Skip to content

Commit

Permalink
Updated by Github Bot
Browse files Browse the repository at this point in the history
  • Loading branch information
Github-Bot committed Oct 7, 2023
1 parent ad84a9b commit b85ffba
Show file tree
Hide file tree
Showing 4 changed files with 181 additions and 161 deletions.
5 changes: 5 additions & 0 deletions cache/NVD.dat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -182,3 +182,8 @@ fc4f7dfa657e3f5bf049777fc61cb976
122e8a08fbae0b948c74ba348ea9b038
1d8d4e2f26089891b78362dd762a8558
d3d952f6dc8655117121015f600086a5
8ae724385b9efc96d9e3a775fba15669
8484932beeca0daadc7e55c549f1c679
b95b9e70cb6800ca35fe741b43ec3125
6f158425cbcecf25b03a1e6a982fbf55
6f6501d87401a3e4c6520a7fe54cd29f
15 changes: 15 additions & 0 deletions cache/Nsfocus.dat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,3 +130,18 @@ fc65acb0a632d2715ad203312ee9e589
235aad1a7aadab0c6ad714642800bb2a
b9153e04108e81eb5a1b2eb5981d8509
b51959cdc7ce04ca01ad0503a2a306d9
bcb65b3865772c2b07eb1aee6edfa5bc
37a9a665070fed92354da52d04271cf7
0ae52a539772a4e6597582f35e29fb1c
9479fd51511f83015abbec531d8c237d
5ffd49f848b58b49a3e1d0f977363005
8aaeeabba1b51909de67ceb13dff5e5b
8e0c99024d55f98a324eecb7e4aa619f
58701ac10a800793a2682e5552a08c5d
5c28d395fa69a5b71de2f04301ce1ebb
4356b44cbff51c92a4b1c518a93cbdb6
faa2266355d6888c001c73d61e478cf6
7c02d864db2d0230d79ecb994d3a9494
80a477e70a4cddfbbe440b3361485757
19e81956afd96fb3acc34f99face50ff
95d2b3ad06708b6600e534020f77707e
Binary file modified data/cves.db
View file
Binary file not shown.
322 changes: 161 additions & 161 deletions docs/index.html
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!-- RELEASE TIME : 2023-10-07 01:22:24 -->
<!-- RELEASE TIME : 2023-10-07 05:24:42 -->
<html lang="zh-cn">

<head>
Expand Down Expand Up @@ -1971,6 +1971,126 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<th width="43%">TITLE</th>
<th width="5%">URL</th>
</tr>
<tr>
<td>bcb65b3865772c2b07eb1aee6edfa5bc</td>
<td>CVE-2023-29182</td>
<td>2023-10-07 05:22:33 <img src="imgs/new.gif" /></td>
<td>Fortinet FortiOS堆栈缓冲区溢出漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85425">详情</a></td>
</tr>

<tr>
<td>37a9a665070fed92354da52d04271cf7</td>
<td>CVE-2023-34217</td>
<td>2023-10-07 05:22:33 <img src="imgs/new.gif" /></td>
<td>MOXA TN-4900 Series命令注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85424">详情</a></td>
</tr>

<tr>
<td>0ae52a539772a4e6597582f35e29fb1c</td>
<td>CVE-2023-2917</td>
<td>2023-10-07 05:22:33 <img src="imgs/new.gif" /></td>
<td>Rockwell Automation ThinManager输入验证错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85423">详情</a></td>
</tr>

<tr>
<td>9479fd51511f83015abbec531d8c237d</td>
<td>CVE-2023-31942</td>
<td>2023-10-07 05:22:33 <img src="imgs/new.gif" /></td>
<td>Online Travel Agency System跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85422">详情</a></td>
</tr>

<tr>
<td>5ffd49f848b58b49a3e1d0f977363005</td>
<td>CVE-2023-37914</td>
<td>2023-10-07 05:22:33 <img src="imgs/new.gif" /></td>
<td>XWiki Platform代码注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85421">详情</a></td>
</tr>

<tr>
<td>8aaeeabba1b51909de67ceb13dff5e5b</td>
<td>CVE-2023-39970</td>
<td>2023-10-07 05:22:33 <img src="imgs/new.gif" /></td>
<td>AcyMailing Joomla Component危险类型文件上传漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85420">详情</a></td>
</tr>

<tr>
<td>8e0c99024d55f98a324eecb7e4aa619f</td>
<td>CVE-2023-38576</td>
<td>2023-10-07 05:22:33 <img src="imgs/new.gif" /></td>
<td>ELECOM LAN-WH300N/RE隐藏功能漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85419">详情</a></td>
</tr>

<tr>
<td>58701ac10a800793a2682e5552a08c5d</td>
<td>CVE-2023-39944</td>
<td>2023-10-07 05:22:33 <img src="imgs/new.gif" /></td>
<td>ELECOM WRC-F1167ACF和ELECOM WRC-1750GHBK操作系统命令注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85418">详情</a></td>
</tr>

<tr>
<td>5c28d395fa69a5b71de2f04301ce1ebb</td>
<td>CVE-2023-2317</td>
<td>2023-10-07 05:22:33 <img src="imgs/new.gif" /></td>
<td>Typora跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85417">详情</a></td>
</tr>

<tr>
<td>4356b44cbff51c92a4b1c518a93cbdb6</td>
<td>CVE-2023-37369</td>
<td>2023-10-07 05:22:33 <img src="imgs/new.gif" /></td>
<td>Qt拒绝服务漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85416">详情</a></td>
</tr>

<tr>
<td>faa2266355d6888c001c73d61e478cf6</td>
<td>CVE-2020-28715</td>
<td>2023-10-07 05:22:33 <img src="imgs/new.gif" /></td>
<td>LeEco LeTV X43拒绝服务漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85415">详情</a></td>
</tr>

<tr>
<td>7c02d864db2d0230d79ecb994d3a9494</td>
<td>CVE-2023-39939</td>
<td>2023-10-07 05:22:33 <img src="imgs/new.gif" /></td>
<td>LuxSoft LuxCal Web Calendar SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85414">详情</a></td>
</tr>

<tr>
<td>80a477e70a4cddfbbe440b3361485757</td>
<td>CVE-2023-39106</td>
<td>2023-10-07 05:22:33 <img src="imgs/new.gif" /></td>
<td>Nacos Spring Project不受信数据反序列化漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85413">详情</a></td>
</tr>

<tr>
<td>19e81956afd96fb3acc34f99face50ff</td>
<td>CVE-2023-38035</td>
<td>2023-10-07 05:22:33 <img src="imgs/new.gif" /></td>
<td>Mobileiron MobileIron Sentry授权错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85412">详情</a></td>
</tr>

<tr>
<td>95d2b3ad06708b6600e534020f77707e</td>
<td>CVE-2023-3954</td>
<td>2023-10-07 05:22:33 <img src="imgs/new.gif" /></td>
<td>WordPress MultiParcels Shipping For WooCommerce Plugin跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85411">详情</a></td>
</tr>

<tr>
<td>9960c7e963f7e9c4e1cf3ada51765a3f</td>
<td>CVE-2023-35009</td>
Expand Down Expand Up @@ -2091,126 +2211,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85379">详情</a></td>
</tr>

<tr>
<td>3b78f26f11bdc7722b9237a87dfddcd7</td>
<td>CVE-2023-5009</td>
<td>2023-09-25 03:20:55</td>
<td>GitLab EE越权调用漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85353">详情</a></td>
</tr>

<tr>
<td>a3ccbfc8519028244f43a9269d13178d</td>
<td>CVE-2023-42442</td>
<td>2023-09-25 03:20:55</td>
<td>JumpServer未授权访问漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85352">详情</a></td>
</tr>

<tr>
<td>29e4b91694ff97afc08cf4b13c09dcf6</td>
<td>CVE-2023-26369</td>
<td>2023-09-25 03:20:55</td>
<td>Adobe Acrobat多款产品任意代码执行漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85351">详情</a></td>
</tr>

<tr>
<td>f6887fad33d6470c40eb5b3cf6dcc6f3</td>
<td>CVE-2021-44188</td>
<td>2023-09-25 03:20:55</td>
<td>Adobe After Effects越界读取漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85350">详情</a></td>
</tr>

<tr>
<td>a0373daeff2596e5becc4d13372e8d1a</td>
<td>CVE-2023-39531</td>
<td>2023-09-25 03:20:55</td>
<td>Mobileiron Sentry身份验证错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85349">详情</a></td>
</tr>

<tr>
<td>1e70c2d5dff500104f3b2e6c691d24e8</td>
<td>CVE-2023-34545</td>
<td>2023-09-25 03:20:55</td>
<td>CSZCMS SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85348">详情</a></td>
</tr>

<tr>
<td>bd4ce3b0846b12d9980dc466bae7d6bc</td>
<td>CVE-2023-38212</td>
<td>2023-09-25 03:20:55</td>
<td>Adobe Dimension堆缓冲区溢出漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85347">详情</a></td>
</tr>

<tr>
<td>08c84b09ea6cebe263181805cd9f539e</td>
<td>CVE-2023-3471</td>
<td>2023-09-25 03:20:55</td>
<td>Panasonic KW Watcher缓冲区溢出漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85346">详情</a></td>
</tr>

<tr>
<td>d546f5045cc074653ee9f9351c217d24</td>
<td>CVE-2023-4485</td>
<td>2023-09-25 03:20:55</td>
<td>ARDEREG Sistemas SCADA SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85345">详情</a></td>
</tr>

<tr>
<td>ee24cf375f6e3db0ffe5e07b655b75d2</td>
<td>CVE-2023-41507</td>
<td>2023-09-25 03:20:55</td>
<td>Super Store Finder SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85344">详情</a></td>
</tr>

<tr>
<td>a7bc45fc076f7bd10405107ffca15085</td>
<td>CVE-2023-39361</td>
<td>2023-09-25 03:20:55</td>
<td>Cacti SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85343">详情</a></td>
</tr>

<tr>
<td>a2ec49665ad7b51198c1c56e9284c903</td>
<td>CVE-2023-35068</td>
<td>2023-09-25 03:20:55</td>
<td>BMA Personnel Tracking System SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85342">详情</a></td>
</tr>

<tr>
<td>ef5980a94862c5b87c6368d9d5079d19</td>
<td>CVE-2023-34353</td>
<td>2023-09-25 03:20:55</td>
<td>Open Automation Software OAS Platform身份验证绕过漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85341">详情</a></td>
</tr>

<tr>
<td>092bdfe76d3acc09a71385017a9821d5</td>
<td>CVE-2023-36492</td>
<td>2023-09-25 03:20:55</td>
<td>SHIRASAGI跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85340">详情</a></td>
</tr>

<tr>
<td>5f5e7fad3384df5d6d56c71887d17bbe</td>
<td>CVE-2023-35892</td>
<td>2023-09-25 03:20:55</td>
<td>IBM Financial Transaction Manager for SWIFT Services XML外部实体注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/85339">详情</a></td>
</tr>

</tbody>
</table>
</div>
Expand All @@ -2227,6 +2227,30 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<th width="43%">TITLE</th>
<th width="5%">URL</th>
</tr>
<tr>
<td>b95b9e70cb6800ca35fe741b43ec3125</td>
<td>CVE-2023-44839</td>
<td>2023-10-05 16:15:12 </td>
<td>D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Encryption parameter in the SetWLanRadioSecurity function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-44839">详情</a></td>
</tr>

<tr>
<td>6f158425cbcecf25b03a1e6a982fbf55</td>
<td>CVE-2023-44838</td>
<td>2023-10-05 16:15:12 </td>
<td>D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the TXPower parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-44838">详情</a></td>
</tr>

<tr>
<td>6f6501d87401a3e4c6520a7fe54cd29f</td>
<td>CVE-2023-44837</td>
<td>2023-10-05 16:15:12 </td>
<td>D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-44837">详情</a></td>
</tr>

<tr>
<td>4cf5001e80b7ec5cbf1ab6b91e423be6</td>
<td>CVE-2023-5374</td>
Expand Down Expand Up @@ -2283,6 +2307,22 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4493">详情</a></td>
</tr>

<tr>
<td>8ae724385b9efc96d9e3a775fba15669</td>
<td>CVE-2023-4492</td>
<td>2023-10-04 13:15:25 </td>
<td>Vulnerability in Easy Address Book Web Server 1.6 version, affecting the parameters (firstname, homephone, lastname, middlename, workaddress, workcity, workcountry, workphone, workstate and workzip) of the /addrbook.ghp file, allowing an attacker to inject a JavaScript payload specially designed to run when the application is loaded</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4492">详情</a></td>
</tr>

<tr>
<td>8484932beeca0daadc7e55c549f1c679</td>
<td>CVE-2023-4491</td>
<td>2023-10-04 13:15:25 </td>
<td>Buffer overflow vulnerability in Easy Address Book Web Server 1.6 version. The exploitation of this vulnerability could allow an attacker to send a very long username string to /searchbook.ghp, asking for the name via a POST request, resulting in arbitrary code execution on the remote machine.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4491">详情</a></td>
</tr>

<tr>
<td>310d0d3e9d94763c028edd46af7d0ac8</td>
<td>CVE-2023-4997</td>
Expand Down Expand Up @@ -2427,46 +2467,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5350">详情</a></td>
</tr>

<tr>
<td>581dedd89ede305266161dac2688449c</td>
<td>CVE-2023-5345</td>
<td>2023-10-03 03:15:09 </td>
<td>A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation.In case of an error in smb3_fs_context_parse_param, ctx-&gt;password was freed but the field was not set to NULL which could lead to double free.We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5345">详情</a></td>
</tr>

<tr>
<td>738d7f9d1ad4d0dfdd5c062178d466a8</td>
<td>CVE-2023-5334</td>
<td>2023-10-03 02:15:10 </td>
<td>The WP Responsive header image slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'sp_responsiveslider' shortcode in versions up to, and including, 3.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5334">详情</a></td>
</tr>

<tr>
<td>7572bbce3134e8813a6da17104112118</td>
<td>CVE-2023-5344</td>
<td>2023-10-02 20:15:10 </td>
<td>Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5344">详情</a></td>
</tr>

<tr>
<td>a66088352c52a7edcfa7a8332841740f</td>
<td>CVE-2023-4659</td>
<td>2023-10-02 15:15:15 </td>
<td>Cross-Site Request Forgery vulnerability, whose exploitation could allow an attacker to perform different actions on the platform as an administrator, simply by changing the token value to &quot;admin&quot;. It is also possible to perform POST, GET and DELETE requests without any token value. Therefore, an unprivileged remote user is able to create, delete and modify users within theapplication.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4659">详情</a></td>
</tr>

<tr>
<td>1ddd7b203d4442582fb039d4e7a6a2e0</td>
<td>CVE-2023-5106</td>
<td>2023-10-02 12:15:09 </td>
<td>An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5106">详情</a></td>
</tr>

</tbody>
</table>
</div>
Expand Down

0 comments on commit b85ffba

Please sign in to comment.