排序
CVE-2024-34102: Adobe Commerce & Magento – CosmicSting
漏洞标题 CVE-2024-34102: Adobe Commerce & Magento - CosmicSting 漏洞描述 Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Res...
2024年8月4日 00:30CVE-2024-0305: Ncast busiFacade – Remote Command Execution
漏洞标题 CVE-2024-0305: Ncast busiFacade - Remote Command Execution 漏洞描述 The Ncast Yingshi high-definition intelligent recording and playback system is a newly developed audio ...
2024年8月3日 21:44CVE-2024-29882: HTTP API DOM – XSS on JSONP callback
漏洞标题 CVE-2024-29882: HTTP API DOM - XSS on JSONP callback 漏洞描述 SRS is a simple, high-efficiency, real-time video server. SRS's `/api/v1/vhosts/vid-<id>?callback=...
2024年8月3日 11:32AVM FRITZ!Box 7530 AX未授权访问漏洞(CVE-2024-54767)
漏洞标题 AVM FRITZ!Box 7530 AX未授权访问漏洞(CVE-2024-54767) 漏洞描述 AVM FRITZ!Box 7530 AX v7.59组件中的/juis_boxinfo.xml存在访问控制问题,允许攻击者在未经身份验证的情况下获取敏...
2024年8月2日 23:15CVE-2024-30568: Netgear R6850 V1.1.0.88 – Command Injection
漏洞标题 CVE-2024-30568: Netgear R6850 V1.1.0.88 - Command Injection 漏洞描述 Netgear R6850 router firmware version V1.1.0.88 suffers from a command injection vulnerability in the ...
2024年8月2日 15:29CVE-2024-41107: Apache CloudStack – SAML Signature Exclusion
漏洞标题 CVE-2024-41107: Apache CloudStack - SAML Signature Exclusion 漏洞描述 The CloudStack SAML authentication (disabled by default) does not enforce signature check. In CloudSt...
2024年8月2日 14:17CVE-2024-43917: WordPress TI WooCommerce Wishlist Plugin <= 2.8.2 - SQL Injection
漏洞标题 CVE-2024-43917: WordPress TI WooCommerce Wishlist Plugin <= 2.8.2 - SQL Injection 漏洞描述 In the latest version (2.8.2 as of writing the article) and below, the plugin...
2024年8月2日 11:23CVE-2024-6049: Lawo AG vsm LTC Time Sync (vTimeSync) – Path Traversal
漏洞标题 CVE-2024-6049: Lawo AG vsm LTC Time Sync (vTimeSync) - Path Traversal 漏洞描述 The web server of Lawo AG vsm LTC Time Sync (vTimeSync) is affected by a "..." (tr...
2024年8月2日 11:08CVE-2024-4898: WordPress InstaWP Connect <= 0.1.0.38 - Unauthenticated User Creation
漏洞标题 CVE-2024-4898: WordPress InstaWP Connect <= 0.1.0.38 - Unauthenticated User Creation 漏洞描述 The InstaWP Connect – 1-click WP Staging & Migration plugin for WordP...
2024年8月2日 10:42CVE-2024-8484: REST API TO MiniProgram <= 4.7.1 - SQL Injection
漏洞标题 CVE-2024-8484: REST API TO MiniProgram <= 4.7.1 - SQL Injection 漏洞描述 The REST API TO MiniProgram plugin for WordPress is vulnerable to SQL Injection via the 'o...
2024年8月2日 08:18CVE-2024-7332: TOTOLINK CP450 v4.1.0cu.747_B20191224 – Hard-Coded Password Vulnerability
漏洞标题 CVE-2024-7332: TOTOLINK CP450 v4.1.0cu.747_B20191224 - Hard-Coded Password Vulnerability 漏洞描述 A critical vulnerability has been discovered in TOTOLINK CP450 version 4....
2024年8月1日 12:51CVE-2024-26331: ReCrystallize Server – Authentication Bypass
漏洞标题 CVE-2024-26331: ReCrystallize Server - Authentication Bypass 漏洞描述 This vulnerability allows an attacker to bypass authentication in the ReCrystallize Server applicatio...
2024年8月1日 12:28CVE-2024-29973: Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - Command Injection
漏洞标题 CVE-2024-29973: Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - Command Injection 漏洞描述 The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326...
2024年8月1日 05:23CVE-2024-7714: AI Assistant with ChatGPT by AYS <= 2.0.9 - Unauthenticated AJAX Calls
漏洞标题 CVE-2024-7714: AI Assistant with ChatGPT by AYS <= 2.0.9 - Unauthenticated AJAX Calls 漏洞描述 The plugin lacks sufficient access controls allowing an unauthenticated u...
2024年8月1日 05:16CVE-2024-43917: WordPress TI WooCommerce Wishlist Plugin <= 2.8.2 - SQL Injection
漏洞标题 CVE-2024-43917: WordPress TI WooCommerce Wishlist Plugin <= 2.8.2 - SQL Injection 漏洞描述 In the latest version (2.8.2 as of writing the article) and below, the plugin...
2024年7月31日 20:14CVE-2024-8021: Gradio – Open Redirect
漏洞标题 CVE-2024-8021: Gradio - Open Redirect 漏洞描述 Gradio allows an open redirect bypass via URL encoding, enabling attackers to redirect users to malicious sites. This can le...
2024年7月31日 19:26
