From 0ccafd1babb880fd0eeef46dd3a0e7a612dd4765 Mon Sep 17 00:00:00 2001 From: Github-Bot Date: Thu, 19 Dec 2024 09:26:47 +0000 Subject: [PATCH] Updated by Github Bot --- cache/Nsfocus.dat | 15 +++ data/cves.db | Bin 50544640 -> 50548736 bytes docs/index.html | 262 +++++++++++++++++++++++----------------------- 3 files changed, 146 insertions(+), 131 deletions(-) diff --git a/cache/Nsfocus.dat b/cache/Nsfocus.dat index fa33be908a1..fd19111215c 100644 --- a/cache/Nsfocus.dat +++ b/cache/Nsfocus.dat @@ -125,3 +125,18 @@ dd5e8957aca724dba08798f4ade2f0c4 b8f38e44ab356dd48f0309545a8ddeba 144e283743321111c11b228551f0f348 fd41ed18a67548fb1b9c7b902781fca2 +ed9709003f2850f368b87e359a4b7e22 +23eb8eb01674b4913bec5d4dfd506126 +9ded10f622530592b77e73cab73fd712 +b876a5b2f02222ec10b122ad1e00d8fb +dc576147fecfd45eb31b4d0242e2ffab +c5c22eeb910f94d4b2cfccc53fe024b4 +2c195fa345f7fea241d2c243163d6a67 +9b8d39aabf8eb60a83e9ce9c2c8e7915 +0212844f2b27e659025f4a9b56ea81fd +3bfcff1a2234e150346754079d41d228 +580cede073aab0290525e8476a495523 +1015f0b192d4d94710d969a1c7413e49 +c89873a677eeba2554c51232bcfdb869 +407587df3afafbf556ca40d7d64f0792 +0a62b2872bc504fa8b99f8c4402c928c diff --git a/data/cves.db b/data/cves.db index a8f14cf8999d895df213e1eaa5a10b28e2fe3927..387055078b865f2b2a4585142c44dc0de9971e01 100644 GIT binary patch delta 4610 zcmZwJXLMBM7RGUAhJ?^N20U3qiJuiin62 zDFgPd*c--*f(1Kv#YPl+!Gh)f&xd>OBAAumUitJsXYaSH%$c*Gbk3>;rI+_9>d~r| z;Vw!JjrC{{m6%FgC85$7}xZN~ub3m0eZ(sPt9YO=WkLekw_o{wjN@3{crqWuVF+mAzC3tL&|^kIKF(`>B+v z?5}cwilJhvSSq%PqvEQhRMILL6;EY|%7H2esT{0wh{{lvLsf>U3|ASUGE!xf%3&&p zs~n+nq{>k$N2`>pj8-{DWsFLN%2<_SRVr1+sf<^dpi-qWQDu_KaVnElj#rtYa)QcK z73Pyw$*JU3e3d{YR5?*)no70GNh;G-PF9(rGE=2SrB>w>l{%Grm02pYRZdkoP33fz zGgQu0IZNeim2*_iRXI;(j!J{dT$S@x=BcR41u7S+T%YSf@|Mab zmA6&iQF&M8J(c%WK2Z5kH1B@`K8cDnF_Gtn!P>HkDshepC5fJf`3TOhq*REON-hM}QC~Vj8M(5~ky1%)m_4pcbc~ z4)vIY**F!a;dGpVGjSHq#yL0_=V1;SFc;@z9uybgLR^ITxEPnJq{3~TW?n(zdk#8Y@0&)`|C!*h5Z>#+eZ;6=QIm$4DA;8nba*YO74 z#9P>exA6|%#d~-kAK*iLgpaWqpWst`hR^W@wxAhb;wx;$*Z2nC;yZkgAMhi7!q4~x z+wd!X!|(V5+wmvH7L^!>@tA-rOvEG{hsih| zQ*Z*NBAR~|IppCZK!_7D4b?aa({VCpU?yr%i&IdCdd$LXoQl(MI?lkEI16Xv9Gr{u zFb55oi}NuLiVJWdF2a0Vj7xAS7T_{0#N}9oE3g<>VhOH7Bd*3$T!Up;julvm0#;!) zuElk@9yj1d+=QEP3vR`2xE*)kPTYmNu?F|xUfhTK@c6a7l^>(>Q&fJA z$}dsb7L{M4@>^7XkIElW*&dZYqw-f&{*KB&@k@p*Pw+=9(KKXvJh9>Y0bN?nYt^Zw zL$8u`C4<_`E#6dY6fJ4Jt#x@~b$omLgxJQ|o~;_YCjBYp4So2|lF_~Qo?>?#pU-%i zw4F_*(?O8STCVHlUDL9yTt4)3nUuHX(WWiS3L_?rDzgmBDYH!1F=y7!NcuH1%Bp7t zi@OX>7HaQ{C5qd4Ny8grIfaJTe~1qlk#RCc!ys+$5Czo}WE!R$8adOme8=~kv}yQW z%FCMhv}4+V(=y0OrwWU{dnew#kevQjyr^|WUGj8_&$52g5=ABE4!w+Jb*rIN zo7+XbRI$393-e)UW-ZHh0@F2YCzW;`BklQ)>04H&#p(>rc8;nXb4*2c*0f~B$+HWa z4_XrM`)_lLIS`1$Y#vYZ;|C?%ygl4 z#xL9&Y4 zjg;k8)ztYFbwPc7^6-j@$qCiLX+d3KZ2JvtSi7fViJm(ihtXuZ4Fk2gP1II&9IU+Q zxnb6J+%O#mSt}Y`-g0a+W&0_PV~b4Maz@nn!I{;y^~r)+R2J(~c%^<@yl1{D6x`6KkuefrbA=gBF7DKwwZH$!mPjw z!)$JcM5oMgZ8Ke2GqXBhHLScmSvh)`Sr~i#ws@bNnv0G{reP0lZXL~W22r^TXWGqK zp<(e8(Gf{RF|&#B z{J>{?Da&$g!}Y8j??u|qXLD&g^wXx*q9e8|^}p>JS2Me=y1rocY!mBVxPQvFcCy%N8x3 zO><;fdG*Zc$&ppZ@;n;G=w)ka63G_NM{AO-rgei8i6OgOd0bI(r>9zV&UI?)`u(S| zHAPKHBNp4Qq%pZ__`8QjpVK*-_*6c}$fmgRnKUo4YdB#xlk>bVlXo1$%6nEO-(mnM zFKrh7T(Ui0TBslJLcG_`_nu8nXBv8IbEl}|Nks5sxtX*d+SxE0=0ev^<+G0Ar~Q-@ l@|d;km@|<{*Uzl34U&~nEjw~tVa>)^qW_N9fqv88e*h9!bYlPj delta 2954 zcmWmGWsnwR7=>Z>TUM4%VJYcUkVd+tq&tKIl1d8F$P$M}x@74_Nr5F@P(iv8>CQ#E zLGk{6T=%@c&&)IPMlP5T5g9olVp96BusCrF6q%g4Tu9hZSs_-y3bo=|Vb%v$JS*Ia zZzZr2T8XU0RuU_zmCQl?LtG(61>S%ScI$K{`-&kF&u2wgzyVb+$X?<(;vU*$JS$(X& zRzIu1HNYBZ4YCGX-&;ehNNcDy%o=WuuxyRAMp>h+G1gdXoHgE>VEtfCv?f`Tttr-2 zYnnCPnqkefW?8eXAFVl7lr`6yXU(@3SPQL1)?#akwbWW>Ew@%!E3H-5Pu9=YYHN+P z)>>z+w>DV6SR1WP)@Cc(+G1_BwprV)9oA0kS1ZQaW$m_pvwpY!u=ZGctv{`O)_&`N zbw^R;+d3`p0@;J+vNKkF6)xQ|p=a+z(zl^`G^Aj6x>EXoyB=j3#J`W@wHUXo)Y;3at^`zYW^rE3`vpfzIEhm@jlXaPf8#99;XE$jA}--FuHY)J;W}>MCT`(2?%*!&Ar|-X4<6tl9^o;b z;3=NrIbPr;Ug0&~;4R+aU;KynA!8Ka{1HGX;vx(mARfXI9|@2UiI5mckQB*~94U|z zsqi6EBMl;u7U_^48ITblArmqq3$h{`vLgp_A{TNa5Axz;e1d$)k55qm1yKlvQ3OR% z48`#oN}wc4p)|^%EXtugDxe}Np)#uAb5un&R7VZe#22WA+NguNsE7J!fQD#<#%O}3 zXolu!ftL6Zt1q8EDOJM=+c^h19P zz(5SbV0@1uh{R9~!*Gm%F%qLN8e=dP<1ii*@B=1d5+-8`reYeVV+Lko7G~o|%s~|9 zVjkvW0TyBr7GnvPVi}fW1y*7ee!|aKjWt+{by$xL_yrrW37Zj(E!c`}*p408iC+o>Fn16zK5X{419tHC_m?yzJ4dz)e&x3gp%*$Y2 z1@k(XH^ICO=3OxV2J>Gq?*rpXM}_hT35_Wo6$sroJbq~S-Z)9Z6QvH1PX1`{rqJjD RS9-<`i`knyG_+)z{{g}Cb8G+r diff --git a/docs/index.html b/docs/index.html index f848d81de0a..9487a82900b 100644 --- a/docs/index.html +++ b/docs/index.html @@ -1,4 +1,4 @@ - + @@ -366,7 +366,7 @@

眈眈探求 | + 2024-12-17 16:15:25 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This aligned BR/EDR JUST_WORKS method with LE which since 92516cd97fd4 ("Bluetooth: Always request for user confirmation for Just Works") always request user confirmation with confirm_hint set since the likes of bluetoothd have dedicated policy around JUST_WORKS method (e.g. main.conf:JustWorksRepairing). CVE: CVE-2024-8805 详情 @@ -374,7 +374,7 @@

眈眈探求 | + 2024-12-17 16:15:25 A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. 详情 @@ -382,7 +382,7 @@

眈眈探求 | + 2024-12-17 16:15:25 A maliciously crafted DWF file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. 详情 @@ -390,7 +390,7 @@

眈眈探求 | + 2024-12-17 16:15:25 A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. 详情 @@ -398,7 +398,7 @@

眈眈探求 | + 2024-12-17 16:15:24 A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. 详情 @@ -406,7 +406,7 @@

眈眈探求 | + 2024-12-17 16:15:24 A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. 详情 @@ -414,7 +414,7 @@

眈眈探求 | + 2024-12-17 16:15:24 A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. 详情 @@ -422,7 +422,7 @@

眈眈探求 | + 2024-12-17 16:15:24 A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. 详情 @@ -430,7 +430,7 @@

眈眈探求 | + 2024-12-17 16:15:24 A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. 详情 @@ -438,7 +438,7 @@

眈眈探求 | + 2024-12-17 16:15:24 A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. 详情 @@ -1987,6 +1987,126 @@

眈眈探求 | TITLE URL + + ed9709003f2850f368b87e359a4b7e22 + CVE-2024-28731 + 2024-12-19 09:24:35 + D-Link DWR-2000M跨站请求伪造漏洞 + 详情 + + + + 23eb8eb01674b4913bec5d4dfd506126 + CVE-2024-10038 + 2024-12-19 09:24:35 + WordPress WP-Strava Plugin跨站脚本漏洞 + 详情 + + + + 9ded10f622530592b77e73cab73fd712 + CVE-2024-9816 + 2024-12-19 09:24:35 + Codezips Tourist Management System代码问题漏洞 + 详情 + + + + b876a5b2f02222ec10b122ad1e00d8fb + CVE-2024-9487 + 2024-12-19 09:24:35 + GitHub Enterprise Server身份验证绕过漏洞 + 详情 + + + + dc576147fecfd45eb31b4d0242e2ffab + CVE-2024-45317 + 2024-12-19 09:24:35 + SonicWALL SMA1000代码问题漏洞 + 详情 + + + + c5c22eeb910f94d4b2cfccc53fe024b4 + CVE-2023-42133 + 2024-12-19 09:24:35 + PAX Android based POS权限提升漏洞 + 详情 + + + + 2c195fa345f7fea241d2c243163d6a67 + CVE-2024-9814 + 2024-12-19 09:24:35 + Codezips Pharmacy Management System SQL注入漏洞 + 详情 + + + + 9b8d39aabf8eb60a83e9ce9c2c8e7915 + CVE-2024-10629 + 2024-12-19 09:24:35 + WordPress GPX Viewer Plugin任意文件创建漏洞 + 详情 + + + + 0212844f2b27e659025f4a9b56ea81fd + CVE-2024-9817 + 2024-12-19 09:24:35 + code-projects Blood Bank System SQL注入漏洞 + 详情 + + + + 3bfcff1a2234e150346754079d41d228 + CVE-2024-21534 + 2024-12-19 09:24:35 + JSONPath Plus远程代码执行漏洞 + 详情 + + + + 580cede073aab0290525e8476a495523 + CVE-2024-5005 + 2024-12-19 09:24:35 + GitLab信息泄露漏洞 + 详情 + + + + 1015f0b192d4d94710d969a1c7413e49 + CVE-2024-47648 + 2024-12-19 09:24:35 + WordPress plugin EventPrime输入验证错误漏洞 + 详情 + + + + c89873a677eeba2554c51232bcfdb869 + CVE-2024-21541 + 2024-12-19 09:24:35 + npm dom-iterator任意代码执行漏洞 + 详情 + + + + 407587df3afafbf556ca40d7d64f0792 + CVE-2024-48987 + 2024-12-19 09:24:35 + snipe Snipe-IT远程代码执行漏洞 + 详情 + + + + 0a62b2872bc504fa8b99f8c4402c928c + CVE-2024-6971 + 2024-12-19 09:24:35 + Saifeddine ALOUI LoLLMs路径遍历漏洞 + 详情 + + 10f515684e689350774b3821a07710ca CVE-2024-47877 @@ -2107,126 +2227,6 @@

眈眈探求 | 详情 - - f409078609f0f287b00da0020a54c3c5 - CVE-2024-9595 - 2024-12-17 12:49:25 - WordPress plugin Rescue Shortcodes跨站脚本漏洞 - 详情 - - - - 94a4a3a96616ad9e78d4d387e910ea0d - CVE-2024-8915 - 2024-12-17 12:49:25 - WordPress plugin Category Icon跨站脚本漏洞 - 详情 - - - - a045fdfed483a6b82c1abdce92b3244c - CVE-2024-8760 - 2024-12-17 12:49:25 - WordPress plugin Stackable代码注入漏洞 - 详情 - - - - dfd6c0eb3e813a24d2fd241466c12a8b - CVE-2024-9756 - 2024-12-17 12:49:25 - WordPress plugin Order Attachments for WooCommerce任意文件上传漏洞 - 详情 - - - - 6798cb252ea27ac01ecbdaa4189ec33c - CVE-2024-9047 - 2024-12-17 12:49:25 - WordPress plugin WordPress File Upload路径遍历漏洞 - 详情 - - - - 42f107ad9bf5e5a33f973cc71bde8c90 - CVE-2024-9824 - 2024-12-17 12:49:25 - WordPress plugin ImagePress未授权的信息修改漏洞 - 详情 - - - - fd0e20ab2ce121f81777e02c0a54b61e - CVE-2024-9656 - 2024-12-17 12:49:25 - WordPress plugin Mynx Page Builder存储型跨站脚本漏洞 - 详情 - - - - e2b888238e25b7a09020985a2ad58cb2 - CVE-2024-7489 - 2024-12-17 12:49:25 - WordPress plugin Forms for Mailchimp by Optin Cat跨站脚本漏洞 - 详情 - - - - 472bf7c82769d3596bcc7fb5a607e24d - CVE-2024-9821 - 2024-12-17 12:49:25 - WordPress plugin Bot for Telegram on WooCommerce信息泄露漏洞 - 详情 - - - - d421c26d109aa0bf3818ff9f13500e2b - CVE-2024-9592 - 2024-12-17 12:49:25 - WordPress plugin Easy PayPal Gift Certificate跨站请求伪造漏洞 - 详情 - - - - 2aa1de7e99518325f1a477f1798a0101 - CVE-2024-35517 - 2024-12-17 12:49:25 - NETGEAR XR1000命令注入漏洞 - 详情 - - - - c5217cf47ec49f32f380d795346635ab - CVE-2024-9776 - 2024-12-17 12:49:25 - WordPress plugin ImagePress跨站脚本漏洞 - 详情 - - - - f52153daa607c5ca66d7fbdde0d61dc5 - CVE-2024-9778 - 2024-12-17 12:49:25 - WordPress plugin ImagePress跨站请求伪造漏洞 - 详情 - - - - bfa87c55759360c6e077c2241eaa3c6d - CVE-2024-35522 - 2024-12-17 12:49:25 - NETGEAR EX3700命令注入漏洞 - 详情 - - - - 808c841a59d7814eb9e76f0988429a05 - CVE-2024-9696 - 2024-12-17 12:49:25 - WordPress plugin Rescue Shortcodes跨站脚本漏洞 - 详情 - -