From 5c321b07bea6ef57710fe5ebf04fd11f48033607 Mon Sep 17 00:00:00 2001 From: CVEDB-BOT Date: Sat, 21 Dec 2024 02:53:47 +0000 Subject: [PATCH] =?UTF-8?q?Updated=20by=20CVEDB-BOT=20=F0=9F=A4=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- db/cve.sqlite | Bin 6242304 -> 6242304 bytes docs/README.md | 5 ++++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/db/cve.sqlite b/db/cve.sqlite index 1ddbf0dc113b8e1c16a9ab680a6cc3251d0cb05e..d04e3cbe82fd9b774bdbecac19cdc6530453dd1b 100644 GIT binary patch delta 1148 zcmah`?N3`}92F>ofrw1ln1gwz!a!GOFXdguS?8DvbOSa-83$&S>q={&Oy?K5gR^yp z@*>Qu$TFJDh)YI?AZ0?Qe({5!jQ@eL&uvLe7C$c0#0x@zPbSavoCQ^u0;$b3WF%x zfp8EfiBm))(L^*8r-?H}3-JcgO1w$DMYIuTzeD@Y;yp=8d?>v+?Lpe%)b5mTlSh*n zIy9aCb6m(Wogdn1`>ChJnBg`tF*8zDNx((ai4eEY$e6^)5pxRMJ_Sh zEEc)Ke7wuk>(zeU-<&BO?dep!Jsmw4rFRsUQ|fVcye%niX&qs<*EMQ^Gtxe-?YF#S z?Lk3p>fY89j{lG!DBdoqL+ZWQ?NZ#@?|+}l%KiUxZbO94Y?aNjwaH?wDlMt9mACE` zH<+siOv$F2%N@?OCKek$`tUt-S6}C54>q&ST5c_IG}!ADuhS*fDRz&`)zK+MR@BJS zr0|bK!c*ezycoG7X>-~2*)0Vd1vZ$4(TTap_rp8cv2ZZ5ycnGvlwjIqRTfT zOa1zyPgjFdLA|4{(6|~jK#`@};`ZlaYDW7pBQg8n{gokc*SMUB-5VGDYW3DoENBSv z#}?;}C+*M5vw2$Ig_Mks^{ZdU0zp% zNH8`K7QvO+l?8q3mOkv$uMfm#e^}LK|L9kv(+lGIi0=DL_@-CCxM|>ZU&xTHU%R9G zXT_&O(fMUV`6~UFTfJpnWl@FH=#ZrX zV^bs-S!HdkB|cNjscFyX-gJ9=a&nbiW{l0`HjGuv)IdVA$*!g5f7Tn$4@-2`ZLh&_Ja4bN<3S2f|CkpOh0gCrBnV;Ou zpO?nq`L$^+cz!|x$(1|_Nxl?Fp%h86lt@@25|vVkNtu*Og;YwFR7;K2N}be8gEUH$ zG)s%LN}IGxhjdDpbW2=%q*wZ+Uj}4QhGbY0G9sfgCgU<8lQJdKG9$AxCrO!?1zD6O zS(X)9l{HzH4cU|}*_IvIl|9*)138okY2YLJ?^^u5# k!s(pYMf5w`6HaH_-{W6FcH}*t{rAt~yikx$CsS{sUs2(My#N3J diff --git a/docs/README.md b/docs/README.md index f34d41dad..3cd5e154b 100644 --- a/docs/README.md +++ b/docs/README.md @@ -2,7 +2,7 @@ > Automatic monitor github cve using Github Actions - Last generated : 2024-12-21 01:47:57.978010 + Last generated : 2024-12-21 02:50:05.569918 | CVE | Name | Description | Date | |---|---|---|---| @@ -840,6 +840,7 @@ | [CVE-2024-41992](https://www.cve.org/CVERecord?id=CVE-2024-41992) | [fj016/CVE-2024-41992-PoC](https://github.com/fj016/CVE-2024-41992-PoC) | PoC for the CVE-2024-41992 (RCE on devices running WiFi-TestSuite-DUT) | 2024-08-23T23:48:01Z| | [CVE-2024-41958](https://www.cve.org/CVERecord?id=CVE-2024-41958) | [OrangeJuiceHU/CVE-2024-41958-PoC](https://github.com/OrangeJuiceHU/CVE-2024-41958-PoC) | This is a small proof of concept for CVE-2024-41958 | 2024-08-05T19:10:08Z| | [CVE-2024-41713](https://www.cve.org/CVERecord?id=CVE-2024-41713) | [watchtowrlabs/Mitel-MiCollab-Auth-Bypass_CVE-2024-41713](https://github.com/watchtowrlabs/Mitel-MiCollab-Auth-Bypass_CVE-2024-41713) | no description | 2024-12-05T06:13:57Z| +| [CVE-2024-41713](https://www.cve.org/CVERecord?id=CVE-2024-41713) | [zxj-hub/CVE-2024-41713POC](https://github.com/zxj-hub/CVE-2024-41713POC) | Mitel MiCollab 企业协作平台 任意文件读取漏洞(CVE-2024-41713)由于Mitel MiCollab软件的 NuPoint 统一消息 (NPM) 组件中存在身份验证绕过漏洞,并且输入验证不足,未经身份验证的远程攻击者可利用该漏洞执行路径遍历攻击,成功利用可能导致未授权访问、破坏或删除用户的数据和系统配置。影响范围:version < MiCollab 9.8 SP2 (9.8.2.12) | 2024-12-21T02:26:26Z| | [CVE-2024-41662](https://www.cve.org/CVERecord?id=CVE-2024-41662) | [sh3bu/CVE-2024-41662](https://github.com/sh3bu/CVE-2024-41662) | Markdown XSS leads to RCE in VNote version <=3.18.1 | 2024-07-23T17:21:12Z| | [CVE-2024-41651](https://www.cve.org/CVERecord?id=CVE-2024-41651) | [Fckroun/CVE-2024-41651](https://github.com/Fckroun/CVE-2024-41651) | CVE-2024-41651 | 2024-08-08T17:25:30Z| | [CVE-2024-41628](https://www.cve.org/CVERecord?id=CVE-2024-41628) | [Redshift-CyberSecurity/CVE-2024-41628](https://github.com/Redshift-CyberSecurity/CVE-2024-41628) | no description | 2024-07-29T07:12:14Z| @@ -2008,6 +2009,7 @@ | [CVE-2024-24919](https://www.cve.org/CVERecord?id=CVE-2024-24919) | [geniuszlyy/CVE-2024-24919](https://github.com/geniuszlyy/CVE-2024-24919) | PoC script for CVE-2024-24919 vulnerability. It scans a list of target URLs to identify security issues by sending HTTP POST requests and analyzing server responses | 2024-09-29T08:20:56Z| | [CVE-2024-24919](https://www.cve.org/CVERecord?id=CVE-2024-24919) | [skyrowalker/CVE-2024-24919](https://github.com/skyrowalker/CVE-2024-24919) | no description | 2024-10-09T17:54:28Z| | [CVE-2024-24919](https://www.cve.org/CVERecord?id=CVE-2024-24919) | [sar-3mar/CVE-2024-24919_POC](https://github.com/sar-3mar/CVE-2024-24919_POC) | It's Proof of Concept on CVE-2024-24919-POC , i made it after it's discoverd | 2024-10-28T21:54:41Z| +| [CVE-2024-24919](https://www.cve.org/CVERecord?id=CVE-2024-24919) | [NingXin2002/Check-Point_poc](https://github.com/NingXin2002/Check-Point_poc) | Check-Point安全网关任意文件读取漏洞(CVE-2024-24919) | 2024-12-21T02:42:10Z| | [CVE-2024-24816](https://www.cve.org/CVERecord?id=CVE-2024-24816) | [mmajchrowicz-afine/CVE-2024-24816](https://github.com/mmajchrowicz-afine/CVE-2024-24816) | CKEditor 4 < 4.24.0-lts - XSS vulnerability in samples that use the "preview" feature. | 2024-02-10T10:19:21Z| | [CVE-2024-24816](https://www.cve.org/CVERecord?id=CVE-2024-24816) | [afine-com/CVE-2024-24816](https://github.com/afine-com/CVE-2024-24816) | CKEditor 4 < 4.24.0-lts - XSS vulnerability in samples that use the "preview" feature. | 2024-02-10T10:26:35Z| | [CVE-2024-24809](https://www.cve.org/CVERecord?id=CVE-2024-24809) | [fa-rrel/CVE-2024-24809-Proof-of-concept](https://github.com/fa-rrel/CVE-2024-24809-Proof-of-concept) | Critical Flaws in Traccar GPS System Expose Users to Remote Attacks | 2024-09-03T09:56:13Z| @@ -3594,6 +3596,7 @@ | [CVE-2023-40028](https://www.cve.org/CVERecord?id=CVE-2023-40028) | [BBSynapse/CVE-2023-40028](https://github.com/BBSynapse/CVE-2023-40028) | CVE-2023-40028 wirkt sich auf Ghost, ein Open-Source-Content-Management-System (CMS) aus. | 2024-12-10T09:12:20Z| | [CVE-2023-40028](https://www.cve.org/CVERecord?id=CVE-2023-40028) | [0xDTC/Ghost-5.58-Arbitrary-File-Read-CVE-2023-40028](https://github.com/0xDTC/Ghost-5.58-Arbitrary-File-Read-CVE-2023-40028) | CVE-2023-40028 affects Ghost, an open source content management system, where versions prior to 5.59.1 allow authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. | 2024-12-12T18:50:58Z| | [CVE-2023-40028](https://www.cve.org/CVERecord?id=CVE-2023-40028) | [sudlit/CVE-2023-40028](https://github.com/sudlit/CVE-2023-40028) | no description | 2024-12-13T11:42:51Z| +| [CVE-2023-40028](https://www.cve.org/CVERecord?id=CVE-2023-40028) | [monke443/CVE-2023-40028-Ghost-Arbitrary-File-Read](https://github.com/monke443/CVE-2023-40028-Ghost-Arbitrary-File-Read) | Arbitrary file read in Ghost-CMS allows an attacker to upload a malicious ZIP file with a symlink. | 2024-12-21T01:53:47Z| | [CVE-2023-40000](https://www.cve.org/CVERecord?id=CVE-2023-40000) | [rxerium/CVE-2023-40000](https://github.com/rxerium/CVE-2023-40000) | WordPress LiteSpeed Plugin Vulnerability | 2024-02-28T19:36:40Z| | [CVE-2023-40000](https://www.cve.org/CVERecord?id=CVE-2023-40000) | [quantiom/litespeed-cache-xss-poc](https://github.com/quantiom/litespeed-cache-xss-poc) | PoC for XSS vulnerability in the LiteSpeed Cache WordPress plugin (CVE-2023-40000) allowing elevated privileges. Includes code, explanations, and mitigations. | 2024-05-12T06:13:47Z| | [CVE-2023-40000](https://www.cve.org/CVERecord?id=CVE-2023-40000) | [iveresk/cve-2023-40000](https://github.com/iveresk/cve-2023-40000) | That's a PoC of cve-2023-40000. Wordpress LiteSpeed Cache exploit. | 2024-05-13T15:25:58Z|