https://zlsec.com/ZLSEC.COMhttps://zlsec.com/archives/18.html<p>漏洞编号：CVE-2024-24974&nbsp;</p><p>评分：N/A</p><p>恶意利用的后果：&nbsp;</p><p>来源：开源公司</p><p>公布时间：2024-07-08 10:20:35&nbsp;</p><p>更新时间：2024-07-08 10:22:24&nbsp;</p><p>类型：&nbsp;</p><p>描述：OpenVPN 2.6.9和更早版本中的交互式服务允许远程访问OpenVPN服务管道，这允许远程攻击者与特权OpenVPN交互式服务进行交互。</p><p>影响组件：&nbsp;</p><p>参考资料:</p><p><br/></p>Tue, 09 Jul 2024 10:39:49 +0800https://zlsec.com/archives/17.html<p>漏洞编号：CVE-2024-5549&nbsp;</p><p>评分：8.1</p><p>恶意利用的后果：&nbsp;</p><p>来源：Source huntr.dev&nbsp;</p><p>公布时间：2024-07-09 00:15:02&nbsp;</p><p>更新时间：2024-07-09 00:15:02&nbsp;</p><p>类型：&nbsp;</p><p>描述：Origin Validation Error in GitHub repository stitionai/devika prior to -.&nbsp;</p><p>影响组件：&nbsp;</p><p>参考资料:</p><p><br/></p>Tue, 09 Jul 2024 10:38:50 +0800https://zlsec.com/archives/16.html<p><br/></p><p>影响组件：&nbsp;</p><p>参考资料:</p><p>漏洞编号：CVE-2024-34786&nbsp;</p><p>评分：N/A</p><p>恶意利用的后果：&nbsp;</p><p>来源：源黑客一号</p><p>公布时间：2024-07-09 02:15:10&nbsp;</p><p>更新时间：2024-07-09 02:15:10&nbsp;</p><p>类型：&nbsp;</p><p>描述：UniFi iOS应用程序10.15.0在第二代UniFi接入点配置为独立（不使用UniFi网络应用程序），可能会导致SSID名称的改变和/或WiFi密码被删除的5GHz的无线电。</p><p><br/></p><p>此漏洞已在Unifi iOS应用程序10.15.2及更高版本中修复。</p><p>影响组件：&nbsp;</p><p>参考资料:</p><p><br/></p>Tue, 09 Jul 2024 10:37:21 +0800https://zlsec.com/archives/15.html<p>漏洞编号：CVE-2024-5021&nbsp;</p><p>评分：9.3</p><p>恶意利用的后果：访问内部系统、内部消息泄漏等&nbsp;</p><p>来源：Source Wordfence&nbsp;</p><p>公布时间：2024-06-19 03:12:29&nbsp;</p><p>更新时间：2024-06-19 03:12:29&nbsp;</p><p>类型：Server-side request forgery (SSRF)&nbsp;</p><p>描述：The WordPress Picture / Portfolio / Media Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.0.1 via the &#39;file_get_contents&#39; function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.&nbsp;</p><p>影响组件：&nbsp;</p><p>参考资料:</p><p><br/></p>Wed, 19 Jun 2024 12:55:12 +0800https://zlsec.com/archives/14.html<p>漏洞编号：CVE-2024-2381&nbsp;</p><p>评分：8.8</p><p>恶意利用的后果：通过远程代码执行获取敏感信息以及目标权限&nbsp;</p><p>来源：Source Wordfence&nbsp;</p><p>公布时间：2024-06-19 03:12:33&nbsp;</p><p>更新时间：2024-06-19 03:12:33&nbsp;</p><p>类型：Execute code&nbsp;</p><p>描述：The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_save_image function in all versions up to, and including, 3.3.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files on the affected site&#39;s server which may make remote code execution possible.&nbsp;</p><p>影响组件：&nbsp;</p><p>参考资料:</p><p><br/></p>Wed, 19 Jun 2024 12:54:49 +0800https://zlsec.com/archives/13.html<p>漏洞编号：CVE-2024-5637&nbsp;</p><p>评分：7.5</p><p>恶意利用的后果：任意文件读取导致信息泄漏&nbsp;</p><p>来源：Source Wordfence&nbsp;</p><p>公布时间：2024-06-07 11:15:53&nbsp;</p><p>更新时间：2024-06-07 11:15:53&nbsp;</p><p>类型：Directory traversal&nbsp;</p><p>描述：The Market Exporter plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the &#39;remove_files&#39; function in all versions up to, and including, 2.0.19. This makes it possible for authenticated attackers, with Subscriber-level access and above, to use path traversal to delete arbitrary files on the server.&nbsp;</p><p>影响组件：&nbsp;</p><p>参考资料:</p><p><br/></p>Thu, 13 Jun 2024 13:26:38 +0800https://zlsec.com/archives/12.html<p>漏洞编号：CVE-2024-4610&nbsp;</p><p>评分：N/A</p><p>恶意利用的后果：程序因内存损坏而崩溃或退出&nbsp;</p><p>来源：Source Arm Limited&nbsp;</p><p>公布时间：2024-06-07 11:25:08&nbsp;</p><p>更新时间：2024-06-07 11:25:08&nbsp;</p><p>类型：Memory Corruption&nbsp;</p><p>描述：Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0.&nbsp;</p><p>影响组件：&nbsp;</p><p>参考资料:</p><p><br/></p>Thu, 13 Jun 2024 13:26:06 +0800https://zlsec.com/archives/11.html<p>漏洞编号：CVE-2024-5599&nbsp;</p><p>评分：7.5</p><p>恶意利用的后果：&nbsp;</p><p>来源：Source Wordfence&nbsp;</p><p>公布时间：2024-06-07 12:33:44&nbsp;</p><p>更新时间：2024-06-07 12:33:44&nbsp;</p><p>类型：&nbsp;</p><p>描述：The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.7 via the &#39;fileorganizer_ajax_handler&#39; function. This makes it possible for unauthenticated attackers to extract sensitive data including backups or other sensitive information if the files have been moved to the built-in Trash folder.&nbsp;</p><p>影响组件：&nbsp;</p><p>参考资料:</p><p><br/></p>Thu, 13 Jun 2024 13:13:46 +0800https://zlsec.com/archives/10.html<p>漏洞编号：CVE-2024-3758&nbsp;</p><p>评分：N/A</p><p>恶意利用的后果：缓冲区溢出,通过远程代码执行获取敏感信息以及目标权限&nbsp;</p><p>来源：Source OpenHarmony&nbsp;</p><p>公布时间：2024-05-07 06:27:11&nbsp;</p><p>更新时间：2024-05-07 06:27:11&nbsp;</p><p>类型：Overflow&nbsp;</p><p>描述：in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer overflow.&nbsp;</p><p>影响组件：&nbsp;</p><p>参考资料:</p><p>漏洞编号：CVE-2024-3758&nbsp;</p><p>评分：N/A</p><p>恶意利用的后果：缓冲区溢出,通过远程代码执行获取敏感信息以及目标权限&nbsp;</p><p>来源：来源开放和谐</p><p>公布时间：2024-05-07 06:27:11&nbsp;</p><p>更新时间：2024-05-07 06:27:11&nbsp;</p><p>类型：溢出</p><p>描述：在开放和谐版本4.0.0和以前的版本中允许本地攻击者通过堆缓冲区溢出在tcb中执行任意代码。</p><p>影响组件：&nbsp;</p><p>参考资料:</p><p><br/></p>Tue, 07 May 2024 17:11:51 +0800https://zlsec.com/archives/9.html<p>漏洞编号：CVE-2024-4346&nbsp;</p><p>评分：N/A</p><p>恶意利用的后果：通过远程代码执行获取敏感信息以及目标权限&nbsp;</p><p>来源：来源</p><p>公布时间：2024-05-07 08:31:05&nbsp;</p><p>更新时间：2024-05-07 08:31:05&nbsp;</p><p>类型：执行代码</p><p>描述：Startklar Elementor Addons插件的WordPress是脆弱的任意文件删除的所有版本，包括1.7.13。这是由于插件在删除之前没有正确验证上传文件的路径。这使得未经身份验证的攻击者有可能删除任意文件，包括wp-config.php文件，从而使站点接管和远程代码执行成为可能。</p><p>影响组件：&nbsp;</p><p>参考资料:</p><p><br/></p>Tue, 07 May 2024 17:11:01 +0800