Skip to content

Commit

Permalink
Updated by Github Bot
Browse files Browse the repository at this point in the history
  • Loading branch information
Github-Bot committed Oct 15, 2024
1 parent c2afda6 commit e2ceee9
Show file tree
Hide file tree
Showing 3 changed files with 144 additions and 129 deletions.
15 changes: 15 additions & 0 deletions cache/Nsfocus.dat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -158,3 +158,18 @@ ccfbb651bbd7839937f1371292aeff1e
a353077bb5a317d0faac63594e1e3935
afb235f0d7e2d53d27a7fba2dd0f0af1
812b59306381706e8cf4f8ed1b4de2c0
0f79ed38b341e499206c0863a9883493
c0afe9242fe2ca1fa31658937a00c634
88abd1c0bb60a355488f4e90efdebb72
364242b1271f7b29a17a517dda80141d
51103e1cab4c4630b57fbe8f72261c1d
b82d4bb2ae59faaba835927ee9f110ca
ca8fa9434720e447f167e7f4dd931d94
2e160cf06fd8749a059e2284c102914d
ecefabeb750e2e5a51cfb9c6d684c511
573dcda375ff8f361a90e59dd7148e6e
a6b8b7fcda84e803d5ca6d0cc52d27d8
ae4892edfb3b65f6c83e0cbbe7f4e646
270e6383d722c89948c2247245359e2b
80f9027c242d7c9a67dc3db2abe8b2cb
138790472c2290c7a925d1a03073c0b4
Binary file modified data/cves.db
View file
Binary file not shown.
258 changes: 129 additions & 129 deletions docs/index.html
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!-- RELEASE TIME : 2024-10-14 21:22:04 -->
<!-- RELEASE TIME : 2024-10-15 09:25:39 -->
<html lang="zh-cn">

<head>
Expand Down Expand Up @@ -366,63 +366,63 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<tr>
<td>13a3f41158f80300f51e49b12f013248</td>
<td>CVE-2024-9910</td>
<td>2024-10-13 15:15:11 <img src="imgs/new.gif" /></td>
<td>2024-10-13 15:15:11</td>
<td>A vulnerability was found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this issue is the function formSetPassword of the file /goform/formSetPassword. The manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-9910">详情</a></td>
</tr>

<tr>
<td>a913db67325c9253ded4c427b855e103</td>
<td>CVE-2024-9909</td>
<td>2024-10-13 14:15:02 <img src="imgs/new.gif" /></td>
<td>2024-10-13 14:15:02</td>
<td>A vulnerability has been found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this vulnerability is the function formSetMuti of the file /goform/formSetMuti. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-9909">详情</a></td>
</tr>

<tr>
<td>7d8459cd9c94da87800a2c4dcbffd5d7</td>
<td>CVE-2024-6959</td>
<td>2024-10-13 13:15:10 <img src="imgs/new.gif" /></td>
<td>2024-10-13 13:15:10</td>
<td>A vulnerability in parisneo/lollms-webui version 9.8 allows for a Denial of Service (DOS) attack when uploading an audio file. If an attacker appends a large number of characters to the end of a multipart boundary, the system will continuously process each character, rendering lollms-webui inaccessible. This issue is exacerbated by the lack of Cross-Site Request Forgery (CSRF) protection, enabling remote exploitation. The vulnerability leads to service disruption, resource exhaustion, and extended downtime.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-6959">详情</a></td>
</tr>

<tr>
<td>5e337efc529cd297cd9ee7dcb366b800</td>
<td>CVE-2024-9908</td>
<td>2024-10-13 12:15:10 <img src="imgs/new.gif" /></td>
<td>2024-10-13 12:15:10</td>
<td>A vulnerability, which was classified as critical, was found in D-Link DIR-619L B1 2.06. Affected is the function formSetMACFilter of the file /goform/formSetMACFilter. The manipulation of the argument curTime leads to buffer overflow. The exploit has been disclosed to the public and may be used.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-9908">详情</a></td>
</tr>

<tr>
<td>35fbcbf6ad8bbf312ef9a595d8c80b98</td>
<td>CVE-2024-9907</td>
<td>2024-10-13 05:15:02 <img src="imgs/new.gif" /></td>
<td>2024-10-13 05:15:02</td>
<td>A vulnerability classified as problematic was found in QileCMS up to 1.1.3. This vulnerability affects the function sendEmail of the file /qilecms/user/controller/Forget.php of the component Verification Code Handler. The manipulation leads to weak password recovery. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-9907">详情</a></td>
</tr>

<tr>
<td>ca9279e855f624aa7352c7d1c5991f41</td>
<td>CVE-2024-9906</td>
<td>2024-10-13 04:15:02 <img src="imgs/new.gif" /></td>
<td>2024-10-13 04:15:02</td>
<td>A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0. Affected is an unknown function of the file /admin/?page=inventory/view_inventory&id=2. The manipulation of the argument Code leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-9906">详情</a></td>
</tr>

<tr>
<td>fdee11d5ea36055de43439d0f56360e4</td>
<td>CVE-2024-9905</td>
<td>2024-10-13 03:15:02 <img src="imgs/new.gif" /></td>
<td>2024-10-13 03:15:02</td>
<td>A vulnerability, which was classified as critical, has been found in SourceCodester Online Eyewear Shop 1.0. This issue affects some unknown processing of the file /admin/?page=inventory/view_inventory&id=2. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-9905">详情</a></td>
</tr>

<tr>
<td>9e3a5dccde38f22bee925701bc2c1bdf</td>
<td>CVE-2024-9904</td>
<td>2024-10-13 02:15:15 <img src="imgs/new.gif" /></td>
<td>2024-10-13 02:15:15</td>
<td>A vulnerability classified as critical was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0. This vulnerability affects the function pictureUpload of the file /admin/File/pictureUpload. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The affected product is known with different names like 07FLYCMS, 07FLY-CMS, and 07FlyCRM. It was not possible to reach out to the vendor before assigning a CVE due to a not working mail address.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-9904">详情</a></td>
</tr>
Expand Down Expand Up @@ -1979,6 +1979,126 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<th width="43%">TITLE</th>
<th width="5%">URL</th>
</tr>
<tr>
<td>0f79ed38b341e499206c0863a9883493</td>
<td>CVE-2024-5901</td>
<td>2024-10-15 09:23:32 <img src="imgs/new.gif" /></td>
<td>WordPress SiteOrigin Widgets Bundle Plugin跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/103006">详情</a></td>
</tr>

<tr>
<td>c0afe9242fe2ca1fa31658937a00c634</td>
<td>CVE-2024-39010</td>
<td>2024-10-15 09:23:32 <img src="imgs/new.gif" /></td>
<td>chase-moskal snapstate原型污染漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/103005">详情</a></td>
</tr>

<tr>
<td>88abd1c0bb60a355488f4e90efdebb72</td>
<td>CVE-2024-37281</td>
<td>2024-10-15 09:23:32 <img src="imgs/new.gif" /></td>
<td>Elastic Kibana不受控制的资源消耗漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/103004">详情</a></td>
</tr>

<tr>
<td>364242b1271f7b29a17a517dda80141d</td>
<td>CVE-2024-7127</td>
<td>2024-10-15 09:23:32 <img src="imgs/new.gif" /></td>
<td>Stackposts Social Marketing Tool跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/103003">详情</a></td>
</tr>

<tr>
<td>51103e1cab4c4630b57fbe8f72261c1d</td>
<td>CVE-2024-40827</td>
<td>2024-10-15 09:23:32 <img src="imgs/new.gif" /></td>
<td>Apple多款产品信息泄露漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/103002">详情</a></td>
</tr>

<tr>
<td>b82d4bb2ae59faaba835927ee9f110ca</td>
<td>CVE-2024-39945</td>
<td>2024-10-15 09:23:32 <img src="imgs/new.gif" /></td>
<td>Dahua NVR输入验证错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/103001">详情</a></td>
</tr>

<tr>
<td>ca8fa9434720e447f167e7f4dd931d94</td>
<td>CVE-2024-39944</td>
<td>2024-10-15 09:23:32 <img src="imgs/new.gif" /></td>
<td>Dahua NVR输入验证错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/103000">详情</a></td>
</tr>

<tr>
<td>2e160cf06fd8749a059e2284c102914d</td>
<td>CVE-2024-39011</td>
<td>2024-10-15 09:23:32 <img src="imgs/new.gif" /></td>
<td>redoc原型污染漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102999">详情</a></td>
</tr>

<tr>
<td>ecefabeb750e2e5a51cfb9c6d684c511</td>
<td>CVE-2024-39012</td>
<td>2024-10-15 09:23:32 <img src="imgs/new.gif" /></td>
<td>ais-ltd strategyen原型污染漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102998">详情</a></td>
</tr>

<tr>
<td>573dcda375ff8f361a90e59dd7148e6e</td>
<td>CVE-2024-38983</td>
<td>2024-10-15 09:23:32 <img src="imgs/new.gif" /></td>
<td>mini-deep-assign原型污染漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102997">详情</a></td>
</tr>

<tr>
<td>a6b8b7fcda84e803d5ca6d0cc52d27d8</td>
<td>CVE-2024-40828</td>
<td>2024-10-15 09:23:32 <img src="imgs/new.gif" /></td>
<td>Apple多款产品权限保留错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102996">详情</a></td>
</tr>

<tr>
<td>ae4892edfb3b65f6c83e0cbbe7f4e646</td>
<td>CVE-2024-6255</td>
<td>2024-10-15 09:23:32 <img src="imgs/new.gif" /></td>
<td>ChuanhuChatGPT路径遍历漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102995">详情</a></td>
</tr>

<tr>
<td>270e6383d722c89948c2247245359e2b</td>
<td>CVE-2024-41610</td>
<td>2024-10-15 09:23:32 <img src="imgs/new.gif" /></td>
<td>D-Link DIR-820LW REVB FIRMWARE硬编码凭据漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102994">详情</a></td>
</tr>

<tr>
<td>80f9027c242d7c9a67dc3db2abe8b2cb</td>
<td>CVE-2024-41611</td>
<td>2024-10-15 09:23:32 <img src="imgs/new.gif" /></td>
<td>D-Link DIR-860L REVA FIRMWARE硬编码凭据漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102993">详情</a></td>
</tr>

<tr>
<td>138790472c2290c7a925d1a03073c0b4</td>
<td>CVE-2024-41915</td>
<td>2024-10-15 09:23:32 <img src="imgs/new.gif" /></td>
<td>Hewlett Packard Enterprise ClearPass Policy Manager SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102992">详情</a></td>
</tr>

<tr>
<td>f974046c51a7a564f9323a044e4f0c70</td>
<td>CVE-2024-37858</td>
Expand Down Expand Up @@ -2099,126 +2219,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102940">详情</a></td>
</tr>

<tr>
<td>a8221977bb56a2177eb286721c70a1ac</td>
<td>CVE-2024-7201</td>
<td>2024-10-12 12:38:53</td>
<td>Simopro Technology WinMatrix3 Web package SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102903">详情</a></td>
</tr>

<tr>
<td>6086cece8fdff422e756065824d50788</td>
<td>CVE-2024-5670</td>
<td>2024-10-12 12:38:53</td>
<td>Softnext Mail SQR Expert and Mail Archiving Expert操作系统命令注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102902">详情</a></td>
</tr>

<tr>
<td>927ac88b5f3fae9f490e5ba9addc538d</td>
<td>CVE-2024-42053</td>
<td>2024-10-12 12:38:53</td>
<td>Splashtop Streamer for Windows默认权限错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102901">详情</a></td>
</tr>

<tr>
<td>2be8c2cbb67a66e31f497be307cd3e07</td>
<td>CVE-2024-42052</td>
<td>2024-10-12 12:38:53</td>
<td>Splashtop Streamer for Windows权限管理错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102900">详情</a></td>
</tr>

<tr>
<td>21ed7b6baef971485c77a475905581fd</td>
<td>CVE-2024-42051</td>
<td>2024-10-12 12:38:53</td>
<td>Splashtop Streamer for Windows权限管理错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102899">详情</a></td>
</tr>

<tr>
<td>ffd440a4c366ad022a06f29d7ec93c9c</td>
<td>CVE-2024-42050</td>
<td>2024-10-12 12:38:53</td>
<td>Splashtop Streamer for Windows权限管理错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102898">详情</a></td>
</tr>

<tr>
<td>2fbede71c556afa408931f8bab996297</td>
<td>CVE-2024-6520</td>
<td>2024-10-12 12:38:53</td>
<td>WordPress Happy Addons for Elementor Plugin跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102897">详情</a></td>
</tr>

<tr>
<td>2fd159234db806c80d8607fa8be19d46</td>
<td>CVE-2024-7202</td>
<td>2024-10-12 12:38:53</td>
<td>Simopro Technology WinMatrix3 Web package SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102896">详情</a></td>
</tr>

<tr>
<td>8b0034f5623be387cab3875d514a023c</td>
<td>CVE-2024-37381</td>
<td>2024-10-12 12:38:53</td>
<td>Ivanti Endpoint Manager SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102895">详情</a></td>
</tr>

<tr>
<td>068bbcb4321b0f5f95496ced61e9c0ff</td>
<td>CVE-2024-41637</td>
<td>2024-10-12 12:38:53</td>
<td>RaspAP命令注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102894">详情</a></td>
</tr>

<tr>
<td>b37cebfb4a4d77b48571bfceddbdee5f</td>
<td>CVE-2024-41139</td>
<td>2024-10-12 12:38:53</td>
<td>SKYSEA Client View权限分配错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102883">详情</a></td>
</tr>

<tr>
<td>5dc2a88ae2ded0963f831af5de5b69c4</td>
<td>CVE-2024-41143</td>
<td>2024-10-12 12:38:53</td>
<td>SKYSEA Client View来源验证错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102882">详情</a></td>
</tr>

<tr>
<td>ee851e213daf3c9e91ae689b5b397dfb</td>
<td>CVE-2024-41126</td>
<td>2024-10-12 12:38:53</td>
<td>SKYSEA Client View路径遍历漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102881">详情</a></td>
</tr>

<tr>
<td>ada4d4565453aac21e40203a0d6aed34</td>
<td>CVE-2024-41881</td>
<td>2024-10-12 12:38:53</td>
<td>SDoP堆栈缓冲区溢出漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102880">详情</a></td>
</tr>

<tr>
<td>9b951664ffe695ea7591b7c4cd4063f5</td>
<td>CVE-2024-6124</td>
<td>2024-10-12 12:38:53</td>
<td>M-Files Hubshare跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/102879">详情</a></td>
</tr>

</tbody>
</table>
</div>
Expand Down

0 comments on commit e2ceee9

Please sign in to comment.