Updated by Github Bot

EXP-Tools · Apr 29, 2024 · 3715eb8 · 3715eb8
1 parent 08d685d
commit 3715eb8
Show file tree

Hide file tree

Showing 3 changed files with 91 additions and 81 deletions.
diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat
@@ -152,3 +152,13 @@ bc09b78c09a5b978d460eff981fcd587
 10b776c639a93a52efc1595d29ebb1ff
 58dc9da724df1ed817a582e981cb878c
 37e3976c624807003698398db6604cc0
+e3bf125cf831009947f3bbfd387a6c6f
+71ba3a0585bb83f9918a0bb9ea6f7800
+9dda4efd60143ba6b827d4bb0bff77fe
+283bb3000e0fc0f85206ca19e72fc6be
+d05d84e1991b97aa5bcf00bf20b264f2
+72b1317d4082c7b4b6d96ed0b6ada2a8
+8a3d9e9f0be0277a2dad498aab208cd1
+e51bd18511f85dd246f6c515ec2af7ad
+15e45ef5b7a214d58aadeca8b3096422
+b694c1138e76c76fa8e0c545655608f2
diff --git a/data/cves.db b/data/cves.db
diff --git a/docs/index.html b/docs/index.html
@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2024-04-29 03:25:33 -->
+<!-- RELEASE TIME : 2024-04-29 05:29:42 -->
 <html lang="zh-cn">
 
  <head>
@@ -283,6 +283,86 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <th width="43%">TITLE</th>
        <th width="5%">URL</th>
       </tr>
+      <tr>
+       <td>e3bf125cf831009947f3bbfd387a6c6f</td>
+       <td>CVE-2024-4296</td>
+       <td>2024-04-29 02:15:06 <img src="imgs/new.gif" /></td>
+       <td>The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-4296">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>71ba3a0585bb83f9918a0bb9ea6f7800</td>
+       <td>CVE-2024-33903</td>
+       <td>2024-04-29 01:15:09 <img src="imgs/new.gif" /></td>
+       <td>In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pedestrians or bicycles, in part because the collision sensor function is not exposed to the Blueprint library.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33903">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>9dda4efd60143ba6b827d4bb0bff77fe</td>
+       <td>CVE-2024-33899</td>
+       <td>2024-04-29 00:15:07 <img src="imgs/new.gif" /></td>
+       <td>RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI escape sequences.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33899">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>283bb3000e0fc0f85206ca19e72fc6be</td>
+       <td>CVE-2024-33891</td>
+       <td>2024-04-28 23:15:07 <img src="imgs/new.gif" /></td>
+       <td>Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via the SOAP API in SecretServer/webservices/SSWebService.asmx. This is related to a hardcoded key, the use of the integer 2 for the Admin user, and removal of the oauthExpirationId attribute.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33891">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>d05d84e1991b97aa5bcf00bf20b264f2</td>
+       <td>CVE-2024-33331</td>
+       <td>2024-04-28 23:15:07 <img src="imgs/new.gif" /></td>
+       <td>Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-33891. Reason: This candidate is a reservation duplicate of CVE-2024-33891. Notes: All CVE users should reference CVE-2024-33891 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33331">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>72b1317d4082c7b4b6d96ed0b6ada2a8</td>
+       <td>CVE-2024-33883</td>
+       <td>2024-04-28 16:15:23 <img src="imgs/new.gif" /></td>
+       <td>The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certain pollution protection.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33883">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>8a3d9e9f0be0277a2dad498aab208cd1</td>
+       <td>CVE-2024-25050</td>
+       <td>2024-04-28 13:15:08 <img src="imgs/new.gif" /></td>
+       <td>IBM i 7.2, 7.3, 7.4, 7.5 and IBM Rational Development Studio for i 7.2, 7.3, 7.4, 7.5 networking and compiler infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privileges. IBM X-Force ID: 283242.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-25050">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>e51bd18511f85dd246f6c515ec2af7ad</td>
+       <td>CVE-2022-48668</td>
+       <td>2024-04-28 13:15:08 <img src="imgs/new.gif" /></td>
+       <td>In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in collapse range collapse range doesn't discard the affected cached region so can risk temporarily corrupting the file data. This fixes xfstest generic/031 I also decided to merge a minor cleanup to this into the same patch (avoiding rereading inode size repeatedly unnecessarily) to make it clearer.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2022-48668">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>15e45ef5b7a214d58aadeca8b3096422</td>
+       <td>CVE-2022-48667</td>
+       <td>2024-04-28 13:15:08 <img src="imgs/new.gif" /></td>
+       <td>In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in insert range insert range doesn't discard the affected cached region so can risk temporarily corrupting file data. Also includes some minor cleanup (avoiding rereading inode size repeatedly unnecessarily) to make it clearer.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2022-48667">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>b694c1138e76c76fa8e0c545655608f2</td>
+       <td>CVE-2022-48666</td>
+       <td>2024-04-28 13:15:08 <img src="imgs/new.gif" /></td>
+       <td>In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a use-after-free There are two .exit_cmd_priv implementations. Both implementations use resources associated with the SCSI host. Make sure that these resources are still available when .exit_cmd_priv is called by waiting inside scsi_remove_host() until the tag set has been freed. This commit fixes the following use-after-free: ================================================================== BUG: KASAN: use-after-free in srp_exit_cmd_priv+0x27/0xd0 [ib_srp] Read of size 8 at addr ffff888100337000 by task multipathd/16727 Call Trace: <TASK> dump_stack_lvl+0x34/0x44 print_report.cold+0x5e/0x5db kasan_report+0xab/0x120 srp_exit_cmd_priv+0x27/0xd0 [ib_srp] scsi_mq_exit_request+0x4d/0x70 blk_mq_free_rqs+0x143/0x410 __blk_mq_free_map_and_rqs+0x6e/0x100 blk_mq_free_tag_set+0x2b/0x160 scsi_host_dev_release+0xf3/0x1a0 device_release+0x54/0xe0 kobject_put+0xa5/0x120 device_release+0x54/0xe0 kobject_put+0xa5/0x120 scsi_device_dev_release_usercontext+0x4c1/0x4e0 execute_in_process_context+0x23/0x90 device_release+0x54/0xe0 kobject_put+0xa5/0x120 scsi_disk_release+0x3f/0x50 device_release+0x54/0xe0 kobject_put+0xa5/0x120 disk_release+0x17f/0x1b0 device_release+0x54/0xe0 kobject_put+0xa5/0x120 dm_put_table_device+0xa3/0x160 [dm_mod] dm_put_device+0xd0/0x140 [dm_mod] free_priority_group+0xd8/0x110 [dm_multipath] free_multipath+0x94/0xe0 [dm_multipath] dm_table_destroy+0xa2/0x1e0 [dm_mod] __dm_destroy+0x196/0x350 [dm_mod] dev_remove+0x10c/0x160 [dm_mod] ctl_ioctl+0x2c2/0x590 [dm_mod] dm_ctl_ioctl+0x5/0x10 [dm_mod] __x64_sys_ioctl+0xb4/0xf0 dm_ctl_ioctl+0x5/0x10 [dm_mod] __x64_sys_ioctl+0xb4/0xf0 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x46/0xb0</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2022-48666">详情</a></td>
+      </tr>
+
       <tr>
        <td>036541adee2912e10efab77a696ca4cd</td>
        <td>CVE-2023-52722</td>
@@ -443,86 +523,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-3052">详情</a></td>
       </tr>
 
-      <tr>
-       <td>34ba522c94cfe9e63a33aff7ea31855b</td>
-       <td>CVE-2024-3051</td>
-       <td>2024-04-26 22:15:08</td>
-       <td>Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end device. Any frames sent by the end device will not be acknowledged by the gateway during this time.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-3051">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>8f3321759648d249f49a4727f56f0699</td>
-       <td>CVE-2024-28322</td>
-       <td>2024-04-26 22:15:07</td>
-       <td>SQL Injection vulnerability in /event-management-master/backend/register.php in PuneethReddyHC Event Management 1.0 allows attackers to run arbitrary SQL commands via the event_id parameter in a crafted POST request.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-28322">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>9e95c83848c0c8eaab3691d3162c11e5</td>
-       <td>CVE-2024-33664</td>
-       <td>2024-04-26 00:15:09</td>
-       <td>python-jose through 3.3.0 allows attackers to cause a denial of service (resource consumption) during a decode via a crafted JSON Web Encryption (JWE) token with a high compression ratio, aka a "JWT bomb." This is similar to CVE-2024-21319.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33664">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>833d642405bd8fc62c742ed1f028d092</td>
-       <td>CVE-2024-33663</td>
-       <td>2024-04-26 00:15:09</td>
-       <td>python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33663">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>ad026c74765186ac5d13d15335c1ab86</td>
-       <td>CVE-2024-33661</td>
-       <td>2024-04-26 00:15:08</td>
-       <td>Portainer before 2.20.0 allows redirects when the target is not index.yaml.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33661">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>3cce5f0e35b493fc016e1a625895198a</td>
-       <td>CVE-2024-32868</td>
-       <td>2024-04-26 00:15:08</td>
-       <td>ZITADEL provides users the possibility to use Time-based One-Time-Password (TOTP) and One-Time-Password (OTP) through SMS and Email. While ZITADEL already gives administrators the option to define a `Lockout Policy` with a maximum amount of failed password check attempts, there was no such mechanism for (T)OTP checks. This issue has been patched in version 2.50.0.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-32868">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>e0fa8f91ec33c169e5dbb7a09106ce9e</td>
-       <td>CVE-2024-32651</td>
-       <td>2024-04-26 00:15:08</td>
-       <td>changedetection.io is an open source web page change detection, website watcher, restock monitor and notification service. There is a Server Side Template Injection (SSTI) in Jinja2 that allows Remote Command Execution on the server host. Attackers can run any system command without any restriction and they could use a reverse shell. The impact is critical as the attacker can completely takeover the server machine. This can be reduced if changedetection is behind a login page, but this isn't required by the application (not by default and not enforced).</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-32651">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>b85204ab61164bbbea71be1be077589c</td>
-       <td>CVE-2024-0916</td>
-       <td>2024-04-25 23:15:46</td>
-       <td>Unauthenticated file upload allows remote code execution. This issue affects UvDesk Community: from 1.0.0 through 1.1.3.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-0916">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>039b66811d5fa56e26df7ee0a647f104</td>
-       <td>CVE-2024-3265</td>
-       <td>2024-04-25 22:15:09</td>
-       <td>The Advanced Search WordPress plugin through 1.1.6 does not properly escape parameters appended to an SQL query, making it possible for users with the administrator role to conduct SQL Injection attacks in the context of a multisite WordPress configurations.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-3265">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>e1b455f9593bd816c307679a43d85fcd</td>
-       <td>CVE-2024-31610</td>
-       <td>2024-04-25 22:15:08</td>
-       <td>File Upload vulnerability in the function for employees to upload avatars in Code-Projects Simple School Management System v1.0 allows attackers to run arbitrary code via upload of crafted file.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-31610">详情</a></td>
-      </tr>
-
      </tbody>
     </table>
    </div>