From aacf974a77116f2334bdd9b2ed95b676a3e161b9 Mon Sep 17 00:00:00 2001 From: Github-Bot Date: Mon, 11 Nov 2024 03:28:32 +0000 Subject: [PATCH] Updated by Github Bot --- cache/Nsfocus.dat | 15 +++ data/cves.db | Bin 50044928 -> 50049024 bytes docs/index.html | 262 +++++++++++++++++++++++----------------------- 3 files changed, 146 insertions(+), 131 deletions(-) diff --git a/cache/Nsfocus.dat b/cache/Nsfocus.dat index 18b1cde7539..32d2b420edd 100644 --- a/cache/Nsfocus.dat +++ b/cache/Nsfocus.dat @@ -139,3 +139,18 @@ f32db704495ac592afc6eeaf793d4018 9fb91ccee794e3dbd04e1c5f4b1852ca 79d9e496173770dd2888c49425c11210 b14680b7688e5e0df9b51cccf8278a27 +5bc768d6b21ae898085dca868f465650 +f91d8003fa09089fceea31b748c5c252 +e9b2b18f8d2c4a3d0aae49287d3d2f7b +121d96010deaf1ff60974852264cd6c7 +c6cbabd6d85a43452d86d7c7b2b3ccb1 +acc3a7db2c2ac9bf4bbaf9e3d7a1eae9 +cb66901fca8a602d5fa74968c2b340ee +7e016b5f83f6b5419787053b1ae819c1 +dfe5f0576593fd05efc4be46f26d4700 +d57239b0a662e846499c7156aec116bc +d76edfbfd2385e9ef09b406dd52dd955 +1e7e59c8f483bb32f3bf3bd1ebd40930 +f9131c00955d5734eb9b878078dfd554 +84f6455bb4a352b0c3231e5a3e515d52 +76fa976c8b2146988f7b4a3eb3c4c8b8 diff --git a/data/cves.db b/data/cves.db index 882d13ff9efc5e9d91cfb2373865923d43669c46..293cd64fe3fde16d1a93ab79892c2969151624ad 100644 GIT binary patch delta 4679 zcmaLZXLMBM7RGThp+hL5baAkw0%vAU#ezsP8hTT)?3p=dAe00`C_zvL*=kfIC=vx_ z>|#Svu}};)tSI&#P$?>k9TmNL|3}yTa1-xcE5Dt!=EFQ^@3Y@GS+IFuhXp(Kb*Spn zsIozW-W!%i`{q?7>$GrHe{el|xm!sT`&fRq3vBxXKYKN2(m9a8)a@#8l!c2^CYtQn6JW6<5Vm>7#O@%1J6GtDK_JSLIZdek!M_^j8_6 zGEilZ%3zh#RSH$kP&rejNM(r1P?cdS!&OG8j8qw=GFoMf%2<_gDrc#jt#Xdac$ITi z&Qm#Gvl&VZqnXXc%GDD?YWv0q3 zmDwtDR4P>Fs$8ftPi4N!MJgAoEKtd+EL6EfWs!=iT&i-J%H=ARDp#mnsdAOdVwI~^ zmZ(&zELFKi3a!xwZE+CV;b0ts_UM3)=!DMbg046e-EbJ9=#Im21dhZ}I2y;` zSoFYgI36dUCwieb48#ye0wyfjaNxp2ADoDja57FoU!015I1T+V00S`ygK;_vaR$yr z5r$wWhG95HU?fIiG{#^o#^EfSjdL&_=i)q^j|&jaKZz95@DU(`37CjtOu}SL!Bmu> z6w@#rWtf3-%)~6r#vD{&E-u78%*REz7z>caLR^AHP+W@3a5*Y*1+K(ZSd6Q&1XWmy zYj7==;W{iwHLk}ESb>$e5jSBKa=00{;8xs*+i?f(#9dg8yKxWh#eKLRYw!Rb#9BOr zhw%v3;ZZz>$MFQ#V*@r~6P`p3HsdKgjc4#Ip2HSAj~DPFUc$?G1zYhdUc)xLjyLco z-oo2>2k+uNypIp?AwI&#sKs{dz$f?=pJ69u@_(AYwW`}_!i&cd;EYO z@e}srXZ(U+aR9&Jcl--~;Lp5DiE#W8K|UIy5gMZjnxYw+qXk-`0Ikp(ZO|46p&bs! zA!v^d=!j0}j4tSkL(vU~A&Txe97o_t9EGEC430$)9Eam^0(znsdc!~raU@{Ef(-{Q zJoLedI0+}?6!gWZ=!etL9|JHDgD@DUqY!7{OcY@VhGH0oV+2NG6h>nV#$p`K!r3?n z<8dy|!}+)X;rx?GAq^h^GMIpgD8?jA#uQ9N2}&^y(@};QD9239!febz1?J*H%)@+K zgp08NSuDgQSOmqTxD1!05?A0#T!qEB8cR@xrML#yVi~T(a#Z7b+<+BWi5qbfRw0L* zaSLw6ZMYqG;7;6y)wmn?;9lH^`>_TO;6bd#LwFdEU>zRCV|W}-U_CZqBR1hl)L=87 z!qa#L&*C|3!Si?lFXAPfYU!t#AsehABtVfiU6`@`~cSbho1 zuaTPa+<{2dw_OVw+}xnx>K3D$ZfTrqw6Rh9hO_dw=J$zI=Y5tpsJhLL2NsOWb|<;% zkWR-;P85vsGl7*cEXTIIM8-F)Ad@yzfoW&rwr@Iyv1dcgo|U=&V+Zz(8*#Iz=egdv z(lUQ|SukTpblQ}e6N*cs{mUw*m6zt$_WmsrZ5oS3jYOZgoy%MCP2`AirftQu9kq6T z7Rt7Se-z}aT7y|OUkEB3Fbuml~j~ZEH0T) zRFu1A(f&xM=CPjt9Ty`mk?pOu^O_Cm)FYcuUOHvlo)OEWlWx*B;=YwhI;Lm4>3Aw( z8bNj2d41b8i5o+M^1>0hO+CKL>)31OrkXv=R_}a#@vb$MyL9#FqEUM)FW-IReY-a< z+5O0>zvd9Dn|waWX11HwUKlnS5S&b>6G_KU#nbU*+Dm23R4SSAf`soRV?i?T>NaY` zjDh9lrDZ{MKyh?%aWYNUrO~3&baG0+!ran_e~NUh*Y7Y=t!yi;og1bO4BNHSsbtEx zeb-8w3Db)EuI)Q%Cq=vIbgJHX4KrSpESb=MVzRiT*Q8wR?sp>XTh#0BJaX*pky=|3 z=1eCi7LWO!%`^K!G84;WY{PR**NVq&Gws`Hr%rdaYrFrmyXtIp*G{?CD}RYJuGir? zBsahvwFnw#e(6tD0UvwV`R-Mont@Z;@5a+7)nVHEvnhp!MWdTU!k*SW(cRC0Er$ zZo``Bw(fa-L6!ovUUH#j!I<&#}`k4`|w+>oR&?N5GnyeCXC0ie;EqZtc#G zBkekumlaQA$xBO;<;A5X(PW7q9iFV18kCgh=AL#S(z(uP#+$ZjXAjZs`HZH=2%=px zW1E(h3iGUZ%19^TiCAC}ZpAFW-us9drWYGHXIgk=^_nze=Y|ct7cKdG-J;#=t8!0O z9*7)VCr}7AL&+a)wy*|H=D29^THkIO>Qi30?SMD%H2dNm565&DSrG|kn&B#OVr%~ z$8-`!GfR?X716>0!$$tU>uMxfUbd5NZxCjUC(C#2z|W*Iemvn?ffr;9FJ&6G&pdsf z#_ROxdU119P&TVL9Skj<9Yyu)FD1I>wlUDU%RQEjHL`8A_Tn(CFbuPtc*08=N!yMG uZul%-+KE|qGDyex>yWM!Mq}~68{4yN-LCtqzF4?s=Y~iB@#V47R_x#X1grJ{ delta 2910 zcmWmGWwR9o6op~#;nLmRDM*)qba#VDExJpPmR@vsUpl0v^U@7UcXvo5p`!2k@Vq}@ z&Fq;y_|D5DgZI5mGATu*ei0(%+BrFGiI9FnWQAA(E20%@MY1AWQLLy|G%LCl!-{Fe zvSM3tthiP@E54P$N@yjr5?e{Eq*gL3xs}37X{EAKTWPGcRyr%amBGqrWwJ6`S*)zq zH&!+)yY;P=!^&ypvT|E_th`n}E5B91Drgn5zOxEjMXaLM_f|2hxK+X`X_c}{TV<@W zRynJ@Rl%xgRkA8uRjjI3HLJQ+!>Vc3vT9p(th!b`tG?C1`oU^w{b)6^8e2`QrdBhH zeVSV>td>?QtF_g}YHPK#+FKp0j#ekDv(?4wYIU=^TR&Mnte)1-Rxhi!)yL{<^|Sh0 z1FT=Hfz}{vur_<= zS=MZ8jy2bsXU(@3SYg&eYmv3sT4F7=mRZZK71l~?mG!H&+FE0+wbohdtqs;j>o;qY zwb|NYZMC*p+pQhePHUI7+uCF8wZg4^)_&`Nbw^)_v=N_0W1`J+_`$PpxOx zbL)lmr}ff$WxclESZ}R&)_d!N^_TV0`ec2!zF2=-|5*Q8U#zr3$o%H zWJ7j*iyX*_T*!?)$cuc)j{+!&Lii4aQ3OTtJ&K_?N}wc4p)|^%EXtugDxe}Np)#tV zDypG6YM>@+p*HHEF6yB^8sG;s#E)o%#%O}3Xolea&Cvoa(F(2625r#}?a=`p(FvW= z1zph%-SHE8peKGtFZ4zq^hH1P#{m3-ff$6r7=ob~hT$+qU?fIiG{#^o#$h}rU?L`A zGNxcEreQi}U?yf^Hs)Y1=3zb-APft!2#c`vcx3cq4C)?h8xVLdirBYwjs zY{nLB#Wrlm4(!A(?8YAKML70hKMvp^4&gA4;3$saI8NXsPT@4p;CK9ivp9$IxPXhe zgv+>stGI^ixPhCvh1 zKI04i#y|KMU-4haXazWb1P~FSh=j<9f~bgw=!k)sh=tgQgSd!?_(*_+NQA^lf}}`> zMD zhF~a$VK|Ht7>Q9BjWHODaTt#Yn21T3j47CkX_$@~n2A}KjX9W$d6j{`V}LpY2h zIErI9juSYEQ#g$?_#J=XEY9IPF5n_A;WDn^Dz4!=Zr~LSD=YiqjGiZY7;qh{Z2KI!^tQj{}+=;!y zo(IT_VEzo|WiYRTc^%A~VBQAvE|~YhdRU_J)(DVWcJ@LpkG0ux@x2#wq#LaYff e>P9^hd0V{PH);j8rM>et5E|ZM#@~Sj(f$X$VrQxV diff --git a/docs/index.html b/docs/index.html index 23661fe4d85..9eb5671e215 100644 --- a/docs/index.html +++ b/docs/index.html @@ -1,4 +1,4 @@ - + @@ -366,7 +366,7 @@

眈眈探求 | + 2024-11-09 14:15:18 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mark Tilly MyCurator Content Curation allows Stored XSS.This issue affects MyCurator Content Curation: from n/a through 3.78. 详情 @@ -374,7 +374,7 @@

眈眈探求 | + 2024-11-09 14:15:18 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mark Kinchin Beds24 Online Booking allows Stored XSS.This issue affects Beds24 Online Booking: from n/a through 2.0.25. 详情 @@ -382,7 +382,7 @@

眈眈探求 | + 2024-11-09 14:15:17 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bricksable Bricksable for Bricks Builder allows Stored XSS.This issue affects Bricksable for Bricks Builder: from n/a through 1.6.59. 详情 @@ -390,7 +390,7 @@

眈眈探求 | + 2024-11-09 14:15:17 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For Elementor allows Stored XSS.This issue affects Black Widgets For Elementor: from n/a through 1.3.6. 详情 @@ -398,7 +398,7 @@

眈眈探求 | + 2024-11-09 14:15:17 Cross-Site Request Forgery (CSRF) vulnerability in Chaser324 Featured Posts Scroll allows Stored XSS.This issue affects Featured Posts Scroll: from n/a through 1.25. 详情 @@ -406,7 +406,7 @@

眈眈探求 | + 2024-11-09 14:15:17 Cross-Site Request Forgery (CSRF) vulnerability in Lars Schenk Responsive Flickr Gallery allows Stored XSS.This issue affects Responsive Flickr Gallery: from n/a through 1.3.1. 详情 @@ -414,7 +414,7 @@

眈眈探求 | + 2024-11-09 14:15:16 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MetricThemes Header Footer Composer for Elementor allows DOM-Based XSS.This issue affects Header Footer Composer for Elementor: from n/a through 1.0.4. 详情 @@ -422,7 +422,7 @@

眈眈探求 | + 2024-11-09 14:15:16 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in EzyOnlineBookings EzyOnlineBookings Online Booking System Widget allows DOM-Based XSS.This issue affects EzyOnlineBookings Online Booking System Widget: from n/a through 1.3. 详情 @@ -430,7 +430,7 @@

眈眈探求 | + 2024-11-09 14:15:16 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kaedinger Audio Comparison Lite audio-comparison-lite allows Stored XSS.This issue affects Audio Comparison Lite: from n/a through 3.4. 详情 @@ -438,7 +438,7 @@

眈眈探求 | + 2024-11-09 14:15:16 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mehrdad Farahani WP EIS allows SQL Injection.This issue affects WP EIS: from n/a through 1.3.3. 详情 @@ -1979,6 +1979,126 @@

眈眈探求 | TITLE URL + + 5bc768d6b21ae898085dca868f465650 + CVE-2024-6674 + 2024-11-11 03:26:23 + Saifeddine ALOUI LoLLMs访问控制错误漏洞 + 详情 + + + + f91d8003fa09089fceea31b748c5c252 + CVE-2024-6673 + 2024-11-11 03:26:23 + Saifeddine ALOUI LoLLMs跨站请求伪造漏洞 + 详情 + + + + e9b2b18f8d2c4a3d0aae49287d3d2f7b + CVE-2024-6581 + 2024-11-11 03:26:23 + Saifeddine ALOUI LoLLMs跨站脚本漏洞 + 详情 + + + + 121d96010deaf1ff60974852264cd6c7 + CVE-2024-6868 + 2024-11-11 03:26:23 + Ettore Di Giacinto LocalAI任意文件写入漏洞 + 详情 + + + + c6cbabd6d85a43452d86d7c7b2b3ccb1 + CVE-2024-7042 + 2024-11-11 03:26:23 + LangChain.js SQL注入漏洞 + 详情 + + + + acc3a7db2c2ac9bf4bbaf9e3d7a1eae9 + CVE-2024-7010 + 2024-11-11 03:26:23 + Ettore Di Giacinto LocalAI信息泄露漏洞 + 详情 + + + + cb66901fca8a602d5fa74968c2b340ee + CVE-2021-38120 + 2024-11-11 03:26:23 + NetIQ Advanced Authentication使用不安全TLS版本漏洞 + 详情 + + + + 7e016b5f83f6b5419787053b1ae819c1 + CVE-2024-7783 + 2024-11-11 03:26:23 + Mintplex AnythingLLM信息泄露漏洞 + 详情 + + + + dfe5f0576593fd05efc4be46f26d4700 + CVE-2024-9989 + 2024-11-11 03:26:23 + WordPress plugin Crypto身份验证绕过漏洞 + 详情 + + + + d57239b0a662e846499c7156aec116bc + CVE-2024-7472 + 2024-11-11 03:26:23 + Lunary电子邮件注入漏洞 + 详情 + + + + d76edfbfd2385e9ef09b406dd52dd955 + CVE-2024-8924 + 2024-11-11 03:26:23 + ServiceNow Now Platform SQL注入漏洞 + 详情 + + + + 1e7e59c8f483bb32f3bf3bd1ebd40930 + CVE-2024-7473 + 2024-11-11 03:26:23 + Lunary IDOR漏洞 + 详情 + + + + f9131c00955d5734eb9b878078dfd554 + CVE-2024-50466 + 2024-11-11 03:26:23 + WordPress plugin DarkMySite跨站请求伪造漏洞 + 详情 + + + + 84f6455bb4a352b0c3231e5a3e515d52 + CVE-2024-10491 + 2024-11-11 03:26:23 + Express.js任意资源注入漏洞 + 详情 + + + + 76fa976c8b2146988f7b4a3eb3c4c8b8 + CVE-2024-50459 + 2024-11-11 03:26:23 + WordPress plugin Stripe Donation and Payment缺少授权漏洞 + 详情 + + 0d71bbd01d2cb6df5b9300d51f083196 CVE-2024-24510 @@ -2099,126 +2219,6 @@

眈眈探求 | 详情 - - 3b95a562d7d1291f1021ec12c3834e49 - CVE-2024-1596 - 2024-11-07 09:22:22 - WordPress Preloader Plus – WordPress Loading Screen Plugin跨站脚本漏洞 - 详情 - - - - 8834535f81a630657166fed3d7c4fb42 - CVE-2024-7620 - 2024-11-07 09:22:22 - WordPress Customizer Export/Import Plugin任意文件上传漏洞 - 详情 - - - - 41351d0ec3732c5dff3d140992fd7bf7 - CVE-2024-6849 - 2024-11-07 09:22:22 - WordPress Preloader Plus – WordPress Loading Screen Plugin跨站脚本漏洞 - 详情 - - - - 329dc028e563c2b3eaf5342016080892 - CVE-2024-45625 - 2024-11-07 09:22:22 - WordPress Forminator Plugin跨站脚本漏洞 - 详情 - - - - 0a50517463a78ffc013c658e23465052 - CVE-2024-40710 - 2024-11-07 09:22:22 - Veeam Backup & Replication远程代码执行漏洞 - 详情 - - - - 2ca13589573246881843402d454bc011 - CVE-2024-38651 - 2024-11-07 09:22:22 - Veeam Service Provider Console代码注入漏洞 - 详情 - - - - f38741b0eb93d7fac5dfb5c9235e182e - CVE-2024-40714 - 2024-11-07 09:22:22 - Veeam Backup & Replication证书验证错误漏洞 - 详情 - - - - 2bc4d6b50a12cca3a9d8361e3c470755 - CVE-2024-39718 - 2024-11-07 09:22:22 - Veeam Service Provider Console输入验证错误漏洞 - 详情 - - - - e22e9fac420f954b2645afd47cd9abb7 - CVE-2024-39715 - 2024-11-07 09:22:22 - Veeam Service Provider Console代码注入漏洞 - 详情 - - - - e665d26d160130f8d8b67f2803a8c2d3 - CVE-2024-39714 - 2024-11-07 09:22:22 - Veeam Service Provider Console代码注入漏洞 - 详情 - - - - e15e2825e5ce182e5104207936b2d04a - CVE-2024-40711 - 2024-11-07 09:22:22 - Veeam Backup & Replication不受信数据反序列化漏洞 - 详情 - - - - 7d1843b3a8a737274978d9798880ba57 - CVE-2024-40712 - 2024-11-07 09:22:22 - Veeam Backup & Replication路径遍历漏洞 - 详情 - - - - 4aae88371035c4ed0cbd4df19ba5c552 - CVE-2024-40718 - 2024-11-07 09:22:22 - Veeam Backup & Replication服务器端请求伪造漏洞 - 详情 - - - - 5297e1b50899834313422dcdc0a9cb43 - CVE-2024-6928 - 2024-11-07 09:22:22 - WordPress Opti Marketing Plugin SQL注入漏洞 - 详情 - - - - 33693b4b688d30c81f0efc06fb8efae7 - CVE-2024-6859 - 2024-11-07 09:22:22 - WordPress WP MultiTasking WordPress Plugin跨站脚本漏洞 - 详情 - -