From 91cbd832e2a802bf1b7493bfe927f9c2903d06df Mon Sep 17 00:00:00 2001 From: Github-Bot Date: Thu, 12 Dec 2024 03:38:46 +0000 Subject: [PATCH] Updated by Github Bot --- cache/Nsfocus.dat | 15 ++++ data/cves.db | Bin 50462720 -> 50462720 bytes docs/index.html | 172 +++++++++++++++++++++++----------------------- 3 files changed, 101 insertions(+), 86 deletions(-) diff --git a/cache/Nsfocus.dat b/cache/Nsfocus.dat index 4c26ad5ee1e..0c1338346c6 100644 --- a/cache/Nsfocus.dat +++ b/cache/Nsfocus.dat @@ -120,3 +120,18 @@ e52b98ef7414c088b7cd36a5c97db314 22c953925bbb435f84dad07c780bd0de d94fbccd3fc942f27f00a3b4dc5faa1a 092ba82551c3144c64d385e618425922 +5d4ade526c576460b3b8e9b3c3081c25 +99fca2fb798f1dec33e36b789d00f45a +4c02af3276ee522c6c50e62a833442ba +9ba9c4794493f8e66e63889101836f20 +214ee266ec82a91d7ea5c2895f0fc172 +96704092af18f55242e4b8fe90f9de63 +f3a18770b88049f642e7dbad2bca9fca +4d5a435a5645bd93e32090dc710e6c75 +c9a8de504c56c5190f996364b71ae407 +58792cb52cbef47c71cf885a93acfcb9 +d7318842761dce59ea9d2b3a12e23c26 +fa4ca8977b7be6676251cfbace5ed686 +dad092fe218e1c3d6fefc1b1ff714818 +1e545a4bd7d99efb7179fde7d0d771c1 +2e3d3413548e26a324dff12e563740f0 diff --git a/data/cves.db b/data/cves.db index 19da477420838ad33ce792bd105b68f9e84ece7d..2661d2b2ae734a51726b1e4bedb917ddf5ae9a6b 100644 GIT binary patch delta 4456 zcmZY9XK++?7sv5uH}oQ42ptWgAZm1P*;}yCMWq->0)mutclR!Y7EDpGvdB@ff`zCN z*WMe5q9TF?3pP|lET~u(yMQ7n3ePt><6wO8nc3MF_cy2g=gz&f(_Ad<8kw@F+n~sl zjHpCZqAGbRjZ_+|G*M})(oChfN(+^iDy>vns~n)xMy0JvJCy@f@>SZa6sUAi>8R34 zrL#&Gm98q?RJyAiq;jxIp-K;xLsWXI9IA4dN-ve(Du=7|Q8_~8NR^{hid2qPIYuR> zVyKuZmWr(sS8-Ha6;H)i>8oGDc;r%4sU&RK}~Et};PoqRJ$d$tv_GP)VpH zRZ=RUN?K)#%2btdm1!!|Rc5HnRGFnxp)yljGa+6A(%FQZERBlnps@$q_o67Afcc|Q{a+k{8D)*?|t8$;p{VETr zJgD-J%EKy;s648&RArgUV=Bv49#?rnWrfOs8)Xc}L}4l?^KIscckvUuBcZ2Pz+` ze5CTR%4U^MR6bStOl6D8=PF;Qe5vx4N={{~%GWC2sC=vPoyzwrKdAhu@{`IomF+4! zRDM?ZMP;YTuPVD#cB}lR^1I3&l|NMeRN1StZ-GRvlnA28LnAas6EsCLG)D`xL@Tt$ z0ceA^XomxlkM<})2XsUybVe6+MK^TEK{yzN=z&Af6Nln3^g?eOjy^a7N8%_H;bie;hyECVff$6r7=jZq6eryE? zq6}j&7N=nx#^ZEMz(h>KWYqURKmtjm5F(8!n2K^t!*tBROw2+BX5$Q0q6*ch!I?M< zXJZb|!MQjO=i>rgh`GpM9xlRsC@#h&xD*R;87{{axDr?4YAnPeT!U+I9j?b>)Zzx* zh?`J{o3RA9Ad6dZ8*axPxD$8bZrp==aUbr-19%V*;bA<2N3j&k@EDfkaXf()coI+H zX{^LEScPY?8f)+zp2rJ#5o_@hUdAhU73=UCUdJ1F6K`QX-o`t47aQ;%HsXD3!Uy;e zAK_zc#wYj`pJ59=#~1h#Um=IB_!{5fTYQJ_@dJLuPuPa-*nyw%3wGjH?80vRhTpLV zf8bB-#lFY_iE{pkA`gww7){U=&Cnbz&=RfC8V8^a+M*o}L_XT103FZ~ozNLw&=uX# z9S7lH6ru+XK~Eft!_W)8aX9+m2pox{P=up#3}P@~!h(%B9Juh{qc4udaX20)pdb2U z00v?Z24e_L#88}slW_`$VK_!$Bu+&!MqxBcP>M2)!C0JzaTt%&F#!`X36oLZ{{RUj zkwSCv3qXuWLkg}ZSN z?!|q$9}nO`JcNhw2p+{!EW=}1j>qu?R^UlIg{QF+&tMgv#cHg`ca;9YFMd)SEgu?ZjGLwtmfu^FG>Q+$Rk_#9v0OMHbKw&H7i zgKzO2zQ+&v5kFxYwqpl=#xK~3U$G0j@f&`}9{hnnu^0QI3nXuqMDp(Z>5#V34*zSp zx8>9pFSa#%|~?Zo#||~ zE;B9k>namRA)SUR?K_jC$>bAZgmF6_*ol;z^8GNKa1GZ_ zr$RRsOS!I*%x<4GFp}TeH^){~riv@Ws;a`-*^0V#(SpTKRyNDFU$i^gBYOn_&HoN4 z^{sfOKy%WJfKhxu6{KRmnGQ|E3yq|ea?)WsX(Wtv+BIy?@EVjrv4&AqU0E}|x~8&l zMtNdtSf0*CR&V@w9Rq#K$sDb@$$zyfkDPR1Cj-xS-GrM69mjRdxRFdJf@ByEQ;z2} z$nl-*(jEOH`PsHx=S4f!>YMWm>b5P(Yn;7`TAKb{%MjmkGskLf(qGN$T3?K78J=gG zu4AP5upb6~%1l@RBQdR{*)YWRY{SU*ul+RIzIkayO=VSKFe{Zkqh@@hYj%CruhD}2 zJ2$|$yi8BcO{8|o}=85On0{CNAiH8;EVH2ma|!wO4>7mXb}+I5^*?e^ts3+npy{C5{)z8%Y)sJYYWV(ZKZ z((DuqXT^iKW5*LI-wG`==EqVL7z>@Gn_b^_GaEd))QB|A_W5>4v?x38l(J|+?WA5U zo3#0B(G9c6FbZQ7cps^#zp>k!B{I>&6nE7qk7eW1DPrB4Aj_z)vTG z1_hah={cuX2FV#=VR2Y7dq!ANk*==WQj*tY|GpLbwwYO7e3_l((88D)xY~;`{SKhJp*6gTOJEQsgZ^0nnwlcjmcUpZ! z6%nRkhuppsCOtFojg%V(@ucbb@pOzka?SlC45!Foh}oqR_eS$u1m&~F78ecz=-W=_V9k})XN2`-)lb~y zY4g3bkqVO*8|Nfk&rii-X&%4*TgWR~pJ9!zDW6sz7LE+7&#I`LUR5}9;Akrriw!QS z?Q!>U`PubrBYCaz{@K5gzU^k(X|9yW-ouEDr|f`(GAYM(Y$ukm5?<&htfUq5jHDTF p5b67IXJ|#m6xMIh)Jm>)S*P~dZ71#hcVT(H?XBLsCz2O!^nbJoP5}S_ delta 2870 zcmWmD)3O+f0tC^!cajs^wr$(CHL-1TV%xTD+qP}nxt)hKAJA3PzyGip{V^_fK#lQn z3J25}AS=KMw1QYctzg!FR&XnX719c2g|@<2VXbghcq@Vx(TZe6wxU>3t!P$sD~1)* zie<&N;#hI5cvgHXftAooWF@weSV^s9R&pzamC{OOrMA*oX{~ftdMksK(aL0Hwz61R zt!!3yD~FZS%4OxY@>qGTd{%y|fK|{cWEHlGSVgU3R&lF@RnjVDmA1-QWvy~nd8>j| z(W+!swyIcFt!h?vtAR5HHdRBdlJ`JpfRwJvi)x>IQHM5#qEv%MSE338D z#%gP|v)Wr7td3SEtFzU`>S}efx?4T0o>nibx7Ek$YxT4GTLY|t)*x%JWow8v)EZ_D zw?i?!9-W^K22SUas<)^2N$wb$Bb z?Y9nC2dzWaVe5!>)H-Gzw@z3mty9)%>x^~QI%l1?E?5_>OV(xUignexW?i>#SU0U( z)@|#Kb=SIQ-M1cC53NVmW9y0a)Ouz;w_aE;tyk7->y7o+dS|`2K3E^EPu6Gai}ls| zW_`DQSU;^_)^F>N^>?@eMk@e;2!fyphW`*8ArKOw5E@|+7U2*c5fBlP5E)Sr710nK zF%T265F2q27x54u36KzpkQhmj6v>brDUcGWkQ!-_7U_^48ITc~kQrH!71@v-Igk^% zkQ;fB7x|DM1yB%$P#8r}6va>+B~TKjP#R@W7UfVL6;KhCP#INF71dB3HBb|^P#bkn z7xhpd|N1vTLo`BTG(l4|Lvyr1OSD33v_V_6Lwj^UM|47GbU{~iLwEE*PxL}>^g&!|7)!7e%di|PuoA1V8f&l?>#!ahuo0WE8C$Rw+prxwuoJtm8+))9`>-Dea1e)Z z7)Njv$8a1ca1y6*8fS18=Wreua1obq8CP%>*Ki#-a1*z18+ULQ_i!H%@DPvi7*FsN z&+r^C@Di`^8gK9x@9-WU@DZQz8DH=f-|!tj@DsoA8-MUOV7LOgKLQa1K@kl9Avi)H zBtjuH!XPZdAv_`=A|fF&q97`wAv$6pCSoBr;vg>KAwCiyArc`mk{~IPAvsbYB~l?Z z(jYC;Aw4o6BQhZ~vLGw6AvYy&_p+5fgZ-9nqgvMxsrf7!dXn~e!h1O_;wrGd; z=zxysgwE)KuIPsD=z*T-h2H3czUYVk7=VEoguyU|U?_%RI7VP3MqxC@U@XRAJSJcw zCSfwBU@E3zI%Z%dW??qwU@qoiJ{Djh7GW`#U@4YiIaXjLR$(>PU@g{RJvLw?HeoZi zU@Nv^J9c0vc40U6U@!JzKMvp^4&gA4;3$saI8NXsPT@4p;4IGJJTBlOF5xn+;3}@+ zI&R=5Zs9iW;4bdrJ|5s99^o;b;3=NrIbPr;Ug0&~;4R+aJwD(gKH)RI;48l2JAU9N ze&IL%;BVk?1=+2DAdB7x3kdz^f1$S~%n{qr**NMO+a1LRRt Ah5!Hn diff --git a/docs/index.html b/docs/index.html index 54a8a386033..254a8269ef1 100644 --- a/docs/index.html +++ b/docs/index.html @@ -1,4 +1,4 @@ - + @@ -366,7 +366,7 @@

眈眈探求 | + 2024-12-10 11:15:07 Dell Avamar, version(s) 19.9, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection. 详情 @@ -374,7 +374,7 @@

眈眈探求 | + 2024-12-10 11:15:07 Dell Avamar, version(s) 19.9, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. 详情 @@ -382,7 +382,7 @@

眈眈探求 | + 2024-12-10 11:15:07 Dell Avamar, version(s) 19.9, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Command execution. 详情 @@ -390,7 +390,7 @@

眈眈探求 | + 2024-12-10 11:15:07 The iChart – Easy Charts and Graphs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘width’ parameter in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 详情 @@ -398,7 +398,7 @@

眈眈探求 | + 2024-12-10 11:15:07 The Simple Restrict plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.7 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as administrator. 详情 @@ -406,7 +406,7 @@

眈眈探求 | + 2024-12-10 11:15:05 The The Active Products Tables for WooCommerce. Use constructor to create tables plugin for WordPress is vulnerable to arbitrary shortcode execution via woot_get_smth AJAX action in all versions up to, and including, 1.0.6.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. 详情 @@ -414,7 +414,7 @@

眈眈探求 | + 2024-12-10 10:15:06 The Quran multilanguage Text & Audio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'sourate' and 'lang' parameter in all versions up to, and including, 2.3.21 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. 详情 @@ -422,7 +422,7 @@

眈眈探求 | + 2024-12-10 10:15:04 The Email Reminders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 2.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 详情 @@ -430,7 +430,7 @@

眈眈探求 | + 2024-12-10 09:15:06 In Teltonika Networks RUTOS devices, running on versions 7.0 to 7.8 (excluding) and TSWOS devices running on versions 1.0 to 1.3 (excluding), due to incorrect permission handling a vulnerability exists which allows a lower privileged user with default permissions to access critical device resources via the API. 详情 @@ -438,7 +438,7 @@

眈眈探求 | + 2024-12-10 09:15:06 SolarWinds Web Help Desk was susceptible to a local file read vulnerability. This vulnerability requires the software be installed on Linux and configured to use non-default development/test mode making exposure to the vulnerability very limited. 详情 @@ -2108,123 +2108,123 @@

眈眈探求 | - Microsoft Edge (Chromium-based)类型混淆漏洞 - 详情 + 5d4ade526c576460b3b8e9b3c3081c25 + CVE-2024-9956 + 2024-12-11 03:36:38 + Google Chrome权限提升漏洞 + 详情 - 6e4d606652205d82863ee2d868adb868 - CVE-2024-49126 - 2024-12-11 03:35:57 - Microsoft Windows Local Security Authority Subsystem远程代码执行漏洞 - 详情 + 99fca2fb798f1dec33e36b789d00f45a + CVE-2024-48783 + 2024-12-11 03:36:38 + Ruijie Networks NBR3000D-E信息泄露漏洞 + 详情 - 8fbced53fcc7e8f177f049f43223e3c1 - CVE-2024-49129 - 2024-12-11 03:35:57 - Microsoft Windows Remote Desktop Gateway (RD Gateway)拒绝服务漏洞 - 详情 + 4c02af3276ee522c6c50e62a833442ba + CVE-2024-48782 + 2024-12-11 03:36:38 + clark DYCMS文件上传漏洞 + 详情 - fdef099d1f518d77c61482b695ce0665 - CVE-2024-49123 - 2024-12-11 03:35:57 - Microsoft Windows Remote Desktop Services远程代码执行漏洞 - 详情 + 9ba9c4794493f8e66e63889101836f20 + CVE-2024-48781 + 2024-12-11 03:36:38 + WonderShare WonderShare Yitu任意代码执行漏洞 + 详情 - 2b1e52669a85821f5f775c05246b782f - - 2024-12-11 03:35:57 - Microsoft Office纵深防御更新漏洞(ADV240002) - 详情 + 214ee266ec82a91d7ea5c2895f0fc172 + CVE-2016-15041 + 2024-12-11 03:36:38 + WordPress plugin MainWP Dashboard跨站脚本漏洞 + 详情 - 90e3916344be33dbb62061fe3487cf2d - CVE-2024-49124 - 2024-12-11 03:35:57 - Microsoft Windows Lightweight Directory Access Protocol远程代码执行漏洞 - 详情 + 96704092af18f55242e4b8fe90f9de63 + CVE-2024-31955 + 2024-12-11 03:36:38 + SAMSUNG代码绕过漏洞 + 详情 - 26dc7b6b7a771a84b11e77319fcb6c29 - CVE-2024-49125 - 2024-12-11 03:35:57 - Microsoft Windows Routing and Remote Access Service远程代码执行漏洞 - 详情 + f3a18770b88049f642e7dbad2bca9fca + CVE-2024-21286 + 2024-12-11 03:36:38 + Oracle PeopleSoft命令执行漏洞 + 详情 - 3567a4c33bd34422f928a93faf81fb74 - CVE-2024-49127 - 2024-12-11 03:35:57 - Microsoft Windows Lightweight Directory Access Protocol远程代码执行漏洞 - 详情 + 4d5a435a5645bd93e32090dc710e6c75 + + 2024-12-11 03:36:38 + WordPress plugin GiveWP – Donation Plugin and Fundraising Platform PHP对象注入漏洞(CVE + 详情 - 5b8faec2dd5c51b8a2621ed764227fb8 - CVE-2024-49132 - 2024-12-11 03:35:57 - Microsoft Windows Remote Desktop Services远程代码执行漏洞 - 详情 + c9a8de504c56c5190f996364b71ae407 + CVE-2024-48714 + 2024-12-11 03:36:38 + TP-LINK TL-WDR7660堆栈溢出漏洞 + 详情 - 42834ec17e38342914785b3b0a3730d5 - CVE-2024-49128 - 2024-12-11 03:35:57 - Microsoft Windows Remote Desktop Services远程代码执行漏洞 - 详情 + 58792cb52cbef47c71cf885a93acfcb9 + CVE-2024-9647 + 2024-12-11 03:36:38 + WordPress plugin Kama SpamBlock跨站脚本漏洞 + 详情 - dfcef74a69a0f1bc0f274f7825b8776f - CVE-2024-49142 - 2024-12-11 03:35:57 - Microsoft Access远程代码执行漏洞 - 详情 + d7318842761dce59ea9d2b3a12e23c26 + CVE-2024-48411 + 2024-12-11 03:36:38 + itsourcecode Online Tours and Travels Management System SQL注入漏洞 + 详情 - ec42a985cd3398a8bc8513e6aaa00abd - CVE-2024-49138 - 2024-12-11 03:35:57 - Microsoft Windows Common Log File System Driver权限提升漏洞 - 详情 + fa4ca8977b7be6676251cfbace5ed686 + CVE-2024-9652 + 2024-12-11 03:36:38 + WordPress plugin Locatoraid Store Locator跨站脚本漏洞 + 详情 - ed4169fce5e68a34e7db632f744fe558 - CVE-2024-49122 - 2024-12-11 03:35:57 - Microsoft Windows Message Queuing (MSMQ)远程代码执行漏洞 - 详情 + dad092fe218e1c3d6fefc1b1ff714818 + CVE-2024-41311 + 2024-12-11 03:36:38 + struktur libheif越界读写漏洞 + 详情 - a1395cac8a790317301524d0a96d979e - CVE-2024-49121 - 2024-12-11 03:35:57 - Microsoft Windows Lightweight Directory Access Protocol拒绝服务漏洞 - 详情 + 1e545a4bd7d99efb7179fde7d0d771c1 + CVE-2017-20192 + 2024-12-11 03:36:38 + WordPress plugin Formidable Form Builder存储型跨站脚本漏洞 + 详情 - 9d125405614c76577a42301531845c77 - CVE-2024-49086 - 2024-12-11 03:35:57 - Microsoft Windows Routing and Remote Access Service远程代码执行漏洞 - 详情 + 2e3d3413548e26a324dff12e563740f0 + CVE-2024-9888 + 2024-12-11 03:36:38 + WordPress plugin ElementInvader Addons for Elementor跨站脚本漏洞 + 详情