diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat index f7107707142..b6978be6ddd 100644 --- a/cache/Tenable (Nessus).dat +++ b/cache/Tenable (Nessus).dat @@ -168,3 +168,13 @@ bee45b386c594c24dba45dee5300c086 f7a6a3f3c452b7fcec243f360b4410f3 8ce945cb9073650bae227404afc1ac0c cb18a1a829b5e896d059f89ed0ea6506 +3aa370916d7693e046267144a41045d5 +7394ad54ea5cfecf16c44ca325766a55 +01f3ab32d4923ab15ff26a5c0dd2252f +97c4b8438a627e6398170982959869e3 +4e852442438d081475e76d53907c0b1d +a4ff18657d26c66cad75072596031452 +8e6c151521ba806991bed6a65f6d6afa +cf46e57588594d6ef37da1e5cc6b521f +bd9aa95a2b29bd09789d4e077b5134f9 +83231ce0e4aebbe43c412aaac391d414 diff --git a/data/cves.db b/data/cves.db index 2e395a82aae..21e3e8285f8 100644 Binary files a/data/cves.db and b/data/cves.db differ diff --git a/docs/index.html b/docs/index.html index e01c2a449f5..ec85b0dd8d6 100644 --- a/docs/index.html +++ b/docs/index.html @@ -1,4 +1,4 @@ - + @@ -283,10 +283,90 @@

眈眈探求 | TITLE URL + + 3aa370916d7693e046267144a41045d5 + CVE-2024-49193 + 2024-10-12 14:15:02 + Zendesk before 2024-07-02 allows remote attackers to read ticket history via e-mail spoofing, because Cc fields are extracted from incoming e-mail messages and used to grant additional authorization for ticket viewing, the mechanism for detecting spoofed e-mail messages is insufficient, and the support e-mail addresses associated with individual tickets are predictable. + 详情 + + + + 7394ad54ea5cfecf16c44ca325766a55 + CVE-2024-9894 + 2024-10-12 13:15:13 + A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file reset.php. The manipulation of the argument useremail leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. + 详情 + + + + 01f3ab32d4923ab15ff26a5c0dd2252f + CVE-2024-8902 + 2024-10-12 10:15:03 + The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.13.8 via the render_column function in modules/data-table/widgets/data-table.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data. + 详情 + + + + 97c4b8438a627e6398170982959869e3 + CVE-2024-8757 + 2024-10-12 10:15:02 + The WP Post Author – Boost Your Blog's Engagement with Author Box, Social Links, Co-Authors, Guest Authors, Post Rating System, and Custom User Registration Form Builder plugin for WordPress is vulnerable to time-based SQL Injection via the linked_user_id parameter in all versions up to, and including, 3.8.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + 详情 + + + + 4e852442438d081475e76d53907c0b1d + CVE-2024-9696 + 2024-10-12 09:15:03 + The Rescue Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rescue_tab' shortcode in all versions up to, and including, 2.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + 详情 + + + + a4ff18657d26c66cad75072596031452 + CVE-2024-9595 + 2024-10-12 09:15:03 + The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the table cell content in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + 详情 + + + + 8e6c151521ba806991bed6a65f6d6afa + CVE-2024-8915 + 2024-10-12 09:15:02 + The Category Icon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. + 详情 + + + + cf46e57588594d6ef37da1e5cc6b521f + CVE-2024-8760 + 2024-10-12 09:15:02 + The Stackable – Page Builder Gutenberg Blocks plugin for WordPress is vulnerable to CSS Injection in all versions up to, and including, 3.13.6. This makes it possible for unauthenticated attackers to embed untrusted style information into comments resulting in a possibility of data exfiltration such as admin nonces with limited impact. These nonces could be used to perform CSRF attacks within a limited time window. The presence of other plugins may make additional nonces available, which may pose a risk in plugins that don't perform capability checks to protect AJAX actions or other actions reachable by lower-privileged users. + 详情 + + + + bd9aa95a2b29bd09789d4e077b5134f9 + CVE-2024-9756 + 2024-10-12 07:15:02 + The Order Attachments for WooCommerce plugin for WordPress is vulnerable to unauthorized limited arbitrary file uploads due to a missing capability check on the wcoa_add_attachment AJAX action in versions 2.0 to 2.4.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload limited file types. + 详情 + + + + 83231ce0e4aebbe43c412aaac391d414 + CVE-2024-9704 + 2024-10-12 07:15:02 + The Social Sharing (by Danny) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dvk_social_sharing' shortcode in all versions up to, and including, 1.3.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + 详情 + + 9f4c5e4f9bdeaeb76801955a8f2387a3 CVE-2024-6985 - 2024-10-11 15:38:08 + 2024-10-11 15:38:08 A path traversal vulnerability exists in the api open_personality_folder endpoint of parisneo/lollms-webui. This vulnerability allows an attacker to read any folder in the personality_folder on the victim's computer, even though sanitize_path is set. The issue arises due to improper sanitization of the personality_folder parameter, which can be exploited to traverse directories and access arbitrary files. 详情 @@ -294,7 +374,7 @@

眈眈探求 | + 2024-10-11 15:36:33 An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover. GUID exhaustion will trigger a syslog message like one of the following: evo-pfemand[]: get_next_guid: Ran out of Guid Space ... evo-aftmand-zx[]: get_next_guid: Ran out of Guid Space ... The leak can be monitored by running the following command and taking note of the values in the rightmost column labeled Guids: user@host> show platform application-info allocations app evo-pfemand/evo-pfemand In case one or more of these values are constantly increasing the leak is happening. This issue affects Junos OS Evolved: * All versions before 21.4R2-EVO, * 22.1 versions before 22.1R2-EVO. Please note that this issue is similar to, but different from CVE-2024-47505 and CVE-2024-47508. 详情 @@ -302,7 +382,7 @@

眈眈探求 | + 2024-10-11 15:35:58 An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover. GUID exhaustion will trigger a syslog message like one of the following: evo-pfemand[]: get_next_guid: Ran out of Guid Space ... evo-aftmand-zx[]: get_next_guid: Ran out of Guid Space ... The leak can be monitored by running the following command and taking note of the values in the rightmost column labeled Guids: user@host> show platform application-info allocations app evo-pfemand/evo-pfemand In case one or more of these values are constantly increasing the leak is happening. This issue affects Junos OS Evolved: * All versions before 21.2R3-S8-EVO, * 21.3 versions before 21.3R3-EVO; * 21.4 versions before 22.1R2-EVO, * 22.1 versions before 22.1R1-S1-EVO, 22.1R2-EVO. Please note that this issue is similar to, but different from CVE-2024-47505 and CVE-2024-47509. 详情 @@ -310,7 +390,7 @@

眈眈探求 | + 2024-10-11 15:35:24 An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover. GUID exhaustion will trigger a syslog message like one of the following: evo-pfemand[]: get_next_guid: Ran out of Guid Space ... evo-aftmand-zx[]: get_next_guid: Ran out of Guid Space ... The leak can be monitored by running the following command and taking note of the values in the rightmost column labeled Guids: user@host> show platform application-info allocations app evo-pfemand/evo-pfemand In case one or more of these values are constantly increasing the leak is happening. This issue affects Junos OS Evolved: * All versions before 21.4R3-S7-EVO, * 22.1 versions before 22.1R3-S6-EVO, * 22.2 versions before 22.2R3-EVO, * 22.3 versions before 22.3R3-EVO, * 22.4 versions before 22.4R2-EVO. Please note that this issue is similar to, but different from CVE-2024-47508 and CVE-2024-47509. 详情 @@ -318,7 +398,7 @@

眈眈探求 | + 2024-10-11 15:18:54 In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE" and "PUBLISH" packets. 详情 @@ -326,7 +406,7 @@

眈眈探求 | + 2024-10-11 15:17:45 A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges. 详情 @@ -334,7 +414,7 @@

眈眈探求 | + 2024-10-11 15:17:35 A DLL hijack vulnerability was reported in Lenovo PC Manager AI intelligent scenario that could allow a local attacker to execute code with elevated privileges. 详情 @@ -342,7 +422,7 @@

眈眈探求 | + 2024-10-11 15:17:03 A DLL hijack vulnerability was reported in Lenovo Personal Cloud that could allow a local attacker to execute code with elevated privileges. 详情 @@ -350,7 +430,7 @@

眈眈探求 | + 2024-10-11 15:16:54 A DLL hijack vulnerability was reported in Lenovo Baiying that could allow a local attacker to execute code with elevated privileges. 详情 @@ -358,7 +438,7 @@

眈眈探求 | + 2024-10-11 15:16:44 A DLL hijack vulnerability was reported in Lenovo Leyun that could allow a local attacker to execute code with elevated privileges. 详情 @@ -443,86 +523,6 @@

眈眈探求 | 详情 - - 4b0e3d6ba62b645859b02ee236ddfed6 - CVE-2024-9675 - 2024-10-09 15:15:17 - A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah. - 详情 - - - - 7cc2ce445eee380aeefafd320d6e36ea - CVE-2024-9671 - 2024-10-09 15:15:17 - A vulnerability was found in 3Scale. There is no auth mechanism to see a PDF invoice of a Developer user if the URL is known. Anyone can see the invoice if the URL is known or guessed. - 详情 - - - - 66a0e0f0247a580c96ef0720c2b26e75 - CVE-2024-8048 - 2024-10-09 15:15:17 - In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible using object injection via insecure expression evaluation. - 详情 - - - - b49ccbb7dc60d5a40c114eb8d749f97a - CVE-2024-8015 - 2024-10-09 15:15:17 - In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure type resolution vulnerability. - 详情 - - - - 8cb5affd02ee85bee6e92671e1d7ba96 - CVE-2024-8014 - 2024-10-09 15:15:16 - In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible through object injection via an insecure type resolution vulnerability. - 详情 - - - - 7d2929795cca282b8d51ff29d04e323e - CVE-2024-7840 - 2024-10-09 15:15:16 - In Progress Telerik Reporting versions prior to 2024 Q3 (2024.3.924), a command injection attack is possible through improper neutralization of hyperlink elements. - 详情 - - - - f53bb28287e6047e747a03d247e65973 - CVE-2024-7294 - 2024-10-09 15:15:16 - In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), an HTTP DoS attack is possible on anonymous endpoints without rate limiting. - 详情 - - - - e118c55d332902b96be360221d288ebe - CVE-2024-7293 - 2024-10-09 15:15:16 - In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute forcing attack is possible through weak password requirements. - 详情 - - - - a527326d291d1c4543a041fe01037b2a - CVE-2024-7292 - 2024-10-09 15:15:15 - In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential stuffing attack is possible through improper restriction of excessive login attempts. - 详情 - - - - a3cd5d3170d5bb34afedb2701802eded - CVE-2024-47673 - 2024-10-09 15:15:15 - In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: pause TCM when the firmware is stopped Not doing so will make us send a host command to the transport while the firmware is not alive, which will trigger a WARNING. bad state = 0 WARNING: CPU: 2 PID: 17434 at drivers/net/wireless/intel/iwlwifi/iwl-trans.c:115 iwl_trans_send_cmd+0x1cb/0x1e0 [iwlwifi] RIP: 0010:iwl_trans_send_cmd+0x1cb/0x1e0 [iwlwifi] Call Trace: iwl_mvm_send_cmd+0x40/0xc0 [iwlmvm] iwl_mvm_config_scan+0x198/0x260 [iwlmvm] iwl_mvm_recalc_tcm+0x730/0x11d0 [iwlmvm] iwl_mvm_tcm_work+0x1d/0x30 [iwlmvm] process_one_work+0x29e/0x640 worker_thread+0x2df/0x690 ? rescuer_thread+0x540/0x540 kthread+0x192/0x1e0 ? set_kthread_struct+0x90/0x90 ret_from_fork+0x22/0x30 - 详情 - - @@ -2110,7 +2110,7 @@

眈眈探求 | + 2024-10-11 09:23:02 IBM InfoSphere Information Server SQL注入漏洞 详情 @@ -2118,7 +2118,7 @@

眈眈探求 | + 2024-10-11 09:23:02 Softvelum Nimble Commander权限提升漏洞 详情 @@ -2126,7 +2126,7 @@

眈眈探求 | + 2024-10-11 09:23:02 Xiongwei Restaurant Digital Comprehensive Management platform身份认证绕过漏洞(CVE-2024-2 详情 @@ -2134,7 +2134,7 @@

眈眈探求 | + 2024-10-11 09:23:02 Softaculous Webuzo身份认证绕过漏洞 详情 @@ -2142,7 +2142,7 @@

眈眈探求 | + 2024-10-11 09:23:02 Softaculous Webuzo命令注入漏洞 详情 @@ -2150,7 +2150,7 @@

眈眈探求 | + 2024-10-11 09:23:02 Automation Anywhere Automation 360服务器端请求伪造漏洞 详情 @@ -2158,7 +2158,7 @@

眈眈探求 | + 2024-10-11 09:23:02 ChurchCRM SQL注入漏洞 详情 @@ -2166,7 +2166,7 @@

眈眈探求 | + 2024-10-11 09:23:02 Lenovo XCC权限提升漏洞 详情 @@ -2174,7 +2174,7 @@

眈眈探求 | + 2024-10-11 09:23:02 TxtDot服务器端请求伪造漏洞 详情 @@ -2182,7 +2182,7 @@

眈眈探求 | + 2024-10-11 09:23:02 TxtDot服务器端请求伪造漏洞 详情 @@ -2190,7 +2190,7 @@

眈眈探求 | + 2024-10-11 09:23:02 Lenovo XCC权限提升漏洞 详情 @@ -2198,7 +2198,7 @@

眈眈探求 | + 2024-10-11 09:23:02 Lenovo XCC权限提升漏洞 详情 @@ -2206,7 +2206,7 @@

眈眈探求 | + 2024-10-11 09:23:02 Lenovo XCC权限提升漏洞 详情 @@ -2214,7 +2214,7 @@

眈眈探求 | + 2024-10-11 09:23:02 Lenovo XCC权限提升漏洞 详情