Skip to content

Commit

Permalink
Updated by Github Bot
Browse files Browse the repository at this point in the history
  • Loading branch information
Github-Bot committed Aug 26, 2021
1 parent 1d3cac3 commit e84f1c2
Show file tree
Hide file tree
Showing 3 changed files with 65 additions and 57 deletions.
8 changes: 8 additions & 0 deletions cache/Tenable (Nessus).dat
Original file line number Diff line number Diff line change
Expand Up @@ -108,3 +108,11 @@ a1494863655a49aaac2216d50a408024
03ff893eaeb0bbd1639f6dc680d4d436
38869a40eaa87caa8c5bca422051907f
9b611e4f0591e12ad3b99b93196437c6
ab3d2a1baa2de10eb971a8a842d84086
ebd92be6e1cb2b3c7996752785e65879
c08676bf3dd82325a4109bdc94155fcc
cdcc7f91716cf5ca9025449fe9ff8c75
1cb7ec9f53cb8b76921de6ff2fd35882
93630190c62628190ecf6a24dc1a1bcd
16daee4b5b67a6ab1136a3fa0d738424
814322d2982461ad15831a37fd68b25d
Binary file modified data/cves.db
Binary file not shown.
114 changes: 57 additions & 57 deletions docs/index.html
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!-- RELEASE TIME : 2021-08-26 22:27:17 -->
<!-- RELEASE TIME : 2021-08-26 23:26:29 -->
<html lang="zh-cn">

<head>
Expand Down Expand Up @@ -252,6 +252,62 @@ <h2><a href="https://github.com/lyy289065406/threat-broadcast">威胁情报播
<th width="43%">TITLE</th>
<th width="5%">URL</th>
</tr>
<tr>
<td>ab3d2a1baa2de10eb971a8a842d84086</td>
<td>CVE-2021-39165</td>
<td>2021-08-26 21:15:00 <img src="imgs/new.gif" /></td>
<td>Cachet is an open source status page. With Cachet prior to and including 2.3.18, there is a SQL injection which is in the `SearchableTrait#scopeSearch()`. Attackers without authentication can utilize this vulnerability to exfiltrate sensitive data from the database such as administrator's password and session. The original repository of Cachet <https://github.com/CachetHQ/Cachet> is not active, the stable version 2.3.18 and it's developing 2.4 branch is affected.</td>
<td><a href="https://www.tenable.com/cve/CVE-2021-39165">详情</a></td>
</tr>
<tr>
<td>ebd92be6e1cb2b3c7996752785e65879</td>
<td>CVE-2021-39161</td>
<td>2021-08-26 20:15:00 <img src="imgs/new.gif" /></td>
<td>Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scripting(XSS) attacks. This is mitigated by Discourse's default Content Security Policy and this vulnerability only affects sites which have modified or disabled or changed Discourse's default Content Security Policy have allowed for moderators to modify categories. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks.</td>
<td><a href="https://www.tenable.com/cve/CVE-2021-39161">详情</a></td>
</tr>
<tr>
<td>c08676bf3dd82325a4109bdc94155fcc</td>
<td>CVE-2021-37715</td>
<td>2021-08-26 20:15:00 <img src="imgs/new.gif" /></td>
<td>A remote cross-site scripting (XSS) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.13.0. Aruba has released upgrades for the Aruba AirWave Management Platform that address this security vulnerability.</td>
<td><a href="https://www.tenable.com/cve/CVE-2021-37715">详情</a></td>
</tr>
<tr>
<td>cdcc7f91716cf5ca9025449fe9ff8c75</td>
<td>CVE-2021-29862</td>
<td>2021-08-26 20:15:00 <img src="imgs/new.gif" /></td>
<td>IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 206086.</td>
<td><a href="https://www.tenable.com/cve/CVE-2021-29862">详情</a></td>
</tr>
<tr>
<td>1cb7ec9f53cb8b76921de6ff2fd35882</td>
<td>CVE-2021-29801</td>
<td>2021-08-26 20:15:00 <img src="imgs/new.gif" /></td>
<td>IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to gain root privileges. IBM X-Force ID: 203977.</td>
<td><a href="https://www.tenable.com/cve/CVE-2021-29801">详情</a></td>
</tr>
<tr>
<td>93630190c62628190ecf6a24dc1a1bcd</td>
<td>CVE-2021-29772</td>
<td>2021-08-26 20:15:00 <img src="imgs/new.gif" /></td>
<td>IBM API Connect 5.0.0.0 through 5.0.8.11 could allow a user to potentially inject code due to unsanitized user input. IBM X-Force ID: 202774.</td>
<td><a href="https://www.tenable.com/cve/CVE-2021-29772">详情</a></td>
</tr>
<tr>
<td>16daee4b5b67a6ab1136a3fa0d738424</td>
<td>CVE-2021-29727</td>
<td>2021-08-26 20:15:00 <img src="imgs/new.gif" /></td>
<td>IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 201106.</td>
<td><a href="https://www.tenable.com/cve/CVE-2021-29727">详情</a></td>
</tr>
<tr>
<td>814322d2982461ad15831a37fd68b25d</td>
<td>CVE-2021-29715</td>
<td>2021-08-26 20:15:00 <img src="imgs/new.gif" /></td>
<td>IBM API Connect 5.0.0.0 through 5.0.8.11 could alllow a remote user to obtain sensitive information or conduct denial of serivce attacks due to open ports. IBM X-Force ID: 201018.</td>
<td><a href="https://www.tenable.com/cve/CVE-2021-29715">详情</a></td>
</tr>
<tr>
<td>af0b0f7a87448ee32d72a64ad58c0dcc</td>
<td>CVE-2021-32648</td>
Expand Down Expand Up @@ -406,62 +462,6 @@ <h2><a href="https://github.com/lyy289065406/threat-broadcast">威胁情报播
<td>thinkphp-zcms as of 20190715 allows SQL injection via index.php?m=home&c=message&a=add.</td>
<td><a href="https://www.tenable.com/cve/CVE-2020-19705">详情</a></td>
</tr>
<tr>
<td>dcde5a0159d9522271474fe94fdc9585</td>
<td>CVE-2020-19704</td>
<td>2021-08-26 03:15:00 <img src="imgs/new.gif" /></td>
<td>A stored cross-site scripting (XSS) vulnerability via ResourceController.java in spring-boot-admin as of 20190710 allows attackers to execute arbitrary web scripts or HTML.</td>
<td><a href="https://www.tenable.com/cve/CVE-2020-19704">详情</a></td>
</tr>
<tr>
<td>eb39d6388eb8babace6dd1df725ab323</td>
<td>CVE-2020-19703</td>
<td>2021-08-26 03:15:00 <img src="imgs/new.gif" /></td>
<td>A cross-site scripting (XSS) vulnerability in the referer parameter of Dzzoffice 2.02 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.</td>
<td><a href="https://www.tenable.com/cve/CVE-2020-19703">详情</a></td>
</tr>
<tr>
<td>d404f28ea272b1e90e4736841d704701</td>
<td>CVE-2021-20815</td>
<td>2021-08-26 02:15:00 <img src="imgs/new.gif" /></td>
<td>Cross-site scripting vulnerability in Edit Boilerplate screen of Movable Type (Movable Type 7 r.4903 and earlier (Movable Type 7 Series), Movable Type 6.8.0 and earlier (Movable Type 6 Series), Movable Type Advanced 7 r.4903 and earlier (Movable Type Advanced 7 Series), Movable Type Premium 1.44 and earlier, and Movable Type Premium Advanced 1.44 and earlier) allows remote attackers to inject arbitrary script or HTML via unspecified vectors.</td>
<td><a href="https://www.tenable.com/cve/CVE-2021-20815">详情</a></td>
</tr>
<tr>
<td>b970dabecc87e56239944e48e15ffc62</td>
<td>CVE-2021-20814</td>
<td>2021-08-26 02:15:00 <img src="imgs/new.gif" /></td>
<td>Cross-site scripting vulnerability in Setting screen of ContentType Information Widget Plugin of Movable Type (Movable Type 7 r.4903 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.4903 and earlier (Movable Type Advanced 7 Series), and Movable Type Premium 1.44 and earlier) allows remote attackers to inject arbitrary script or HTML via unspecified vectors.</td>
<td><a href="https://www.tenable.com/cve/CVE-2021-20814">详情</a></td>
</tr>
<tr>
<td>071fb31e940d792d271ad5519da8d763</td>
<td>CVE-2021-20813</td>
<td>2021-08-26 02:15:00 <img src="imgs/new.gif" /></td>
<td>Cross-site scripting vulnerability in Edit screen of Content Data of Movable Type (Movable Type 7 r.4903 and earlier (Movable Type 7 Series) and Movable Type Advanced 7 r.4903 and earlier (Movable Type Advanced 7 Series)) allows remote attackers to inject arbitrary script or HTML via unspecified vectors.</td>
<td><a href="https://www.tenable.com/cve/CVE-2021-20813">详情</a></td>
</tr>
<tr>
<td>3fa3baeea365f0939758188139d5b97f</td>
<td>CVE-2021-20812</td>
<td>2021-08-26 02:15:00 <img src="imgs/new.gif" /></td>
<td>Cross-site scripting vulnerability in Setting screen of Server Sync of Movable Type (Movable Type Advanced 7 r.4903 and earlier (Movable Type Advanced 7 Series) and Movable Type Premium Advanced 1.44 and earlier) allows remote attackers to inject arbitrary script or HTML via unspecified vectors.</td>
<td><a href="https://www.tenable.com/cve/CVE-2021-20812">详情</a></td>
</tr>
<tr>
<td>c35c9099f35baa426b9fdcea1172d5ab</td>
<td>CVE-2021-37334</td>
<td>2021-08-25 22:15:00 <img src="imgs/new.gif" /></td>
<td>A security issue in Umbraco Forms 4.0.0 to and including 8.7.5 could lead to a remote code execution attack and/or arbitrary file deletion.</td>
<td><a href="https://www.tenable.com/cve/CVE-2021-37334">详情</a></td>
</tr>
<tr>
<td>7dc6a625d3f07b2e68db30fa48cf0545</td>
<td>CVE-2021-37154</td>
<td>2021-08-25 21:15:00 <img src="imgs/new.gif" /></td>
<td>In ForgeRock Access Management (AM) before 7.0.2, the SAML2 implementation allows XML injection, potentially enabling a fraudulent SAML 2.0 assertion.</td>
<td><a href="https://www.tenable.com/cve/CVE-2021-37154">详情</a></td>
</tr>
</tbody>
</table>
</div>
Expand Down

0 comments on commit e84f1c2

Please sign in to comment.