From 7304bab154790ab63cd38520fbfffbb5ad15e1bc Mon Sep 17 00:00:00 2001
From: Github-Bot <github-bot@example.com>
Date: Fri, 29 Mar 2024 03:23:20 +0000
Subject: [PATCH] Updated by Github Bot

---
 cache/Nsfocus.dat  |  15 +++++++++++++++
 cache/RedQueen.dat |   1 +
 data/cves.db       | Bin 46866432 -> 46870528 bytes
 docs/index.html    |  38 +++++++++++++++++++-------------------
 4 files changed, 35 insertions(+), 19 deletions(-)

diff --git a/cache/Nsfocus.dat b/cache/Nsfocus.dat
index cb42fbe874d..e2bc997149d 100644
--- a/cache/Nsfocus.dat
+++ b/cache/Nsfocus.dat
@@ -184,3 +184,18 @@ a922b2c7de692d79941e628db6b4d7f5
 050964d6373ff197b4908c1db3031af3
 dbcf756a3eb3244d57f16de8befcdb84
 507a7a2f2e430a8278d48370f074ee96
+0801fe221df23a2ee3acb50a0ae0caa1
+ae318434389a31d9460b94abdb3bcec6
+0267a45b40925f9ebc88a91ba8bb4e49
+cae326cd4089f9cfe5ab06c212ff2d86
+cddc2dd3fe2662e7f1ae27b1e6e006d1
+d0215d8bb376b8c212214d9fd6c72793
+eb62f26f2976517e26a246c4600ffcfa
+199b2909e2b49abadb3a216cd9303079
+e206dfe989a070a1552f49615f2e07bf
+1543b6b44cc18ddd8f158a647711d6f8
+b53d57e8aadcab53c1c9ea0b442643d1
+c24346163d04f890b913b82c54a10e14
+ae7ee41a459ae9f8dc5b00a326731679
+d3428d60f2f2642a00569f7497e0cb52
+1c80bf7b715200ffc51a9cb078fcdc93
diff --git a/cache/RedQueen.dat b/cache/RedQueen.dat
index d3fa131bcd6..b7eb7491095 100644
--- a/cache/RedQueen.dat
+++ b/cache/RedQueen.dat
@@ -130,3 +130,4 @@ e191ff9c800333d8f9447871dc4baf12
 7e5fdbfdc3b1edd8c9d0f499121aa492
 2b3aba82386cc921c94da59b66b311d2
 57c45164ac489c479f1a912479305228
+f1c7bb45161c38412c0ec04359cbc478
diff --git a/data/cves.db b/data/cves.db
index 9f2d8841a4c7446fd4ee8cf3e6edf55b656c278d..5333bd6b068c191eec75065e755bc79bc43ee14d 100644
GIT binary patch
delta 4570
zcmZ|RcX$-#76x##5FkM4y)Gyq$m;anu?GZ10t7)65jnF{NF-!q5~>AOd{scIB_iUA
zVr2zUF#>8p0R?;S8Vh0<d%xay@bS42p8Ln|1oFqcbIzRagZbOD9p~3&J1*~*JE%c}
zK@YBoo|-c#Esz{Y1kw=F2$BnF3~2&s3dw^sgEWV<faF73LRvvuL)t*vLfS#vLpne@
zLOMY@L%Kk^Lb^e^LwZ1ZLV7`>klv6!kfR_+L;6DcLHa|Efee5Qgd7VQ1c^b8gB%Z0
zASy(I=nw;9LM%uel7QHd6Cfu-PJ)~aIR$bm<TOYDWH4k1<aEeT$S}xo$Qh6kkTW48
zA%&1pkkODakRr%f$XSqaknxbSArm0yK+c6sgq#PN1UVlv8FB$+3WW1<AW4V|@gP1V
zfJ}uHLrNeQLZ(4VA=4pckQAgGauK8gQVFSo%z(^<%!15@%z?~>TnxDcaw+68$UMk=
zNE&iEWC7#~2q0HNu7X?*SqNDKSq!-bvIMdevJA2uvI4RaaxLUK$n}sLAk~l?A*&!a
zK~_U<hOB|y0?9ybg{+0#2Du%w4sr+NPRL!5yCL^L?uD#}WFhxKHb6E)?uTrGJOFtR
z@(^S*<Y7n+<Ppdg$X3WU$fJ<QAdf?8A=@E4AWuM^gzSXug6xJo1$i2>2eKFP4CGnJ
zbCBmDFF;;|yaag}@(Sct$ZL?-A#Xt5guDfL8}bh1UC4Wo_aPrZ>L4FNK7xD<`2?~L
z@+o9L<TJ?UkS`!#LcW504fzK0E#v^?JIMEtA0R(MeuDfA`33ST<TuFgkUt=QLjHpM
z2lDqq$yp*f6rqOHh;pehHKC@IN6n}?wV-@zNv)_gwV}4uj@nZP>PVfaGj*Y^)Q!4R
z59&$1C`!Gl4;@8EQ(x*w{plDQKm+Mm8bmQVj*cgVRMJQ%gG{n0P6@K<1UivUqLb+q
zI+aeN0vb$1=yV!N!)Q32K_lo)8cBsTibm5IDx$G;7LB9vbT&<(bLd=}NaxWcI-e%f
z1vG`i`8$*(mpt+*ps7?$C3GQ8qf(kqWt5_Fx`-;MlB#G1&7@g0o9575x|lAZOX)J2
zNAoF7m(v2ef<RZ&Rdh8iq(!utuAwEgl$OzQT0tx6TDp#|ryHo6ZlqOo6RoD3X${>%
z8M>9$(rt7*t)n~WPP&WkrhDjKT2EQJk2cUox}P@D1N0z0M4Rbhs-Z_{3vH!s^e8<>
zk5eserycYJJxM!h7wx8}=xN$Rd+8Z^mY$>M=>>X`UZR)j6?&Ckqu1#TdXwIwx9J^v
zm)@iI=>w{x59uTNm_DI>^eOG9&**ddg1)4$=xh3hzNG{79eqzf(2w*J{Y<~muk;)J
zPJhs!^cVey{?1t_5gvbvP(x}&xzw1NP*cjIX4IToP(HP!R@9o>P+Mw8?WqHGq)ybC
zx=>f@M%}3g^`u@DrQXzsj-sQfFZHATbPNrkfpjblq8J@V$CE-TX{3`uCRr4x1le=~
zok%Cq$#e>xN~ci)4W=P<It`^^G@Q<$5p*Vvq(T}+qiGBk(O5c*#?g2>n<mgXbS_P#
z^Jo&CPm}2annL0H9ZHf*9{Ci|R4S$tx{#((DNUy`N>MpoL={v?RWyTU(kz-yb7(GI
zOqbB5bQ#T~`IM&1X#rh9peyMrx|$Z!B3ew>&=Oio%V;^Rpp|qjT}Ri`4OC4x(ki-%
zR@2S2hHjw@-AZfeHoBeG(H(Rr-9>lPJ#;Uvr!3t^8)zflPn+lgdXOHX&Gc~OF{z2H
z`=IIOhHDyx|Jkc;QCAZwZWw9Vv3BOiH4(j8b(^~DQ@Mj4K(^<y9^ceNSRM(>mauFM
z%eJsQ8kWbx@_1Nk!?HarJHqlrSe^{a&amtX%kHo|6_%&NvL{m8<D0#a{k?m(Y%r-o
z{%6f!&ikUtDUF@n(nf0<wP=`%yd2ST7B~2{x^>+;drZ1B->2!QE(0d&`Q!Ygr3IQ5
zXm;E()wr)&j%HY{VJS)wxPh~OTkZbUnIRK~#xzAUVw!F#=J4TX4~v$TI@6uw-173w
zhcE7qL^B_Jx;N4!Gpz4jkv?N=&C;}VOJsX6rvGrpc#5W)ULu*)<5n`^YO1EGhGz$!
z<;JzRt=EfD4Bad!n^RR>QZ}`)u)1KP*)FrZU{543Q^%Ob|HOD<jGpd;Z1=F6>5Oqb
z&(%Cn57>vL`SCz?d@Y_-ealxA%To`F(PM^fTgr$sFBKb?DvcJMHD=g|(L=|_MvSg3
z_or2*Dx#yuXEyEI9qD>#cT>VxBi#+zZei?{FxK&P&2l|MN!Wqy2EOSe6)WsA2sAHY
z9TBUl#@N)<vXWp<bi$}{(IKTJepyv?LWw`iugGlLwIR|j^EMl8@lT_}!bCItY+e8T
zY>H;Z9m7l-imjP}?I+zt!m-t)!x0<4Vb@R86;rJ)sL5}i$&R}+(jikfcn`;T$S{Y7
z8CICl<=+f8r6vsB&=a<!tDeoBNZN*z^pbkg_1*ei>56SvpH`FKq57SddbiCi{~>(;
zA>4<)Bg1FM(=Cwg96q~%6H^k3%8#U}UZClY=KH$iCQZdr9A9xA=kO23wX;+$k#s6K
zor|h#BHbG4G0n~t@ZtS)IRM+PUDN)Vh}*nNJ`ZAEUQL5mV_UAw|1N)Ei`C7)Zhlg;
z>b#mZtvB46TN5oB@oU2g=}E};Z^l<i_iB)zHUrg-b8Mz+sji+dRLxa<H(Wv6O}a)r
zv487r`<5^L-x)A;+b;CWt5Rh#cY0;?pFg_OGiz7h6A9)iPGCBYrN?wdQ(}g1`Y}hf
zy%_g`(=(Ess-2D^+b^6&31^|Y2_+fClX2D54xTzwb(pNg6M^fwN1P2U&IgPs_sgQA
z{TUTbDSuSWN>xmY4xQ~5J7v{5ZxnXQtUs`qhvne(!|hRx^dMyW=J7P9a~SFAhL-Rw
zB?!;Hp*f0TT6PdO>^R4tG_}Ll$B3y3&CI0V+z~k@Q@g2I&i`2-)l3gS_Gq@%|59c+
ze%$vBm0M~%z8xey*Gwvk!-K*GtoY$8dN9K{m@y!uZ0V5GHnY89y%jAC8?n;OkUc6K
z-O0>wHSQ;Wse6hMBy8@dswWegYZ{KK_^MH_4=t|h`l!O7G&L)ep1Ct}*tvGY$H&uy
zk?nJEPBA_|Y3iOC_Y;oexeov0s;=!jO42YmHoe|`684}f=cFpUq6)vVGFntRV`@oR
zw4lN*E}2<US@qHUYcs8u9UtkOSsvGNI#ic0=*j!6{z04^zD6S59ogPtmk!@TH4Qy!
zG1PU{gy(sQKs6JNWyIsE>RCaeewV7Ls0HPz%BqS~d9fd@bjnJqO6K~p;;QM@oBCbV
zF{5;PDw2EXoi;BFwbLgc8)feU(%qQqYrHW7-{$F8;)<i1rWP2srJ8}}EAeDdKh?BV
z^N8k){MmkKWpr4D??=Z~rQB)JqT*Cls`AsDm+V`#cHgSI_pjgh*~Xeo-AbFE{J@qc
z4}Y&xzL%z?2O`@mT&sEEFl;-i*^2FJNyB!M4sRnzQ+fH?x}qybu9a#X`BsA~O6Jaq
m@_R&!oT+|v@QjjDk5|i%-v{$*Jg`3e7v_+wkvEK`ss9CVqjod^

delta 2716
zcmWmGRdW>v6h&cj69^C_xCIj2-QC^YVdL)ZK{gQFJp|X_5<Iw8sVlTVOKD5pb=`+=
z{eV4lW=`zm#O$$G6SJ?%lQJqric%+6$J7mpnky^B3Rt05n3d8>WrbU*tu$6zE5b@=
zrMEIz8Ldbwla<-ZVr8|mS=p@|R!%FImD|c=MOk^Rd{(p-W97FBSOu*@R$;4%Rn#hG
z6}L)QC9P6cX{(G?)+%R}w<=f_tx8s9tBO_Cs%BNUYFIU`T2^hVj#byHXVteFSPiX4
zR%5G))zoTcHMd$=Ev;5oYpadb)@o<9w>nrItxi^FtBcju>SlGfdRRTJURH0bkJZ;=
zpMF+<Yk)P-8e|Q&hFC+bVb*YKgf-F{WsSDRSYxem)_7}zHPM=6O}3_3Q>|&%bZdq+
z)0$<?w&qx|)?90zHQ!ob*;;5VvKCu$))H%}wai*>t*};FtE|=58f&e!&RTD6ur^wo
ztj*RIYpb=*inq2~3Dyp4r?t!4ZSAr4TKla1)&c9Fb;vqwC0a+Uqt-F&xOKuhX`Ql8
zTW74ZR+4qjI&WRDE?SqY%hnYu*}7_7v#wh=tee&?>$Y{rx@+CD?pqJ6SFBg9*R0pA
zH>@|Uht^xx+txeQyViTw`_>26ht@~d$JQs-r`99uvGtktx%I?)YCW^Qu)egOTVGi(
ztgo$atZ%KC)_2zT)(_T?)=$>Y)-Tqt)^FDD)*sfN)?e1&)<4$2)_-vdS*{QS5Q;FQ
zL@I<MHPRq0B9IR0kpUSIiA>0hEXay%$c`MyiCoByJcvSG<U=%KkRJt55QR_}MNkyQ
zP#h&t5~WZYWl$F7P#zUf5tUFGRZtbxP#rZ;6SYtqbx;@eP#+D@5RK3nP0$q0&>St$
z60Oi0ZO|6&&>kJo5uMN(UC<TX&>cO{6TQ$Ieb5)d{rjOm24EltVK9bZD28D;MqngH
zVKl~IEXH9xCSW2aVKSy*DyCsNW?&{}VK(L<7IQHV^RWQNLM*~!#9;}RVi}fW1y*7e
zR$~p;Vjb3F12$q4He(C6VjJSI9SPWho!Eul*n_>;hy6H!gE)l4NW>8w#W5Vm37o_!
zoW>cPMH0^8JTBlOF5xn+AQ@M24cBo4H*pKMaR+yC5BKo^ui#a@hS%{1-o!(^g}3nz
z-o<-(A0OaDe1wnj2|mRmJjQ4E98d5R&+rAl#B+Rw7x)_A;9I=JclaJZ;79y~pYaQR
z#c%i>f8bC2g}?C+{>6VGaSCw$2p|+;NQqPkM{1-&T0|fn(jx;hA`+R98Cj4O*^nJM
zkQ2F(8+j0gyvT=W#2`NkpdbpNFp8ikilI14pd?D6G|HeX%Aq_epdu=vGOC~|s-Ze+
zpeAaeHtL`*>Y+XwpdlKeF`A$$nxQ#bpe0(NHQJyp+Mzu<pd&h=GrFKFx}iIIpeK5v
zH~OG2g8TPFe+<At48mXx!B7mtaE!o6jKXM)!B~vLcuc@VOu}SL!BkAcbj-j^%))HU
zK`iEC9_C{KjD=W)#fZZaEX6V`#|o^(Dy+sDti?L4#|CV~CTzwQY{fRjV>=SC13R$`
zyRip*u@C!k00(ghhmnXQIErI9juSYEQ#g$?I2*XEq`;m>sZWQ-rwBfK$>|;^1%`$u
z#5_$36iD9iBq@+3Z9=AUTLY6<M!!r7kaNMD59UHJ7lXMJ%;jLN1d|-h)nKj#b3K?F
z!Q2eyRxr1Nxf9IYVD1HyqhH<+Jj)*$9u}V>{qu;2X<mfaN!2gq$mGa&yF=o_lH;>J
I2n>k$A73{Q00000

diff --git a/docs/index.html b/docs/index.html
index b5e3fa8a76b..f4a59bcda84 100644
--- a/docs/index.html
+++ b/docs/index.html
@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2024-03-28 23:22:43 -->
+<!-- RELEASE TIME : 2024-03-29 03:23:19 -->
 <html lang="zh-cn">
 
  <head>
@@ -366,7 +366,7 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       <tr>
        <td>33d0e57d9db3c6c3b559de307050207b</td>
        <td>CVE-2024-2992</td>
-       <td>2024-03-27 19:15:50 <img src="imgs/new.gif" /></td>
+       <td>2024-03-27 19:15:50</td>
        <td>A vulnerability was found in Tenda FH1203 2.0.1.6 and classified as critical. This issue affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258161 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-2992">详情</a></td>
       </tr>
@@ -374,7 +374,7 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       <tr>
        <td>6e23175ff4cb5dd254deabc4209b8a8b</td>
        <td>CVE-2024-2991</td>
-       <td>2024-03-27 19:15:49 <img src="imgs/new.gif" /></td>
+       <td>2024-03-27 19:15:49</td>
        <td>A vulnerability has been found in Tenda FH1203 2.0.1.6 and classified as critical. This vulnerability affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258160. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-2991">详情</a></td>
       </tr>
@@ -382,7 +382,7 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       <tr>
        <td>4d3518df25ba82e5e81b3e2583614491</td>
        <td>CVE-2024-2990</td>
-       <td>2024-03-27 19:15:49 <img src="imgs/new.gif" /></td>
+       <td>2024-03-27 19:15:49</td>
        <td>A vulnerability, which was classified as critical, was found in Tenda FH1203 2.0.1.6. This affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258159. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-2990">详情</a></td>
       </tr>
@@ -390,7 +390,7 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       <tr>
        <td>f39c5ea69f65484f392135733c72be61</td>
        <td>CVE-2024-29888</td>
-       <td>2024-03-27 19:15:49 <img src="imgs/new.gif" /></td>
+       <td>2024-03-27 19:15:49</td>
        <td>Saleor is an e-commerce platform that serves high-volume companies. When using `Pickup: Local stock only` click-and-collect as a delivery method in specific conditions the customer could overwrite the warehouse address with its own, which exposes its address as click-and-collect address. This issue has been patched in versions: `3.14.61`, `3.15.37`, `3.16.34`, `3.17.32`, `3.18.28`, `3.19.15`.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-29888">详情</a></td>
       </tr>
@@ -398,7 +398,7 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       <tr>
        <td>333ec6180781ae141cb0c450577916ef</td>
        <td>CVE-2024-29887</td>
-       <td>2024-03-27 19:15:49 <img src="imgs/new.gif" /></td>
+       <td>2024-03-27 19:15:49</td>
        <td>Serverpod is an app and web server, built for the Flutter and Dart ecosystem. This bug bypassed the validation of TSL certificates on all none web HTTP clients in the `serverpod_client` package. Making them susceptible to a man in the middle attack against encrypted traffic between the client device and the server. An attacker would need to be able to intercept the traffic and highjack the connection to the server for this vulnerability to be used. Upgrading to version `1.2.6` resolves this issue.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-29887">详情</a></td>
       </tr>
@@ -406,7 +406,7 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       <tr>
        <td>51c2259968bacc5c138fc00ab7eb2a5e</td>
        <td>CVE-2024-29886</td>
-       <td>2024-03-27 19:15:49 <img src="imgs/new.gif" /></td>
+       <td>2024-03-27 19:15:49</td>
        <td>Serverpod is an app and web server, built for the Flutter and Dart ecosystem. An issue was identified with the old password hash algorithm that made it susceptible to rainbow attacks if the database was compromised. This vulnerability is fixed by 1.2.6.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-29886">详情</a></td>
       </tr>
@@ -414,7 +414,7 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       <tr>
        <td>098236b02fe342fe9c0c9011594ef6bc</td>
        <td>CVE-2024-28860</td>
-       <td>2024-03-27 19:15:48 <img src="imgs/new.gif" /></td>
+       <td>2024-03-27 19:15:48</td>
        <td>Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key recovery, replay attacks by a man-in-the-middle attacker. These attacks are possible due to an ESP sequence number collision when multiple nodes are configured with the same key. Fixed versions of Cilium use unique keys for each IPsec tunnel established between nodes, resolving all of the above attacks. This vulnerability is fixed in 1.13.13, 1.14.9, and 1.15.3.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-28860">详情</a></td>
       </tr>
@@ -422,7 +422,7 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       <tr>
        <td>bd4dca8f999b64677a177f8803f429f9</td>
        <td>CVE-2024-28247</td>
-       <td>2024-03-27 19:15:48 <img src="imgs/new.gif" /></td>
+       <td>2024-03-27 19:15:48</td>
        <td>The Pi-hole is a DNS sinkhole that protects your devices from unwanted content without installing any client-side software. A vulnerability has been discovered in Pihole that allows an authenticated user on the platform to read internal server files arbitrarily, and because the application runs from behind, reading files is done as a privileged user.If the URL that is in the list of "Adslists" begins with "file*" it is understood that it is updating from a local file, on the other hand if it does not begin with "file*" depending on the state of the response it does one thing or another. The problem resides in the update through local files. When updating from a file which contains non-domain lines, 5 of the non-domain lines are printed on the screen, so if you provide it with any file on the server which contains non-domain lines it will print them on the screen. This vulnerability is fixed by 5.18.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-28247">详情</a></td>
       </tr>
@@ -430,7 +430,7 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       <tr>
        <td>89d273ccd2674ebfd9ea5ddb373a0418</td>
        <td>CVE-2024-28233</td>
-       <td>2024-03-27 19:15:48 <img src="imgs/new.gif" /></td>
+       <td>2024-03-27 19:15:48</td>
        <td>JupyterHub is an open source multi-user server for Jupyter notebooks. By tricking a user into visiting a malicious subdomain, the attacker can achieve an XSS directly affecting the former's session. More precisely, in the context of JupyterHub, this XSS could achieve full access to JupyterHub API and user's single-user server. The affected configurations are single-origin JupyterHub deployments and JupyterHub deployments with user-controlled applications running on subdomains or peer subdomains of either the Hub or a single-user server. This vulnerability is fixed in 4.1.0.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-28233">详情</a></td>
       </tr>
@@ -438,7 +438,7 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       <tr>
        <td>47add91a5ff20c680211cb27fdd75af1</td>
        <td>CVE-2024-28085</td>
-       <td>2024-03-27 19:15:48 <img src="imgs/new.gif" /></td>
+       <td>2024-03-27 19:15:48</td>
        <td>wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-28085">详情</a></td>
       </tr>
@@ -1971,6 +1971,14 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <th width="43%">TITLE</th>
        <th width="5%">URL</th>
       </tr>
+      <tr>
+       <td>0801fe221df23a2ee3acb50a0ae0caa1</td>
+       <td>CVE-2024-26128</td>
+       <td>2024-03-29 03:21:09 <img src="imgs/new.gif" /></td>
+       <td>baserCMS跨站脚本漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/92599">详情</a></td>
+      </tr>
+
       <tr>
        <td>7bff88e2b8d49434581ec1e06c85484f</td>
        <td>CVE-2023-44252</td>
@@ -2203,14 +2211,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/92517">详情</a></td>
       </tr>
 
-      <tr>
-       <td>260185a35570fc92a918018ae9c2e506</td>
-       <td></td>
-       <td>2024-03-28 03:22:45 <img src="imgs/new.gif" /></td>
-       <td>SourceCodester Free and Open Source Inventory Management System SQL注入漏洞（CVE-2024</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/92516">详情</a></td>
-      </tr>
-
      </tbody>
     </table>
    </div>