From 7a9132e040f42d76074f806355139b82dc1aea5b Mon Sep 17 00:00:00 2001
From: Github-Bot <github-bot@example.com>
Date: Wed, 21 Feb 2024 15:23:09 +0000
Subject: [PATCH] Updated by Github Bot

---
 cache/Tenable (Nessus).dat |  10 +++
 data/cves.db               | Bin 46166016 -> 46174208 bytes
 docs/index.html            | 162 ++++++++++++++++++-------------------
 3 files changed, 91 insertions(+), 81 deletions(-)

diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat
index 1e33f3522be..de2bbb14b5a 100644
--- a/cache/Tenable (Nessus).dat	
+++ b/cache/Tenable (Nessus).dat	
@@ -168,3 +168,13 @@ ae76cc89624f9fc10e6713d9ba3aacdb
 80caf5cf00cffdeb61c6dcfba2ad4185
 730cca7c11768c0c2cfb4b6966e72be8
 aef9445589ad1fe2c596dddbc16dab7a
+fb1b9927eef0a4cba396cf982cff7609
+7e02e6c9183abb81e3c35e8e73c26539
+8c0af4fbf186136a05550c7bc565f511
+045d1c2a9beb0fdab3654d291b6d0a9d
+e95f63c1153b55442ebbd585208307af
+e87358f0ce0c0d35756b48c37ecd124a
+791a1d6349880e7a7783a7ba90969b19
+911e6a10c7356fa6d13166cc66f28f3e
+5f8b3c0749bc369f74ae79762da2f638
+d163df537e1a603e6d574f72c08f029d
diff --git a/data/cves.db b/data/cves.db
index 77a949fd1b5405289975bb9bb0bf15b7299b0ff7..65e5e29b51e9e54984c62e2a97d9baa1c5cf6fe5 100644
GIT binary patch
delta 7049
zcmeI#33OD|{ReR7k+2ysVF|lDK!iXt&YL%H7Lc6~0ts7!sG#$E^Oj`HWM-HJh+81x
z2jT{}jr$`m2#N{@jUo!v)>^GC;8t5LP+Qtstx)ZvZMEMw0a^t6@4u%#|DN;jIr+RZ
zdGFr)?()0$-Miw@%EA>Jn+n$t%stSdLvhy);zY-RmBi#=5|}zN<uK(kbz<tw)P<=l
zQ#YownDUsqGxcCPn<<~EfT<@_FQ(p1eV7WF`ZD!n>d!QQX&}=erol|-Fb!c6nT9eA
zV;atMF4G96^O#05jbbWd8qG9@shFvR$;os+lZ#1Wax=+H9wvp!%j9G7GX<E&GL2)p
zfN4C_1g42hlb9wmO<|hKG>xg0X*yFG(+s9^rkPB$m@1emnPxN1VVcV{k7+(r6;n0S
z0;UU@7BXGLbTQK<OpBNnGhNDb8B>r6{i8C4m^3Dx$zU>>YM5%7!c3Pl)iFhw>Y1WU
zF{U`v5~c)Gk}1WMW?IU$jA=Pj1Je~uS2A72bT!j8OpQz{m{u}1F*P%-Vq&J%Olz2~
zWm?O09n<wpH!$7EbQ9A$ru9r4m~Ljeh3QtN+n8==$}ru*bSKkYOm{Qg!*nmxeM}b9
zMy3{~`<WhKdXVWMrcF!_Gi_$t!t@B!qfA?w9%Fi(=?SK7Oxu~BWNKyF!Soc<(@bql
z&oDj9w3F#Mrd>?WGrhpHn`sZzUZ!s_y~y-Urf)I5#Pn^Zmzlo9^a|6fOy6aCjp=(#
z-)Gv#w4dn!)9XxcFulq27Sr2IKVW)?>4!`|VtSY9J*FQs9b`JhbeQQUOz$)Ol<8+o
zN0@%j^b4k6GJU}GE2a;bK4SVc)5lClnT|32hUpWgPnmwp^gE{CGyQ?-Gp5g({>bzv
zrav=%!Sv-?a@<G`5TGOEKrVEG&d>$ALN_=I@}N8PfU_YV3ZN(Sg5J;v3ZXCbgZ?l8
z2Erg14ClZQ5Md|`gW+&4jDYiCB#eS07!6~f7)rni=YtC*aDxmUP{0d5@IwH`!Z^49
z#=``d2$NtkOo6E|4N74;l)(%rhnX-7DxeZ(!yK3k^I$$yK{YIZ3t=H#1Q)|4um~2z
zrEnPp!R~(*LZE>T2AEI-wGf8Op$;NY4^fCg9F{-=l8}NlEQMvT92(#XxDu{{tKk}G
zgcYz7nxGk00mEuo1J}Y@xDKv|8{kH`3D&`S*Z?=fEpRK`2Dd{7?tnYtF1Q=+fqUUT
zuwWy!!2R$5JO~fLCU_V&!xnf19)+#&7(5P7z&6+pPeLo~fT!STXoF|qS=b5B!7g|n
zUVz=O2lm1@;6?Z*d<$NJZ^O&*9e4#^h3~>^@IClG?1TMq0A7bT;7xc7-i9B*JMcsJ
z5xfiU!H?k}9D>8}6L=qf3O|D*@N@VD{1QHZU%`j)5&RlHhNEx{egmJtr|?_&9sC~t
z0H49<@JIL){29K0FCA-1!1M<JIzkTQLMP}9U7#y;gR>wHx<d~*8}gw5dO|Pg4Sk>x
z`a(bG4+CHz41&RM4h#VihQcry4(GxMI1fg`C@6x_Fb0aD1e|a_xIh9o$lw75yx;>r
z1Yj(Tg9~6hOn`|n2`0l7m<rRN6sAKN%z$#33A3OADq%Lvfw?db=0g=!!veSv7Q#hv
zF<b(RU@=?@mq8Hh{#PLc8t7nv2{lj)VYnRXAOiIeg&4$P2_zs1DM-UoSO&|X0j_{6
z;VQTqu7O5a0V|;inqd_%tcEpkEv$v>;Ci?LZiJg)9ju29a5LNjx5903J7nMvxD)Pz
zyWt+V7w!WKHbM*B4-deD@DOZ*hhZ~pfk)s`*b0xq<M0G*gYEDnw89Q}3Z538r#9ii
zgIzA~G@ygM+1s6Ws7=@>WW>aToVK1T?&%`5iSZd8M_zFkZYf8K&fGF>-KZmN0xr+k
zmuKzEPW$qlec5GSp0_VA2)joe*)6==(6OMydsb)KBMi$F>{-5}nERuQZj~h?R}Gg}
z4G)?jDHI5}eTHGWRF4)?<$zZ+1Aez=nm%jeV;?yN4fMHXrMlJ-=fsWZg>z?%Wedv1
za5R}xBazI;tJd`H?R5r3J*<n-SV~M9DKUk_8OOoOLaVZ<rz6km`N0HXNJ-2*Swbir
zRTE(&DK4uuqGCE3j@F1OvPVl$YE)Mfy0!AIy^h`)W%e8SnL}T^)T4VmqH2bCJfo$K
zx!2JvGjZ6hd86Gfx2MGAE^$kuB#o7nu`b_#Y-KaAJpJnMPI8Ieqr0!v_6VGp-yK7r
zD~#@tx1-zVU03CX+VYPsA1D;d7;y|!5s#C3oND-evf?*gn&Hx1x~%vVZ^+}<WS^nw
zlG{4A{x)Gyj@#prGSalBUYR|weSD6!ZNYG%pmD5Nm#h!zV?{H(T#ThtB8DLpOGou2
z#t?tuR1nYI!9+41tkn~vio|kL)FNRcYL8`97wxBF)ToK2!fMJ86ULIXkxYpgCVQNt
zClg7hCn^@hjbD9%7*2{BBFE50GnTMRKSM?l5rNT;8ipRktL;45xQdCU8c7;XvAPzw
z;%Z8(6~i^rSi)#8D6VRCMk*<)X39v2B@?1X(btslH&NsA+fn1O_ICUf5%=G&JJEId
zU+ucgP;cF6k6fbIfp+a+Zkb^R=$aAonh~lIP)x6^Ns=Om6vg9l8=;V{_!YOyFS~q}
z`esjIV6L6f{q+&LRE>mnJI0bmG8v8`I`#H2OBjaz8}X{e>f?6so(x0E25*g#3f3oU
zMir5r=;W<z<Ofq)EQ+wU12+3at2MN`U^;0eg7%AY@upEl*5OUVgnrhMsvMz5qn%8w
zHB=ozg!0tWUh5RYrbtzlQ{2Jo`K6`7sdHw}E}dE(oKcDjB(v+E8BSo9puY9?i_cK?
zVsTkG5<x>!=|og?VXio{fo+J5spAdK)-)UZb>Vp2&`*hbG@yNI2Qejsp|pvavOI-`
zreY%cL)6lVgguGRPzC4d(XW(8v(>H$N7L48m<e6ZI1~OmMD`dM;^Kej5Lx@zZFP)x
zXJ<>(5^gE8r`gH|d1Zs@@+i8bxz#|(2)RsM4ar``qq_rA$g8{5OhLio{uV8KPRMci
zEb0AX!J8k8hG)l?iPeT$FHSQ;X>0P%{f<64*`Jf<Zx#ysNUk%)gC)KGhC}(Eb7$^P
z>_5-ib8MH8<MIXk%?h_nx2xMUUTzw%`Zbqodd!e1`Mr|tRb7grxHMl#Q@o0)WHz*g
zQQZT(gj|Qqnm6(m!DCIDa?FuCpc)^ZaGf}_dVaMy-$=$|(PVh3Ay%s)YwuQ{(6`SS
zo<t05!{#kQ@4g<V<P4nNq|Ck#4=VqH@-zE~yj*m=#eSE2bs4vmW<S((WS*n?442#R
zY5~bFtD%rzGGt9w48P%%HMdvE>`zpmXt8V^uGl7c8mA{-+@im@B@x!dvhs?G(kgL!
znK(CrZ>(BX8;jf1d0{Lz6$^=x(2Qd7jOnK((s4D?o;IP|xszX$a%L=6A5s6B(t68i
z75e6X^_|xCdE0~`y**Bk$0?7qt90@eR)N_n4C(3hIbGQYCrh+cN2@TnKl)#Bo-w8z
zpJxQ6@&C5HhV?cYT=*|+a7Q%Qnzu7w7}*{bJ^ixJ-qhuEuIP~W!C5o99PQjzK#z<Q
zc8fTw3ArWBL%5|fJ4r^$O(RuZ^2)lYU@s@BUYBfmb;ai~eQwQ#4WIk?oVF*4b@*<#
zpbVI)M)8d)jU=(rnXK32(^6?f(_*O}w&o^h3jMmDdhg?xT7`bSCHE;a!e?)Jtb$hQ
zpDZu)KyvSiY47)WS5<LKh25g&MRM~ZRWbb`S#$Y3fsiJ91E$ZT8oq$f>(*7b>9wTE
zyM%!`ZYAKdj=kf=q~E4~=IAuJDizb}B4Two+E6*QH2b|i@q4nqRK<o+$GnJ{h;4g!
zfN-B4OVq3Ob`M|Js#HV!+Hk>%O!nOqzyGlUjxQlt5}jY$UH@^FwQlIQ388oN$=yQk
z`7Td0_GPoO!8Jl|8leUx$?&QY7F}8KnyOcqWXbE*G_Tim`%UX`qV2>`3{`Izl)_k4
zPh)u~s}Ic(E7Orw7#(ZGt$o+D3jHk$YeJ`-?2Y{3Gs1wrKBweAJ+74Ym91~(|Ee&D
zFSGxX{U;lutS;b|nc0Q4zs&trUqDhN-79+ne!t7`sXiZ8SYJpDxB}il$lBiA3k|V9
znbt8r{CD>8$w)dR#+DihGlI_|CQth&Q8%=hZUm#LNPQ9~AvK+<4Td7IQ2Tkv{@4Dm
zWI|Q@)^wK9;H)sBH7T4wk~o#t)L^Tas#WddQ2XAs&S=0X<_crf)W-7ZRl!-M7YD1#
zFDWf57Ei5#hCH<@c6at+Otf<u%QX~KV_@f|8%d|Ah0SD8O=zB=mS~9E8@hOdy?+1g
vo76-?Z4k{wtX}+U4cq_M`ehGurwr3SbmBR+p8p?u%4%M_T^N%+rnvqBTC&s=

delta 2646
zcmWmG<yRI47>03qQ87?a6uTR{ySo*;Z^iB|3{Y<sySuwvu@Dy4rkm@{g|1vrUAMd5
z55MaVxX*dcdE$4^kBWbk5Vbmgy4z{eln+}|q*2K21X&?gzzVg}TIsCxR+yE+%4lV>
zGF#zR7Avcj&5E$HTRE&qE2ovqin4NBd91uvJ}bXfz$$1JvI<*8tfE#itGHFdDruFn
zN?T>DvR1TJ&MI$Juqs-WtjbmutEyGas&3V=YFf3d+EyK_u2s*fZ#A$QT8*s6RuikK
z)y!&cwXj-Rt*q8o8>_9=&T4OUusT|utj<;!E5_<-b+fu#J*=KqFRQoJ$LeeKv-(>D
ztbrE$46+7WvDOf4s5Q(QZjG=;TBEGd));H7HO?AuO|T|fldQ?s6l<zA&6;k_ux47b
ztT=17HOHE3&9maI1Z%#vz*=b8T4XJ@mRO0_QfryD+*)C+v{qTGtu@wKYn`>;+F)(8
zHd&jkE!I|Ro3-8AVePbbS-Y)0)?RC$wck2m9kdQvhpi*lQR|p>+&W>Mv`$&4tuxkH
z>zsAox?o+jlB`SCW$TJ{)w*USTi2}=E7f|zdeM5xdfB>R-L!65x2-$YE7q&lUF)9p
zn)SMM-+IG((|XH#+j_@(*Lu%--}=CMV0~zPWPNOXVm-7TS)W>;S)W^9SYKL?t*@-F
zt#7Pvt?#Vwtskr(ttZw~>zVbF^|SSh^{e%p^}F?l^{4fh^|$qp^{@4x^*m7_D-?nN
zLXj5fkRD;kfQ-n5%m_yoWJNYaAUkp(5;>6zQOJ!v$cuc)j{+!&LMV(PD2iezjuI$|
zQYeiwD2r&6LwQs{MN~p%R6$i#Lv_?ZP1Hhd)InX;Lwz(rLo`BTG(l4|Lvyr1OSD33
zv_V_6Lwj^UM|47GbU_Tdq8qxS2YR9xdZQ2eq96KW00tts{~!!TEQVkxhG95HU?fIi
zG{#^o#$h}rU?L`AGNxcEreQi}U?yfE4zn=_b1@I`NWgq7z(N>{uoz2_h^1JD<ye80
zScTPCgSA+P_1J)o*o4j4g00ww?bv~x*oEELgT2^?{WySwIE2GEf}=Qw<2ZqnIEB+V
zgR?k?^SFSENWvvt#uZ$}H6-IYQjm%l@FHHq%eaA?xP{xegIDk>?&2O^!|S+@H}EFj
z!rOQU@8UhYj}PzwAL1i?j8E_okMJoz!{_({U*a*o!q@l)-{L!bk00<Op5Q5-;V1lz
zU+^n_!|(V5f8sCvjeqbj{=@T-L<Km11Q3d}NQd+YLk46-CS*o9vLGw6Ap+Tv1Chvy
zT!=z$<UwBKLw*!MK@>t^6hToGLvfTqNt8lqltEcUqa4bk0xF^sDx(Ujq8h5B25O=f
zYNHP7q8{p_0UDwa8lwrCq8XZ_1zMsNTB8lxq8-|!13ID;I-?6>&=uX#9X-$!z0ezd
z&=>vC9|JHD!TkqeFk&$TLop1)F#;no3ZpRwV=)fnF#!`X36n7eQ!x$GF#|I(3vrl@
zIhc!ih(`kEV*wVzScJt`f<!FEGAzdmti&p;#u}`}I;_VAY{VvP#ujYFHf+ZZ?8GkY
z#vbg&KJ3Q<9K<0U#t|IFF&xJUoWv=d#u=Q&Ih@A@Tnr>DDX{-xh7sw@qzOKIDdCTj
z0`~(cIU+KKM1^kZ{4{gzRnd==0_0LKmxH+y%++A71(O`i^*~DW<CMUInV}J(al68l
T8Yq?&nVK3Cni3bA8gTgk83gWP

diff --git a/docs/index.html b/docs/index.html
index 6b80176326c..aef9c5a5e53 100644
--- a/docs/index.html
+++ b/docs/index.html
@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2024-02-21 09:24:45 -->
+<!-- RELEASE TIME : 2024-02-21 15:23:08 -->
 <html lang="zh-cn">
 
  <head>
@@ -283,6 +283,86 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <th width="43%">TITLE</th>
        <th width="5%">URL</th>
       </tr>
+      <tr>
+       <td>fb1b9927eef0a4cba396cf982cff7609</td>
+       <td>CVE-2023-7235</td>
+       <td>2024-02-21 11:15:07 <img src="imgs/new.gif" /></td>
+       <td>The OpenVPN GUI installer before version 2.6.9 did not set the proper access control restrictions to the installation directory of OpenVPN binaries when using a non-standard installation path, which allows an attacker to replace binaries to run arbitrary executables.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-7235">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>7e02e6c9183abb81e3c35e8e73c26539</td>
+       <td>CVE-2024-24837</td>
+       <td>2024-02-21 08:15:46 <img src="imgs/new.gif" /></td>
+       <td>Cross-Site Request Forgery (CSRF) vulnerability in Frédéric GILLES FG PrestaShop to WooCommerce, Frédéric GILLES FG Drupal to WordPress, Frédéric GILLES FG Joomla to WordPress.This issue affects FG PrestaShop to WooCommerce: from n/a through 4.44.3; FG Drupal to WordPress: from n/a through 3.67.0; FG Joomla to WordPress: from n/a through 4.15.0.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-24837">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>8c0af4fbf186136a05550c7bc565f511</td>
+       <td>CVE-2024-24802</td>
+       <td>2024-02-21 08:15:46 <img src="imgs/new.gif" /></td>
+       <td>Cross-Site Request Forgery (CSRF) vulnerability in John Tendik JTRT Responsive Tables.This issue affects JTRT Responsive Tables: from n/a through 4.1.9.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-24802">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>045d1c2a9beb0fdab3654d291b6d0a9d</td>
+       <td>CVE-2024-24798</td>
+       <td>2024-02-21 08:15:45 <img src="imgs/new.gif" /></td>
+       <td>Cross-Site Request Forgery (CSRF) vulnerability in SoniNow Team Debug.This issue affects Debug: from n/a through 1.10.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-24798">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>e95f63c1153b55442ebbd585208307af</td>
+       <td>CVE-2023-52442</td>
+       <td>2024-02-21 08:15:45 <img src="imgs/new.gif" /></td>
+       <td>In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate session id and tree id in compound request `smb2_get_msg()` in smb2_get_ksmbd_tcon() and smb2_check_user_session() will always return the first request smb2 header in a compound request. if `SMB2_TREE_CONNECT_HE` is the first command in compound request, will return 0, i.e. The tree id check is skipped. This patch use ksmbd_req_buf_next() to get current command in compound.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-52442">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>e87358f0ce0c0d35756b48c37ecd124a</td>
+       <td>CVE-2023-52441</td>
+       <td>2024-02-21 08:15:45 <img src="imgs/new.gif" /></td>
+       <td>In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds in init_smb2_rsp_hdr() If client send smb2 negotiate request and then send smb1 negotiate request, init_smb2_rsp_hdr is called for smb1 negotiate request since need_neg is set to false. This patch ignore smb1 packets after ->need_neg is set to false.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-52441">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>791a1d6349880e7a7783a7ba90969b19</td>
+       <td>CVE-2023-52440</td>
+       <td>2024-02-21 08:15:45 <img src="imgs/new.gif" /></td>
+       <td>In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob() If authblob->SessionKey.Length is bigger than session key size(CIFS_KEY_SIZE), slub overflow can happen in key exchange codes. cifs_arc4_crypt copy to session key array from SessionKey from client.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-52440">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>911e6a10c7356fa6d13166cc66f28f3e</td>
+       <td>CVE-2024-25905</td>
+       <td>2024-02-21 07:15:57 <img src="imgs/new.gif" /></td>
+       <td>Cross-Site Request Forgery (CSRF) vulnerability in Mondula GmbH Multi Step Form.This issue affects Multi Step Form: from n/a through 1.7.18.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-25905">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>5f8b3c0749bc369f74ae79762da2f638</td>
+       <td>CVE-2024-25904</td>
+       <td>2024-02-21 07:15:56 <img src="imgs/new.gif" /></td>
+       <td>Cross-Site Request Forgery (CSRF) vulnerability in David Stockl TinyMCE and TinyMCE Advanced Professsional Formats and Styles.This issue affects TinyMCE and TinyMCE Advanced Professsional Formats and Styles: from n/a through 1.1.2.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-25904">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>d163df537e1a603e6d574f72c08f029d</td>
+       <td>CVE-2024-24876</td>
+       <td>2024-02-21 07:15:56 <img src="imgs/new.gif" /></td>
+       <td>Cross-Site Request Forgery (CSRF) vulnerability in Janis Elsts Admin Menu Editor.This issue affects Admin Menu Editor: from n/a through 1.12.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-24876">详情</a></td>
+      </tr>
+
       <tr>
        <td>5406867c009510f8d60ac78516fb9366</td>
        <td>CVE-2024-25366</td>
@@ -443,86 +523,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-49109">详情</a></td>
       </tr>
 
-      <tr>
-       <td>0d66ae7ccc8dd80ebc22f0c3f6957e32</td>
-       <td>CVE-2022-45320</td>
-       <td>2024-02-20 05:15:07 <img src="imgs/new.gif" /></td>
-       <td>Liferay Portal before 7.4.3.16 and Liferay DXP before 7.2 fix pack 19, 7.3 before update 6, and 7.4 before update 16 allow remote authenticated users to become the owner of a wiki page by editing the wiki page.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2022-45320">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>4646471a0c45b25814600a90f8600c30</td>
-       <td>CVE-2024-1559</td>
-       <td>2024-02-20 04:15:07 <img src="imgs/new.gif" /></td>
-       <td>The Link Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'll_reciprocal' parameter in all versions up to, and including, 7.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-1559">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>a2f89850112a94f2a032c89752137e3a</td>
-       <td>CVE-2024-1510</td>
-       <td>2024-02-20 03:15:08 <img src="imgs/new.gif" /></td>
-       <td>The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's su_tooltip shortcode in all versions up to, and including, 7.0.2 due to insufficient input sanitization and output escaping on user supplied attributes and user supplied tags. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-1510">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>e059e0cf26bb3ee1855885f1da552a78</td>
-       <td>CVE-2023-6764</td>
-       <td>2024-02-20 03:15:07 <img src="imgs/new.gif" /></td>
-       <td>A format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, and USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1 could allow an attacker to achieve unauthorized remote code execution by sending a sequence of specially crafted payloads containing an invalid pointer; however, such an attack would require detailed knowledge of an affected device’s memory layout and configuration.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-6764">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>410a4cdf2a2b270fda48938122ec5f2a</td>
-       <td>CVE-2024-22019</td>
-       <td>2024-02-20 02:15:50 <img src="imgs/new.gif" /></td>
-       <td>A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service (DoS). The server reads an unbounded number of bytes from a single connection, exploiting the lack of limitations on chunk extension bytes. The issue can cause CPU and network bandwidth exhaustion, bypassing standard safeguards like timeouts and body size limits.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-22019">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>17905e065803d0bd1a441091a1ff6226</td>
-       <td>CVE-2024-21896</td>
-       <td>2024-02-20 02:15:50 <img src="imgs/new.gif" /></td>
-       <td>The permission model protects itself against path traversal attacks by calling path.resolve() on any paths given by the user. If the path is to be treated as a Buffer, the implementation uses Buffer.from() to obtain a Buffer from the result of path.resolve(). By monkey-patching Buffer internals, namely, Buffer.prototype.utf8Write, the application can modify the result of path.resolve(), which leads to a path traversal vulnerability. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-21896">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>26cf2b8d93f0d2e231b88096da61bb07</td>
-       <td>CVE-2024-21892</td>
-       <td>2024-02-20 02:15:50 <img src="imgs/new.gif" /></td>
-       <td>On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-21892">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>49117bdf3e9e64afb34825bb65e341a2</td>
-       <td>CVE-2024-21891</td>
-       <td>2024-02-20 02:15:50 <img src="imgs/new.gif" /></td>
-       <td>Node.js depends on multiple built-in utility functions to normalize paths provided to node:fs functions, which can be overwitten with user-defined implementations leading to filesystem permission model bypass through path traversal attack. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-21891">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>dc6862fc5bc61e848b6fe4fe1f708ad8</td>
-       <td>CVE-2024-21890</td>
-       <td>2024-02-20 02:15:50 <img src="imgs/new.gif" /></td>
-       <td>The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: ``` --allow-fs-read=/home/node/.ssh/*.pub ``` will ignore `pub` and give access to everything after `.ssh/`. This misleading documentation affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-21890">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>309008d8575ca9f2384d90f932d57f5b</td>
-       <td>CVE-2024-0715</td>
-       <td>2024-02-20 02:15:49 <img src="imgs/new.gif" /></td>
-       <td>Expression Language Injection vulnerability in Hitachi Global Link Manager on Windows allows Code Injection.This issue affects Hitachi Global Link Manager: before 8.8.7-03.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-0715">详情</a></td>
-      </tr>
-
      </tbody>
     </table>
    </div>