diff --git a/cache/Nsfocus.dat b/cache/Nsfocus.dat index 7603a173250..8edaf64c564 100644 --- a/cache/Nsfocus.dat +++ b/cache/Nsfocus.dat @@ -134,3 +134,17 @@ a98663232623219ca5df99697d0c2ac6 d7fb50ad574eefdc3ab5e1c24db5bff1 92f54b211c471aff0afdba05f6ce43e0 537bae0272bcf245f2a09d5627563c11 +36be9704faaac78f04c1e6d1352a5f6c +1ebeca9984729ba09ae581884c28f035 +768f3252cf42cc0daaab16a3ea5b4ceb +6005df9594da394cbe185344e5641d6b +1c1eb4a7ee8a15cc955db9bfd32ce80c +8e3b1cf363a2c6a99637a3e4c9928bb4 +4ee723ef41b2d595bcf62e5cc8131689 +ee795c4b83eed811a62363992bd6016d +ed5d8368d2985e4545a98a41485828a5 +360fce7c15cc095a6388b77815741f5a +3b3ab2c82479d828e9b3222b1eaa04e4 +e6ced4930e9c743aab3429fbca1edbad +6393fcd15b2d0b03f25f67c254bb3dd1 +f0a0de8a03011cd495ecd10d851c5c43 diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat index 701fde0cfbf..17529145768 100644 --- a/cache/Tenable (Nessus).dat +++ b/cache/Tenable (Nessus).dat @@ -172,3 +172,13 @@ b893327c80665b4607336256f27b864c 938ebda14e746e3f94daa7ea156cd945 3ce40ea4bfc67c4a4855729b8bb53ff9 cb0bb9f9fdb802471d36e4ed21856eb3 +c43a5758fe553bb1e08f13838e762405 +e2884560bdff281b60e3248e531393b0 +465f12faf56ab524b31a881295b51ae9 +eed71244eced0b1e50eeae7d5c1c84b1 +866c94648e6307c1c1f187fe2765c7f5 +b043849b7d4cf83dc49084cf3e8d118a +80b45712f0a8e34c29b90602dc24356d +054fd2be8405d36ad11fb0becb1f2077 +97fe8e79f8e7caba8f3a23df8d4dd021 +5a063a479a26242c9463b1a803a1297c diff --git a/data/cves.db b/data/cves.db index 7eebf85610c..e2b53df76a7 100644 Binary files a/data/cves.db and b/data/cves.db differ diff --git a/docs/index.html b/docs/index.html index b40cc6d812e..4c9a76a7241 100644 --- a/docs/index.html +++ b/docs/index.html @@ -1,4 +1,4 @@ - + @@ -283,10 +283,90 @@

眈眈探求 | TITLE URL + + c43a5758fe553bb1e08f13838e762405 + CVE-2024-9088 + 2024-09-22 22:15:02 + A vulnerability has been found in SourceCodester Telecom Billing Management System 1.0 and classified as critical. This vulnerability affects the function login. The manipulation of the argument uname leads to buffer overflow. The exploit has been disclosed to the public and may be used. + 详情 + + + + e2884560bdff281b60e3248e531393b0 + CVE-2024-9087 + 2024-09-22 22:15:02 + A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1.0. This affects an unknown part of the file /edit1.php. The manipulation of the argument sno leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. + 详情 + + + + 465f12faf56ab524b31a881295b51ae9 + CVE-2024-9086 + 2024-09-22 21:15:10 + A vulnerability classified as critical has been found in code-projects Restaurant Reservation System 1.0. Affected is an unknown function of the file /filter.php. The manipulation of the argument from/to leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory only mentions the parameter "from" to be affected. But it must be assumed that parameter "to" is affected as well. + 详情 + + + + eed71244eced0b1e50eeae7d5c1c84b1 + CVE-2024-40703 + 2024-09-22 13:15:10 + IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and IBM Cognos Analytics Reports for iOS 11.0.0.7 could allow a local attacker to obtain sensitive information in the form of an API key. An attacker could use this information to launch further attacks against affected applications. + 详情 + + + + 866c94648e6307c1c1f187fe2765c7f5 + CVE-2024-9084 + 2024-09-22 09:15:03 + A vulnerability classified as problematic was found in code-projects Blood Bank System 1.0. This vulnerability affects unknown code of the file bbms.php. The manipulation of the argument fullname/age/bloodgroup/city/phno/gender as part of String leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. + 详情 + + + + b043849b7d4cf83dc49084cf3e8d118a + CVE-2024-9083 + 2024-09-22 09:15:02 + A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file /Admin/add-admin.php. The manipulation of the argument txtfullname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. + 详情 + + + + 80b45712f0a8e34c29b90602dc24356d + CVE-2024-9085 + 2024-09-22 08:15:02 + A vulnerability was found in code-projects Restaurant Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument date leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions sid as affected paramater which is incorrect. + 详情 + + + + 054fd2be8405d36ad11fb0becb1f2077 + CVE-2024-9082 + 2024-09-22 08:15:02 + A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Users.phpf=save of the component User Creation Handler. The manipulation of the argument type with the input 1 leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. + 详情 + + + + 97fe8e79f8e7caba8f3a23df8d4dd021 + CVE-2024-9081 + 2024-09-22 07:15:11 + A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view_category.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. + 详情 + + + + 5a063a479a26242c9463b1a803a1297c + CVE-2024-9080 + 2024-09-22 07:15:10 + A vulnerability was found in code-projects Student Record System 1.0. It has been classified as critical. Affected is an unknown function of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. + 详情 + + 42b5759f8bfca0fd78f52838e5a683e4 CVE-2024-9075 - 2024-09-21 23:15:14 + 2024-09-21 23:15:14 A vulnerability was found in Stirling-Tools Stirling-PDF up to 0.28.3. It has been declared as problematic. This vulnerability affects unknown code of the component Markdown-to-PDF. The manipulation leads to cross site scripting. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way. 详情 @@ -294,7 +374,7 @@

眈眈探求 | + 2024-09-21 23:15:14 Gladys Assistant before 4.45.1 allows Privilege Escalation (a user changing their own role) because req.body.role can be used in updateMySelf in server/api/controllers/user.controller.js. 详情 @@ -302,7 +382,7 @@

眈眈探求 | + 2024-09-21 10:15:06 SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat (incubating). This vulnerability can only be exploited by authorized attackers. This issue affects Apache HertzBeat (incubating): before 1.6.0. Users are recommended to upgrade to version 1.6.0, which fixes the issue. 详情 @@ -310,7 +390,7 @@

眈眈探求 | + 2024-09-21 09:15:04 A vulnerability was found in y_project RuoYi up to 4.7.9. It has been declared as problematic. Affected by this vulnerability is the function SysUserServiceImpl of the file ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java of the component Backend User Import. The manipulation of the argument loginName leads to cross site scripting. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The patch is named 9b68013b2af87b9c809c4637299abd929bc73510. It is recommended to apply a patch to fix this issue. 详情 @@ -318,7 +398,7 @@

眈眈探求 | + 2024-09-21 09:15:02 The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.9.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. 详情 @@ -326,7 +406,7 @@

眈眈探求 | + 2024-09-21 05:15:12 This vulnerability occurs when an attacker exploits a race condition between the time a file is checked and the time it is used (TOCTOU). By exploiting this race condition, an attacker can write arbitrary files to the system. This could allow the attacker to execute malicious code and potentially cause file losses. 详情 @@ -334,7 +414,7 @@

眈眈探求 | + 2024-09-21 05:15:12 The vulnerability allows an attacker to craft MQTT messages that include relative path traversal sequences, enabling them to read arbitrary files on the system. This could lead to the disclosure of sensitive information, such as configuration files and JWT signing secrets. 详情 @@ -342,7 +422,7 @@

眈眈探求 | + 2024-09-21 05:15:11 The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensitive information exposure. 详情 @@ -443,86 +523,6 @@

眈眈探求 | 详情 - - 82e0a4c53d31ce0f522dc06153cee26f - CVE-2024-9006 - 2024-09-19 23:15:12 - A vulnerability was found in jeanmarc77 123solar 1.8.4.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file config/config_invt1.php. The manipulation of the argument PASSOx leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The patch is identified as f4a8c748ec436e5a79f91ccb6a6f73752b336aa5. It is recommended to apply a patch to fix this issue. - 详情 - - - - 2664b1951712691a6b3633d4a929cf21 - CVE-2024-7207 - 2024-09-19 23:15:12 - A flaw was found in Envoy. It is possible to modify or manipulate headers from external clients when pass-through routes are used for the ingress gateway. This issue could allow a malicious user to forge what is logged by Envoy as a requested path and cause the Envoy proxy to make requests to internal-only services or arbitrary external systems. This is a regression of the fix for CVE-2023-27487. - 详情 - - - - 1a3c30fb551a0c5318694e0bcc9aa531 - CVE-2024-46984 - 2024-09-19 23:15:12 - The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. The profile location routine in the referencevalidator commons package is vulnerable to `XML External Entities` attack due to insecure defaults of the used Woodstox WstxInputFactory. A malicious XML resource can lead to network requests issued by referencevalidator and thus to a `Server Side Request Forgery` attack. The vulnerability impacts applications which use referencevalidator to process XML resources from untrusted sources. The problem has been patched with the 2.5.1 version of the referencevalidator. Users are strongly recommended to update to this version or a more recent one. A pre-processing or manual analysis of input XML resources on existence of DTD definitions or external entities can mitigate the problem. - 详情 - - - - eed9867d3fcb942092e52a1d17b785d8 - CVE-2024-46983 - 2024-09-19 23:15:11 - sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But there is a gadget chain that can bypass the SOFA Hessian blacklist protection mechanism, and this gadget chain only relies on JDK and does not rely on any third-party components. This issue is fixed by an update to the blacklist, users can upgrade to sofahessian version 3.5.5 to avoid this issue. Users unable to upgrade may maintain a blacklist themselves in the directory `external/serialize.blacklist`. - 详情 - - - - 6570a15a9e9e1059ec08fb8eb75be20b - CVE-2024-45614 - 2024-09-19 23:15:11 - Puma is a Ruby/Rack web server built for parallelism. In affected versions clients could clobber values set by intermediate proxies (such as X-Forwarded-For) by providing a underscore version of the same header (X-Forwarded_For). Any users relying on proxy set variables is affected. v6.4.3/v5.6.9 now discards any headers using underscores if the non-underscore version also exists. Effectively, allowing the proxy defined headers to always win. Users are advised to upgrade. Nginx has a underscores_in_headers configuration variable to discard these headers at the proxy level as a mitigation. Any users that are implicitly trusting the proxy defined headers for security should immediately cease doing so until upgraded to the fixed versions. - 详情 - - - - ffddae4cc8736eebe4cd70065ff6480b - CVE-2024-45410 - 2024-09-19 23:15:11 - Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the request is routed to the application. For a HTTP client, it should not be possible to remove or modify these headers. Since the application trusts the value of these headers, security implications might arise, if they can be modified. For HTTP/1.1, however, it was found that some of theses custom headers can indeed be removed and in certain cases manipulated. The attack relies on the HTTP/1.1 behavior, that headers can be defined as hop-by-hop via the HTTP Connection header. This issue has been addressed in release versions 2.11.9 and 3.1.3. Users are advised to upgrade. There are no known workarounds for this vulnerability. - 详情 - - - - b3a0aa1967876492046a50b94bb55ec2 - CVE-2023-27584 - 2024-09-19 23:15:11 - Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project. Dragonfly uses JWT to verify user. However, the secret key for JWT, "Secret Key", is hard coded, which leads to authentication bypass. An attacker can perform any action as a user with admin privileges. This issue has been addressed in release version 2.0.9. All users are advised to upgrade. There are no known workarounds for this vulnerability. - 详情 - - - - 120d90aab64ebb0ccf5837fd09c983e1 - CVE-2024-9004 - 2024-09-19 21:15:16 - A vulnerability classified as critical has been found in D-Link DAR-7000 up to 20240912. Affected is an unknown function of the file /view/DBManage/Backup_Server_commit.php. The manipulation of the argument host leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. - 详情 - - - - 0d302c0890b01dbd1f38561fb8f2a0f0 - CVE-2024-40125 - 2024-09-19 19:15:24 - An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology CLESS Server v4.5.2 allows attackers to execute arbitrary code via uploading a crafted PHP file to the upload endpoint. - 详情 - - - - 5b3e7ec354e602f4b80149c53c20230c - CVE-2024-33109 - 2024-09-19 19:15:24 - Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10 allows attackers to overwrite arbitrary files on the phone via the Ringtone upload function. - 详情 - - @@ -1979,6 +1979,118 @@

眈眈探求 | TITLE URL + + 36be9704faaac78f04c1e6d1352a5f6c + CVE-2024-22026 + 2024-09-23 03:26:25 + Ivanti Endpoint Manager Mobile本地权限提升漏洞 + 详情 + + + + 1ebeca9984729ba09ae581884c28f035 + CVE-2024-29849 + 2024-09-23 03:26:25 + Veeam Backup Enterprise Manager权限错误漏洞 + 详情 + + + + 768f3252cf42cc0daaab16a3ea5b4ceb + CVE-2024-29850 + 2024-09-23 03:26:25 + Veeam Backup Enterprise Manager账户接管漏洞 + 详情 + + + + 6005df9594da394cbe185344e5641d6b + CVE-2024-29852 + 2024-09-23 03:26:25 + Veeam Backup Enterprise Manager信息泄露漏洞 + 详情 + + + + 1c1eb4a7ee8a15cc955db9bfd32ce80c + CVE-2024-29853 + 2024-09-23 03:26:25 + Veeam Agent for Windows身份验证绕过漏洞 + 详情 + + + + 8e3b1cf363a2c6a99637a3e4c9928bb4 + CVE-2024-20355 + 2024-09-23 03:26:25 + Cisco Adaptive Security Appliance Software身份验证错误漏洞 + 详情 + + + + 4ee723ef41b2d595bcf62e5cc8131689 + CVE-2024-33226 + 2024-09-23 03:26:25 + Wistron Corporation TBT Force Power Control任意代码执行漏洞 + 详情 + + + + ee795c4b83eed811a62363992bd6016d + + 2024-09-23 03:26:25 + Realtek Semiconductor Corp Realtek(r) High Definition Audio Function Driver任意代码执 + 详情 + + + + ed5d8368d2985e4545a98a41485828a5 + CVE-2023-6844 + 2024-09-23 03:26:25 + WordPress plugin iframe存储型跨站脚本漏洞 + 详情 + + + + 360fce7c15cc095a6388b77815741f5a + + 2024-09-23 03:26:25 + WordPress plugin PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode存储型 + 详情 + + + + 3b3ab2c82479d828e9b3222b1eaa04e4 + CVE-2024-1855 + 2024-09-23 03:26:25 + WordPress plugin WPCafe存储型跨站脚本漏洞 + 详情 + + + + e6ced4930e9c743aab3429fbca1edbad + CVE-2024-3201 + 2024-09-23 03:26:25 + WordPress plugin WP DSGVO Tools存储型跨站脚本漏洞 + 详情 + + + + 6393fcd15b2d0b03f25f67c254bb3dd1 + CVE-2024-4486 + 2024-09-23 03:26:25 + WordPress plugin Awesome Contact Form7 for Elementor存储型跨站脚本漏洞 + 详情 + + + + f0a0de8a03011cd495ecd10d851c5c43 + CVE-2024-33223 + 2024-09-23 03:26:25 + ASUS GPUTweak II任意代码执行漏洞 + 详情 + + 9c0ae096f388c82eb7faf76ed0c8d372 CVE-2024-6738 @@ -2107,118 +2219,6 @@

眈眈探求 | 详情 - - 97ef9c25513017e3f154fbaf5fa8e9c8 - CVE-2024-4978 - 2024-09-19 12:41:18 - Justice AV Solutions Viewer命令执行漏洞 - 详情 - - - - b0c3f7da293b330f0fe5da4bd5254d7c - CVE-2024-5230 - 2024-09-19 12:41:18 - FleetCart信息泄露漏洞 - 详情 - - - - 16668f48b614cdae133ea92af0781b7c - CVE-2024-3201 - 2024-09-19 12:41:18 - WordPress plugin WP DSGVO Tools存储型跨站脚本漏洞 - 详情 - - - - 599b626480ac2d69449bc44f566a7d78 - CVE-2024-3648 - 2024-09-19 12:41:18 - WordPress plugin ShareThis Share Buttons存储型跨站脚本漏洞 - 详情 - - - - ba0801ec8ba72ca8544ebe6070c24cbc - CVE-2024-36013 - 2024-09-19 12:41:18 - Linux kernel内存泄露漏洞 - 详情 - - - - b3e1c4122054034328ed0cdf7efb6210 - CVE-2024-36011 - 2024-09-19 12:41:18 - Linux kernel空指针取消引用漏洞 - 详情 - - - - dfb53fbf12bbc26e83a7469bda5f858e - CVE-2024-4783 - 2024-09-19 12:41:18 - WordPress plugin jQuery T(-) Countdown Widget存储型跨站脚本漏洞 - 详情 - - - - c1e2dd93d00a931ec82dd244cde4175f - CVE-2024-2038 - 2024-09-19 12:41:18 - WordPress plugin Atarim硬编码凭据漏洞 - 详情 - - - - 6a7546cdc7748189ac94cedead81e486 - CVE-2024-5239 - 2024-09-19 12:41:18 - Campcodes Complete Web-Based School Management System SQL注入漏洞 - 详情 - - - - 90d4f6dd1d05a8728e9a84d6e9be6f27 - CVE-2024-5177 - 2024-09-19 12:41:18 - WordPress plugin Hash Elements存储型跨站脚本漏洞 - 详情 - - - - 4ca0b79c9cc1e515b9d9459a2f90ae07 - CVE-2024-4399 - 2024-09-19 12:41:18 - WordPress Theme CAS请求伪造漏洞 - 详情 - - - - 60f9dab1ba4f98aeac7ae8e34a02bff4 - CVE-2024-4388 - 2024-09-19 12:41:18 - WordPress Theme CAS任意文件下载漏洞 - 详情 - - - - a8e0579981125021136b8bcf63ba8ffb - CVE-2024-4347 - 2024-09-19 12:41:18 - WordPress plugin WP Fastest Cache目录遍历漏洞 - 详情 - - - - b1ceb4de49b3dccde66a86ae603335a0 - CVE-2024-3920 - 2024-09-19 12:41:18 - WordPress plugin Flattr存储型跨站脚本漏洞 - 详情 - -