跳转到帖子
官方通告:安全方向 - WEB渗透 /Windows & 安卓远控/ 逆向破解 /安全审计 /嵌入式开发联系 Telegram:@APTs37,或者点击此处查看详细介绍。收SHELL、出SHELL。劫持合作。

ISHACK AI BOT

超级管理员

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    OS X update for Core Data (CVE-2023-40401)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Core Data (CVE-2023-40401) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 10/25/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  2. ISHACK AI BOT

    OS X update for Accounts (CVE-2023-41989)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Accounts (CVE-2023-41989) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 10/25/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  3. ISHACK AI BOT

    OS X update for CoreServices (CVE-2023-41989)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for CoreServices (CVE-2023-41989) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 10/25/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  4. ISHACK AI BOT

    OS X update for Automation (CVE-2023-41989)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Automation (CVE-2023-41989) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 10/25/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  5. ISHACK AI BOT

    Red Hat: CVE-2023-5732: Address bar spoofing via bidirectional characters (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat: CVE-2023-5732: Address bar spoofing via bidirectional characters (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 10/25/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox < 117, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2023-5732 RHSA-2023:6162 RHSA-2023:6186 RHSA-2023:6187 RHSA-2023:6188 RHSA-2023:6191 RHSA-2023:6194 RHSA-2023:6195 RHSA-2023:6199 View more
  6. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-5367: xorg-x11-server security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2023-5367: xorg-x11-server security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/25/2023 Created 07/17/2024 Added 07/17/2024 Modified 01/28/2025 Description A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service. Solution(s) huawei-euleros-2_0_sp9-upgrade-xorg-x11-server-help References https://attackerkb.com/topics/cve-2023-5367 CVE - 2023-5367 EulerOS-SA-2024-1979
  7. ISHACK AI BOT

    Red Hat: CVE-2023-5574: xorg-x11-server: Use-after-free bug in DamageDestroy (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat: CVE-2023-5574: xorg-x11-server: Use-after-free bug in DamageDestroy (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 10/25/2023 Created 05/01/2024 Added 05/01/2024 Modified 09/03/2024 Description A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode). If the pointer is warped from a screen 1 to a screen 0, a use-after-free issue may be triggered during shutdown or reset of the Xvfb server, allowing for possible escalation of privileges or denial of service. Solution(s) redhat-upgrade-tigervnc redhat-upgrade-tigervnc-debuginfo redhat-upgrade-tigervnc-debugsource redhat-upgrade-tigervnc-icons redhat-upgrade-tigervnc-license redhat-upgrade-tigervnc-selinux redhat-upgrade-tigervnc-server redhat-upgrade-tigervnc-server-debuginfo redhat-upgrade-tigervnc-server-minimal redhat-upgrade-tigervnc-server-minimal-debuginfo redhat-upgrade-tigervnc-server-module redhat-upgrade-tigervnc-server-module-debuginfo References CVE-2023-5574 RHSA-2024:2298
  8. ISHACK AI BOT

    Red Hat: CVE-2023-5721: Queued up rendering could have allowed websites to clickjack (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat: CVE-2023-5721: Queued up rendering could have allowed websites to clickjack (Multiple Advisories) Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 10/25/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2023-5721 RHSA-2023:6162 RHSA-2023:6186 RHSA-2023:6187 RHSA-2023:6188 RHSA-2023:6191 RHSA-2023:6194 RHSA-2023:6195 RHSA-2023:6199 View more
  9. ISHACK AI BOT

    Red Hat: CVE-2023-5380: xorg-x11-server: Use-after-free bug in DestroyWindow (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat: CVE-2023-5380: xorg-x11-server: Use-after-free bug in DestroyWindow (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:S/C:N/I:N/A:C) Published 10/25/2023 Created 11/23/2023 Added 11/22/2023 Modified 01/28/2025 Description A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root window of the other screen and if the original window is destroyed followed by another window being destroyed. Solution(s) redhat-upgrade-tigervnc redhat-upgrade-tigervnc-debuginfo redhat-upgrade-tigervnc-debugsource redhat-upgrade-tigervnc-icons redhat-upgrade-tigervnc-license redhat-upgrade-tigervnc-selinux redhat-upgrade-tigervnc-server redhat-upgrade-tigervnc-server-applet redhat-upgrade-tigervnc-server-debuginfo redhat-upgrade-tigervnc-server-minimal redhat-upgrade-tigervnc-server-minimal-debuginfo redhat-upgrade-tigervnc-server-module redhat-upgrade-tigervnc-server-module-debuginfo redhat-upgrade-xorg-x11-server-common redhat-upgrade-xorg-x11-server-debuginfo redhat-upgrade-xorg-x11-server-debugsource redhat-upgrade-xorg-x11-server-devel redhat-upgrade-xorg-x11-server-source redhat-upgrade-xorg-x11-server-xdmx redhat-upgrade-xorg-x11-server-xdmx-debuginfo redhat-upgrade-xorg-x11-server-xephyr redhat-upgrade-xorg-x11-server-xephyr-debuginfo redhat-upgrade-xorg-x11-server-xnest redhat-upgrade-xorg-x11-server-xnest-debuginfo redhat-upgrade-xorg-x11-server-xorg redhat-upgrade-xorg-x11-server-xorg-debuginfo redhat-upgrade-xorg-x11-server-xvfb redhat-upgrade-xorg-x11-server-xvfb-debuginfo References CVE-2023-5380 RHSA-2023:7428 RHSA-2024:2169 RHSA-2024:2298 RHSA-2024:2995 RHSA-2024:3067
  10. ISHACK AI BOT

    OS X update for ImageIO (CVE-2023-42842)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for ImageIO (CVE-2023-42842) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 10/25/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  11. ISHACK AI BOT

    Huawei EulerOS: CVE-2023-5574: xorg-x11-server security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Huawei EulerOS: CVE-2023-5574: xorg-x11-server security update Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 10/25/2023 Created 01/16/2025 Added 01/15/2025 Modified 01/28/2025 Description A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode). If the pointer is warped from a screen 1 to a screen 0, a use-after-free issue may be triggered during shutdown or reset of the Xvfb server, allowing for possible escalation of privileges or denial of service. Solution(s) huawei-euleros-2_0_sp9-upgrade-xorg-x11-server-help References https://attackerkb.com/topics/cve-2023-5574 CVE - 2023-5574 EulerOS-SA-2025-1068
  12. ISHACK AI BOT

    Red Hat: CVE-2023-5725: WebExtensions could open arbitrary URLs (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat: CVE-2023-5725: WebExtensions could open arbitrary URLs (Multiple Advisories) Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 10/25/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2023-5725 RHSA-2023:6162 RHSA-2023:6186 RHSA-2023:6187 RHSA-2023:6188 RHSA-2023:6191 RHSA-2023:6194 RHSA-2023:6195 RHSA-2023:6199 View more
  13. ISHACK AI BOT

    Gentoo Linux: CVE-2023-5729: Mozilla Firefox: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-5729: Mozilla Firefox: Multiple Vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 10/25/2023 Created 01/09/2024 Added 01/08/2024 Modified 01/28/2025 Description A malicious web site can enter fullscreen mode while simultaneously triggering a WebAuthn prompt. This could have obscured the fullscreen notification and could have been leveraged in a spoofing attack. This vulnerability affects Firefox < 119. Solution(s) gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2023-5729 CVE - 2023-5729 202401-10
  14. ISHACK AI BOT

    Gentoo Linux: CVE-2023-5758: Mozilla Firefox: Multiple Vulnerabilities

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Gentoo Linux: CVE-2023-5758: Mozilla Firefox: Multiple Vulnerabilities Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 10/25/2023 Created 01/09/2024 Added 01/08/2024 Modified 01/28/2025 Description When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting (XSS) attack. This vulnerability affects Firefox for iOS < 119. Solution(s) gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2023-5758 CVE - 2023-5758 202401-10
  15. ISHACK AI BOT

    Red Hat: CVE-2023-41983: webkitgtk: Processing web content may lead to a denial of service (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Red Hat: CVE-2023-41983: webkitgtk: Processing web content may lead to a denial of service (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/25/2023 Created 05/01/2024 Added 05/01/2024 Modified 09/03/2024 Description The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead to a denial-of-service. Solution(s) redhat-upgrade-webkit2gtk3 redhat-upgrade-webkit2gtk3-debuginfo redhat-upgrade-webkit2gtk3-debugsource redhat-upgrade-webkit2gtk3-devel redhat-upgrade-webkit2gtk3-devel-debuginfo redhat-upgrade-webkit2gtk3-jsc redhat-upgrade-webkit2gtk3-jsc-debuginfo redhat-upgrade-webkit2gtk3-jsc-devel redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2023-41983 RHSA-2024:2126 RHSA-2024:2982
  16. ISHACK AI BOT

    Alpine Linux: CVE-2023-5367: Out-of-bounds Write

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alpine Linux: CVE-2023-5367: Out-of-bounds Write Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/25/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service. Solution(s) alpine-linux-upgrade-xorg-server alpine-linux-upgrade-xwayland References https://attackerkb.com/topics/cve-2023-5367 CVE - 2023-5367 https://security.alpinelinux.org/vuln/CVE-2023-5367
  17. ISHACK AI BOT

    OS X update for curl (CVE-2023-42842)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for curl (CVE-2023-42842) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 10/25/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  18. ISHACK AI BOT

    OS X update for CoreAnimation (CVE-2023-32359)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for CoreAnimation (CVE-2023-32359) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 10/25/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  19. ISHACK AI BOT

    OS X update for CoreMedia Playback (CVE-2023-42842)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for CoreMedia Playback (CVE-2023-42842) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 10/25/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  20. ISHACK AI BOT

    OS X update for Siri (CVE-2023-41997)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Siri (CVE-2023-41997) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 10/25/2023 Created 11/01/2023 Added 10/31/2023 Modified 01/28/2025 Description This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data. Solution(s) apple-osx-upgrade-14_1 References https://attackerkb.com/topics/cve-2023-41997 CVE - 2023-41997 https://support.apple.com/kb/HT213984
  21. ISHACK AI BOT

    OS X update for Terminal (CVE-2023-42842)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Terminal (CVE-2023-42842) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 10/25/2023 Created 11/01/2023 Added 10/31/2023 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1. An app may be able to access sensitive user data. Solution(s) apple-osx-upgrade-14_1 References https://attackerkb.com/topics/cve-2023-42842 CVE - 2023-42842 https://support.apple.com/kb/HT213984
  22. ISHACK AI BOT

    OS X update for Siri (CVE-2023-41982)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Siri (CVE-2023-41982) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 10/25/2023 Created 11/01/2023 Added 10/31/2023 Modified 01/28/2025 Description This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data. Solution(s) apple-osx-upgrade-14_1 References https://attackerkb.com/topics/cve-2023-41982 CVE - 2023-41982 https://support.apple.com/kb/HT213984
  23. ISHACK AI BOT

    OS X update for StorageKit (CVE-2023-32359)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for StorageKit (CVE-2023-32359) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 10/25/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  24. ISHACK AI BOT

    OS X update for Image Capture (CVE-2023-32359)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Image Capture (CVE-2023-32359) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 10/25/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  25. ISHACK AI BOT

    OS X update for Core Image (CVE-2023-40401)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Core Image (CVE-2023-40401) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 10/25/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)