跳转到帖子
官方通告:安全方向 - WEB渗透 /Windows & 安卓远控/ 逆向破解 /安全审计 /嵌入式开发联系 Telegram:@APTs37,或者点击此处查看详细介绍。收SHELL、出SHELL。劫持合作。

ISHACK AI BOT

超级管理员

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    Ubuntu: USN-6961-1 (CVE-2023-42363): BusyBox vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6961-1 (CVE-2023-42363): BusyBox vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 11/27/2023 Created 08/16/2024 Added 08/15/2024 Modified 01/28/2025 Description A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1. Solution(s) ubuntu-upgrade-busybox ubuntu-upgrade-busybox-initramfs ubuntu-upgrade-busybox-static References https://attackerkb.com/topics/cve-2023-42363 CVE - 2023-42363 USN-6961-1
  2. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-42363: busybox security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2023-42363: busybox security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 11/27/2023 Created 10/10/2024 Added 10/09/2024 Modified 01/28/2025 Description A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1. Solution(s) huawei-euleros-2_0_sp11-upgrade-busybox-help References https://attackerkb.com/topics/cve-2023-42363 CVE - 2023-42363 EulerOS-SA-2024-2572
  3. ISHACK AI BOT

    Ubuntu: USN-6961-1 (CVE-2023-42365): BusyBox vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6961-1 (CVE-2023-42365): BusyBox vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 11/27/2023 Created 08/16/2024 Added 08/15/2024 Modified 01/28/2025 Description A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function. Solution(s) ubuntu-upgrade-busybox ubuntu-upgrade-busybox-initramfs ubuntu-upgrade-busybox-static References https://attackerkb.com/topics/cve-2023-42365 CVE - 2023-42365 USN-6961-1
  4. ISHACK AI BOT

    Debian: CVE-2023-42365: busybox -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-42365: busybox -- security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 11/27/2023 Created 01/21/2025 Added 01/20/2025 Modified 01/28/2025 Description A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function. Solution(s) debian-upgrade-busybox References https://attackerkb.com/topics/cve-2023-42365 CVE - 2023-42365 DLA-4019-1
  5. ISHACK AI BOT

    Foxit Reader: Use After Free (CVE-2023-38573)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Foxit Reader: Use After Free (CVE-2023-38573) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/27/2023 Created 12/05/2023 Added 12/04/2023 Modified 01/28/2025 Description A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles a signature field. A specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. Solution(s) foxit-reader-upgrade-latest References https://attackerkb.com/topics/cve-2023-38573 CVE - 2023-38573 https://talosintelligence.com/vulnerability_reports/TALOS-2023-1839
  6. ISHACK AI BOT

    Ubuntu: USN-6517-1 (CVE-2023-47038): Perl vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6517-1 (CVE-2023-47038): Perl vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 11/27/2023 Created 11/29/2023 Added 11/28/2023 Modified 01/28/2025 Description A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer. Solution(s) ubuntu-upgrade-perl References https://attackerkb.com/topics/cve-2023-47038 CVE - 2023-47038 USN-6517-1
  7. ISHACK AI BOT

    Ubuntu: (Multiple Advisories) (CVE-2023-5972): Linux kernel vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: (Multiple Advisories) (CVE-2023-5972): Linux kernel vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 11/23/2023 Created 02/09/2024 Added 02/08/2024 Modified 01/28/2025 Description A null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. This issue could allow a local user to crash the system or escalate their privileges on the system. Solution(s) ubuntu-upgrade-linux-image-6-5-0-1007-starfive ubuntu-upgrade-linux-image-6-5-0-1009-laptop ubuntu-upgrade-linux-image-6-5-0-1010-raspi ubuntu-upgrade-linux-image-6-5-0-1013-aws ubuntu-upgrade-linux-image-6-5-0-1013-gcp ubuntu-upgrade-linux-image-6-5-0-1014-oem ubuntu-upgrade-linux-image-6-5-0-1015-azure ubuntu-upgrade-linux-image-6-5-0-1015-azure-fde ubuntu-upgrade-linux-image-6-5-0-1015-oracle ubuntu-upgrade-linux-image-6-5-0-17-generic ubuntu-upgrade-linux-image-6-5-0-17-generic-64k ubuntu-upgrade-linux-image-6-5-0-17-lowlatency ubuntu-upgrade-linux-image-6-5-0-17-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-laptop-23-10 ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-oem-22-04d ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-starfive ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-22-04 References https://attackerkb.com/topics/cve-2023-5972 CVE - 2023-5972 USN-6624-1 USN-6652-1
  8. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-42366: busybox security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2023-42366: busybox security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 11/27/2023 Created 01/16/2025 Added 01/15/2025 Modified 01/28/2025 Description A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159. Solution(s) huawei-euleros-2_0_sp9-upgrade-busybox-help References https://attackerkb.com/topics/cve-2023-42366 CVE - 2023-42366 EulerOS-SA-2025-1052
  9. ISHACK AI BOT

    Amazon Linux 2023: CVE-2024-0584: Important priority package update for kernel

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux 2023: CVE-2024-0584: Important priority package update for kernel Severity 1 CVSS (AV:L/AC:H/Au:S/C:N/I:N/A:N) Published 11/23/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: Do not use this CVE as it is duplicate of CVE-2023-6932 A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak. Solution(s) amazon-linux-2023-upgrade-bpftool amazon-linux-2023-upgrade-bpftool-debuginfo amazon-linux-2023-upgrade-kernel amazon-linux-2023-upgrade-kernel-debuginfo amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64 amazon-linux-2023-upgrade-kernel-devel amazon-linux-2023-upgrade-kernel-headers amazon-linux-2023-upgrade-kernel-libbpf amazon-linux-2023-upgrade-kernel-libbpf-devel amazon-linux-2023-upgrade-kernel-libbpf-static amazon-linux-2023-upgrade-kernel-livepatch-6-1-66-91-160 amazon-linux-2023-upgrade-kernel-modules-extra amazon-linux-2023-upgrade-kernel-tools amazon-linux-2023-upgrade-kernel-tools-debuginfo amazon-linux-2023-upgrade-kernel-tools-devel amazon-linux-2023-upgrade-perf amazon-linux-2023-upgrade-perf-debuginfo amazon-linux-2023-upgrade-python3-perf amazon-linux-2023-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2024-0584 CVE - 2024-0584 https://alas.aws.amazon.com/AL2023/ALAS-2023-461.html
  10. ISHACK AI BOT

    Debian: CVE-2023-30581: nodejs -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-30581: nodejs -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 11/23/2023 Created 01/04/2024 Added 01/03/2024 Modified 01/28/2025 Description The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js Solution(s) debian-upgrade-nodejs References https://attackerkb.com/topics/cve-2023-30581 CVE - 2023-30581 DSA-5589-1
  11. ISHACK AI BOT

    Gentoo Linux: CVE-2023-30581: Node.js: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-30581: Node.js: Multiple Vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 11/23/2023 Created 05/10/2024 Added 05/10/2024 Modified 01/28/2025 Description The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js Solution(s) gentoo-linux-upgrade-net-libs-nodejs References https://attackerkb.com/topics/cve-2023-30581 CVE - 2023-30581 202405-29
  12. ISHACK AI BOT

    WordPress Royal Elementor Addons RCE

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    WordPress Royal Elementor Addons RCE Disclosed 11/23/2023 Created 11/28/2023 Description Exploit for the unauthenticated file upload vulnerability in WordPress Royal Elementor Addons and Templates plugin (< 1.3.79). Author(s) Fioravante Souza Valentin Lobstein Platform Linux,PHP,Unix,Windows Architectures php, cmd Development Source Code History
  13. ISHACK AI BOT

    Debian: CVE-2023-49208: glewlwyd -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2023-49208: glewlwyd -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 11/23/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn registration. Solution(s) debian-upgrade-glewlwyd References https://attackerkb.com/topics/cve-2023-49208 CVE - 2023-49208
  14. ISHACK AI BOT

    Rocky Linux: CVE-2023-30581: nodejs-16 (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Rocky Linux: CVE-2023-30581: nodejs-16 (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 11/23/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js Solution(s) rocky-upgrade-nodejs rocky-upgrade-nodejs-debuginfo rocky-upgrade-nodejs-debugsource rocky-upgrade-nodejs-devel rocky-upgrade-nodejs-full-i18n rocky-upgrade-npm References https://attackerkb.com/topics/cve-2023-30581 CVE - 2023-30581 https://errata.rockylinux.org/RLSA-2023:4536 https://errata.rockylinux.org/RLSA-2023:4537
  15. ISHACK AI BOT

    Rocky Linux: CVE-2023-48161: java-21-openjdk (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Rocky Linux: CVE-2023-48161: java-21-openjdk (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 11/22/2023 Created 11/05/2024 Added 11/04/2024 Modified 01/28/2025 Description Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c Solution(s) rocky-upgrade-java-1.8.0-openjdk rocky-upgrade-java-1.8.0-openjdk-accessibility rocky-upgrade-java-1.8.0-openjdk-accessibility-fastdebug rocky-upgrade-java-1.8.0-openjdk-accessibility-slowdebug rocky-upgrade-java-1.8.0-openjdk-debuginfo rocky-upgrade-java-1.8.0-openjdk-debugsource rocky-upgrade-java-1.8.0-openjdk-demo rocky-upgrade-java-1.8.0-openjdk-demo-debuginfo rocky-upgrade-java-1.8.0-openjdk-demo-fastdebug rocky-upgrade-java-1.8.0-openjdk-demo-fastdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-demo-slowdebug rocky-upgrade-java-1.8.0-openjdk-demo-slowdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-devel rocky-upgrade-java-1.8.0-openjdk-devel-debuginfo rocky-upgrade-java-1.8.0-openjdk-devel-fastdebug rocky-upgrade-java-1.8.0-openjdk-devel-fastdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-devel-slowdebug rocky-upgrade-java-1.8.0-openjdk-devel-slowdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-fastdebug rocky-upgrade-java-1.8.0-openjdk-fastdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-headless rocky-upgrade-java-1.8.0-openjdk-headless-debuginfo rocky-upgrade-java-1.8.0-openjdk-headless-fastdebug rocky-upgrade-java-1.8.0-openjdk-headless-fastdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-headless-slowdebug rocky-upgrade-java-1.8.0-openjdk-headless-slowdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-slowdebug rocky-upgrade-java-1.8.0-openjdk-slowdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-src rocky-upgrade-java-1.8.0-openjdk-src-fastdebug rocky-upgrade-java-1.8.0-openjdk-src-slowdebug rocky-upgrade-java-11-openjdk rocky-upgrade-java-11-openjdk-debuginfo rocky-upgrade-java-11-openjdk-debugsource rocky-upgrade-java-11-openjdk-demo rocky-upgrade-java-11-openjdk-demo-fastdebug rocky-upgrade-java-11-openjdk-demo-slowdebug rocky-upgrade-java-11-openjdk-devel rocky-upgrade-java-11-openjdk-devel-debuginfo rocky-upgrade-java-11-openjdk-devel-fastdebug rocky-upgrade-java-11-openjdk-devel-fastdebug-debuginfo rocky-upgrade-java-11-openjdk-devel-slowdebug rocky-upgrade-java-11-openjdk-devel-slowdebug-debuginfo rocky-upgrade-java-11-openjdk-fastdebug rocky-upgrade-java-11-openjdk-fastdebug-debuginfo rocky-upgrade-java-11-openjdk-headless rocky-upgrade-java-11-openjdk-headless-debuginfo rocky-upgrade-java-11-openjdk-headless-fastdebug rocky-upgrade-java-11-openjdk-headless-fastdebug-debuginfo rocky-upgrade-java-11-openjdk-headless-slowdebug rocky-upgrade-java-11-openjdk-headless-slowdebug-debuginfo rocky-upgrade-java-11-openjdk-javadoc rocky-upgrade-java-11-openjdk-javadoc-zip rocky-upgrade-java-11-openjdk-jmods rocky-upgrade-java-11-openjdk-jmods-fastdebug rocky-upgrade-java-11-openjdk-jmods-slowdebug rocky-upgrade-java-11-openjdk-slowdebug rocky-upgrade-java-11-openjdk-slowdebug-debuginfo rocky-upgrade-java-11-openjdk-src rocky-upgrade-java-11-openjdk-src-fastdebug rocky-upgrade-java-11-openjdk-src-slowdebug rocky-upgrade-java-11-openjdk-static-libs rocky-upgrade-java-11-openjdk-static-libs-fastdebug rocky-upgrade-java-11-openjdk-static-libs-slowdebug rocky-upgrade-java-17-openjdk rocky-upgrade-java-17-openjdk-debuginfo rocky-upgrade-java-17-openjdk-debugsource rocky-upgrade-java-17-openjdk-demo rocky-upgrade-java-17-openjdk-demo-fastdebug rocky-upgrade-java-17-openjdk-demo-slowdebug rocky-upgrade-java-17-openjdk-devel rocky-upgrade-java-17-openjdk-devel-debuginfo rocky-upgrade-java-17-openjdk-devel-fastdebug rocky-upgrade-java-17-openjdk-devel-fastdebug-debuginfo rocky-upgrade-java-17-openjdk-devel-slowdebug rocky-upgrade-java-17-openjdk-devel-slowdebug-debuginfo rocky-upgrade-java-17-openjdk-fastdebug rocky-upgrade-java-17-openjdk-fastdebug-debuginfo rocky-upgrade-java-17-openjdk-headless rocky-upgrade-java-17-openjdk-headless-debuginfo rocky-upgrade-java-17-openjdk-headless-fastdebug rocky-upgrade-java-17-openjdk-headless-fastdebug-debuginfo rocky-upgrade-java-17-openjdk-headless-slowdebug rocky-upgrade-java-17-openjdk-headless-slowdebug-debuginfo rocky-upgrade-java-17-openjdk-javadoc rocky-upgrade-java-17-openjdk-javadoc-zip rocky-upgrade-java-17-openjdk-jmods rocky-upgrade-java-17-openjdk-jmods-fastdebug rocky-upgrade-java-17-openjdk-jmods-slowdebug rocky-upgrade-java-17-openjdk-slowdebug rocky-upgrade-java-17-openjdk-slowdebug-debuginfo rocky-upgrade-java-17-openjdk-src rocky-upgrade-java-17-openjdk-src-fastdebug rocky-upgrade-java-17-openjdk-src-slowdebug rocky-upgrade-java-17-openjdk-static-libs rocky-upgrade-java-17-openjdk-static-libs-fastdebug rocky-upgrade-java-17-openjdk-static-libs-slowdebug rocky-upgrade-java-21-openjdk rocky-upgrade-java-21-openjdk-debuginfo rocky-upgrade-java-21-openjdk-debugsource rocky-upgrade-java-21-openjdk-demo rocky-upgrade-java-21-openjdk-demo-fastdebug rocky-upgrade-java-21-openjdk-demo-slowdebug rocky-upgrade-java-21-openjdk-devel rocky-upgrade-java-21-openjdk-devel-debuginfo rocky-upgrade-java-21-openjdk-devel-fastdebug rocky-upgrade-java-21-openjdk-devel-fastdebug-debuginfo rocky-upgrade-java-21-openjdk-devel-slowdebug rocky-upgrade-java-21-openjdk-devel-slowdebug-debuginfo rocky-upgrade-java-21-openjdk-fastdebug rocky-upgrade-java-21-openjdk-fastdebug-debuginfo rocky-upgrade-java-21-openjdk-headless rocky-upgrade-java-21-openjdk-headless-debuginfo rocky-upgrade-java-21-openjdk-headless-fastdebug rocky-upgrade-java-21-openjdk-headless-fastdebug-debuginfo rocky-upgrade-java-21-openjdk-headless-slowdebug rocky-upgrade-java-21-openjdk-headless-slowdebug-debuginfo rocky-upgrade-java-21-openjdk-javadoc rocky-upgrade-java-21-openjdk-javadoc-zip rocky-upgrade-java-21-openjdk-jmods rocky-upgrade-java-21-openjdk-jmods-fastdebug rocky-upgrade-java-21-openjdk-jmods-slowdebug rocky-upgrade-java-21-openjdk-slowdebug rocky-upgrade-java-21-openjdk-slowdebug-debuginfo rocky-upgrade-java-21-openjdk-src rocky-upgrade-java-21-openjdk-src-fastdebug rocky-upgrade-java-21-openjdk-src-slowdebug rocky-upgrade-java-21-openjdk-static-libs rocky-upgrade-java-21-openjdk-static-libs-fastdebug rocky-upgrade-java-21-openjdk-static-libs-slowdebug References https://attackerkb.com/topics/cve-2023-48161 CVE - 2023-48161 https://errata.rockylinux.org/RLSA-2024:8117 https://errata.rockylinux.org/RLSA-2024:8121 https://errata.rockylinux.org/RLSA-2024:8124 https://errata.rockylinux.org/RLSA-2024:8127
  16. ISHACK AI BOT

    Alpine Linux: CVE-2023-43887: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2023-43887: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:C) Published 11/22/2023 Created 03/22/2024 Added 03/21/2024 Modified 01/28/2025 Description Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function pic_parameter_set::dump. Solution(s) alpine-linux-upgrade-libde265 References https://attackerkb.com/topics/cve-2023-43887 CVE - 2023-43887 https://security.alpinelinux.org/vuln/CVE-2023-43887
  17. ISHACK AI BOT

    Ubuntu: USN-6557-1 (CVE-2023-48706): Vim vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Ubuntu: USN-6557-1 (CVE-2023-48706): Vim vulnerabilities Severity 4 CVSS (AV:L/AC:H/Au:N/C:N/I:N/A:C) Published 11/22/2023 Created 12/20/2023 Added 12/19/2023 Modified 01/28/2025 Description Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive `:s` call causes free-ing of memory which may later then be accessed by the initial `:s` command. The user must intentionally execute the payload and the whole process is a bit tricky to do since it seems to work only reliably for the very first :s command. It may also cause a crash of Vim. Version 9.0.2121 contains a fix for this issue. Solution(s) ubuntu-upgrade-vim ubuntu-upgrade-vim-athena ubuntu-upgrade-vim-gtk ubuntu-upgrade-vim-gtk3 ubuntu-upgrade-vim-nox ubuntu-upgrade-vim-tiny ubuntu-upgrade-xxd References https://attackerkb.com/topics/cve-2023-48706 CVE - 2023-48706 USN-6557-1
  18. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-48706: vim security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2023-48706: vim security update Severity 4 CVSS (AV:L/AC:H/Au:N/C:N/I:N/A:C) Published 11/22/2023 Created 01/30/2024 Added 01/29/2024 Modified 01/28/2025 Description Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive `:s` call causes free-ing of memory which may later then be accessed by the initial `:s` command. The user must intentionally execute the payload and the whole process is a bit tricky to do since it seems to work only reliably for the very first :s command. It may also cause a crash of Vim. Version 9.0.2121 contains a fix for this issue. Solution(s) huawei-euleros-2_0_sp11-upgrade-vim-common huawei-euleros-2_0_sp11-upgrade-vim-enhanced huawei-euleros-2_0_sp11-upgrade-vim-filesystem huawei-euleros-2_0_sp11-upgrade-vim-minimal References https://attackerkb.com/topics/cve-2023-48706 CVE - 2023-48706 EulerOS-SA-2024-1130
  19. ISHACK AI BOT

    Alpine Linux: CVE-2023-30581: Vulnerability in Nodejs

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2023-30581: Vulnerability in Nodejs Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 11/22/2023 Created 03/22/2024 Added 03/21/2024 Modified 01/28/2025 Description The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js Solution(s) alpine-linux-upgrade-nodejs References https://attackerkb.com/topics/cve-2023-30581 CVE - 2023-30581 https://security.alpinelinux.org/vuln/CVE-2023-30581
  20. ISHACK AI BOT

    Alpine Linux: CVE-2023-48161: Out-of-bounds Write

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2023-48161: Out-of-bounds Write Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 11/22/2023 Created 03/22/2024 Added 03/26/2024 Modified 10/02/2024 Description Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c Solution(s) alpine-linux-upgrade-giflib References https://attackerkb.com/topics/cve-2023-48161 CVE - 2023-48161 https://security.alpinelinux.org/vuln/CVE-2023-48161
  21. ISHACK AI BOT

    Alma Linux: CVE-2023-48161: Moderate: java-1.8.0-openjdk security update (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alma Linux: CVE-2023-48161: Moderate: java-1.8.0-openjdk security update (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 11/22/2023 Created 10/22/2024 Added 10/21/2024 Modified 01/28/2025 Description Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c Solution(s) alma-upgrade-java-1.8.0-openjdk alma-upgrade-java-1.8.0-openjdk-accessibility alma-upgrade-java-1.8.0-openjdk-accessibility-fastdebug alma-upgrade-java-1.8.0-openjdk-accessibility-slowdebug alma-upgrade-java-1.8.0-openjdk-demo alma-upgrade-java-1.8.0-openjdk-demo-fastdebug alma-upgrade-java-1.8.0-openjdk-demo-slowdebug alma-upgrade-java-1.8.0-openjdk-devel alma-upgrade-java-1.8.0-openjdk-devel-fastdebug alma-upgrade-java-1.8.0-openjdk-devel-slowdebug alma-upgrade-java-1.8.0-openjdk-fastdebug alma-upgrade-java-1.8.0-openjdk-headless alma-upgrade-java-1.8.0-openjdk-headless-fastdebug alma-upgrade-java-1.8.0-openjdk-headless-slowdebug alma-upgrade-java-1.8.0-openjdk-javadoc alma-upgrade-java-1.8.0-openjdk-javadoc-zip alma-upgrade-java-1.8.0-openjdk-slowdebug alma-upgrade-java-1.8.0-openjdk-src alma-upgrade-java-1.8.0-openjdk-src-fastdebug alma-upgrade-java-1.8.0-openjdk-src-slowdebug alma-upgrade-java-11-openjdk alma-upgrade-java-11-openjdk-demo alma-upgrade-java-11-openjdk-demo-fastdebug alma-upgrade-java-11-openjdk-demo-slowdebug alma-upgrade-java-11-openjdk-devel alma-upgrade-java-11-openjdk-devel-fastdebug alma-upgrade-java-11-openjdk-devel-slowdebug alma-upgrade-java-11-openjdk-fastdebug alma-upgrade-java-11-openjdk-headless alma-upgrade-java-11-openjdk-headless-fastdebug alma-upgrade-java-11-openjdk-headless-slowdebug alma-upgrade-java-11-openjdk-javadoc alma-upgrade-java-11-openjdk-javadoc-zip alma-upgrade-java-11-openjdk-jmods alma-upgrade-java-11-openjdk-jmods-fastdebug alma-upgrade-java-11-openjdk-jmods-slowdebug alma-upgrade-java-11-openjdk-slowdebug alma-upgrade-java-11-openjdk-src alma-upgrade-java-11-openjdk-src-fastdebug alma-upgrade-java-11-openjdk-src-slowdebug alma-upgrade-java-11-openjdk-static-libs alma-upgrade-java-11-openjdk-static-libs-fastdebug alma-upgrade-java-11-openjdk-static-libs-slowdebug alma-upgrade-java-17-openjdk alma-upgrade-java-17-openjdk-demo alma-upgrade-java-17-openjdk-demo-fastdebug alma-upgrade-java-17-openjdk-demo-slowdebug alma-upgrade-java-17-openjdk-devel alma-upgrade-java-17-openjdk-devel-fastdebug alma-upgrade-java-17-openjdk-devel-slowdebug alma-upgrade-java-17-openjdk-fastdebug alma-upgrade-java-17-openjdk-headless alma-upgrade-java-17-openjdk-headless-fastdebug alma-upgrade-java-17-openjdk-headless-slowdebug alma-upgrade-java-17-openjdk-javadoc alma-upgrade-java-17-openjdk-javadoc-zip alma-upgrade-java-17-openjdk-jmods alma-upgrade-java-17-openjdk-jmods-fastdebug alma-upgrade-java-17-openjdk-jmods-slowdebug alma-upgrade-java-17-openjdk-slowdebug alma-upgrade-java-17-openjdk-src alma-upgrade-java-17-openjdk-src-fastdebug alma-upgrade-java-17-openjdk-src-slowdebug alma-upgrade-java-17-openjdk-static-libs alma-upgrade-java-17-openjdk-static-libs-fastdebug alma-upgrade-java-17-openjdk-static-libs-slowdebug alma-upgrade-java-21-openjdk alma-upgrade-java-21-openjdk-demo alma-upgrade-java-21-openjdk-demo-fastdebug alma-upgrade-java-21-openjdk-demo-slowdebug alma-upgrade-java-21-openjdk-devel alma-upgrade-java-21-openjdk-devel-fastdebug alma-upgrade-java-21-openjdk-devel-slowdebug alma-upgrade-java-21-openjdk-fastdebug alma-upgrade-java-21-openjdk-headless alma-upgrade-java-21-openjdk-headless-fastdebug alma-upgrade-java-21-openjdk-headless-slowdebug alma-upgrade-java-21-openjdk-javadoc alma-upgrade-java-21-openjdk-javadoc-zip alma-upgrade-java-21-openjdk-jmods alma-upgrade-java-21-openjdk-jmods-fastdebug alma-upgrade-java-21-openjdk-jmods-slowdebug alma-upgrade-java-21-openjdk-slowdebug alma-upgrade-java-21-openjdk-src alma-upgrade-java-21-openjdk-src-fastdebug alma-upgrade-java-21-openjdk-src-slowdebug alma-upgrade-java-21-openjdk-static-libs alma-upgrade-java-21-openjdk-static-libs-fastdebug alma-upgrade-java-21-openjdk-static-libs-slowdebug References https://attackerkb.com/topics/cve-2023-48161 CVE - 2023-48161 https://errata.almalinux.org/8/ALSA-2024-8117.html https://errata.almalinux.org/8/ALSA-2024-8121.html https://errata.almalinux.org/8/ALSA-2024-8124.html https://errata.almalinux.org/8/ALSA-2024-8127.html https://errata.almalinux.org/9/ALSA-2024-8117.html https://errata.almalinux.org/9/ALSA-2024-8121.html https://errata.almalinux.org/9/ALSA-2024-8124.html https://errata.almalinux.org/9/ALSA-2024-8127.html View more
  22. ISHACK AI BOT

    Oracle Linux: CVE-2023-48161: ELSA-2024-8121: java-11-openjdk security update (MODERATE) (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle Linux: CVE-2023-48161: ELSA-2024-8121:java-11-openjdk security update (MODERATE) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 11/22/2023 Created 11/13/2024 Added 11/11/2024 Modified 01/07/2025 Description Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c A security flaw related to buffer overflow has been identified in GifLib. This flaw allows a nearby attacker to access sensitive information through the DumpSCreen2RGB function in gif2rgb.c. Solution(s) oracle-linux-upgrade-giflib oracle-linux-upgrade-giflib-devel oracle-linux-upgrade-giflib-utils oracle-linux-upgrade-java-11-openjdk oracle-linux-upgrade-java-11-openjdk-demo oracle-linux-upgrade-java-11-openjdk-demo-fastdebug oracle-linux-upgrade-java-11-openjdk-demo-slowdebug oracle-linux-upgrade-java-11-openjdk-devel oracle-linux-upgrade-java-11-openjdk-devel-fastdebug oracle-linux-upgrade-java-11-openjdk-devel-slowdebug oracle-linux-upgrade-java-11-openjdk-fastdebug oracle-linux-upgrade-java-11-openjdk-headless oracle-linux-upgrade-java-11-openjdk-headless-fastdebug oracle-linux-upgrade-java-11-openjdk-headless-slowdebug oracle-linux-upgrade-java-11-openjdk-javadoc oracle-linux-upgrade-java-11-openjdk-javadoc-zip oracle-linux-upgrade-java-11-openjdk-jmods oracle-linux-upgrade-java-11-openjdk-jmods-fastdebug oracle-linux-upgrade-java-11-openjdk-jmods-slowdebug oracle-linux-upgrade-java-11-openjdk-slowdebug oracle-linux-upgrade-java-11-openjdk-src oracle-linux-upgrade-java-11-openjdk-src-fastdebug oracle-linux-upgrade-java-11-openjdk-src-slowdebug oracle-linux-upgrade-java-11-openjdk-static-libs oracle-linux-upgrade-java-11-openjdk-static-libs-fastdebug oracle-linux-upgrade-java-11-openjdk-static-libs-slowdebug oracle-linux-upgrade-java-17-openjdk oracle-linux-upgrade-java-17-openjdk-demo oracle-linux-upgrade-java-17-openjdk-demo-fastdebug oracle-linux-upgrade-java-17-openjdk-demo-slowdebug oracle-linux-upgrade-java-17-openjdk-devel oracle-linux-upgrade-java-17-openjdk-devel-fastdebug oracle-linux-upgrade-java-17-openjdk-devel-slowdebug oracle-linux-upgrade-java-17-openjdk-fastdebug oracle-linux-upgrade-java-17-openjdk-headless oracle-linux-upgrade-java-17-openjdk-headless-fastdebug oracle-linux-upgrade-java-17-openjdk-headless-slowdebug oracle-linux-upgrade-java-17-openjdk-javadoc oracle-linux-upgrade-java-17-openjdk-javadoc-zip oracle-linux-upgrade-java-17-openjdk-jmods oracle-linux-upgrade-java-17-openjdk-jmods-fastdebug oracle-linux-upgrade-java-17-openjdk-jmods-slowdebug oracle-linux-upgrade-java-17-openjdk-slowdebug oracle-linux-upgrade-java-17-openjdk-src oracle-linux-upgrade-java-17-openjdk-src-fastdebug oracle-linux-upgrade-java-17-openjdk-src-slowdebug oracle-linux-upgrade-java-17-openjdk-static-libs oracle-linux-upgrade-java-17-openjdk-static-libs-fastdebug oracle-linux-upgrade-java-17-openjdk-static-libs-slowdebug oracle-linux-upgrade-java-1-8-0-openjdk oracle-linux-upgrade-java-1-8-0-openjdk-accessibility oracle-linux-upgrade-java-1-8-0-openjdk-accessibility-fastdebug oracle-linux-upgrade-java-1-8-0-openjdk-accessibility-slowdebug oracle-linux-upgrade-java-1-8-0-openjdk-demo oracle-linux-upgrade-java-1-8-0-openjdk-demo-fastdebug oracle-linux-upgrade-java-1-8-0-openjdk-demo-slowdebug oracle-linux-upgrade-java-1-8-0-openjdk-devel oracle-linux-upgrade-java-1-8-0-openjdk-devel-fastdebug oracle-linux-upgrade-java-1-8-0-openjdk-devel-slowdebug oracle-linux-upgrade-java-1-8-0-openjdk-fastdebug oracle-linux-upgrade-java-1-8-0-openjdk-headless oracle-linux-upgrade-java-1-8-0-openjdk-headless-fastdebug oracle-linux-upgrade-java-1-8-0-openjdk-headless-slowdebug oracle-linux-upgrade-java-1-8-0-openjdk-javadoc oracle-linux-upgrade-java-1-8-0-openjdk-javadoc-zip oracle-linux-upgrade-java-1-8-0-openjdk-slowdebug oracle-linux-upgrade-java-1-8-0-openjdk-src oracle-linux-upgrade-java-1-8-0-openjdk-src-fastdebug oracle-linux-upgrade-java-1-8-0-openjdk-src-slowdebug oracle-linux-upgrade-java-21-openjdk oracle-linux-upgrade-java-21-openjdk-demo oracle-linux-upgrade-java-21-openjdk-demo-fastdebug oracle-linux-upgrade-java-21-openjdk-demo-slowdebug oracle-linux-upgrade-java-21-openjdk-devel oracle-linux-upgrade-java-21-openjdk-devel-fastdebug oracle-linux-upgrade-java-21-openjdk-devel-slowdebug oracle-linux-upgrade-java-21-openjdk-fastdebug oracle-linux-upgrade-java-21-openjdk-headless oracle-linux-upgrade-java-21-openjdk-headless-fastdebug oracle-linux-upgrade-java-21-openjdk-headless-slowdebug oracle-linux-upgrade-java-21-openjdk-javadoc oracle-linux-upgrade-java-21-openjdk-javadoc-zip oracle-linux-upgrade-java-21-openjdk-jmods oracle-linux-upgrade-java-21-openjdk-jmods-fastdebug oracle-linux-upgrade-java-21-openjdk-jmods-slowdebug oracle-linux-upgrade-java-21-openjdk-slowdebug oracle-linux-upgrade-java-21-openjdk-src oracle-linux-upgrade-java-21-openjdk-src-fastdebug oracle-linux-upgrade-java-21-openjdk-src-slowdebug oracle-linux-upgrade-java-21-openjdk-static-libs oracle-linux-upgrade-java-21-openjdk-static-libs-fastdebug oracle-linux-upgrade-java-21-openjdk-static-libs-slowdebug References https://attackerkb.com/topics/cve-2023-48161 CVE - 2023-48161 ELSA-2024-8121 ELSA-2024-8117 ELSA-2024-8124 ELSA-2024-8127 ELSA-2024-12825 ELSA-2024-8116 ELSA-2024-8120 View more
  23. ISHACK AI BOT

    VMware Photon OS: CVE-2023-48706

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    VMware Photon OS: CVE-2023-48706 Severity 3 CVSS (AV:L/AC:H/Au:N/C:N/I:P/A:P) Published 11/22/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive `:s` call causes free-ing of memory which may later then be accessed by the initial `:s` command. The user must intentionally execute the payload and the whole process is a bit tricky to do since it seems to work only reliably for the very first :s command. It may also cause a crash of Vim. Version 9.0.2121 contains a fix for this issue. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-48706 CVE - 2023-48706
  24. ISHACK AI BOT

    Red Hat: CVE-2023-48161: giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat: CVE-2023-48161: giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 11/22/2023 Created 10/18/2024 Added 10/18/2024 Modified 10/18/2024 Description Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c Solution(s) redhat-upgrade-java-1-8-0-openjdk redhat-upgrade-java-1-8-0-openjdk-accessibility redhat-upgrade-java-1-8-0-openjdk-accessibility-fastdebug redhat-upgrade-java-1-8-0-openjdk-accessibility-slowdebug redhat-upgrade-java-1-8-0-openjdk-debuginfo redhat-upgrade-java-1-8-0-openjdk-debugsource redhat-upgrade-java-1-8-0-openjdk-demo redhat-upgrade-java-1-8-0-openjdk-demo-debuginfo redhat-upgrade-java-1-8-0-openjdk-demo-fastdebug redhat-upgrade-java-1-8-0-openjdk-demo-fastdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-demo-slowdebug redhat-upgrade-java-1-8-0-openjdk-demo-slowdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-devel redhat-upgrade-java-1-8-0-openjdk-devel-debuginfo redhat-upgrade-java-1-8-0-openjdk-devel-fastdebug redhat-upgrade-java-1-8-0-openjdk-devel-fastdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-devel-slowdebug redhat-upgrade-java-1-8-0-openjdk-devel-slowdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-fastdebug redhat-upgrade-java-1-8-0-openjdk-fastdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-headless redhat-upgrade-java-1-8-0-openjdk-headless-debuginfo redhat-upgrade-java-1-8-0-openjdk-headless-fastdebug redhat-upgrade-java-1-8-0-openjdk-headless-fastdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-headless-slowdebug redhat-upgrade-java-1-8-0-openjdk-headless-slowdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-javadoc redhat-upgrade-java-1-8-0-openjdk-javadoc-zip redhat-upgrade-java-1-8-0-openjdk-slowdebug redhat-upgrade-java-1-8-0-openjdk-slowdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-src redhat-upgrade-java-1-8-0-openjdk-src-fastdebug redhat-upgrade-java-1-8-0-openjdk-src-slowdebug redhat-upgrade-java-11-openjdk redhat-upgrade-java-11-openjdk-debuginfo redhat-upgrade-java-11-openjdk-debugsource redhat-upgrade-java-11-openjdk-demo redhat-upgrade-java-11-openjdk-demo-fastdebug redhat-upgrade-java-11-openjdk-demo-slowdebug redhat-upgrade-java-11-openjdk-devel redhat-upgrade-java-11-openjdk-devel-debuginfo redhat-upgrade-java-11-openjdk-devel-fastdebug redhat-upgrade-java-11-openjdk-devel-fastdebug-debuginfo redhat-upgrade-java-11-openjdk-devel-slowdebug redhat-upgrade-java-11-openjdk-devel-slowdebug-debuginfo redhat-upgrade-java-11-openjdk-fastdebug redhat-upgrade-java-11-openjdk-fastdebug-debuginfo redhat-upgrade-java-11-openjdk-headless redhat-upgrade-java-11-openjdk-headless-debuginfo redhat-upgrade-java-11-openjdk-headless-fastdebug redhat-upgrade-java-11-openjdk-headless-fastdebug-debuginfo redhat-upgrade-java-11-openjdk-headless-slowdebug redhat-upgrade-java-11-openjdk-headless-slowdebug-debuginfo redhat-upgrade-java-11-openjdk-javadoc redhat-upgrade-java-11-openjdk-javadoc-zip redhat-upgrade-java-11-openjdk-jmods redhat-upgrade-java-11-openjdk-jmods-fastdebug redhat-upgrade-java-11-openjdk-jmods-slowdebug redhat-upgrade-java-11-openjdk-slowdebug redhat-upgrade-java-11-openjdk-slowdebug-debuginfo redhat-upgrade-java-11-openjdk-src redhat-upgrade-java-11-openjdk-src-fastdebug redhat-upgrade-java-11-openjdk-src-slowdebug redhat-upgrade-java-11-openjdk-static-libs redhat-upgrade-java-11-openjdk-static-libs-fastdebug redhat-upgrade-java-11-openjdk-static-libs-slowdebug redhat-upgrade-java-17-openjdk redhat-upgrade-java-17-openjdk-debuginfo redhat-upgrade-java-17-openjdk-debugsource redhat-upgrade-java-17-openjdk-demo redhat-upgrade-java-17-openjdk-demo-fastdebug redhat-upgrade-java-17-openjdk-demo-slowdebug redhat-upgrade-java-17-openjdk-devel redhat-upgrade-java-17-openjdk-devel-debuginfo redhat-upgrade-java-17-openjdk-devel-fastdebug redhat-upgrade-java-17-openjdk-devel-fastdebug-debuginfo redhat-upgrade-java-17-openjdk-devel-slowdebug redhat-upgrade-java-17-openjdk-devel-slowdebug-debuginfo redhat-upgrade-java-17-openjdk-fastdebug redhat-upgrade-java-17-openjdk-fastdebug-debuginfo redhat-upgrade-java-17-openjdk-headless redhat-upgrade-java-17-openjdk-headless-debuginfo redhat-upgrade-java-17-openjdk-headless-fastdebug redhat-upgrade-java-17-openjdk-headless-fastdebug-debuginfo redhat-upgrade-java-17-openjdk-headless-slowdebug redhat-upgrade-java-17-openjdk-headless-slowdebug-debuginfo redhat-upgrade-java-17-openjdk-javadoc redhat-upgrade-java-17-openjdk-javadoc-zip redhat-upgrade-java-17-openjdk-jmods redhat-upgrade-java-17-openjdk-jmods-fastdebug redhat-upgrade-java-17-openjdk-jmods-slowdebug redhat-upgrade-java-17-openjdk-slowdebug redhat-upgrade-java-17-openjdk-slowdebug-debuginfo redhat-upgrade-java-17-openjdk-src redhat-upgrade-java-17-openjdk-src-fastdebug redhat-upgrade-java-17-openjdk-src-slowdebug redhat-upgrade-java-17-openjdk-static-libs redhat-upgrade-java-17-openjdk-static-libs-fastdebug redhat-upgrade-java-17-openjdk-static-libs-slowdebug redhat-upgrade-java-21-openjdk redhat-upgrade-java-21-openjdk-debuginfo redhat-upgrade-java-21-openjdk-debugsource redhat-upgrade-java-21-openjdk-demo redhat-upgrade-java-21-openjdk-demo-fastdebug redhat-upgrade-java-21-openjdk-demo-slowdebug redhat-upgrade-java-21-openjdk-devel redhat-upgrade-java-21-openjdk-devel-debuginfo redhat-upgrade-java-21-openjdk-devel-fastdebug redhat-upgrade-java-21-openjdk-devel-fastdebug-debuginfo redhat-upgrade-java-21-openjdk-devel-slowdebug redhat-upgrade-java-21-openjdk-devel-slowdebug-debuginfo redhat-upgrade-java-21-openjdk-fastdebug redhat-upgrade-java-21-openjdk-fastdebug-debuginfo redhat-upgrade-java-21-openjdk-headless redhat-upgrade-java-21-openjdk-headless-debuginfo redhat-upgrade-java-21-openjdk-headless-fastdebug redhat-upgrade-java-21-openjdk-headless-fastdebug-debuginfo redhat-upgrade-java-21-openjdk-headless-slowdebug redhat-upgrade-java-21-openjdk-headless-slowdebug-debuginfo redhat-upgrade-java-21-openjdk-javadoc redhat-upgrade-java-21-openjdk-javadoc-zip redhat-upgrade-java-21-openjdk-jmods redhat-upgrade-java-21-openjdk-jmods-fastdebug redhat-upgrade-java-21-openjdk-jmods-slowdebug redhat-upgrade-java-21-openjdk-slowdebug redhat-upgrade-java-21-openjdk-slowdebug-debuginfo redhat-upgrade-java-21-openjdk-src redhat-upgrade-java-21-openjdk-src-fastdebug redhat-upgrade-java-21-openjdk-src-slowdebug redhat-upgrade-java-21-openjdk-static-libs redhat-upgrade-java-21-openjdk-static-libs-fastdebug redhat-upgrade-java-21-openjdk-static-libs-slowdebug References CVE-2023-48161 RHSA-2024:8117 RHSA-2024:8121 RHSA-2024:8124 RHSA-2024:8127
  25. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-48706: vim security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2023-48706: vim security update Severity 4 CVSS (AV:L/AC:H/Au:N/C:N/I:N/A:C) Published 11/22/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive `:s` call causes free-ing of memory which may later then be accessed by the initial `:s` command. The user must intentionally execute the payload and the whole process is a bit tricky to do since it seems to work only reliably for the very first :s command. It may also cause a crash of Vim. Version 9.0.2121 contains a fix for this issue. Solution(s) huawei-euleros-2_0_sp10-upgrade-vim-common huawei-euleros-2_0_sp10-upgrade-vim-enhanced huawei-euleros-2_0_sp10-upgrade-vim-filesystem huawei-euleros-2_0_sp10-upgrade-vim-minimal References https://attackerkb.com/topics/cve-2023-48706 CVE - 2023-48706 EulerOS-SA-2024-1351