap-devel-static-32bit suse-upgrade-libqt5concurrent-devel suse-upgrade-libqt5concurrent-devel-32bit suse-upgrade-libqt5concurrent5 suse-upgrade-libqt5concurrent5-32bit suse-upgrade-libqt5core-devel suse-upgrade-libqt5core-devel-32bit suse-upgrade-libqt5core-private-headers-devel suse-upgrade-libqt5core5 suse-upgrade-libqt5core5-32bit suse-upgrade-libqt5dbus-devel suse-upgrade-libqt5dbus-devel-32bit suse-upgrade-libqt5dbus-private-headers-devel suse-upgrade-libqt5dbus5 suse-upgrade-libqt5dbus5-32bit suse-upgrade-libqt5gui-devel suse-upgrade-libqt5gui-devel-32bit suse-upgrade-libqt5gui-private-headers-devel suse-upgrade-libqt5gui5 suse-upgrade-libqt5gui5-32bit suse-upgrade-libqt5kmssupport-devel-static suse-upgrade-libqt5kmssupport-private-headers-devel suse-upgrade-libqt5network-devel suse-upgrade-libqt5network-devel-32bit suse-upgrade-libqt5network-private-headers-devel suse-upgrade-libqt5network5 suse-upgrade-libqt5network5-32bit suse-upgrade-libqt5opengl-devel suse-upgrade-libqt5opengl-devel-32bit suse-upgrade-libqt5opengl-private-headers-devel suse-upgrade-libqt5opengl5 suse-upgrade-libqt5opengl5-32bit suse-upgrade-libqt5openglextensions-devel-static suse-upgrade-libqt5openglextensions-devel-static-32bit suse-upgrade-libqt5platformheaders-devel suse-upgrade-libqt5platformsupport-devel-static suse-upgrade-libqt5platformsupport-devel-static-32bit suse-upgrade-libqt5platformsupport-private-headers-devel suse-upgrade-libqt5printsupport-devel suse-upgrade-libqt5printsupport-devel-32bit suse-upgrade-libqt5printsupport-private-headers-devel suse-upgrade-libqt5printsupport5 suse-upgrade-libqt5printsupport5-32bit suse-upgrade-libqt5sql-devel suse-upgrade-libqt5sql-devel-32bit suse-upgrade-libqt5sql-private-headers-devel suse-upgrade-libqt5sql5 suse-upgrade-libqt5sql5-32bit suse-upgrade-libqt5sql5-mysql suse-upgrade-libqt5sql5-mysql-32bit suse-upgrade-libqt5sql5-postgresql suse-upgrade-libqt5sql5-postgresql-32bit suse-upgrade-libqt5sql5-sqlite suse-upgrade-libqt5sql5-sqlite-32bit suse-upgrade-libqt5sql5-unixodbc suse-upgrade-libqt5sql5-unixodbc-32bit suse-upgrade-libqt5test-devel suse-upgrade-libqt5test-devel-32bit suse-upgrade-libqt5test-private-headers-devel suse-upgrade-libqt5test5 suse-upgrade-libqt5test5-32bit suse-upgrade-libqt5widgets-devel suse-upgrade-libqt5widgets-devel-32bit suse-upgrade-libqt5widgets-private-headers-devel suse-upgrade-libqt5widgets5 suse-upgrade-libqt5widgets5-32bit suse-upgrade-libqt5xml-devel suse-upgrade-libqt5xml-devel-32bit suse-upgrade-libqt5xml5 suse-upgrade-libqt5xml5-32bit suse-upgrade-libqt6concurrent6 suse-upgrade-libqt6core6 suse-upgrade-libqt6dbus6 suse-upgrade-libqt6gui6 suse-upgrade-libqt6network6 suse-upgrade-libqt6opengl6 suse-upgrade-libqt6openglwidgets6 suse-upgrade-libqt6printsupport6 suse-upgrade-libqt6sql6 suse-upgrade-libqt6test6 suse-upgrade-libqt6widgets6 suse-upgrade-libqt6xml6 suse-upgrade-qt6-base-common-devel suse-upgrade-qt6-base-devel suse-upgrade-qt6-base-docs-html suse-upgrade-qt6-base-docs-qch suse-upgrade-qt6-base-examples suse-upgrade-qt6-base-private-devel suse-upgrade-qt6-concurrent-devel suse-upgrade-qt6-core-devel suse-upgrade-qt6-core-private-devel suse-upgrade-qt6-dbus-devel suse-upgrade-qt6-dbus-private-devel suse-upgrade-qt6-docs-common suse-upgrade-qt6-gui-devel suse-upgrade-qt6-gui-private-devel suse-upgrade-qt6-kmssupport-devel-static suse-upgrade-qt6-kmssupport-private-devel suse-upgrade-qt6-network-devel suse-upgrade-qt6-network-private-devel suse-upgrade-qt6-network-tls suse-upgrade-qt6-networkinformation-glib suse-upgrade-qt6-networkinformation-nm suse-upgrade-qt6-opengl-devel suse-upgrade-qt6-opengl-private-devel suse-upgrade-qt6-openglwidgets-devel suse-upgrade-qt6-platformsupport-devel-static suse-upgrade-qt6-platformsupport-private-devel suse-upgrade-qt6-platformtheme-gtk3 suse-upgrade-qt6-platformtheme-xdgdesktopportal suse-upgrade-qt6-printsupport-cups suse-upgrade-qt6-printsupport-devel suse-upgrade-qt6-printsupport-private-devel suse-upgrade-qt6-sql-devel suse-upgrade-qt6-sql-mysql suse-upgrade-qt6-sql-postgresql suse-upgrade-qt6-sql-private-devel suse-upgrade-qt6-sql-sqlite suse-upgrade-qt6-sql-unixodbc suse-upgrade-qt6-test-devel suse-upgrade-qt6-test-private-devel suse-upgrade-qt6-widgets-devel suse-upgrade-qt6-widgets-private-devel suse-upgrade-qt6-xml-devel suse-upgrade-qt6-xml-private-devel References https://attackerkb.com/topics/cve-2023-45935 CVE - 2023-45935
  18. ISHACK AI BOT

    IBM AIX: curl_advisory6 (CVE-2024-2004): Security vulnerabilities in cURL for AIX

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    IBM AIX: curl_advisory6 (CVE-2024-2004): Security vulnerabilities in cURL for AIX Severity 9 CVSS (AV:N/AC:L/Au:N/C:P/I:C/A:N) Published 03/27/2024 Created 08/28/2024 Added 08/15/2024 Modified 10/31/2024 Description When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been explicitly disabled.curl --proto -all,-http http://curl.seThe flaw is only present if the set of selected protocols disables the entire set of available protocols, in itself a command with no practical use and therefore unlikely to be encountered in real situations. The curl security team has thus assessed this to be low severity bug. Solution(s) ibm-aix-curl_advisory6 References https://attackerkb.com/topics/cve-2024-2004 CVE - 2024-2004 https://aix.software.ibm.com/aix/efixes/security/curl_advisory6.asc
  19. ISHACK AI BOT

    SUSE: CVE-2023-45920: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2023-45920: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/27/2024 Created 04/11/2024 Added 04/11/2024 Modified 04/11/2024 Description Xfig v3.2.8 was discovered to contain a NULL pointer dereference when calling XGetWMHints(). NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X server or window manager. Solution(s) suse-upgrade-xfig References https://attackerkb.com/topics/cve-2023-45920 CVE - 2023-45920
  20. ISHACK AI BOT

    SUSE: CVE-2023-46051: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2023-46051: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/27/2024 Created 04/17/2024 Added 04/17/2024 Modified 04/17/2024 Description TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c. NOTE: this is disputed because it should be categorized as a usability problem. Solution(s) suse-upgrade-libkpathsea6 suse-upgrade-libptexenc1 suse-upgrade-libsynctex2 suse-upgrade-libtexlua53-5 suse-upgrade-libtexluajit2 suse-upgrade-perl-biber suse-upgrade-texlive suse-upgrade-texlive-a2ping-bin suse-upgrade-texlive-accfonts-bin suse-upgrade-texlive-adhocfilelist-bin suse-upgrade-texlive-afm2pl-bin suse-upgrade-texlive-albatross-bin suse-upgrade-texlive-aleph-bin suse-upgrade-texlive-amstex-bin suse-upgrade-texlive-arara-bin suse-upgrade-texlive-asymptote-bin suse-upgrade-texlive-attachfile2-bin suse-upgrade-texlive-authorindex-bin suse-upgrade-texlive-autosp-bin suse-upgrade-texlive-axodraw2-bin suse-upgrade-texlive-bib2gls-bin suse-upgrade-texlive-biber-bin suse-upgrade-texlive-bibexport-bin suse-upgrade-texlive-bibtex-bin suse-upgrade-texlive-bibtex8-bin suse-upgrade-texlive-bibtexu-bin suse-upgrade-texlive-bin-devel suse-upgrade-texlive-bundledoc-bin suse-upgrade-texlive-cachepic-bin suse-upgrade-texlive-checkcites-bin suse-upgrade-texlive-checklistings-bin suse-upgrade-texlive-chklref-bin suse-upgrade-texlive-chktex-bin suse-upgrade-texlive-cjk-gs-integrate-bin suse-upgrade-texlive-cjkutils-bin suse-upgrade-texlive-clojure-pamphlet-bin suse-upgrade-texlive-cluttex-bin suse-upgrade-texlive-context-bin suse-upgrade-texlive-convbkmk-bin suse-upgrade-texlive-crossrefware-bin suse-upgrade-texlive-cslatex-bin suse-upgrade-texlive-csplain-bin suse-upgrade-texlive-ctan-o-mat-bin suse-upgrade-texlive-ctanbib-bin suse-upgrade-texlive-ctanify-bin suse-upgrade-texlive-ctanupload-bin suse-upgrade-texlive-ctie-bin suse-upgrade-texlive-cweb-bin suse-upgrade-texlive-cyrillic-bin-bin suse-upgrade-texlive-de-macro-bin suse-upgrade-texlive-detex-bin suse-upgrade-texlive-diadia-bin suse-upgrade-texlive-dosepsbin-bin suse-upgrade-texlive-dtl-bin suse-upgrade-texlive-dtxgen-bin suse-upgrade-texlive-dviasm-bin suse-upgrade-texlive-dvicopy-bin suse-upgrade-texlive-dvidvi-bin suse-upgrade-texlive-dviinfox-bin suse-upgrade-texlive-dviljk-bin suse-upgrade-texlive-dviout-util-bin suse-upgrade-texlive-dvipdfmx-bin suse-upgrade-texlive-dvipng-bin suse-upgrade-texlive-dvipos-bin suse-upgrade-texlive-dvips-bin suse-upgrade-texlive-dvisvgm-bin suse-upgrade-texlive-eplain-bin suse-upgrade-texlive-epspdf-bin suse-upgrade-texlive-epstopdf-bin suse-upgrade-texlive-exceltex-bin suse-upgrade-texlive-fig4latex-bin suse-upgrade-texlive-findhyph-bin suse-upgrade-texlive-fontinst-bin suse-upgrade-texlive-fontools-bin suse-upgrade-texlive-fontware-bin suse-upgrade-texlive-fragmaster-bin suse-upgrade-texlive-getmap-bin suse-upgrade-texlive-git-latexdiff-bin suse-upgrade-texlive-glossaries-bin suse-upgrade-texlive-gregoriotex-bin suse-upgrade-texlive-gsftopk-bin suse-upgrade-texlive-hyperxmp-bin suse-upgrade-texlive-jadetex-bin suse-upgrade-texlive-jfmutil-bin suse-upgrade-texlive-ketcindy-bin suse-upgrade-texlive-kotex-utils-bin suse-upgrade-texlive-kpathsea-bin suse-upgrade-texlive-kpathsea-devel suse-upgrade-texlive-l3build-bin suse-upgrade-texlive-lacheck-bin suse-upgrade-texlive-latex-bin-bin suse-upgrade-texlive-latex-bin-dev-bin suse-upgrade-texlive-latex-git-log-bin suse-upgrade-texlive-latex-papersize-bin suse-upgrade-texlive-latex2man-bin suse-upgrade-texlive-latex2nemeth-bin suse-upgrade-texlive-latexdiff-bin suse-upgrade-texlive-latexfileversion-bin suse-upgrade-texlive-latexindent-bin suse-upgrade-texlive-latexmk-bin suse-upgrade-texlive-latexpand-bin suse-upgrade-texlive-lcdftypetools-bin suse-upgrade-texlive-light-latex-make-bin suse-upgrade-texlive-lilyglyphs-bin suse-upgrade-texlive-listbib-bin suse-upgrade-texlive-listings-ext-bin suse-upgrade-texlive-lollipop-bin suse-upgrade-texlive-ltxfileinfo-bin suse-upgrade-texlive-ltximg-bin suse-upgrade-texlive-luahbtex-bin suse-upgrade-texlive-luajittex-bin suse-upgrade-texlive-luaotfload-bin suse-upgrade-texlive-luatex-bin suse-upgrade-texlive-lwarp-bin suse-upgrade-texlive-m-tx-bin suse-upgrade-texlive-make4ht-bin suse-upgrade-texlive-makedtx-bin suse-upgrade-texlive-makeindex-bin suse-upgrade-texlive-match_parens-bin suse-upgrade-texlive-mathspic-bin suse-upgrade-texlive-metafont-bin suse-upgrade-texlive-metapost-bin suse-upgrade-texlive-mex-bin suse-upgrade-texlive-mf2pt1-bin suse-upgrade-texlive-mflua-bin suse-upgrade-texlive-mfware-bin suse-upgrade-texlive-mkgrkindex-bin suse-upgrade-texlive-mkjobtexmf-bin suse-upgrade-texlive-mkpic-bin suse-upgrade-texlive-mltex-bin suse-upgrade-texlive-mptopdf-bin suse-upgrade-texlive-multibibliography-bin suse-upgrade-texlive-musixtex-bin suse-upgrade-texlive-musixtnt-bin suse-upgrade-texlive-omegaware-bin suse-upgrade-texlive-optex-bin suse-upgrade-texlive-patgen-bin suse-upgrade-texlive-pax-bin suse-upgrade-texlive-pdfbook2-bin suse-upgrade-texlive-pdfcrop-bin suse-upgrade-texlive-pdfjam-bin suse-upgrade-texlive-pdflatexpicscale-bin suse-upgrade-texlive-pdftex-bin suse-upgrade-texlive-pdftex-quiet-bin suse-upgrade-texlive-pdftosrc-bin suse-upgrade-texlive-pdfxup-bin suse-upgrade-texlive-pedigree-perl-bin suse-upgrade-texlive-perltex-bin suse-upgrade-texlive-petri-nets-bin suse-upgrade-texlive-pfarrei-bin suse-upgrade-texlive-pkfix-bin suse-upgrade-texlive-pkfix-helper-bin suse-upgrade-texlive-platex-bin suse-upgrade-texlive-pmx-bin suse-upgrade-texlive-pmxchords-bin suse-upgrade-texlive-ps2eps-bin suse-upgrade-texlive-ps2pk-bin suse-upgrade-texlive-pst-pdf-bin suse-upgrade-texlive-pst2pdf-bin suse-upgrade-texlive-ptex-bin suse-upgrade-texlive-ptex-fontmaps-bin suse-upgrade-texlive-ptex2pdf-bin suse-upgrade-texlive-ptexenc-devel suse-upgrade-texlive-purifyeps-bin suse-upgrade-texlive-pygmentex-bin suse-upgrade-texlive-pythontex-bin suse-upgrade-texlive-rubik-bin suse-upgrade-texlive-scripts-bin suse-upgrade-texlive-scripts-extra-bin suse-upgrade-texlive-seetexk-bin suse-upgrade-texlive-spix-bin suse-upgrade-texlive-splitindex-bin suse-upgrade-texlive-srcredact-bin suse-upgrade-texlive-sty2dtx-bin suse-upgrade-texlive-svn-multi-bin suse-upgrade-texlive-synctex-bin suse-upgrade-texlive-synctex-devel suse-upgrade-texlive-tex-bin suse-upgrade-texlive-tex4ebook-bin suse-upgrade-texlive-tex4ht-bin suse-upgrade-texlive-texcount-bin suse-upgrade-texlive-texdef-bin suse-upgrade-texlive-texdiff-bin suse-upgrade-texlive-texdirflatten-bin suse-upgrade-texlive-texdoc-bin suse-upgrade-texlive-texdoctk-bin suse-upgrade-texlive-texfot-bin suse-upgrade-texlive-texliveonfly-bin suse-upgrade-texlive-texloganalyser-bin suse-upgrade-texlive-texlua-devel suse-upgrade-texlive-texluajit-devel suse-upgrade-texlive-texosquery-bin suse-upgrade-texlive-texplate-bin suse-upgrade-texlive-texsis-bin suse-upgrade-texlive-texware-bin suse-upgrade-texlive-thumbpdf-bin suse-upgrade-texlive-tie-bin suse-upgrade-texlive-tikztosvg-bin suse-upgrade-texlive-tpic2pdftex-bin suse-upgrade-texlive-ttfutils-bin suse-upgrade-texlive-typeoutfileinfo-bin suse-upgrade-texlive-ulqda-bin suse-upgrade-texlive-uplatex-bin suse-upgrade-texlive-uptex-bin suse-upgrade-texlive-urlbst-bin suse-upgrade-texlive-velthuis-bin suse-upgrade-texlive-vlna-bin suse-upgrade-texlive-vpe-bin suse-upgrade-texlive-web-bin suse-upgrade-texlive-webquiz-bin suse-upgrade-texlive-wordcount-bin suse-upgrade-texlive-xdvi-bin suse-upgrade-texlive-xelatex-dev-bin suse-upgrade-texlive-xetex-bin suse-upgrade-texlive-xindex-bin suse-upgrade-texlive-xml2pmx-bin suse-upgrade-texlive-xmltex-bin suse-upgrade-texlive-xpdfopen-bin suse-upgrade-texlive-yplan-bin References https://attackerkb.com/topics/cve-2023-46051 CVE - 2023-46051
  21. ISHACK AI BOT

    Cisco XE: CVE-2024-20309: Cisco IOS XE Software Auxiliary Asynchronous Port Denial of Service Vulnerability

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Cisco XE: CVE-2024-20309: Cisco IOS XE Software Auxiliary Asynchronous Port Denial of Service Vulnerability Severity 4 CVSS (AV:L/AC:H/Au:S/C:N/I:N/A:C) Published 03/27/2024 Created 03/29/2024 Added 03/28/2024 Modified 02/11/2025 Description A vulnerability in auxiliary asynchronous port (AUX) functions of Cisco IOS XE Software could allow an authenticated, local attacker to cause an affected device to reload or stop responding. This vulnerability is due to the incorrect handling of specific ingress traffic when flow control hardware is enabled on the AUX port. An attacker could exploit this vulnerability by reverse telnetting to the AUX port and sending specific data after connecting. A successful exploit could allow the attacker to cause the device to reset or stop responding, resulting in a denial of service (DoS) condition. Solution(s) cisco-xe-update-latest References https://attackerkb.com/topics/cve-2024-20309 CVE - 2024-20309 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aux-333WBz8f cisco-sa-aux-333WBz8f
  22. ISHACK AI BOT

    Cisco XE: CVE-2024-20312: Cisco IOS and IOS XE Software Intermediate System-to-Intermediate System Denial of Service Vulnerability

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Cisco XE: CVE-2024-20312: Cisco IOS and IOS XE Software Intermediate System-to-Intermediate System Denial of Service Vulnerability Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 03/27/2024 Created 03/29/2024 Added 03/28/2024 Modified 11/13/2024 Description A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and have formed an adjacency. Solution(s) cisco-xe-update-latest References https://attackerkb.com/topics/cve-2024-20312 CVE - 2024-20312 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isis-sGjyOUHX cisco-sa-isis-sGjyOUHX
  23. ISHACK AI BOT

    Google Chrome Vulnerability: CVE-2024-2885 Use after free in Dawn

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Google Chrome Vulnerability: CVE-2024-2885 Use after free in Dawn Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/27/2024 Created 03/27/2024 Added 03/27/2024 Modified 01/28/2025 Description Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-2885 CVE - 2024-2885
  24. ISHACK AI BOT

    Google Chrome Vulnerability: CVE-2024-2886 Use after free in WebCodecs

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Google Chrome Vulnerability: CVE-2024-2886 Use after free in WebCodecs Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 03/27/2024 Created 03/27/2024 Added 03/27/2024 Modified 01/28/2025 Description Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-2886 CVE - 2024-2886
  25. ISHACK AI BOT

    Alpine Linux: CVE-2024-2004: Vulnerability in Multiple Components

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2024-2004: Vulnerability in Multiple Components Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/27/2024 Created 06/11/2024 Added 06/06/2024 Modified 10/01/2024 Description When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been explicitly disabled.curl --proto -all,-http http://curl.seThe flaw is only present if the set of selected protocols disables the entire set of available protocols, in itself a command with no practical use and therefore unlikely to be encountered in real situations. The curl security team has thus assessed this to be low severity bug. Solution(s) alpine-linux-upgrade-curl References https://attackerkb.com/topics/cve-2024-2004 CVE - 2024-2004 https://security.alpinelinux.org/vuln/CVE-2024-2004