From b412318077eda0d95eb9a94cc698ce36bcc6ba37 Mon Sep 17 00:00:00 2001 From: Github-Bot Date: Sat, 14 Dec 2024 18:31:52 +0000 Subject: [PATCH] Updated by Github Bot --- cache/Tenable (Nessus).dat | 10 ++ data/cves.db | Bin 50491392 -> 50503680 bytes docs/index.html | 212 ++++++++++++++++++------------------- 3 files changed, 116 insertions(+), 106 deletions(-) diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat index 74cd45fed0..c9cef6c01b 100644 --- a/cache/Tenable (Nessus).dat +++ b/cache/Tenable (Nessus).dat @@ -100,3 +100,13 @@ cc216ee3385a6efb3943afdc4f13811a 174bfe7512da199b532e861da77a3173 4abf3988708229d0b36d1e26a5592d66 358ae56ec177d1253a16832e41ba3f2b +907f974c546b5467e1304aba0fc1fbcf +0973d23576acf90d60082b1612189873 +3a4c39732fe461e569bd2add1427a4c3 +f44aa4fccf31b48bc527f2a267845279 +97419371ce8b8688c70a6a22a4091b11 +b43a3c1adf4b73a84a7f08c7884ac754 +9484696f80a32b277cd45b2512d9674c +ade6aea0eabac5dd052166664db80e27 +0487694e96a32b018b402bc6a3c1afde +8bd4e638fd93d384e254024bcf0d69ed diff --git a/data/cves.db b/data/cves.db index 59eec4c6d29629e75bd1eda22fffbb646c985109..adea5f4db0b9edabc07fc84eaa683766730db1d6 100644 GIT binary patch delta 7326 zcmdtnd0Z5A1IKZ8Kmyi>EXRJ8IanBAR)P1wcV1*A(-3D8o^ zax0HfGqcOmygJd$Zc8*ftc(uDGR?Hx%IEuC?fmblp6BWH_VmPzvgRI-*XfGfG8W(AlUfN<-aH zIywi5s5|O`dZKetFVq`lpgt%Q^+o+qf0Tu?Q4W%jj1*)>DzYFevLQQipj>nw%0mOt zKr{#qMnlk0Gz^`OhNBT^B)R~NLKmWo(8Xvpx&&Q{#-Ooi9Lh)I(FAlEx*T1BCZb7b zGMa*}L|35#RERX>L@wk;I`W_*RE)gnYBUv_! zbSJtCEk;YwQnU;iXgOMeR-(JnDs&H8jqXKj(0%BB^ZG%+tIUV2YL=Yk6u78qLxIN6qL1^db5PeT)vEgQx`^LZ6^d(P8u%I)aX( z&(SgT1v-vSpfAx^=xg*1`WAhMzDFm~59mkq6FM~)=l*;|1QJbRNGlRcT9Y^uPuh?K zl1SQ;b|msrNqm${&LSzK1L;UQkl1(`@Dk;!BVxsqH(3P>T*h?BU8o9M(t zibyf>lB>y7QbJ0JkN8O$nMML6NJ6BXRFFzCom7!)$hG7;ay_|$%pld|MlzGkBC|;i zxrx-0I#N&Okh$b$atoP9=931pfZR$JlH17bWDyCIJII~nF0z;`Axp_JVvyxz1zAb% zCacIjWHq^$tReT2`^f|3LGln;OCBbVkac7|d6aA*8_6cJnQS4Ck;lmswjqD;#WH;GEUMG9W8{|#$7I~ZOBkz!R z$$Ml!d7m_s56Fk)Bl0mhKn{`?a)^9FJ|&0AXXFSuNP|BtMWJ$xq~z3EQ852PPtrXc9wOkyz52#F2Q?h9r0xtNS5myk=z7&4ZO zBl%=JnLsWhmy;{VL^6p?CR50j$UHKi zG>`@4R*eT+sHFyJ9(DuAkUHK$qVE~ z@)CKOyh3)8SIKK+7il89$sY1L*-PFaZ<4pj+hiYkhrCPPBm2qwq?vp`J|rKJkI4aY zkhG9Pta*TXIj*}DQOY#-@ntVgP zCEt18Es1WNx5N}(u{|M1sEA6~9p4apT-co4JhMp1s;k6U+KkT1 ztes)5ouQdE)n#_r%!)@>t+H;hI-G7rbGv0#v1zKYE&e&7Yn&|G6nT8HZj6liKGg4iS7!C z9t1FAc)8?;83BRfijmwLChhi-#`uri$spHdS0e^+pt-D41qvjL+Wg)NM zCx-ly@5NE|7mEU#FQmJ}+tN;?8N&`I2q~GG%cTc{KR=BF$W|mp&61TYSrsKmu58Jb ztpD%R(DrxJu(;_`Q>KbJ;0mbeQq$6lOJ{a>^X%@Lgk|Ga%odwfb9o$++bT(R#VK25 zMYcQa;p8Kex{Oh?%=kbaHFUI?AMyvZB3;aPX;={>CyWv;*>bicTf$KZ_{)om&wOmf zA#>xgk}du2a|)g%4Qxx+4jE~OnCXhU{6D;d0&W;IVH0P)U=$-$(%LZJZre-kZc}@O?6pR zs}tFD*(|A=Qfvq68wl-5QQUBL>RmnFK9lu~c%86NPGGil;)&xG<#j4o(t(|_iS1JsO z!?j?Q=rVTY9vAu>k8C+=>J_KCiuEjyzr-?-YOILfA#{senxsGM$wtGzT_&+ju-sYd4F<9G8~)TLAuAdeD8sb(xG>bH-X3j= zN%rZL;&^Sk-{&u_I(@^-erKcpa)da<2 ztwIm4T{$bYW8}Mp#9*23@_M|k$m;~dD^9IW@BG`-1aQk*V) zgpLcdcS z>em9eQ_!73uaVqwEY7o}cFjWP)@8VY6nNdng85rbDIF`zuJ$|2{DF{GQsCA#SIAqT zg^VE!cME1CY0Ae!jFHo8iO|UyleSMV3~@uVkhxfFiLPtM>-p&g9J!wVV@6hOBy}}K zXGk{L%&G48>r`uQ-Ky!Dq~n_4vbf!nMUk!eqq?1TNjIi#diKmztAEo}3m(tuS?*e- zheq(mEjYp-xXc^$I!kmMEvMhz5 zYbI+B)vj6{R*zlcT2^c}ms_obdRW367k?krgBTyKC8y*0%^YqwwSw zL29dEYbx?hz?}{ql~dNKmD?aoIV~~*Gv=NR{jNWqv3-9 delta 3729 zcmW;PRa6vO7>41QAp{9UQBVv_OhD}J?r!YF1nj~VP#F^yumih02Cy5j6%hjq1H1Kn z@40xN_22COZtt~rNL-kENLr}7*~2E*VDR-?%3bAAd6kFCr}C=;s-W^zg;ZfxL={!VRB`2{N~n^mlq#*tsItmi`6ypiPWh?w zs)DMhDyhnZ$xyFV$Q1QGHcE)n5%z1JxikSPfA_Re&0%hN}^3 zq#C70t3VZ`g4Gx`R*h5R)dV$BO;VH96g5>%Qz2@)nxST@S!%YLqvoo4DpZB3a5Y~o zPzzOrGOI;uv09>*s%2`qic~AqO0`Nwsc03WR;x8?ty-tns|{+S+N3tCEh<)RRom2d zwL|SxyVP#AN9|Sn)P8k99aM+ZVRb|uRmaqEbwZs~r<6s-sd$y3POCHOtU9O8s|)I) zx}+|vE9$Dcrmm|*m86o@4Rur9Qn%F|bywX}_tgWHq8_SL^+=_u$LfiCs-CHI^<2GB zFV!pcT4ks=>aBXG-m6UYL48!8)MxcYeO2GoclAU4RKL`3^+)|x|H5_mBNUjx3ar5f zY#|HSfjwje2XF)@aEAX^WoL4M9FP-SAs6HZH*kkMkQY24ALNGuP!K$!5EOkae;5D* zVGs<4AutpIU>FRC5ik-)!DtACAP9yrFc!wac$feaVG>M+DKHhLK?qET888!O!EBfV zb73BYLKuX@d{_VrAp*>>2o}QK-t3+rG#Y=Dih2{ywP zh=r}N4YtD$*a^E}H|&AEun+db0XPVU;4mD4qi_t4!wEPEr@#Vn5Dy7(8qUC3I0xt9 z0$hYka2c+^Rk#M%ArX=w8E(K$xCOW24%~%%a33B(3Os~Vcm!$i7@ojWcn0b49A3an zcm=N^1Kz+}cn9wx6F$I4_ynKf3w(ud@Ev}@PxuAD;Scjfg3?e1%7QoefG?B-KPV3spdwU)%1{NWLN%xkHJ~Qcg4$3A>OwuJ4-KFpG=j#^ z1e!uKXbvr)CA5Op&<5H$ALO19RJ)kG}LoetJeV{M&gZ?l82Erg1 z3`1Zj1i&yD4kKVBjDpb+2tg1GV_+& z2!${RhxxDo7D5D=VG%5bC9o8h!E%U%6|fRkK@>zo46KGVuol+Ade{IPVH0eIEf5P^ zVH<3R9k3I2!EV?Cdto2!hXZgB4#8nK0!QH(9ETHd5>9~y;vgOp;53|pvv3a1!v(kq zm*6s7fva#0u0tXuK{DKcn{W$m!yUK__uxJ}fE0KLsqhHW;4wUbr|=BY;W@m3m+%T+ zn=E?%Ovxb*juVUtRx$d#`FcgB2G(k{CUHiR$0>ZhmM_ULrP~<| zkuHfpTqDfU87A=t-oiV051H@*KEfyX3}4_Ye1q@s1Af9U_zi#HFZ?rwo1?8P=4hi; g@M#;PL$bl)uuIy(cx#KN+1+TD#gZIgvhue656`b9j{pDw diff --git a/docs/index.html b/docs/index.html index 709224c0c5..5ce8e74308 100644 --- a/docs/index.html +++ b/docs/index.html @@ -1,4 +1,4 @@ - + @@ -283,6 +283,86 @@

眈眈探求 | TITLE URL + + 907f974c546b5467e1304aba0fc1fbcf + CVE-2024-31892 + 2024-12-14 13:15:18 + IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 could allow a user to perform unauthorized actions after intercepting and modifying a csv file due to improper neutralization of formula elements. + 详情 + + + + 0973d23576acf90d60082b1612189873 + CVE-2024-31891 + 2024-12-14 13:15:17 + IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 contains a local privilege escalation vulnerability. A malicious actor with command line access to the 'scalemgmt' user can elevate privileges to gain root access to the host operating system. + 详情 + + + + 3a4c39732fe461e569bd2add1427a4c3 + CVE-2024-11721 + 2024-12-14 09:15:06 + The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.24.5. This is due to insufficient controls on the user role select field when utilizing the 'Role' field in a form. This makes it possible for unauthenticated attackers to create new administrative user accounts, even when the administrative user role has not been provided as an option to the user, granted that unauthenticated users have been provided access to the form. + 详情 + + + + f44aa4fccf31b48bc527f2a267845279 + CVE-2024-11720 + 2024-12-14 09:15:05 + The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via submission forms in all versions up to, and including, 3.24.5 due to insufficient input sanitization and output escaping on the new Taxonomy form. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This is only exploitable when lower-level users have been granted access to submit specific forms, which is disabled by default. + 详情 + + + + 97419371ce8b8688c70a6a22a4091b11 + CVE-2024-12628 + 2024-12-14 07:15:07 + The bodi0`s Easy cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cache-folder' parameter in all versions up to, and including, 0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. + 详情 + + + + b43a3c1adf4b73a84a7f08c7884ac754 + CVE-2024-12446 + 2024-12-14 07:15:07 + The Post to Pdf plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gmptp_single_post' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + 详情 + + + + 9484696f80a32b277cd45b2512d9674c + CVE-2024-11715 + 2024-12-14 07:15:06 + The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the assignUserRole() function in all versions up to, and including, 2.2.2. This makes it possible for unauthenticated attackers to elevate their privileges to that of an employer. + 详情 + + + + ade6aea0eabac5dd052166664db80e27 + CVE-2024-11714 + 2024-12-14 07:15:06 + The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to SQL Injection via the 'ff' parameter of the getFieldsForVisibleCombobox() function in all versions up to, and including, 2.2.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + 详情 + + + + 0487694e96a32b018b402bc6a3c1afde + CVE-2024-11713 + 2024-12-14 07:15:06 + The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to SQL Injection via the 'page_id' parameter of the wpjobportal_deactivate() function in all versions up to, and including, 2.2.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + 详情 + + + + 8bd4e638fd93d384e254024bcf0d69ed + CVE-2024-11712 + 2024-12-14 07:15:06 + The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getResumeFileDownloadById() function in all versions up to, and including, 2.2.2. This makes it possible for unauthenticated attackers to download other users resumes. + 详情 + + c25a2ba2d3bed359741f69e4db5ca730 CVE-2024-55889 @@ -366,7 +446,7 @@

眈眈探求 | + 2024-12-12 14:15:22 An authenticated attacker with the user/role "Poweruser" can perform an SQL injection by accessing the /class/template_io.php file and supplying malicious GET parameters. The "templates" parameter is vulnerable against blind boolean-based SQL injection attacks. SQL syntax must be injected into the JSON syntax of the templates parameter. 详情 @@ -374,7 +454,7 @@

眈眈探求 | + 2024-12-12 14:15:22 The application uses several hard-coded credentials to encrypt config files during backup, to decrypt the new firmware during an update and some passwords allow a direct connection to the database server of the affected device. 详情 @@ -382,7 +462,7 @@

眈眈探求 | + 2024-12-12 14:15:22 An unauthenticated attacker can perform an SQL injection by accessing the /class/dbconnect.php file and supplying malicious GET parameters. The HTTP GET parameters search, table, field, and value are vulnerable. For example, one SQL injection can be performed on the parameter "field" with the UNION keyword. 详情 @@ -390,7 +470,7 @@

眈眈探求 | + 2024-12-12 14:15:22 An attacker who can spoof the IP address and the User-Agent of a logged-in user can takeover the session because of flaws in the self-developed session management. If two users access the web interface from the same IP they are logged in as the other user. 详情 @@ -398,7 +478,7 @@

眈眈探求 | + 2024-12-12 14:15:22 The password change function at /cgi/admin.cgi does not require the current/old password, which makes the application vulnerable to account takeover. An attacker can use this to forcefully set a new password within the -rsetpass+-aaction+- parameter for a user without knowing the old password, e.g. by exploiting a CSRF issue. 详情 @@ -406,7 +486,7 @@

眈眈探求 | + 2024-12-12 13:15:11 Concurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availability. 详情 @@ -414,7 +494,7 @@

眈眈探求 | + 2024-12-12 13:15:11 Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. 详情 @@ -422,7 +502,7 @@

眈眈探求 | + 2024-12-12 13:15:11 Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. 详情 @@ -430,7 +510,7 @@

眈眈探求 | + 2024-12-12 13:15:10 Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The "Edit Disclaimer Text" function of the configuration menu is vulnerable to stored XSS. Only the users Poweruser and Admin can use this function which is available at the URL https://$SCANNER/cgi/admin.cgi?-rdisclaimer+-apre The stored Javascript payload will be executed every time the ScanWizard is loaded, even in the Kiosk-mode browser. 详情 @@ -438,91 +518,11 @@

眈眈探求 | + 2024-12-12 13:15:10 Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The "Edit Disclaimer Text" function of the configuration menu is vulnerable to stored XSS. Only the users Poweruser and Admin can use this function which is available at the URL https://$SCANNER/cgi/admin.cgi?-rdisclaimer+-apre The stored Javascript payload will be executed every time the ScanWizard is loaded, even in the Kiosk-mode browser. Version 7.40 implemented a fix, but it could be bypassed via URL-encoding the Javascript payload again. 详情 - - db248c0aad583cee4771e463a3dbd3a1 - CVE-2024-12325 - 2024-12-11 12:15:19 - The Waymark plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘content’ parameter in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. - 详情 - - - - 8c0b2f150886a0617cb37b88db8cce66 - CVE-2024-12294 - 2024-12-11 11:15:06 - The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.1 via the 'get_legacy_cookies' function. This makes it possible for unauthenticated attackers to extract sensitive data including titles and permalinks of private, password-protected, pending, and draft posts. - 详情 - - - - cd5e032ffe052c193ad63764099a229c - CVE-2024-11840 - 2024-12-11 11:15:06 - The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the uucss_data, update_rapidload_settings, wp_ajax_update_htaccess_file, uucss_update_rule, upload_rules, get_all_rules, update_titan_settings, preload_page, and activate_module functions in all versions up to, and including, 2.4.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify plugin settings or conduct SQL injection attacks. - 详情 - - - - 73ad812f37b5e70d75cec1f3820293e6 - CVE-2024-11008 - 2024-12-11 11:15:04 - The Members – Membership & User Role Editor Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.10 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as administrator. - 详情 - - - - 213be5c4b498d0e72720b253da2a5ec6 - CVE-2024-54269 - 2024-12-11 10:15:07 - Missing Authorization vulnerability in Ninja Team Notibar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notibar: from n/a through 2.1.4. - 详情 - - - - 78f923f00b4ec286adfa0dbd78ea7378 - CVE-2024-12363 - 2024-12-11 10:15:07 - Insufficient permissions in the TeamViewer Patch & Asset Management component prior to version 24.12 on Windows allows a local authenticated user to delete arbitrary files. TeamViewer Patch & Asset Management is part of TeamViewer Remote Management. - 详情 - - - - 8d37a459d55e27a3efa74a0b4ccc5af8 - CVE-2024-11737 - 2024-12-11 10:15:06 - CWE-20: Improper Input Validation vulnerability exists that could lead to a denial of service and a loss of confidentiality, integrity of the controller when an unauthenticated crafted Modbus packet is sent to the device. - 详情 - - - - f906d8cb36d24d8ff38dce7e37a5f7f7 - CVE-2024-11401 - 2024-12-11 10:15:06 - Rapid7 Insight Platform versions prior to November 13th 2024, suffer from a privilege escalation vulnerability whereby, due to a lack of authorization checks, an attacker can successfully update the password policy in the platform settings as a standard user by crafting an API (the functionality was not possible through the platform's User Interface). This vulnerability has been fixed as of November 13th 2024. - 详情 - - - - cd31e80af727416fa921a7fea13e7f7c - CVE-2024-12283 - 2024-12-11 09:15:05 - The WP Pipes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘x1’ parameter in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. - 详情 - - - - 34f15ea4746098cd99de090d5679f9d5 - CVE-2024-12004 - 2024-12-11 09:15:05 - The WPC Order Notes for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.2. This is due to missing or incorrect nonce validation on the ajax_update_order_note() function. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. - 详情 - - @@ -2110,7 +2110,7 @@

眈眈探求 | + 2024-12-12 09:25:33 Online Marriage Registration System SQL注入漏洞 详情 @@ -2118,7 +2118,7 @@

眈眈探求 | + 2024-12-12 09:25:33 Online Marriage Registration System SQL注入漏洞 详情 @@ -2126,7 +2126,7 @@

眈眈探求 | + 2024-12-12 09:25:33 Online Marriage Registration System SQL注入漏洞 详情 @@ -2134,7 +2134,7 @@

眈眈探求 | + 2024-12-12 09:25:33 WordPress WP Photo Album Plus Plugin任意短代码执行漏洞 详情 @@ -2142,7 +2142,7 @@

眈眈探求 | + 2024-12-12 09:25:33 WordPress User Extra Fields Plugin任意文件上传漏洞 详情 @@ -2150,7 +2150,7 @@

眈眈探求 | + 2024-12-12 09:25:33 WordPress Category Ajax Filter Plugin本地文件包含漏洞 详情 @@ -2158,7 +2158,7 @@

眈眈探求 | + 2024-12-12 09:25:33 WordPress Leopard - WordPress Offload Media Plugin未授权数据修改漏洞 详情 @@ -2166,7 +2166,7 @@

眈眈探求 | + 2024-12-12 09:25:33 WordPress Magical Addons For Elementor Plugin信息泄露漏洞 详情 @@ -2174,7 +2174,7 @@

眈眈探求 | + 2024-12-12 09:25:33 WordPress SysBasics Customize My Account for WooCommerce跨站脚本漏洞 详情 @@ -2182,7 +2182,7 @@

眈眈探求 | + 2024-12-12 09:25:33 WordPress Form Maker by 10Web Plugin跨站脚本漏洞 详情 @@ -2190,7 +2190,7 @@

眈眈探求 | + 2024-12-12 09:25:33 WordPress FOX – Currency Switcher Professional Plugin任意短代码执行漏洞 详情 @@ -2198,7 +2198,7 @@

眈眈探求 | + 2024-12-12 09:25:33 WordPress Paid Membership Subscriptions Plugin任意短代码执行漏洞 详情 @@ -2206,7 +2206,7 @@

眈眈探求 | + 2024-12-12 09:25:33 Linux Kernel未初始化资源使用漏洞 详情 @@ -2214,7 +2214,7 @@

眈眈探求 | + 2024-12-12 09:25:33 Artifex Ghostscript未检查实施指针漏洞 详情 @@ -2222,7 +2222,7 @@

眈眈探求 | + 2024-12-12 09:25:33 Artifex Ghostscript越界数据访问漏洞 详情