From 86c066498af0d9e68f57f6e38e8a1336c67429d5 Mon Sep 17 00:00:00 2001 From: Github-Bot Date: Sat, 12 Oct 2024 09:24:15 +0000 Subject: [PATCH] Updated by Github Bot --- cache/Nsfocus.dat | 15 ++++ data/cves.db | Bin 49631232 -> 49635328 bytes docs/index.html | 178 +++++++++++++++++++++++----------------------- 3 files changed, 104 insertions(+), 89 deletions(-) diff --git a/cache/Nsfocus.dat b/cache/Nsfocus.dat index 2196e10cd3a..6641cb41c58 100644 --- a/cache/Nsfocus.dat +++ b/cache/Nsfocus.dat @@ -113,3 +113,18 @@ eed7068e0443f7be79c1700f21937afa 317fdd63a2e2678fe420cb0142a9a4da 250e47cf0b1e4a6a499f79e09ace7dcb e5f28ba928f75cc38ff2d90b5b10a9ed +73003f18bdb351c594e21063510c69d7 +a1b7d11b11132756d7b65d22ca692806 +22bee4d934505369b3508678261b2f87 +a96c59451064ce1b9b4d86839a3d5cc2 +7a76238d0f00302376bf6ea558732ac1 +cc90f10451c3db4d0b91ee13cb8cd563 +4ed7b40ee6e6d3106101ff230571272f +7ad8fa25ef01182e7b68fa4df5ec52ce +e4a315dca4650fe9e703fb85beca1ff8 +a542e458fdef7f8bcd442bffb9404774 +c06d3d38c8160900f6e38856c2780665 +7dcbaed96391fff5f09eec3578978fee +72f5a3dfb7be4d5da0df17db2b452c73 +cb3ff3014afcfcbc6e351b182804269c +e6749972d7bce2c245d9e1db5c67e93c diff --git a/data/cves.db b/data/cves.db index 1089e2b14a57e9db8478104b9f731f2609cea770..c8b7ca4cc48d1078eed846d68cb82f4affe5cecf 100644 GIT binary patch delta 4548 zcmZwJcYITI7sqiLXv-)|sfY>|0TBVYJGr7lK~R>UZ0AYty-`#Owm8560gr;pQm`Um z#4X}LP~646w`kl0Eh-K~aF6GcqR5Lrf4t8t`RDiTIlqz4xPC+18S6K+U9fNAkOmEU zjagXMr(j4%R0>pLDh*W{sT8UdsT8X;R%xQrRHd0piAr;o7Ah@OTB)>F*+XSdl{PA+ zDtoE4RoPpmoytBc`>O1x(q5&5%Kj>4Djii0Q0b)7S*450fht{94pQl+as& zO66#kK`Mh)hNuix8K!cK%5aqtD#xlEr!rDyl*(w8F)CwK#;J@~IbP)il@nD?QaM@W z6cy%^R7t4>DxpfGl2$oYn3mM3oAaNh*_7&QhsVsZyDua<l)DjVd>(+^lko%B?E5 zsobuzQsoYnRVsI?+@*52$~`KpRqj<;qq0`zK9&1b)~P(8@}SB?Di5nXqVlN9V=6T& z>s20Cc|zq$m8VpmR(VF{S(WEho>zH6Q74 z^1aFyl^;~Ls{E+3O=Y{vPbxpF{G#%!%5N&atNfwzr^;U{f6tMExl(`_8ln*jQG{YN zMiVqeGnAk?TA(Fbp*8lvo@j$o?1i@28||=!gC|5(6+0N8xA;!e9)+Pz=K{ z7>*G*7RO;EMqxC@U@XRAJdVc+I1wk|WSoNh{F6u_K!^xwoQl&h0jJ{(oQa93z$8q@ zS*S!6rr>OxgL82nreYe-#|5|$7hyVPAcL8hg^QuM1eanq=HN11jw>)1^DrL^un+k>`#6x%(kKj=}h8nEL<9Gs3;we0hXYeeZ!}E9nFXAP8n18?Fj zY{1)i2RXcp_wYVGz=!wyH>3q7e#Fgkm&C6EsCLl%P3Upe0(NHTJ-sXoFJh zg|^rm?XVB_#eQgy4%i=M=!gT*37yde2cjzuLN^?Y?&yJ@I0U_5z=Q=G4qSMMBLN?W zqBjo1;Wz?)&==+ChyFMc127Or;b;uPU<|=f48t)PjuAK($6+K!VKl~IEXH9xj>ic& z5hvkfoPzxPlSm;zhzMz%iqkLwr{fHqiHWGdBuvIxs6-W};B1_Ob8#M~Vj9lJ1-K9w zVLE0YgPE9xi=ns#mtr>N;4)l}D=-)HFdqxB5Le_h2>d#Tu-|eYhX%@BkjfLwFdE;88q=8m!0T zcmhx2DLjp5@GPFg^LPO-;w8L{SMVxc!|QkhZ{jU%z}t8SIlPPa@IF4khxiB|;}d*} z&#)1n;|tVc6TZY(_&WBeY>wSDzwxxfl@0R$yw;Q~*c{s$D=4gKz5ddIC9&$hpOmyI z>@`|*N6ufpcyo;MO}>1aFW=?M_xZ9VUw+7!t@-j}tY-D%ZLyInyR>c)HfZ6MENa%E z$>hd0#lIF0E1F-pv9N2S%7#xjEQyURSW(crLA6;{+PhEYAVL}sYu9zE-F$T1O1nur zOsC?h$O+vrX@qGr9;U36<61%7-t=(Irlr~bV+QoJ49n^1ct*D4%CWK1>KSVaORD>{ zZdROKF>_t4O?G0_?XjlWS>1|a2Mje0E8&`%W}54t&*_uT34>HJ3VqM^&2&2LrVT%e z0^5xz{CFZAMfG#+;gh3^kt4GOT?fVX%1$fZ9xK_g{D`{ct&FL;eoa_D(}eW{!wc=u zP6P?lGkn8Hdy$<;xL#nz6NcxxyRGlJjz4x%WjLZTs;bIPT2vcro84OdeXLXV0)qbO zBdQB>GKS{L>w=02O1h2}Ic_2yM(KDukqSb`u~O-D%6AMW9(U>oxjTc(%EO5hD#}Jx zPMBCWsA5V~nN9{#_6Kr1@0xpBU9OvPG}pH-w4(8N_Gp;U3QH=sV>^fACW#gk4Q31q?48# zr47?eSW!IX@!bj2ZWM4vcHcTi8~-o4JPiNox<7kauhktRj^{^w#Lf{rQ5a7-MihAw zn`#=KY0#l%8*bdRII#6wP5i&W!O3%yBZJBblc&_r-EoEznYiW-ugfjXpP|4v(x&0K zW?+XYCp1#N8AYZYq!K~sdb{5R&-MNrarT|7Yh&%RkKOrKK~eS>#@c?@vF^ALex|GD z4$F`AT+-snxM$gk&`2AGZCG~POL1tEuA7M4Rx&W_bs4vJbXooSA+bHP+sNp+YsT>W z)_F$8*Ie(qmfGb{tM3J_Pe+F51d*BYX)EC+Y@a*t27y&C#5eyPWp=^r-wH~z&(Erj zwJ51wwz78K?AqnCzM6SgHaY$wF8nSRB~=$~=G!~;-}Wpk74f3@w&NPE?fEI&H4fCN+;sGCwsQ@Z*o=Huw)gtqpbhgm6cINFtu##i0rXXu8norHMDLEJu6eLIlr#o zZux%AR6I1zlxdo_6?Z)jlIMn&6(l|1;vuM)>h0{eDm(r1+L&FvvHN+Y*;cEz#R{|2 zc?*hnJUV_|i*}}m<`T5nZF+tOZFVkgCQ>2InfWH9i#%DQXup3JQK<695VRl8~rJ90DLu%$QS zO-&T0aEK7u>P$;sEM(!~vO-z`E0h)53S)(}!dc<12v$TZk`>vCVnwy0S<$T+R!l3F z72Aqq#kJyD@vQ__LMxG#*h*q0wUSxMtrS*DE0vYnN@Jz9(pl-P3|2-fla<-ZVr8|m zS=p@|R!%FImD|c=<+buz`KS6V?dRe`#K2~3=pVi+QU=6eeS%a-1)=+DhHQX9u zjkHEtwnkfHtg+TOYrHkVnrKb3CR+GuUEHd|Y)t=2YcyS2mGY3;IhTYId%);?>$ zb-+4k9kLEvLDmuLsCCRbZk@1BTBoej)*0)pbX&AM*gux?tn ztlQQd>#lXrx^F$O9$JsA$JP_;srAfyZoRNxTCc3v)*I`s_0D>4eXu@SpRCW;7wfC_ z&H8Truzp&V2o4AGBxP!a6hx>Sdhj@g? zc!H;RhUa*Jmw1KOc!Rfihxhn^kNAYo_=2zahVS@+pZE>G;}86azwkHy!N2&0|3Z#a zfb&NHp%5Bj5EkJO9uW``kq{YC5Eao79Wf9Su@D<^5Etb93@Z^rBE7W zP!{D-9u-g#l~5T~P!-is9W_uBwNM*%P#5)39}UnDjnEiP&=k!Oynl1FKufejYqUXI zv_pGzKu2^!XLLbVbVGOaKu`2SZ}dT5^h19Pz(5SbU<|=f48w4Yz(|aOF&bkq7UM7; z6EG2zFd0)Y71J;sGcXggFdK6)7xOS53$PH2uoz3Q6w9z2E3gu)uo`Qy7VEGc8?X_Z zuo+vh72B{KJFpYGup4`@7yGau2XGLFa2P>2f}=Qw<2ZqnIEB+VgR?k?^SFSExP;5N zf~&ZO>$riNxP{xegS)tg`*?tdc!bAzf~RS*Q(NUlP diff --git a/docs/index.html b/docs/index.html index 6295e7b8547..e0a7a43edeb 100644 --- a/docs/index.html +++ b/docs/index.html @@ -1,4 +1,4 @@ - + @@ -366,7 +366,7 @@

眈眈探求 | + 2024-10-10 15:15:15 A vulnerability classified as problematic has been found in D-Link DSL-2750U R5B017. This affects an unknown part of the component Port Forwarding Page. The manipulation of the argument PortMappingDescription leads to cross site scripting. It is possible to initiate the attack remotely. 详情 @@ -374,7 +374,7 @@

眈眈探求 | + 2024-10-10 15:15:15 A vulnerability was found in LyLme_spage 1.9.5. It has been classified as critical. Affected is an unknown function of the file /admin/sou.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. 详情 @@ -382,7 +382,7 @@

眈眈探求 | + 2024-10-10 14:15:06 A vulnerability was found in LyLme_spage 1.9.5 and classified as critical. This issue affects some unknown processing of the file /admin/apply.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. 详情 @@ -390,7 +390,7 @@

眈眈探求 | + 2024-10-10 14:15:06 A vulnerability has been found in LyLme_spage 1.9.5 and classified as critical. This vulnerability affects unknown code of the file /admin/tag.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. 详情 @@ -398,7 +398,7 @@

眈眈探求 | + 2024-10-10 14:15:06 A vulnerability, which was classified as problematic, was found in Contemporary Control System BASrouter BACnet BASRT-B 2.7.2. This affects an unknown part of the component UDP Packet Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. 详情 @@ -406,7 +406,7 @@

眈眈探求 | + 2024-10-10 14:15:05 Authd, through version 0.3.6, did not sufficiently randomize user IDs to prevent collisions. A local attacker who can register user names could spoof another user's ID and gain their privileges. 详情 @@ -414,7 +414,7 @@

眈眈探求 | + 2024-10-10 14:15:05 SQL Injection: Hibernate vulnerability in TE Informatics Nova CMS allows SQL Injection.This issue affects Nova CMS: before 5.0. 详情 @@ -422,7 +422,7 @@

眈眈探求 | + 2024-10-10 14:15:04 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. 详情 @@ -430,7 +430,7 @@

眈眈探求 | + 2024-10-10 13:15:14 A vulnerability, which was classified as critical, has been found in D-Link DIR-619L B1 2.06. Affected by this issue is the function formSetLog of the file /goform/formSetLog. The manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 详情 @@ -438,7 +438,7 @@

眈眈探求 | + 2024-10-10 13:15:14 A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. Affected by this vulnerability is the function formSetDDNS of the file /goform/formSetDDNS. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 详情 @@ -1979,6 +1979,14 @@

眈眈探求 | TITLE URL + + 73003f18bdb351c594e21063510c69d7 + CVE-2024-42029 + 2024-10-12 09:22:06 + xdg-desktop-portal-hyprland操作系统命令注入漏洞 + 详情 + + 9b3fd595c47d5eebb5ac1315d496bbd6 CVE-2024-40689 @@ -2100,123 +2108,115 @@

眈眈探求 | - WordPress plugin WordPress Social Login and Register权限管理不当漏洞 - 详情 - - - - 783502739838401e029e2838d6132046 - CVE-2023-51356 - 2024-10-10 09:23:34 - WordPress plugin ARMember权限管理不当漏洞 - 详情 + a1b7d11b11132756d7b65d22ca692806 + CVE-2024-6661 + 2024-10-11 09:22:06 + WordPress ParityPress – Parity Pricing with Discount Rules跨站脚本漏洞 + 详情 - d99a809250982dc3404b411351ff1960 - CVE-2023-49753 - 2024-10-10 09:23:34 - WordPress plugin Adifier System路径遍历漏洞 - 详情 + 22bee4d934505369b3508678261b2f87 + CVE-2024-6634 + 2024-10-11 09:22:06 + WordPress Master Currency WP Plugin跨站脚本漏洞 + 详情 - 7d061b34ed0afbda2eacaa5eecf7db86 - CVE-2023-34186 - 2024-10-10 09:23:34 - WordPress plugin Headless CMS缺少授权漏洞 - 详情 + a96c59451064ce1b9b4d86839a3d5cc2 + CVE-2024-6591 + 2024-10-11 09:22:06 + WordPress Ultimate WordPress Auction Plugin未授权邮件创建漏洞 + 详情 - 5c689b85cb4eeb59c1ad0f942271b461 - CVE-2023-37389 - 2024-10-10 09:23:34 - WordPress plugin Booking Package权限管理不当漏洞 - 详情 + 7a76238d0f00302376bf6ea558732ac1 + CVE-2024-6573 + 2024-10-11 09:22:06 + WordPress Intelligence Plugin完整路径泄露漏洞 + 详情 - 33a7d2a940f8ddfee3f5ad63d8dac6f5 - CVE-2023-48319 - 2024-10-10 09:23:34 - WordPress plugin Salon booking system权限管理错误漏洞 - 详情 + cc90f10451c3db4d0b91ee13cb8cd563 + CVE-2024-6566 + 2024-10-11 09:22:06 + WordPress Aramex Shipping WooCommerce Plugin完整路径泄露漏洞 + 详情 - 80792c0f4408c7f8f8894a4e80bdbfc4 - CVE-2023-51479 - 2024-10-10 09:23:34 - WordPress plugin Build App Online权限管理不当漏洞 - 详情 + 4ed7b40ee6e6d3106101ff230571272f + CVE-2024-6548 + 2024-10-11 09:22:06 + WordPress Add Admin JavaScript Plugin完整路径泄露漏洞 + 详情 - e168431dd4ee9899b6f59b44cff27caa - CVE-2024-22145 - 2024-10-10 09:23:34 - WordPress plugin InstaWP Connect权限管理不当漏洞 - 详情 + 7ad8fa25ef01182e7b68fa4df5ec52ce + CVE-2024-6547 + 2024-10-11 09:22:06 + WordPress Add Admin CSS Plugin完整路径泄露漏洞 + 详情 - c3aa1ffa8945d29325df721a5c77090a - CVE-2023-51398 - 2024-10-10 09:23:34 - WordPress plugin Ultimate Addons for Beaver Builder权限管理不当漏洞 - 详情 + e4a315dca4650fe9e703fb85beca1ff8 + CVE-2024-6546 + 2024-10-11 09:22:06 + WordPress One Click Close Comments Plugin完整路径泄露漏洞 + 详情 - 0f260ee69cd816e77e8c5a12b2f95ff6 - CVE-2023-48757 - 2024-10-10 09:23:34 - WordPress plugin JetEngine权限管理不当漏洞 - 详情 + a542e458fdef7f8bcd442bffb9404774 + CVE-2024-6545 + 2024-10-11 09:22:06 + WordPress Admin Trim Interface Plugin完整路径泄露漏洞 + 详情 - ba973dbffa609f5155007e8944eb5185 - CVE-2023-47868 - 2024-10-10 09:23:34 - WordPress plugin wpForo Forum权限管理不当漏洞 - 详情 + c06d3d38c8160900f6e38856c2780665 + CVE-2024-6549 + 2024-10-11 09:22:06 + WordPress Admin Post Navigation Plugin完整路径泄露漏洞 + 详情 - 5f51bb4b513845902ca53716137553cb - CVE-2023-37999 - 2024-10-10 09:23:34 - WordPress plugin HT Mega权限管理不当漏洞 - 详情 + 7dcbaed96391fff5f09eec3578978fee + CVE-2024-4603 + 2024-10-11 09:22:06 + OpenSSL拒绝服务漏洞 + 详情 - 9dd1bbcf27a0fe513b528c267417136a - CVE-2023-51401 - 2024-10-10 09:23:34 - WordPress plugin Ultimate Addons for Beaver Builder路径遍历漏洞 - 详情 + 72f5a3dfb7be4d5da0df17db2b452c73 + CVE-2024-4609 + 2024-10-11 09:22:06 + Rockwell Automation FactoryTalk View SESQL注入漏洞 + 详情 - 803b03ed0a57f6a2ae5b14b1e13edc13 - CVE-2023-51424 - 2024-10-10 09:23:34 - WordPress plugin WebinarIgnition权限管理不当漏洞 - 详情 + cb3ff3014afcfcbc6e351b182804269c + CVE-2024-4956 + 2024-10-11 09:22:06 + Sonatype Nexus Repository路径遍历漏洞 + 详情 - 7f5f025dfb1cef5c6ac4e19db783dd54 - CVE-2023-37866 - 2024-10-10 09:23:34 - WordPress plugin JetFormBuilder权限管理不当漏洞 - 详情 + e6749972d7bce2c245d9e1db5c67e93c + CVE-2024-27260 + 2024-10-11 09:22:06 + IBM AIX命令执行漏洞 + 详情