From 6ce8a3faa39336f97c9cad51b9f5f42158ec7663 Mon Sep 17 00:00:00 2001 From: Github-Bot Date: Wed, 6 Nov 2024 03:26:58 +0000 Subject: [PATCH] Updated by Github Bot --- cache/Nsfocus.dat | 15 ++++ data/cves.db | Bin 49983488 -> 49987584 bytes docs/index.html | 172 +++++++++++++++++++++++----------------------- 3 files changed, 101 insertions(+), 86 deletions(-) diff --git a/cache/Nsfocus.dat b/cache/Nsfocus.dat index cb181d426cc..9174cbee56f 100644 --- a/cache/Nsfocus.dat +++ b/cache/Nsfocus.dat @@ -149,3 +149,18 @@ dc9e43ff5e0acfcd20356a687ef94147 7ebc028bb1f3d5657639851d2b95167a 42c4e2518c58fe647519d8767958596d a6d1f4fb1d75743cfff3575d3ff49e69 +c516ec73fb0dc686d7c20a0e7d64b5ec +481510e9cb01201b67a65b04cdd9f2cc +2c96e41e2fde6e43b5c04146dbaca7f1 +b38716e169cfeade640ff23c1e1c5868 +b3e9896203a2a079a00b11627aab6a05 +3d2a5dfe44d33156680d4045dd166a0e +4858349faea2ea461d53177fcc758e8a +634dd7b45e74c705827a43113608bdd4 +4c29ec9b4d965aa343f80486fc3e64b4 +7ced1c9d1e757ee2f41a306922e79b5d +f3e4b21b2423c87eb423c5a74243a61c +e800043b02f4a56c39995c39bf982362 +e9ef9629ae723eec1d67636c876aa1a4 +042b7a87e6cf17f62630fc23c4fff502 +219f76a5f9bf1b4e361fcbf9572c59ce diff --git a/data/cves.db b/data/cves.db index 75f4531e907ecd2e756238d788626d6b9e9e2960..9cb249515255347c81f24d2b4445fcdd5bddc741 100644 GIT binary patch delta 4628 zcmaLZXLMBM7RGThbO<17s463(*dnK&85^0&MJi}T~xZNbW_<$rMt?` zD!Zucs#2uVL#3xmFO}XZeN_6Y?5482${s5HRN^Xos`OXcOJ#t{-YWa33{=@yWj~eu zRSr-&P^DPqAeBKXhKi|Tsn{xximT$O_$mpNq{_i6ho~H?a+u2DDuY#qs0>v(LS>lB zkt)MgMyMR6aRJWs=JADkrF%s4`jQ zB$bm@rl_2v!h8ailuD?QR*6(HDpOU;RLWIORhgzzp)y^iQl(0zT4jbxjY_Rbol3pR zOqB+e(^O7ZIYZ@4m9tdNRyjvymdb3EtjZjfb5-W5sLFXN=c``AFqsl}}WfR6bStOyzTxFI2u%`ATJt%GWAuRo1DjSNTTeTa^te z->H1B@`K8cDnF_Gtn!P>uPPf=HmPh@`Ay|_l`Se;RsK-B9_WWS_C$Z|g#p+b z`(PmU#eUcy2jD;y;~)%z0TUK%IB?;?M*>M4j6-lJ4#VLXj3F3`BQOj{VmL)KE zI0naJ6h>nV#-aq{a2!f89uqJTlW;svz=@cQlW;Po;1uNNA0UMgX++3iD#}ofQ!xz{ zn2t(Rp&Bz#gId&~9y8H^({MV@z?nD;XX6~q!fa$Q2j^lg6zAc5T!4AF5EtQMT!Q&n zfQ7gem*H|;fh%zp8gVtQ!L?X~>u^18Kn^$JCftl$uo$=EHr$RoumpGFE-b~}xCi%Q z8ScaVcmNOLAv}yn@F*U`<5-R-@FbqX3OtRKcm~hnIjq9-cmXfsCA^GR@G4%z>sXC9 z@Fw2E+js}>;yt{N5AY#A!pHaoP52a_;d6X}FYy)D;A^bKI;_Vx_!b-R9lpm8_z^$h zXZ(U+u@RfF8NcCoY{6Fifq&pn{1g8wm?trwKVoQ&HfW1>Xpau)h)(E?LUch_bi+>Q zj-9a!c100-peK5vH~OG2cEj%21N{)kp6HLgFaUdF9}L94*bn>T033*79E3qIV8Vh8 z2QEDLNFa%WaR?5@VK^LvF$6<#1cu>A495r@g`+VN$KY6u!f1@aSd?HKjzcNNV*(~( z5{}0SI1!U^5>CbxoPzxP1EdfljR+Y`MH$L*DyE?V(@}{kRAUBeP>VX$V3os8C;v!s(OE4b`un?ExGF*-;a3!unBd*3ZxE70W z9j?a>$l*rZgqv{-7UNdjhTCxmmf%j@g{8O~_uyVE!+p3P58y#Ogop769>rsL9Lw

_!ys{ z37_IKe2y>hCBDKMe2ukOhxPad-^QMl4Y9=wI@GtmzE%F8*A;~eH^kP*V%^?bvH7wM zu?IS>=>Bx3U{I{>pu4oGYC%(OLyYoWzI>lAKjh1g`SMe~{G2bp$*mSNe&uEpO<>*~|x zRdL6PM-?N=D|3PQLaa}2j|E#}?F;OjF?M6YfD+SiY|qOUYExxCYA{hLJ4z;!o@Lm9 z6&QXpFpQLGdX^sqDWcr%qMTwY>054TbyZDW?U>=?b2GYbiuK5?CZyfAkcrJ9e)d3Z znw}4t)f|%WO)oONWSEJ9bmTckCS%#58JVG*@DeRT9LrDI#|E`!<<&t=5FcG%TOQ`R z7Zw%tZhUpG0o`-)&YNQG+MC6O8#lIVEs<}nVq0rgnDipYjI0cakz=Ra&~Qx0OQ(V` z@H1wM)O>5+-?nyqb8E@0r%ls3(pt7Vy*UZfHH|14rVP_E%#`N`o|`h9Fr7|jtT1em z;yAu%l$J%6XOvad$Hznswebm+jWd$%igE|foLta3w{p(m1x1~lVspFxny2a;*$qNe*3R8v1r7Wu!wd;idi1GT073?Kvqo+98=ma*wI6ts7ohRX??CWL-49HfK)U z9P73HDBI<`^vxAh7H^H++_`rbUP{MKrLDRJU6*v(*kx?tvci6y=Xcu3Te-2M;E1-5 z#NQbDdz&HI-L&a6PBt*$WR{uC_+H>l7!j!9WS`pn?{dfGPvrX9B5i8OH$RRD!?99+knkff%$R=0vpn0#gzS`) z$z)u^YB6@pPuR(!)zuYIynJlwpvK&1y?f=VFW>Ti_sDJDqnX?GC`v{dUPv;Ce9Mla z&`f*2XM16S76UVIT1K%)_TTPN^E-5t`DLyDZ%D#0=rUzk87FYP&`u_kE|sYzEZf_m zA3~hJ4M{aGtC8)aO?CN@$qX%HM^4HzQM2 zc(t`{(&OLHsdZH@KX_V7<=4m7iIZK@@3U^#()7^TfHnKmQe z^&?)QV+OY2B`quRlPNddVsxJ2+T){O`o!|6A*zXwsIRDq534B8-COlhES?*(YD=um zU)G|cInc@)+Emm09NUuUgjO;NlPM>i^xPn@9XpdSoP?JNZ9Y4xmY3xkw&Ra4i{hjB z(#(u1;v;H;=}|*f&9wji=D28PRFi5PR}|~J!?T>#d;~jdYtsylFfiMNBY3uxPWvgx zjeIBc4L8BZ)Ui#|_KZX-oo;yq-*=pnnyRTaQEhF!v?^2A5Y$BRk=3;g<#l0Md{XHt zBgU7+OQRZ&@t^6hz3Tim%O76z=tb)rR}bmed52StYCe^dzxwKJSMMa;gzY3VK@?a~ z;CN=*wN2m8grV;yqD0W*Cai?-CMT6wrsIwCZ}s};cIv-8);710hxykVX#P}q?!N(* C!j_l- delta 2903 zcmWmG^Vb#z7{>8>vTZKgHkP@#d}Z6_m8~tl)!O1#E%VK`ZNJ$yexDyc-#_3w=RW5i zF(NFt?#UKR(dOgmC?#%Wwx?dS*>hV zb}NUK)5>M#w(?kct$bE~tAJI|Dr6P5idaRhVpeghgjLciWtFzdSY@qpR(b1ttAbV0 zs$^BRs#sO6YF2fthE>z5W!1KRuSy)023P~FLDpbvh&9w2 zW(~JSSR<`b)@W;tWoxW8&Khq`uqIlQtjX3CYpONPnr_XoW?HkX+14CuuJx1kvo+6} zZ!NGET8pg3R*1F4T52t`ezBHYzgoXpE3B2)Dr>d1##(FrZvA1cv({T1tUs-d)+TGS zwZ+!NkZx@=vsu3Fcu>(&kHrgh7@ZQZf%TKBB`)&uLI^~ic`J+Yoz&#dQGnDxSX zX}z*uTW_ql);sIH^}+gReX>4VU#zdzH|sC!Z|fiHU+cdK3O_~R5kLe)L?lE;6huWd zL`Mw7L@dNc9K=OD#76=oL?R?c5+p@3Bu5IQL@K048l=T{NQd;ufQ-n5%*cYQ$cF65 zft<*N+{lBx$cOwWfPyH5!YG2GD2C!Ffs!bN(kO$nD2MX+9u-g#l~5T~P!-is9W_uB zwNM*BpbqMy9_ph38sbMZLSr;RQ#3pfzIEhm@jWallb2yI+xQI)*j4QZ` zYq*XZxQSc1jXSuDd$^AWc!)=Mj3;=CXLyb5v{7kP(@X8Cj4O*^nJMkQ2F(8+niy`H&w4P!NSs7)4MN#ZVk2P!gq3 z8f8!xkJo5uMN(UCcO{6TQ$Ieb5*E&>sUZ5Q8unLogJ>FdQQ=5~DC0 zV_=NMIE=>xOvEHi#uQA&G)%_~%)~6r#vIJWPxu-0FdqxB5R0%FAy|T?ScYG)9KYf> ztiVdF!fLF+TKtYbunz070e@m6HeoZiU@Nv^J9c0vc40U6AQXGC5BqTd2XP38aRf(k z499T-Cvgg=aRz5`4(D+J7jX%faRpa#4cBo4H*pKMaR+yC5BKo^5Ag_(@dQut49^3* z6&6@NEoz?#i^2t;*U*^L!vaqOAxmb31(t=*r3s>k##?_ae4)U!J0W4gya?uHFt37n z9n70x-Ujn7nD@ba2 + @@ -366,7 +366,7 @@

眈眈探求 | + 2024-11-04 14:15:17 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPDeveloper BetterLinks allows SQL Injection.This issue affects BetterLinks: from n/a through 2.1.7. 详情 @@ -374,7 +374,7 @@

眈眈探求 | + 2024-11-04 14:15:16 Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor allows Server Side Request Forgery.This issue affects Magical Addons For Elementor: from n/a through 1.2.1. 详情 @@ -382,7 +382,7 @@

眈眈探求 | + 2024-11-04 14:15:16 Path Traversal: '.../...//' vulnerability in ThimPress WP Hotel Booking allows PHP Local File Inclusion.This issue affects WP Hotel Booking: from n/a through 2.1.4. 详情 @@ -390,7 +390,7 @@

眈眈探求 | + 2024-11-04 14:15:16 AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests to 169.254.169.254 to retrieve AWS metadata credentials. 详情 @@ -398,7 +398,7 @@

眈眈探求 | + 2024-11-04 14:15:16 In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doL2TP function. 详情 @@ -406,7 +406,7 @@

眈眈探求 | + 2024-11-04 14:15:16 In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the backup function. 详情 @@ -414,7 +414,7 @@

眈眈探求 | + 2024-11-04 14:15:16 In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the reboot function. 详情 @@ -422,7 +422,7 @@

眈眈探求 | + 2024-11-04 14:15:16 In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doPPTP function. 详情 @@ -430,7 +430,7 @@

眈眈探求 | + 2024-11-04 14:15:16 Unrestricted Upload of File with Dangerous Type vulnerability in David F. Carr RSVPMaker for Toastmasters allows Upload a Web Shell to a Web Server.This issue affects RSVPMaker for Toastmasters: from n/a through 6.2.4. 详情 @@ -438,7 +438,7 @@

眈眈探求 | + 2024-11-04 14:15:15 Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Stars SMTP Mailer allows Upload a Web Shell to a Web Server.This issue affects Stars SMTP Mailer: from n/a through 1.7. 详情 @@ -2100,123 +2100,123 @@

眈眈探求 | - WordPress Dynamic Featured Image Plugin跨站脚本漏洞 - 详情 + c516ec73fb0dc686d7c20a0e7d64b5ec + CVE-2024-41565 + 2024-11-05 03:24:47 + JustEnoughItems验证错误漏洞 + 详情 - 47885a50d91a5d7098785f3c43332d19 - CVE-2024-42416 - 2024-11-04 12:44:01 - FreeBSD越界写入漏洞 - 详情 + 481510e9cb01201b67a65b04cdd9f2cc + CVE-2024-44760 + 2024-11-05 03:24:47 + Shenzhou News Union Enterprise Management System访问控制漏洞 + 详情 - 27ae78a45c3761f0ef57d78aa8cc53fc - CVE-2024-33454 - 2024-11-04 06:32:20 - Espressif Systems ESP-IDF缓冲区溢出漏洞 - 详情 + 2c96e41e2fde6e43b5c04146dbaca7f1 + CVE-2024-29726 + 2024-11-05 03:24:47 + SportsNET SQL注入漏洞 + 详情 - d75c6044b1392f4ccafc244a1d6d63af - CVE-2024-35118 - 2024-11-04 06:32:20 - IBM MaaS360信任管理问题漏洞 - 详情 + b38716e169cfeade640ff23c1e1c5868 + CVE-2024-42793 + 2024-11-05 03:24:47 + Kashipara Music Management System跨站请求伪造漏洞 + 详情 - 84ea9c87b177a3e909a8d547a043e596 - CVE-2024-33956 - 2024-11-04 06:32:20 - WordPress plugin Custom WooCommerce Checkout Fields Editor授权错误漏洞 - 详情 + b3e9896203a2a079a00b11627aab6a05 + CVE-2024-29725 + 2024-11-05 03:24:47 + SportsNET SQL注入漏洞 + 详情 - a2c6905aada38de6e253603be37b09b7 - CVE-2024-43941 - 2024-11-04 06:32:20 - WordPress插件Propovoice Pro SQL注入漏洞 - 详情 + 3d2a5dfe44d33156680d4045dd166a0e + CVE-2023-52045 + 2024-11-05 03:24:47 + Studio 42 elFinder跨站脚本漏洞 + 详情 - 19deb1ca812ecf2ed46cc48512f23d4f - CVE-2024-34222 - 2024-11-04 06:32:20 - Sourcecodester Human Resource Management System SQL注入漏洞 - 详情 + 4858349faea2ea461d53177fcc758e8a + CVE-2024-28759 + 2024-11-05 03:24:47 + Wind River VxWorks缓冲区溢出漏洞 + 详情 - 864e8ea68ba0af12a7a7c166c7d40e51 - CVE-2024-32874 - 2024-11-04 06:32:20 - Blake Blackshear Frigate拒绝服务漏洞 - 详情 + 634dd7b45e74c705827a43113608bdd4 + CVE-2024-7744 + 2024-11-05 03:24:47 + Progress Software Ipswitch WS_FTP Server任意文件下载漏洞 + 详情 - bf66c99d00c397ac71059457f32e91cf - CVE-2024-32999 - 2024-11-04 06:32:20 - Huawei HarmonyOS破解漏洞 - 详情 + 4c29ec9b4d965aa343f80486fc3e64b4 + CVE-2024-50347 + 2024-11-05 03:24:47 + The Laravel Framework Laravel Reverb数据伪造问题漏洞 + 详情 - f3e42d10a7df860100f949eaec27dc55 - CVE-2024-33774 - 2024-11-04 06:32:20 - D-Link DIR-619缓冲区溢出漏洞 - 详情 + 7ced1c9d1e757ee2f41a306922e79b5d + CVE-2024-6053 + 2024-11-05 03:24:47 + TeamViewer Full Client访问控制错误漏洞 + 详情 - 950f6f9e2ccd1cf4ba31d5dc5217f60e - CVE-2024-43942 - 2024-11-04 06:32:20 - WordPress插件Query and Meta Addon SQL注入漏洞 - 详情 + f3e4b21b2423c87eb423c5a74243a61c + CVE-2024-45046 + 2024-11-05 03:24:47 + PHPSpreadsheet 任意脚本注入漏洞 + 详情 - ddcd3908606927cbb9eb911fcab99c9a - CVE-2024-32996 - 2024-11-04 06:32:20 - Huawei HarmonyOS 权限提升漏洞 - 详情 + e800043b02f4a56c39995c39bf982362 + CVE-2024-29724 + 2024-11-05 03:24:47 + SportsNET SQL注入漏洞 + 详情 - 83ee632bb3b41aba63928287bd2de12b - CVE-2024-33433 - 2024-11-04 06:32:20 - TOTOLINK X2000R跨站脚本漏洞 - 详情 + e9ef9629ae723eec1d67636c876aa1a4 + CVE-2024-29723 + 2024-11-05 03:24:47 + SportsNET SQL注入漏洞 + 详情 - 9ba4fd07f6b97cee208aa6f55a825e09 - CVE-2024-33250 - 2024-11-04 06:32:20 - Simple Realtime Server任意代码执行漏洞 - 详情 + 042b7a87e6cf17f62630fc23c4fff502 + CVE-2024-27839 + 2024-11-05 03:24:47 + Apple iOS/iPadOS信息泄露漏洞 + 详情 - 1d138d748fdb4a0e15481c97b1ac9786 - CVE-2024-33819 - 2024-11-04 06:32:20 - Globitel SpeechLog Analytics存储型跨站脚本漏洞 - 详情 + 219f76a5f9bf1b4e361fcbf9572c59ce + CVE-2024-8198 + 2024-11-05 03:24:47 + Google Chrome Skia堆缓冲区溢出漏洞 + 详情