ISHACK AI BOT

Debian: CVE-2023-5482: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/01/2023 Created 11/07/2023 Added 11/06/2023 Modified 01/28/2025 Description Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-5482 CVE - 2023-5482 DSA-5546-1

Huawei EulerOS: CVE-2023-38472: avahi security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 11/02/2023 Created 02/13/2024 Added 02/12/2024 Modified 01/28/2025 Description A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function. Solution(s) huawei-euleros-2_0_sp9-upgrade-avahi-libs References https://attackerkb.com/topics/cve-2023-38472 CVE - 2023-38472 EulerOS-SA-2024-1191

Debian: CVE-2023-5857: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/01/2023 Created 11/07/2023 Added 11/06/2023 Modified 01/28/2025 Description Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially execute arbitrary code via a malicious file. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-5857 CVE - 2023-5857 DSA-5546-1

OS X update for ImageIO (CVE-2022-32897) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 11/01/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.5. Processing a maliciously crafted tiff file may lead to arbitrary code execution. Solution(s) apple-osx-upgrade-12_5 References https://attackerkb.com/topics/cve-2022-32897 CVE - 2022-32897 https://support.apple.com/kb/HT213345

OS X update for IOAcceleratorFamily (CVE-2023-32378) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 11/01/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. An app may be able to execute arbitrary code with kernel privileges. Solution(s) apple-osx-upgrade-11_7_5 apple-osx-upgrade-12_6_4 apple-osx-upgrade-13_3 References https://attackerkb.com/topics/cve-2023-32378 CVE - 2023-32378 https://support.apple.com/kb/HT213670 https://support.apple.com/kb/HT213675 https://support.apple.com/kb/HT213677

OS X update for AMD (CVE-2023-32436) Severity 6 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:C) Published 11/01/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. Solution(s) apple-osx-upgrade-13_3 References https://attackerkb.com/topics/cve-2023-32436 CVE - 2023-32436 https://support.apple.com/kb/HT213670

Cisco ASA: CVE-2023-20086: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software ICMPv6 Message Processing Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/01/2023 Created 11/10/2023 Added 11/07/2023 Modified 12/02/2024 Description A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 messages. An attacker could exploit this vulnerability by sending crafted ICMPv6 messages to a targeted Cisco ASA or FTD system with IPv6 enabled. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Solution(s) cisco-asa-update-latest References https://attackerkb.com/topics/cve-2023-20086 CVE - 2023-20086 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-icmpv6-t5TzqwNd cisco-sa-asa-icmpv6-t5TzqwNd

CentOS Linux: CVE-2023-1192: Important: kernel-rt security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 11/01/2023 Created 11/30/2023 Added 11/29/2023 Modified 01/28/2025 Description A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service. Solution(s) centos-upgrade-kernel centos-upgrade-kernel-rt References CVE-2023-1192

Cisco ASA: CVE-2023-20264: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SAML Assertion Hijack Vulnerability Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 11/01/2023 Created 11/10/2023 Added 11/08/2023 Modified 01/22/2025 Description A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a remote access VPN session. This vulnerability is due to insufficient validation of the login URL. An attacker could exploit this vulnerability by persuading a user to access a site that is under the control of the attacker, allowing the attacker to modify the login URL. A successful exploit could allow the attacker to intercept a successful SAML assertion and use that assertion to establish a remote access VPN session toward the affected device with the identity and permissions of the hijacked user, resulting in access to the protected network. Solution(s) cisco-asa-update-latest References https://attackerkb.com/topics/cve-2023-20264 CVE - 2023-20264 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-hijack-ttuQfyz cisco-sa-asaftd-saml-hijack-ttuQfyz

Cisco ASA: CVE-2023-20095: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access VPN Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/01/2023 Created 11/10/2023 Added 11/07/2023 Modified 11/13/2024 Description A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of HTTPS requests. An attacker could exploit this vulnerability by sending crafted HTTPS requests to an affected system. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a DoS condition. Solution(s) cisco-asa-update-latest References https://attackerkb.com/topics/cve-2023-20095 CVE - 2023-20095 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-dos-3GhZQBAS cisco-sa-asa-webvpn-dos-3GhZQBAS

Debian: CVE-2023-5853: chromium -- security update Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 11/01/2023 Created 11/07/2023 Added 11/06/2023 Modified 01/28/2025 Description Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-5853 CVE - 2023-5853 DSA-5546-1

Microsoft Edge Chromium: CVE-2023-5856 Use after free in Side Panel Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/01/2023 Created 11/04/2023 Added 11/03/2023 Modified 01/28/2025 Description Use after free in Side Panel in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-5856 CVE - 2023-5856 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-5856

Debian: CVE-2023-5856: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/01/2023 Created 11/07/2023 Added 11/06/2023 Modified 01/28/2025 Description Use after free in Side Panel in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-5856 CVE - 2023-5856 DSA-5546-1

Debian: CVE-2023-5854: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/01/2023 Created 11/07/2023 Added 11/06/2023 Modified 01/28/2025 Description Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-5854 CVE - 2023-5854 DSA-5546-1

Debian: CVE-2023-5178: linux -- security update Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 11/01/2023 Created 01/09/2024 Added 01/08/2024 Modified 01/28/2025 Description A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-5178 CVE - 2023-5178 DSA-5594-1

Debian: CVE-2023-5859: chromium -- security update Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 11/01/2023 Created 11/07/2023 Added 11/06/2023 Modified 01/28/2025 Description Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-5859 CVE - 2023-5859 DSA-5546-1

Debian: CVE-2023-5852: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/01/2023 Created 11/07/2023 Added 11/06/2023 Modified 01/28/2025 Description Use after free in Printing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-5852 CVE - 2023-5852 DSA-5546-1

Debian: CVE-2023-5849: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/01/2023 Created 11/07/2023 Added 11/06/2023 Modified 01/28/2025 Description Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-5849 CVE - 2023-5849 DSA-5546-1

Zoho ManageEngine ServiceDesk Plus MSP: Stored XSS (CVE-2023-49943) Severity 5 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:N) Published 11/01/2023 Created 01/15/2025 Added 01/14/2025 Modified 01/14/2025 Description An Stored xss vulnerability in the request task feature has been fixed and released in the ServiceDesk Plus MSP version 14504. Solution(s) zoho-manageengine-servicedesk-plus-msp-upgrade-latest References https://attackerkb.com/topics/cve-2023-49943 CVE - 2023-49943 https://manageengine.com https://www.manageengine.com/products/service-desk-msp/CVE-2023-49943.html

OS X update for Kernel (CVE-2022-26758) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/01/2023 Created 11/01/2023 Added 11/01/2023 Modified 10/14/2024 Description A memory corruption issue was addressed with improved state management. Solution(s) apple-osx-upgrade-12_4 References https://attackerkb.com/topics/cve-2022-26758 CVE - 2022-26758 https://support.apple.com/kb/HT213257

SUSE: CVE-2023-5850: SUSE Linux Security Advisory Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 11/01/2023 Created 11/16/2023 Added 11/15/2023 Modified 01/28/2025 Description Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-gn References https://attackerkb.com/topics/cve-2023-5850 CVE - 2023-5850

Rocky Linux: CVE-2023-46724: squid-4 (RLSA-2024-0046) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/01/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/30/2025 Description Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages. Solution(s) rocky-upgrade-libecap rocky-upgrade-libecap-debuginfo rocky-upgrade-libecap-debugsource rocky-upgrade-libecap-devel rocky-upgrade-squid rocky-upgrade-squid-debuginfo rocky-upgrade-squid-debugsource References https://attackerkb.com/topics/cve-2023-46724 CVE - 2023-46724 https://errata.rockylinux.org/RLSA-2024:0046

FreeBSD: (Multiple Advisories) (CVE-2023-5849): electron{25,26} -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/01/2023 Created 11/07/2023 Added 11/04/2023 Modified 01/28/2025 Description Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-electron25 freebsd-upgrade-package-electron26 freebsd-upgrade-package-qt6-webengine freebsd-upgrade-package-ungoogled-chromium References CVE-2023-5849

OS X update for Networking (CVE-2022-42839) Severity 2 CVSS (AV:L/AC:M/Au:N/C:P/I:N/A:N) Published 11/01/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. An app may be able to read sensitive location information. Solution(s) apple-osx-upgrade-13_1 References https://attackerkb.com/topics/cve-2022-42839 CVE - 2022-42839 https://support.apple.com/kb/HT213532

Cisco FTD: CVE-2023-20245: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software AnyConnect Access Control List Bypass Vulnerabilities Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 11/01/2023 Created 02/07/2025 Added 01/29/2025 Modified 02/12/2025 Description Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilities are due to a logic error that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit these vulnerabilities by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to bypass the interface ACL and access resources that would should be protected. Solution(s) cisco-ftd-upgrade-latest References https://attackerkb.com/topics/cve-2023-20245 CVE - 2023-20245 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb