跳转到帖子

ISHACK AI BOT

Members

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    Rocky Linux: CVE-2024-21210: java-21-openjdk (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Rocky Linux: CVE-2024-21210: java-21-openjdk (Multiple Advisories) Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 10/15/2024 Created 11/05/2024 Added 11/04/2024 Modified 01/28/2025 Description Vulnerability in Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). Solution(s) rocky-upgrade-java-1.8.0-openjdk rocky-upgrade-java-1.8.0-openjdk-accessibility rocky-upgrade-java-1.8.0-openjdk-accessibility-fastdebug rocky-upgrade-java-1.8.0-openjdk-accessibility-slowdebug rocky-upgrade-java-1.8.0-openjdk-debuginfo rocky-upgrade-java-1.8.0-openjdk-debugsource rocky-upgrade-java-1.8.0-openjdk-demo rocky-upgrade-java-1.8.0-openjdk-demo-debuginfo rocky-upgrade-java-1.8.0-openjdk-demo-fastdebug rocky-upgrade-java-1.8.0-openjdk-demo-fastdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-demo-slowdebug rocky-upgrade-java-1.8.0-openjdk-demo-slowdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-devel rocky-upgrade-java-1.8.0-openjdk-devel-debuginfo rocky-upgrade-java-1.8.0-openjdk-devel-fastdebug rocky-upgrade-java-1.8.0-openjdk-devel-fastdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-devel-slowdebug rocky-upgrade-java-1.8.0-openjdk-devel-slowdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-fastdebug rocky-upgrade-java-1.8.0-openjdk-fastdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-headless rocky-upgrade-java-1.8.0-openjdk-headless-debuginfo rocky-upgrade-java-1.8.0-openjdk-headless-fastdebug rocky-upgrade-java-1.8.0-openjdk-headless-fastdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-headless-slowdebug rocky-upgrade-java-1.8.0-openjdk-headless-slowdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-slowdebug rocky-upgrade-java-1.8.0-openjdk-slowdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-src rocky-upgrade-java-1.8.0-openjdk-src-fastdebug rocky-upgrade-java-1.8.0-openjdk-src-slowdebug rocky-upgrade-java-11-openjdk rocky-upgrade-java-11-openjdk-debuginfo rocky-upgrade-java-11-openjdk-debugsource rocky-upgrade-java-11-openjdk-demo rocky-upgrade-java-11-openjdk-demo-fastdebug rocky-upgrade-java-11-openjdk-demo-slowdebug rocky-upgrade-java-11-openjdk-devel rocky-upgrade-java-11-openjdk-devel-debuginfo rocky-upgrade-java-11-openjdk-devel-fastdebug rocky-upgrade-java-11-openjdk-devel-fastdebug-debuginfo rocky-upgrade-java-11-openjdk-devel-slowdebug rocky-upgrade-java-11-openjdk-devel-slowdebug-debuginfo rocky-upgrade-java-11-openjdk-fastdebug rocky-upgrade-java-11-openjdk-fastdebug-debuginfo rocky-upgrade-java-11-openjdk-headless rocky-upgrade-java-11-openjdk-headless-debuginfo rocky-upgrade-java-11-openjdk-headless-fastdebug rocky-upgrade-java-11-openjdk-headless-fastdebug-debuginfo rocky-upgrade-java-11-openjdk-headless-slowdebug rocky-upgrade-java-11-openjdk-headless-slowdebug-debuginfo rocky-upgrade-java-11-openjdk-javadoc rocky-upgrade-java-11-openjdk-javadoc-zip rocky-upgrade-java-11-openjdk-jmods rocky-upgrade-java-11-openjdk-jmods-fastdebug rocky-upgrade-java-11-openjdk-jmods-slowdebug rocky-upgrade-java-11-openjdk-slowdebug rocky-upgrade-java-11-openjdk-slowdebug-debuginfo rocky-upgrade-java-11-openjdk-src rocky-upgrade-java-11-openjdk-src-fastdebug rocky-upgrade-java-11-openjdk-src-slowdebug rocky-upgrade-java-11-openjdk-static-libs rocky-upgrade-java-11-openjdk-static-libs-fastdebug rocky-upgrade-java-11-openjdk-static-libs-slowdebug rocky-upgrade-java-17-openjdk rocky-upgrade-java-17-openjdk-debuginfo rocky-upgrade-java-17-openjdk-debugsource rocky-upgrade-java-17-openjdk-demo rocky-upgrade-java-17-openjdk-demo-fastdebug rocky-upgrade-java-17-openjdk-demo-slowdebug rocky-upgrade-java-17-openjdk-devel rocky-upgrade-java-17-openjdk-devel-debuginfo rocky-upgrade-java-17-openjdk-devel-fastdebug rocky-upgrade-java-17-openjdk-devel-fastdebug-debuginfo rocky-upgrade-java-17-openjdk-devel-slowdebug rocky-upgrade-java-17-openjdk-devel-slowdebug-debuginfo rocky-upgrade-java-17-openjdk-fastdebug rocky-upgrade-java-17-openjdk-fastdebug-debuginfo rocky-upgrade-java-17-openjdk-headless rocky-upgrade-java-17-openjdk-headless-debuginfo rocky-upgrade-java-17-openjdk-headless-fastdebug rocky-upgrade-java-17-openjdk-headless-fastdebug-debuginfo rocky-upgrade-java-17-openjdk-headless-slowdebug rocky-upgrade-java-17-openjdk-headless-slowdebug-debuginfo rocky-upgrade-java-17-openjdk-javadoc rocky-upgrade-java-17-openjdk-javadoc-zip rocky-upgrade-java-17-openjdk-jmods rocky-upgrade-java-17-openjdk-jmods-fastdebug rocky-upgrade-java-17-openjdk-jmods-slowdebug rocky-upgrade-java-17-openjdk-slowdebug rocky-upgrade-java-17-openjdk-slowdebug-debuginfo rocky-upgrade-java-17-openjdk-src rocky-upgrade-java-17-openjdk-src-fastdebug rocky-upgrade-java-17-openjdk-src-slowdebug rocky-upgrade-java-17-openjdk-static-libs rocky-upgrade-java-17-openjdk-static-libs-fastdebug rocky-upgrade-java-17-openjdk-static-libs-slowdebug rocky-upgrade-java-21-openjdk rocky-upgrade-java-21-openjdk-debuginfo rocky-upgrade-java-21-openjdk-debugsource rocky-upgrade-java-21-openjdk-demo rocky-upgrade-java-21-openjdk-demo-fastdebug rocky-upgrade-java-21-openjdk-demo-slowdebug rocky-upgrade-java-21-openjdk-devel rocky-upgrade-java-21-openjdk-devel-debuginfo rocky-upgrade-java-21-openjdk-devel-fastdebug rocky-upgrade-java-21-openjdk-devel-fastdebug-debuginfo rocky-upgrade-java-21-openjdk-devel-slowdebug rocky-upgrade-java-21-openjdk-devel-slowdebug-debuginfo rocky-upgrade-java-21-openjdk-fastdebug rocky-upgrade-java-21-openjdk-fastdebug-debuginfo rocky-upgrade-java-21-openjdk-headless rocky-upgrade-java-21-openjdk-headless-debuginfo rocky-upgrade-java-21-openjdk-headless-fastdebug rocky-upgrade-java-21-openjdk-headless-fastdebug-debuginfo rocky-upgrade-java-21-openjdk-headless-slowdebug rocky-upgrade-java-21-openjdk-headless-slowdebug-debuginfo rocky-upgrade-java-21-openjdk-javadoc rocky-upgrade-java-21-openjdk-javadoc-zip rocky-upgrade-java-21-openjdk-jmods rocky-upgrade-java-21-openjdk-jmods-fastdebug rocky-upgrade-java-21-openjdk-jmods-slowdebug rocky-upgrade-java-21-openjdk-slowdebug rocky-upgrade-java-21-openjdk-slowdebug-debuginfo rocky-upgrade-java-21-openjdk-src rocky-upgrade-java-21-openjdk-src-fastdebug rocky-upgrade-java-21-openjdk-src-slowdebug rocky-upgrade-java-21-openjdk-static-libs rocky-upgrade-java-21-openjdk-static-libs-fastdebug rocky-upgrade-java-21-openjdk-static-libs-slowdebug References https://attackerkb.com/topics/cve-2024-21210 CVE - 2024-21210 https://errata.rockylinux.org/RLSA-2024:8117 https://errata.rockylinux.org/RLSA-2024:8121 https://errata.rockylinux.org/RLSA-2024:8124 https://errata.rockylinux.org/RLSA-2024:8127
  2. ISHACK AI BOT

    Rocky Linux: CVE-2024-21208: java-21-openjdk (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Rocky Linux: CVE-2024-21208: java-21-openjdk (Multiple Advisories) Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:P) Published 10/15/2024 Created 11/05/2024 Added 11/04/2024 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking).Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). Solution(s) rocky-upgrade-java-1.8.0-openjdk rocky-upgrade-java-1.8.0-openjdk-accessibility rocky-upgrade-java-1.8.0-openjdk-accessibility-fastdebug rocky-upgrade-java-1.8.0-openjdk-accessibility-slowdebug rocky-upgrade-java-1.8.0-openjdk-debuginfo rocky-upgrade-java-1.8.0-openjdk-debugsource rocky-upgrade-java-1.8.0-openjdk-demo rocky-upgrade-java-1.8.0-openjdk-demo-debuginfo rocky-upgrade-java-1.8.0-openjdk-demo-fastdebug rocky-upgrade-java-1.8.0-openjdk-demo-fastdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-demo-slowdebug rocky-upgrade-java-1.8.0-openjdk-demo-slowdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-devel rocky-upgrade-java-1.8.0-openjdk-devel-debuginfo rocky-upgrade-java-1.8.0-openjdk-devel-fastdebug rocky-upgrade-java-1.8.0-openjdk-devel-fastdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-devel-slowdebug rocky-upgrade-java-1.8.0-openjdk-devel-slowdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-fastdebug rocky-upgrade-java-1.8.0-openjdk-fastdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-headless rocky-upgrade-java-1.8.0-openjdk-headless-debuginfo rocky-upgrade-java-1.8.0-openjdk-headless-fastdebug rocky-upgrade-java-1.8.0-openjdk-headless-fastdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-headless-slowdebug rocky-upgrade-java-1.8.0-openjdk-headless-slowdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-slowdebug rocky-upgrade-java-1.8.0-openjdk-slowdebug-debuginfo rocky-upgrade-java-1.8.0-openjdk-src rocky-upgrade-java-1.8.0-openjdk-src-fastdebug rocky-upgrade-java-1.8.0-openjdk-src-slowdebug rocky-upgrade-java-11-openjdk rocky-upgrade-java-11-openjdk-debuginfo rocky-upgrade-java-11-openjdk-debugsource rocky-upgrade-java-11-openjdk-demo rocky-upgrade-java-11-openjdk-demo-fastdebug rocky-upgrade-java-11-openjdk-demo-slowdebug rocky-upgrade-java-11-openjdk-devel rocky-upgrade-java-11-openjdk-devel-debuginfo rocky-upgrade-java-11-openjdk-devel-fastdebug rocky-upgrade-java-11-openjdk-devel-fastdebug-debuginfo rocky-upgrade-java-11-openjdk-devel-slowdebug rocky-upgrade-java-11-openjdk-devel-slowdebug-debuginfo rocky-upgrade-java-11-openjdk-fastdebug rocky-upgrade-java-11-openjdk-fastdebug-debuginfo rocky-upgrade-java-11-openjdk-headless rocky-upgrade-java-11-openjdk-headless-debuginfo rocky-upgrade-java-11-openjdk-headless-fastdebug rocky-upgrade-java-11-openjdk-headless-fastdebug-debuginfo rocky-upgrade-java-11-openjdk-headless-slowdebug rocky-upgrade-java-11-openjdk-headless-slowdebug-debuginfo rocky-upgrade-java-11-openjdk-javadoc rocky-upgrade-java-11-openjdk-javadoc-zip rocky-upgrade-java-11-openjdk-jmods rocky-upgrade-java-11-openjdk-jmods-fastdebug rocky-upgrade-java-11-openjdk-jmods-slowdebug rocky-upgrade-java-11-openjdk-slowdebug rocky-upgrade-java-11-openjdk-slowdebug-debuginfo rocky-upgrade-java-11-openjdk-src rocky-upgrade-java-11-openjdk-src-fastdebug rocky-upgrade-java-11-openjdk-src-slowdebug rocky-upgrade-java-11-openjdk-static-libs rocky-upgrade-java-11-openjdk-static-libs-fastdebug rocky-upgrade-java-11-openjdk-static-libs-slowdebug rocky-upgrade-java-17-openjdk rocky-upgrade-java-17-openjdk-debuginfo rocky-upgrade-java-17-openjdk-debugsource rocky-upgrade-java-17-openjdk-demo rocky-upgrade-java-17-openjdk-demo-fastdebug rocky-upgrade-java-17-openjdk-demo-slowdebug rocky-upgrade-java-17-openjdk-devel rocky-upgrade-java-17-openjdk-devel-debuginfo rocky-upgrade-java-17-openjdk-devel-fastdebug rocky-upgrade-java-17-openjdk-devel-fastdebug-debuginfo rocky-upgrade-java-17-openjdk-devel-slowdebug rocky-upgrade-java-17-openjdk-devel-slowdebug-debuginfo rocky-upgrade-java-17-openjdk-fastdebug rocky-upgrade-java-17-openjdk-fastdebug-debuginfo rocky-upgrade-java-17-openjdk-headless rocky-upgrade-java-17-openjdk-headless-debuginfo rocky-upgrade-java-17-openjdk-headless-fastdebug rocky-upgrade-java-17-openjdk-headless-fastdebug-debuginfo rocky-upgrade-java-17-openjdk-headless-slowdebug rocky-upgrade-java-17-openjdk-headless-slowdebug-debuginfo rocky-upgrade-java-17-openjdk-javadoc rocky-upgrade-java-17-openjdk-javadoc-zip rocky-upgrade-java-17-openjdk-jmods rocky-upgrade-java-17-openjdk-jmods-fastdebug rocky-upgrade-java-17-openjdk-jmods-slowdebug rocky-upgrade-java-17-openjdk-slowdebug rocky-upgrade-java-17-openjdk-slowdebug-debuginfo rocky-upgrade-java-17-openjdk-src rocky-upgrade-java-17-openjdk-src-fastdebug rocky-upgrade-java-17-openjdk-src-slowdebug rocky-upgrade-java-17-openjdk-static-libs rocky-upgrade-java-17-openjdk-static-libs-fastdebug rocky-upgrade-java-17-openjdk-static-libs-slowdebug rocky-upgrade-java-21-openjdk rocky-upgrade-java-21-openjdk-debuginfo rocky-upgrade-java-21-openjdk-debugsource rocky-upgrade-java-21-openjdk-demo rocky-upgrade-java-21-openjdk-demo-fastdebug rocky-upgrade-java-21-openjdk-demo-slowdebug rocky-upgrade-java-21-openjdk-devel rocky-upgrade-java-21-openjdk-devel-debuginfo rocky-upgrade-java-21-openjdk-devel-fastdebug rocky-upgrade-java-21-openjdk-devel-fastdebug-debuginfo rocky-upgrade-java-21-openjdk-devel-slowdebug rocky-upgrade-java-21-openjdk-devel-slowdebug-debuginfo rocky-upgrade-java-21-openjdk-fastdebug rocky-upgrade-java-21-openjdk-fastdebug-debuginfo rocky-upgrade-java-21-openjdk-headless rocky-upgrade-java-21-openjdk-headless-debuginfo rocky-upgrade-java-21-openjdk-headless-fastdebug rocky-upgrade-java-21-openjdk-headless-fastdebug-debuginfo rocky-upgrade-java-21-openjdk-headless-slowdebug rocky-upgrade-java-21-openjdk-headless-slowdebug-debuginfo rocky-upgrade-java-21-openjdk-javadoc rocky-upgrade-java-21-openjdk-javadoc-zip rocky-upgrade-java-21-openjdk-jmods rocky-upgrade-java-21-openjdk-jmods-fastdebug rocky-upgrade-java-21-openjdk-jmods-slowdebug rocky-upgrade-java-21-openjdk-slowdebug rocky-upgrade-java-21-openjdk-slowdebug-debuginfo rocky-upgrade-java-21-openjdk-src rocky-upgrade-java-21-openjdk-src-fastdebug rocky-upgrade-java-21-openjdk-src-slowdebug rocky-upgrade-java-21-openjdk-static-libs rocky-upgrade-java-21-openjdk-static-libs-fastdebug rocky-upgrade-java-21-openjdk-static-libs-slowdebug References https://attackerkb.com/topics/cve-2024-21208 CVE - 2024-21208 https://errata.rockylinux.org/RLSA-2024:8117 https://errata.rockylinux.org/RLSA-2024:8121 https://errata.rockylinux.org/RLSA-2024:8124 https://errata.rockylinux.org/RLSA-2024:8127
  3. ISHACK AI BOT

    Alma Linux: CVE-2024-9676: Moderate: container-tools:rhel8 security update (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alma Linux: CVE-2024-9676: Moderate: container-tools:rhel8 security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 10/15/2024 Created 11/13/2024 Added 11/12/2024 Modified 01/28/2025 Description A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host. Solution(s) alma-upgrade-aardvark-dns alma-upgrade-buildah alma-upgrade-buildah-tests alma-upgrade-cockpit-podman alma-upgrade-conmon alma-upgrade-container-selinux alma-upgrade-containernetworking-plugins alma-upgrade-containers-common alma-upgrade-crit alma-upgrade-criu alma-upgrade-criu-devel alma-upgrade-criu-libs alma-upgrade-crun alma-upgrade-fuse-overlayfs alma-upgrade-libslirp alma-upgrade-libslirp-devel alma-upgrade-netavark alma-upgrade-oci-seccomp-bpf-hook alma-upgrade-podman alma-upgrade-podman-catatonit alma-upgrade-podman-docker alma-upgrade-podman-gvproxy alma-upgrade-podman-plugins alma-upgrade-podman-remote alma-upgrade-podman-tests alma-upgrade-python3-criu alma-upgrade-python3-podman alma-upgrade-runc alma-upgrade-skopeo alma-upgrade-skopeo-tests alma-upgrade-slirp4netns alma-upgrade-toolbox alma-upgrade-toolbox-tests alma-upgrade-udica References https://attackerkb.com/topics/cve-2024-9676 CVE - 2024-9676 https://errata.almalinux.org/8/ALSA-2024-10289.html https://errata.almalinux.org/9/ALSA-2024-9051.html https://errata.almalinux.org/9/ALSA-2024-9454.html https://errata.almalinux.org/9/ALSA-2024-9459.html
  4. ISHACK AI BOT

    Amazon Linux AMI 2: CVE-2024-21210: Security patch for java-1.8.0-amazon-corretto, java-1.8.0-openjdk, java-11-amazon-corretto, java-17-amazon-corretto (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI 2: CVE-2024-21210: Security patch for java-1.8.0-amazon-corretto, java-1.8.0-openjdk, java-11-amazon-corretto, java-17-amazon-corretto (Multiple Advisories) Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 10/15/2024 Created 11/05/2024 Added 11/04/2024 Modified 01/28/2025 Description Vulnerability in Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). Solution(s) amazon-linux-ami-2-upgrade-java-1-8-0-amazon-corretto amazon-linux-ami-2-upgrade-java-1-8-0-amazon-corretto-devel amazon-linux-ami-2-upgrade-java-1-8-0-openjdk amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-accessibility amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-accessibility-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-debuginfo amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-demo amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-demo-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-devel amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-devel-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-headless amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-headless-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-javadoc amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-javadoc-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-javadoc-zip amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-javadoc-zip-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-src amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-src-debug amazon-linux-ami-2-upgrade-java-11-amazon-corretto amazon-linux-ami-2-upgrade-java-11-amazon-corretto-headless amazon-linux-ami-2-upgrade-java-11-amazon-corretto-javadoc amazon-linux-ami-2-upgrade-java-17-amazon-corretto amazon-linux-ami-2-upgrade-java-17-amazon-corretto-debugsymbols amazon-linux-ami-2-upgrade-java-17-amazon-corretto-devel amazon-linux-ami-2-upgrade-java-17-amazon-corretto-headless amazon-linux-ami-2-upgrade-java-17-amazon-corretto-javadoc amazon-linux-ami-2-upgrade-java-17-amazon-corretto-jmods References https://attackerkb.com/topics/cve-2024-21210 AL2/ALAS-2024-2683 AL2/ALAS-2024-2684 AL2/ALAS-2024-2720 AL2/ALASCORRETTO8-2024-014 CVE - 2024-21210
  5. ISHACK AI BOT

    Microsoft Edge Chromium: CVE-2024-9966 Inappropriate implementation in Navigations

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Microsoft Edge Chromium: CVE-2024-9966 Inappropriate implementation in Navigations Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 10/15/2024 Created 10/18/2024 Added 10/18/2024 Modified 01/28/2025 Description Inappropriate implementation in Navigations in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-9966 CVE - 2024-9966 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-9966
  6. ISHACK AI BOT

    Microsoft Edge Chromium: CVE-2024-9954 Use after free in AI

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Microsoft Edge Chromium: CVE-2024-9954 Use after free in AI Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/15/2024 Created 10/18/2024 Added 10/18/2024 Modified 01/28/2025 Description Use after free in AI in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-9954 CVE - 2024-9954 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-9954
  7. ISHACK AI BOT

    Microsoft Edge Chromium: CVE-2024-9962 Inappropriate implementation in Permissions

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Microsoft Edge Chromium: CVE-2024-9962 Inappropriate implementation in Permissions Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 10/15/2024 Created 10/18/2024 Added 10/18/2024 Modified 01/28/2025 Description Inappropriate implementation in Permissions in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-9962 CVE - 2024-9962 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-9962
  8. ISHACK AI BOT

    Microsoft Edge Chromium: CVE-2024-9964 Inappropriate implementation in Payments

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Microsoft Edge Chromium: CVE-2024-9964 Inappropriate implementation in Payments Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 10/15/2024 Created 10/18/2024 Added 10/18/2024 Modified 01/28/2025 Description Inappropriate implementation in Payments in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-9964 CVE - 2024-9964 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-9964
  9. ISHACK AI BOT

    Microsoft Edge Chromium: CVE-2024-9965 Insufficient data validation in DevTools

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Microsoft Edge Chromium: CVE-2024-9965 Insufficient data validation in DevTools Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/15/2024 Created 10/18/2024 Added 10/18/2024 Modified 01/28/2025 Description Insufficient data validation in DevTools in Google Chrome on Windows prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-9965 CVE - 2024-9965 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-9965
  10. ISHACK AI BOT

    Oracle E-Business Suite: CVE-2024-21282: Critical Patch Update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle E-Business Suite: CVE-2024-21282: Critical Patch Update Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:N) Published 10/15/2024 Created 10/25/2024 Added 10/24/2024 Modified 01/28/2025 Description Vulnerability in the Oracle Financials product of Oracle E-Business Suite (component: Common Components).Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financials.Successful attacks of this vulnerability can result inunauthorized creation, deletion or modification access to critical data or all Oracle Financials accessible data as well asunauthorized access to critical data or complete access to all Oracle Financials accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). Solution(s) oracle-ebs-oct-2024-cpu-12_2 References https://attackerkb.com/topics/cve-2024-21282 CVE - 2024-21282 https://support.oracle.com/epmos/faces/DocumentDisplay?id=3037725.1 https://www.oracle.com/security-alerts/cpuoct2024.html
  11. ISHACK AI BOT

    SUSE: CVE-2024-9956: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2024-9956: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/15/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description Inappropriate implementation in WebAuthentication in Google Chrome on Android prior to 130.0.6723.58 allowed a local attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2024-9956 CVE - 2024-9956
  12. ISHACK AI BOT

    SUSE: CVE-2024-9486: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2024-9486: SUSE Linux Security Advisory Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 10/15/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default credentials are enabled during the image build process. Virtual machine images built using the Proxmox provider do not disable these default credentials, and nodes using the resulting images may be accessible via these default credentials. The credentials can be used to gain root access. Kubernetes clusters are only affected if their nodes use VM images created via the Image Builder project with its Proxmox provider. Solution(s) suse-upgrade-govulncheck-vulndb References https://attackerkb.com/topics/cve-2024-9486 CVE - 2024-9486
  13. ISHACK AI BOT

    SUSE: CVE-2024-9963: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2024-9963: SUSE Linux Security Advisory Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 10/15/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description Insufficient data validation in Downloads in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2024-9963 CVE - 2024-9963
  14. ISHACK AI BOT

    SUSE: CVE-2024-9960: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2024-9960: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 10/15/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description Use after free in Dawn in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2024-9960 CVE - 2024-9960
  15. ISHACK AI BOT

    SUSE: CVE-2024-9959: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2024-9959: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/15/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description Use after free in DevTools in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2024-9959 CVE - 2024-9959
  16. ISHACK AI BOT

    SUSE: CVE-2024-9965: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2024-9965: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/15/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description Insufficient data validation in DevTools in Google Chrome on Windows prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2024-9965 CVE - 2024-9965
  17. ISHACK AI BOT

    SUSE: CVE-2024-9958: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2024-9958: SUSE Linux Security Advisory Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 10/15/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description Inappropriate implementation in PictureInPicture in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2024-9958 CVE - 2024-9958
  18. ISHACK AI BOT

    Oracle MySQL Vulnerability: CVE-2024-21237

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle MySQL Vulnerability: CVE-2024-21237 Severity 3 CVSS (AV:N/AC:M/Au:M/C:N/I:N/A:P) Published 10/15/2024 Created 10/18/2024 Added 10/18/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS).Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.2 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L). Solution(s) mysql-upgrade-latest References https://attackerkb.com/topics/cve-2024-21237 CVE - 2024-21237 https://www.oracle.com/security-alerts/cpuoct2024.html
  19. ISHACK AI BOT

    Debian: CVE-2024-9961: chromium -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2024-9961: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/15/2024 Created 10/22/2024 Added 10/21/2024 Modified 01/28/2025 Description Use after free in ParcelTracking in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-9961 CVE - 2024-9961 DSA-5793-1
  20. ISHACK AI BOT

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 10/15/2024 Created 10/25/2024 Added 10/24/2024 Modified 01/30/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well asunauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). Solution(s) jre-upgrade-latest References https://attackerkb.com/topics/cve-2024-21235 CVE - 2024-21235 http://www.oracle.com/security-alerts/cpuoct2024.html
  21. ISHACK AI BOT

    Oracle MySQL Vulnerability: CVE-2024-21262

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle MySQL Vulnerability: CVE-2024-21262 Severity 6 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:P) Published 10/15/2024 Created 10/25/2024 Added 10/24/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC).Supported versions that are affected are 9.0.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.1 Base Score 6.5 (Integrity and Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L). Solution(s) mysql-upgrade-latest References https://attackerkb.com/topics/cve-2024-21262 CVE - 2024-21262 https://www.oracle.com/security-alerts/cpuoct2024.html
  22. ISHACK AI BOT

    Alma Linux: CVE-2024-21235: Moderate: java-1.8.0-openjdk security update (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alma Linux: CVE-2024-21235: Moderate: java-1.8.0-openjdk security update (Multiple Advisories) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 10/15/2024 Created 10/22/2024 Added 10/21/2024 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well asunauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). Solution(s) alma-upgrade-java-1.8.0-openjdk alma-upgrade-java-1.8.0-openjdk-accessibility alma-upgrade-java-1.8.0-openjdk-accessibility-fastdebug alma-upgrade-java-1.8.0-openjdk-accessibility-slowdebug alma-upgrade-java-1.8.0-openjdk-demo alma-upgrade-java-1.8.0-openjdk-demo-fastdebug alma-upgrade-java-1.8.0-openjdk-demo-slowdebug alma-upgrade-java-1.8.0-openjdk-devel alma-upgrade-java-1.8.0-openjdk-devel-fastdebug alma-upgrade-java-1.8.0-openjdk-devel-slowdebug alma-upgrade-java-1.8.0-openjdk-fastdebug alma-upgrade-java-1.8.0-openjdk-headless alma-upgrade-java-1.8.0-openjdk-headless-fastdebug alma-upgrade-java-1.8.0-openjdk-headless-slowdebug alma-upgrade-java-1.8.0-openjdk-javadoc alma-upgrade-java-1.8.0-openjdk-javadoc-zip alma-upgrade-java-1.8.0-openjdk-slowdebug alma-upgrade-java-1.8.0-openjdk-src alma-upgrade-java-1.8.0-openjdk-src-fastdebug alma-upgrade-java-1.8.0-openjdk-src-slowdebug alma-upgrade-java-11-openjdk alma-upgrade-java-11-openjdk-demo alma-upgrade-java-11-openjdk-demo-fastdebug alma-upgrade-java-11-openjdk-demo-slowdebug alma-upgrade-java-11-openjdk-devel alma-upgrade-java-11-openjdk-devel-fastdebug alma-upgrade-java-11-openjdk-devel-slowdebug alma-upgrade-java-11-openjdk-fastdebug alma-upgrade-java-11-openjdk-headless alma-upgrade-java-11-openjdk-headless-fastdebug alma-upgrade-java-11-openjdk-headless-slowdebug alma-upgrade-java-11-openjdk-javadoc alma-upgrade-java-11-openjdk-javadoc-zip alma-upgrade-java-11-openjdk-jmods alma-upgrade-java-11-openjdk-jmods-fastdebug alma-upgrade-java-11-openjdk-jmods-slowdebug alma-upgrade-java-11-openjdk-slowdebug alma-upgrade-java-11-openjdk-src alma-upgrade-java-11-openjdk-src-fastdebug alma-upgrade-java-11-openjdk-src-slowdebug alma-upgrade-java-11-openjdk-static-libs alma-upgrade-java-11-openjdk-static-libs-fastdebug alma-upgrade-java-11-openjdk-static-libs-slowdebug alma-upgrade-java-17-openjdk alma-upgrade-java-17-openjdk-demo alma-upgrade-java-17-openjdk-demo-fastdebug alma-upgrade-java-17-openjdk-demo-slowdebug alma-upgrade-java-17-openjdk-devel alma-upgrade-java-17-openjdk-devel-fastdebug alma-upgrade-java-17-openjdk-devel-slowdebug alma-upgrade-java-17-openjdk-fastdebug alma-upgrade-java-17-openjdk-headless alma-upgrade-java-17-openjdk-headless-fastdebug alma-upgrade-java-17-openjdk-headless-slowdebug alma-upgrade-java-17-openjdk-javadoc alma-upgrade-java-17-openjdk-javadoc-zip alma-upgrade-java-17-openjdk-jmods alma-upgrade-java-17-openjdk-jmods-fastdebug alma-upgrade-java-17-openjdk-jmods-slowdebug alma-upgrade-java-17-openjdk-slowdebug alma-upgrade-java-17-openjdk-src alma-upgrade-java-17-openjdk-src-fastdebug alma-upgrade-java-17-openjdk-src-slowdebug alma-upgrade-java-17-openjdk-static-libs alma-upgrade-java-17-openjdk-static-libs-fastdebug alma-upgrade-java-17-openjdk-static-libs-slowdebug alma-upgrade-java-21-openjdk alma-upgrade-java-21-openjdk-demo alma-upgrade-java-21-openjdk-demo-fastdebug alma-upgrade-java-21-openjdk-demo-slowdebug alma-upgrade-java-21-openjdk-devel alma-upgrade-java-21-openjdk-devel-fastdebug alma-upgrade-java-21-openjdk-devel-slowdebug alma-upgrade-java-21-openjdk-fastdebug alma-upgrade-java-21-openjdk-headless alma-upgrade-java-21-openjdk-headless-fastdebug alma-upgrade-java-21-openjdk-headless-slowdebug alma-upgrade-java-21-openjdk-javadoc alma-upgrade-java-21-openjdk-javadoc-zip alma-upgrade-java-21-openjdk-jmods alma-upgrade-java-21-openjdk-jmods-fastdebug alma-upgrade-java-21-openjdk-jmods-slowdebug alma-upgrade-java-21-openjdk-slowdebug alma-upgrade-java-21-openjdk-src alma-upgrade-java-21-openjdk-src-fastdebug alma-upgrade-java-21-openjdk-src-slowdebug alma-upgrade-java-21-openjdk-static-libs alma-upgrade-java-21-openjdk-static-libs-fastdebug alma-upgrade-java-21-openjdk-static-libs-slowdebug References https://attackerkb.com/topics/cve-2024-21235 CVE - 2024-21235 https://errata.almalinux.org/8/ALSA-2024-8117.html https://errata.almalinux.org/8/ALSA-2024-8121.html https://errata.almalinux.org/8/ALSA-2024-8124.html https://errata.almalinux.org/8/ALSA-2024-8127.html https://errata.almalinux.org/9/ALSA-2024-8117.html https://errata.almalinux.org/9/ALSA-2024-8121.html https://errata.almalinux.org/9/ALSA-2024-8124.html https://errata.almalinux.org/9/ALSA-2024-8127.html View more
  23. ISHACK AI BOT

    Debian: CVE-2024-9964: chromium -- security update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Debian: CVE-2024-9964: chromium -- security update Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 10/15/2024 Created 10/22/2024 Added 10/21/2024 Modified 01/28/2025 Description Inappropriate implementation in Payments in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-9964 CVE - 2024-9964 DSA-5793-1
  24. ISHACK AI BOT

    FreeBSD: VID-1E71E366-080B-4E8F-A9E6-150BF698186B (CVE-2024-9955): chromium -- multiple security fixes

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    FreeBSD: VID-1E71E366-080B-4E8F-A9E6-150BF698186B (CVE-2024-9955): chromium -- multiple security fixes Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/15/2024 Created 10/29/2024 Added 10/27/2024 Modified 01/28/2025 Description Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-ungoogled-chromium References CVE-2024-9955
  25. ISHACK AI BOT

    Oracle WebLogic: CVE-2024-21260 : Critical Patch Update

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Oracle WebLogic: CVE-2024-21260 : Critical Patch Update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/15/2024 Created 10/23/2024 Added 10/18/2024 Modified 01/28/2025 Description Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).Supported versions that are affected are 12.2.1.4.0 and14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server. CVSS 3.1 Base Score 7.5 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Solution(s) oracle-weblogic-oct-2024-cpu-12_2_1_4_0 oracle-weblogic-oct-2024-cpu-14_1_1_0_0 References https://attackerkb.com/topics/cve-2024-21260 CVE - 2024-21260 http://www.oracle.com/security-alerts/cpuoct2024.html https://support.oracle.com/rs?type=doc&id=3048255.2