Skip to content

Commit

Permalink
Updated by Github Bot
Browse files Browse the repository at this point in the history
  • Loading branch information
Github-Bot committed Apr 30, 2024
1 parent 408c7ed commit 2037e28
Show file tree
Hide file tree
Showing 4 changed files with 128 additions and 111 deletions.
15 changes: 15 additions & 0 deletions cache/Nsfocus.dat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,3 +138,18 @@ fb829fb4be9e40c8717093e6d744e51b
c8685b500771219df8138e15650719b9
ca35e15ca9dcb390a48b602cb6aef85e
a76fd9fd1b320ffb3a2ec5253cc8e13b
5d4011ca3e542aa85f2fcf7b406e1375
5e4887c8a36891f4c9662ff046faff4d
a90456f5bdf04538f64f485b0d9d45d0
cbe4016c226e1fcd697b0b1a1ef33fd3
5138e8a59588f2fdfb6e58cff33882b0
152a7bb91f87e8da910d97151ed7ac6c
17def008fc2e8dd8b4415244a2cfb72c
01f6c023aab5ca9de3a428fe2ebbf938
614cbb75e91c0d1286da303e42b60e70
cdf22a4762a00b817b34982257e1611a
05b8250fda511d5eb2bbaae002f809c8
86672e745e4a1326778264bc68d88e61
d8c2187333424069680d896e5e9ca3e3
152510ee40988d3c5b0ecfe958967ad3
63936b54f826345e37697c2a78d9d27a
2 changes: 2 additions & 0 deletions cache/RedQueen.dat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,3 +128,5 @@ d6e5e78af9fd7a7eca374ccc281ff406
e7779200c4838656a43a7f35f0ba01a3
b1a1b194a787c55f8615126978772345
8ea4c2f46f0d028f3276fff649a10d3f
d4811d28056614f9454fae338deca17b
a084cc50598abef3c908b6186c9ef5bb
Binary file modified data/cves.db
View file
Binary file not shown.
222 changes: 111 additions & 111 deletions docs/index.html
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!-- RELEASE TIME : 2024-04-29 23:22:50 -->
<!-- RELEASE TIME : 2024-04-30 03:25:17 -->
<html lang="zh-cn">

<head>
Expand Down Expand Up @@ -310,63 +310,63 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<tr>
<td>283bb3000e0fc0f85206ca19e72fc6be</td>
<td>CVE-2024-33891</td>
<td>2024-04-28 23:15:07 <img src="imgs/new.gif" /></td>
<td>2024-04-28 23:15:07</td>
<td>Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via the SOAP API in SecretServer/webservices/SSWebService.asmx. This is related to a hardcoded key, the use of the integer 2 for the Admin user, and removal of the oauthExpirationId attribute.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33891">详情</a></td>
</tr>

<tr>
<td>d05d84e1991b97aa5bcf00bf20b264f2</td>
<td>CVE-2024-33331</td>
<td>2024-04-28 23:15:07 <img src="imgs/new.gif" /></td>
<td>2024-04-28 23:15:07</td>
<td>Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-33891. Reason: This candidate is a reservation duplicate of CVE-2024-33891. Notes: All CVE users should reference CVE-2024-33891 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33331">详情</a></td>
</tr>

<tr>
<td>72b1317d4082c7b4b6d96ed0b6ada2a8</td>
<td>CVE-2024-33883</td>
<td>2024-04-28 16:15:23 <img src="imgs/new.gif" /></td>
<td>2024-04-28 16:15:23</td>
<td>The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certain pollution protection.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33883">详情</a></td>
</tr>

<tr>
<td>8a3d9e9f0be0277a2dad498aab208cd1</td>
<td>CVE-2024-25050</td>
<td>2024-04-28 13:15:08 <img src="imgs/new.gif" /></td>
<td>2024-04-28 13:15:08</td>
<td>IBM i 7.2, 7.3, 7.4, 7.5 and IBM Rational Development Studio for i 7.2, 7.3, 7.4, 7.5 networking and compiler infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privileges. IBM X-Force ID: 283242.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-25050">详情</a></td>
</tr>

<tr>
<td>e51bd18511f85dd246f6c515ec2af7ad</td>
<td>CVE-2022-48668</td>
<td>2024-04-28 13:15:08 <img src="imgs/new.gif" /></td>
<td>2024-04-28 13:15:08</td>
<td>In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in collapse range collapse range doesn't discard the affected cached region so can risk temporarily corrupting the file data. This fixes xfstest generic/031 I also decided to merge a minor cleanup to this into the same patch (avoiding rereading inode size repeatedly unnecessarily) to make it clearer.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2022-48668">详情</a></td>
</tr>

<tr>
<td>15e45ef5b7a214d58aadeca8b3096422</td>
<td>CVE-2022-48667</td>
<td>2024-04-28 13:15:08 <img src="imgs/new.gif" /></td>
<td>2024-04-28 13:15:08</td>
<td>In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in insert range insert range doesn't discard the affected cached region so can risk temporarily corrupting file data. Also includes some minor cleanup (avoiding rereading inode size repeatedly unnecessarily) to make it clearer.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2022-48667">详情</a></td>
</tr>

<tr>
<td>b694c1138e76c76fa8e0c545655608f2</td>
<td>CVE-2022-48666</td>
<td>2024-04-28 13:15:08 <img src="imgs/new.gif" /></td>
<td>2024-04-28 13:15:08</td>
<td>In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a use-after-free There are two .exit_cmd_priv implementations. Both implementations use resources associated with the SCSI host. Make sure that these resources are still available when .exit_cmd_priv is called by waiting inside scsi_remove_host() until the tag set has been freed. This commit fixes the following use-after-free: ================================================================== BUG: KASAN: use-after-free in srp_exit_cmd_priv+0x27/0xd0 [ib_srp] Read of size 8 at addr ffff888100337000 by task multipathd/16727 Call Trace: <TASK> dump_stack_lvl+0x34/0x44 print_report.cold+0x5e/0x5db kasan_report+0xab/0x120 srp_exit_cmd_priv+0x27/0xd0 [ib_srp] scsi_mq_exit_request+0x4d/0x70 blk_mq_free_rqs+0x143/0x410 __blk_mq_free_map_and_rqs+0x6e/0x100 blk_mq_free_tag_set+0x2b/0x160 scsi_host_dev_release+0xf3/0x1a0 device_release+0x54/0xe0 kobject_put+0xa5/0x120 device_release+0x54/0xe0 kobject_put+0xa5/0x120 scsi_device_dev_release_usercontext+0x4c1/0x4e0 execute_in_process_context+0x23/0x90 device_release+0x54/0xe0 kobject_put+0xa5/0x120 scsi_disk_release+0x3f/0x50 device_release+0x54/0xe0 kobject_put+0xa5/0x120 disk_release+0x17f/0x1b0 device_release+0x54/0xe0 kobject_put+0xa5/0x120 dm_put_table_device+0xa3/0x160 [dm_mod] dm_put_device+0xd0/0x140 [dm_mod] free_priority_group+0xd8/0x110 [dm_multipath] free_multipath+0x94/0xe0 [dm_multipath] dm_table_destroy+0xa2/0x1e0 [dm_mod] __dm_destroy+0x196/0x350 [dm_mod] dev_remove+0x10c/0x160 [dm_mod] ctl_ioctl+0x2c2/0x590 [dm_mod] dm_ctl_ioctl+0x5/0x10 [dm_mod] __x64_sys_ioctl+0xb4/0xf0 dm_ctl_ioctl+0x5/0x10 [dm_mod] __x64_sys_ioctl+0xb4/0xf0 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x46/0xb0</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2022-48666">详情</a></td>
</tr>

<tr>
<td>036541adee2912e10efab77a696ca4cd</td>
<td>CVE-2023-52722</td>
<td>2024-04-28 00:15:07 <img src="imgs/new.gif" /></td>
<td>2024-04-28 00:15:07</td>
<td>An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-52722">详情</a></td>
</tr>
Expand Down Expand Up @@ -1971,6 +1971,78 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<th width="43%">TITLE</th>
<th width="5%">URL</th>
</tr>
<tr>
<td>5d4011ca3e542aa85f2fcf7b406e1375</td>
<td>CVE-2024-1237</td>
<td>2024-04-30 03:23:11 <img src="imgs/new.gif" /></td>
<td>WordPress Elementor Header &amp; Footer Builder Plugin跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94368">详情</a></td>
</tr>

<tr>
<td>5e4887c8a36891f4c9662ff046faff4d</td>
<td>CVE-2024-1234</td>
<td>2024-04-30 03:23:11 <img src="imgs/new.gif" /></td>
<td>WordPress Exclusive Addons for Elementor Plugin跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94367">详情</a></td>
</tr>

<tr>
<td>a90456f5bdf04538f64f485b0d9d45d0</td>
<td>CVE-2024-1203</td>
<td>2024-04-30 03:23:11 <img src="imgs/new.gif" /></td>
<td>WordPress Conversios Plugin SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94366">详情</a></td>
</tr>

<tr>
<td>cbe4016c226e1fcd697b0b1a1ef33fd3</td>
<td>CVE-2024-1176</td>
<td>2024-04-30 03:23:11 <img src="imgs/new.gif" /></td>
<td>WordPress HT Easy GA4 – Google Analytics Plugin未经授权数据访问漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94365">详情</a></td>
</tr>

<tr>
<td>5138e8a59588f2fdfb6e58cff33882b0</td>
<td>CVE-2024-1158</td>
<td>2024-04-30 03:23:11 <img src="imgs/new.gif" /></td>
<td>WordPress Post Form Plugin未经授权数据访问漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94364">详情</a></td>
</tr>

<tr>
<td>152a7bb91f87e8da910d97151ed7ac6c</td>
<td>CVE-2024-1293</td>
<td>2024-04-30 03:23:11 <img src="imgs/new.gif" /></td>
<td>WordPress Brizy – Page Builder Plugin跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94363">详情</a></td>
</tr>

<tr>
<td>17def008fc2e8dd8b4415244a2cfb72c</td>
<td>CVE-2024-1291</td>
<td>2024-04-30 03:23:11 <img src="imgs/new.gif" /></td>
<td>WordPress Brizy – Page Builder Plugin跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94362">详情</a></td>
</tr>

<tr>
<td>01f6c023aab5ca9de3a428fe2ebbf938</td>
<td>CVE-2024-1311</td>
<td>2024-04-30 03:23:11 <img src="imgs/new.gif" /></td>
<td>WordPress Brizy – Page Builder Plugin任意文件上传漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94361">详情</a></td>
</tr>

<tr>
<td>614cbb75e91c0d1286da303e42b60e70</td>
<td>CVE-2024-1296</td>
<td>2024-04-30 03:23:11 <img src="imgs/new.gif" /></td>
<td>WordPress Brizy – Page Builder Plugin跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94360">详情</a></td>
</tr>

<tr>
<td>c3f6e3bb8498997f29d786ca0343fbf9</td>
<td>CVE-2024-0828</td>
Expand Down Expand Up @@ -2092,123 +2164,51 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
</tr>

<tr>
<td>260b354bee236a1b284ebbbd39a7e4a2</td>
<td>CVE-2024-27317</td>
<td>2024-04-28 11:17:08 <img src="imgs/new.gif" /></td>
<td>Apache Pulsar Proxy目录遍历漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94195">详情</a></td>
</tr>

<tr>
<td>5d6c5aa176f82b2417aead0f271b78ba</td>
<td>CVE-2023-42308</td>
<td>2024-04-28 11:17:08 <img src="imgs/new.gif" /></td>
<td>Exam Form Submission跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94194">详情</a></td>
</tr>

<tr>
<td>69f577ce89d9d06d287540ce2c67bc0a</td>
<td>CVE-2023-30968</td>
<td>2024-04-28 11:17:08 <img src="imgs/new.gif" /></td>
<td>Palantir Gotham Gaia跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94193">详情</a></td>
</tr>

<tr>
<td>a8a8bd2e5e73412845e45dfe1ce89f01</td>
<td>CVE-2024-28112</td>
<td>2024-04-28 11:17:08 <img src="imgs/new.gif" /></td>
<td>Peering Manager跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94192">详情</a></td>
</tr>

<tr>
<td>92aafe9479b5cc923d4cb1aa223fd3b5</td>
<td>CVE-2024-28114</td>
<td>2024-04-28 11:17:08 <img src="imgs/new.gif" /></td>
<td>Peering Manager服务器端模板注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94191">详情</a></td>
</tr>

<tr>
<td>6ce4fcc151227b2a5faaa4e4fbd4299d</td>
<td>CVE-2024-28113</td>
<td>2024-04-28 11:17:08 <img src="imgs/new.gif" /></td>
<td>Peering Manager输入验证错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94190">详情</a></td>
</tr>

<tr>
<td>16b5db64a699251472f795198091cc8f</td>
<td>CVE-2024-28186</td>
<td>2024-04-28 11:17:08 <img src="imgs/new.gif" /></td>
<td>FreeScout信息泄露漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94189">详情</a></td>
</tr>

<tr>
<td>d5a22e39f9026fcd989025e79e89404e</td>
<td>CVE-2023-42307</td>
<td>2024-04-28 11:17:08 <img src="imgs/new.gif" /></td>
<td>Exam Form Submission跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94188">详情</a></td>
</tr>

<tr>
<td>d7324189e859ff866c9680022a8d1ad8</td>
<td>CVE-2024-2031</td>
<td>2024-04-28 11:17:08 <img src="imgs/new.gif" /></td>
<td>WordPress Video Conferencing with Zoom Plugin跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94187">详情</a></td>
</tr>

<tr>
<td>91588dad38ee92399a60d15837aefcd1</td>
<td>CVE-2024-2030</td>
<td>2024-04-28 11:17:08 <img src="imgs/new.gif" /></td>
<td>WordPress CWW Companion Zoom Plugin跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94186">详情</a></td>
<td>cdf22a4762a00b817b34982257e1611a</td>
<td>CVE-2023-51698</td>
<td>2024-04-29 03:23:11 <img src="imgs/new.gif" /></td>
<td>MATE Desktop Atril 操作系统命令注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94359">详情</a></td>
</tr>

<tr>
<td>01c57f7ce68992765e7fc7a2812ed9cd</td>
<td>CVE-2024-26529</td>
<td>2024-04-28 11:17:08 <img src="imgs/new.gif" /></td>
<td>libIEC61850拒绝服务漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94185">详情</a></td>
<td>05b8250fda511d5eb2bbaae002f809c8</td>
<td>CVE-2024-0467</td>
<td>2024-04-29 03:23:11 <img src="imgs/new.gif" /></td>
<td>Employee Profile Management System跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94358">详情</a></td>
</tr>

<tr>
<td>29976e7ce0bb7076240ae6a2efccbde4</td>
<td>CVE-2024-27440</td>
<td>2024-04-28 11:17:08 <img src="imgs/new.gif" /></td>
<td>Toyoko Inn Official App信息泄露漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94184">详情</a></td>
<td>86672e745e4a1326778264bc68d88e61</td>
<td>CVE-2010-10011</td>
<td>2024-04-29 03:23:11 <img src="imgs/new.gif" /></td>
<td>Acritum Femitter Server路径遍历漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94357">详情</a></td>
</tr>

<tr>
<td>4c09cf8a1219d84cbcb2ca987712ad21</td>
<td>CVE-2018-25090</td>
<td>2024-04-28 11:17:08 <img src="imgs/new.gif" /></td>
<td>WAGO Controller BACnet跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94183">详情</a></td>
<td>d8c2187333424069680d896e5e9ca3e3</td>
<td>CVE-2024-0466</td>
<td>2024-04-29 03:23:11 <img src="imgs/new.gif" /></td>
<td>Employee Profile Management System SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94356">详情</a></td>
</tr>

<tr>
<td>ca0cfd5813dfad4b92ff1c27d0a4d783</td>
<td>CVE-2024-28098</td>
<td>2024-04-28 11:17:08 <img src="imgs/new.gif" /></td>
<td>Apache Pulsar Proxy授权错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94182">详情</a></td>
<td>152510ee40988d3c5b0ecfe958967ad3</td>
<td>CVE-2024-0465</td>
<td>2024-04-29 03:23:11 <img src="imgs/new.gif" /></td>
<td>Employee Profile Management System路径遍历漏洞(CVE-2024-0465 )</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94355">详情</a></td>
</tr>

<tr>
<td>c22e552943f233dc62b0d732ffadf389</td>
<td>CVE-2024-27894</td>
<td>2024-04-28 11:17:08 <img src="imgs/new.gif" /></td>
<td>Apache Pulsar Proxy输入验证错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94181">详情</a></td>
<td>63936b54f826345e37697c2a78d9d27a</td>
<td>CVE-2024-0464</td>
<td>2024-04-29 03:23:11 <img src="imgs/new.gif" /></td>
<td>Online Faculty Clearance SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/94354">详情</a></td>
</tr>

</tbody>
Expand Down

0 comments on commit 2037e28

Please sign in to comment.