排序
CVE-2024-23897: Jenkins < 2.441 - Arbitrary File Read
漏洞标题 CVE-2024-23897: Jenkins < 2.441 - Arbitrary File Read 漏洞描述 Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser t...
2024年7月19日 12:43CVE-2024-29269: Telesquare TLR-2005KSH – Remote Command Execution
漏洞标题 CVE-2024-29269: Telesquare TLR-2005KSH - Remote Command Execution 漏洞描述 Telesquare Tlr-2005Ksh is a Sk Telecom Lte router from South Korea's Telesquare company.Tel...
2024年7月19日 01:42CVE-2024-0692: SolarWinds Security Event Manager – Unauthenticated RCE
漏洞标题 CVE-2024-0692: SolarWinds Security Event Manager - Unauthenticated RCE 漏洞描述 The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerabilit...
2024年7月18日 15:39CVE-2024-12849: Error Log Viewer By WP Guru <= 1.0.1.3 - Missing Authorization to Arbitrary File Read
漏洞标题 CVE-2024-12849: Error Log Viewer By WP Guru <= 1.0.1.3 - Missing Authorization to Arbitrary File Read 漏洞描述 The Error Log Viewer By WP Guru plugin for WordPress is v...
2024年7月18日 14:41CVE-2024-1061: WordPress HTML5 Video Player – SQL Injection
漏洞标题 CVE-2024-1061: WordPress HTML5 Video Player - SQL Injection 漏洞描述 WordPress HTML5 Video Player plugin is vulnerable to SQL injection. An unauthenticated attacker can ex...
2024年7月18日 14:36CVE-2024-33288: Prison Management System – SQL Injection Authentication Bypass
漏洞标题 CVE-2024-33288: Prison Management System - SQL Injection Authentication Bypass 漏洞描述 Sql injection vulnerability was found on the login page in Prison Management System...
2024年7月18日 08:11CVE-2024-38653: Ivanti Avalanche SmartDeviceServer – XML External Entity
漏洞标题 CVE-2024-38653: Ivanti Avalanche SmartDeviceServer - XML External Entity 漏洞描述 XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attack...
2024年7月17日 17:40CVE-2024-34257: TOTOLINK EX1800T TOTOLINK EX1800T – Command Injection
漏洞标题 CVE-2024-34257: TOTOLINK EX1800T TOTOLINK EX1800T - Command Injection 漏洞描述 TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType paramete...
2024年7月17日 13:25CVE-2024-25600: WordPress的Bricks主题存在远程命令执行
漏洞标题 CVE-2024-25600: WordPress的Bricks主题存在远程命令执行 漏洞描述 Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks B...
2024年7月17日 07:08CVE-2024-2862: LG LED Assistant – Unauthenticated Password Reset
漏洞标题 CVE-2024-2862: LG LED Assistant - Unauthenticated Password Reset 漏洞描述 The /api/changePw endpoint in LG LED Assistant allows unauthenticated password resets when reques...
2024年7月17日 03:54CVE-2024-9487: GitHub Enterprise – SAML Authentication Bypass
漏洞标题 CVE-2024-9487: GitHub Enterprise - SAML Authentication Bypass 漏洞描述 An improper verification of cryptographic signature vulnerability was identified in GitHub Enterpris...
2024年7月17日 01:19CVE-2024-36683: PrestaShop productsalert – SQL Injection
漏洞标题 CVE-2024-36683: PrestaShop productsalert - SQL Injection 漏洞描述 In the module 'Products Alert' (productsalert) up to version 1.7.4 from Smart Modules for Prest...
2024年7月16日 18:49Apache OFBiz StatsSinceStart 远程代码执行漏洞(CVE-2024-45507)
漏洞标题 Apache OFBiz StatsSinceStart 远程代码执行漏洞(CVE-2024-45507) 漏洞描述 Apache OFBiz 18.12.16 之前的版本在 Linux 和 Windows 系统上存在未经身份验证的远程代码执行漏洞。 PoC...
2024年7月16日 10:20CVE-2024-39887: Apache Superset < 4.0.2 - SQL Injection
漏洞标题 CVE-2024-39887: Apache Superset < 4.0.2 - SQL Injection 漏洞描述 An SQL Injection vulnerability in Apache Superset exists due to improper neutralization of special elem...
2024年7月16日 06:54CVE-2024-51378: CyberPanel – Command Injection
漏洞标题 CVE-2024-51378: CyberPanel - Command Injection 漏洞描述 CyberPanel contains a command injection vulnerability in the /ftp/getresetstatus and /dns/getresetstatus endpoints....
2024年7月16日 05:58CVE-2024-54767: AVM FRITZ!Box 7530 AX – Unauthorized Access
漏洞标题 CVE-2024-54767: AVM FRITZ!Box 7530 AX - Unauthorized Access 漏洞描述 An access control issue in the component /juis_boxinfo.xml of AVM FRITZ!Box 7530 AX v7.59 allows attac...
2024年7月15日 07:44
