Updated by Github Bot

EXP-Tools · Apr 4, 2024 · a5beef8 · a5beef8
1 parent 600bc34
commit a5beef8
Show file tree

Hide file tree

Showing 3 changed files with 91 additions and 81 deletions.
diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat
@@ -124,3 +124,13 @@ c0027bca5284060ff8ba1b12e40cc19a
 c775a6f58cdcee42833ff6e8f3ba9597
 2bc0be4ada9899fc9909ad8a5b3bb001
 e266f172f64bda81dc4d9dfce8ae1d1a
+2a6dd1d0db696ec5e5b4e9921df99e08
+4c1d461ce64c9a3960bb78179de2714e
+fe8aed4b9c5396cbe835bc3e6bd71374
+e55d9623ae214233b037b634f2ee098b
+64cc9bbf39a723abaaed7d86349bab1f
+ac37a39d3585b994812a60a5179bcad2
+d564b6bbe2e7319823aa9019e48521a5
+1c6f68cbab6a0db99ba02ab3143ae8da
+c2d38650dcf41fa2e5137274a5046849
+afeaec7f7ecf15b5b945861d3006ddd5
diff --git a/data/cves.db b/data/cves.db
diff --git a/docs/index.html b/docs/index.html
@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2024-04-04 03:26:06 -->
+<!-- RELEASE TIME : 2024-04-04 23:23:24 -->
 <html lang="zh-cn">
 
  <head>
@@ -283,6 +283,86 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <th width="43%">TITLE</th>
        <th width="5%">URL</th>
       </tr>
+      <tr>
+       <td>2a6dd1d0db696ec5e5b4e9921df99e08</td>
+       <td>CVE-2024-30254</td>
+       <td>2024-04-04 19:15:08 <img src="imgs/new.gif" /></td>
+       <td>MesonLSP is an unofficial, unendorsed language server for meson written in C++. A vulnerability in versions prior to 4.1.4 allows overwriting arbitrary files if the attacker can make the victim either run the language server within a specific crafted project or `mesonlsp --full`. Version 4.1.4 contains a patch for this issue. As a workaround, avoid running `mesonlsp --full` and set the language server option `others.neverDownloadAutomatically` to `true`.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-30254">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>4c1d461ce64c9a3960bb78179de2714e</td>
+       <td>CVE-2024-30252</td>
+       <td>2024-04-04 19:15:08 <img src="imgs/new.gif" /></td>
+       <td>Livemarks is a browser extension that provides RSS feed bookmark folders. Versions of Livemarks prior to 3.7 are vulnerable to cross-site request forgery. A malicious website may be able to coerce the extension to send an authenticated GET request to an arbitrary URL. An authenticated request is a request where the cookies of the browser are sent along with the request. The `subscribe.js` script uses the first parameter from the current URL location as the URL of the RSS feed to subscribe to and checks that the RSS feed is valid XML. `subscribe.js` is accessible by an attacker website due to its use in `subscribe.html`, an HTML page that is declared as a `web_accessible_resource` in `manifest.json`. This issue may lead to `Privilege Escalation`. A CSRF breaks the integrity of servers running on a private network. A user of the browser extension may have a private server with dangerous functionality, which is assumed to be safe due to network segmentation. Upon receiving an authenticated request instantiated from an attacker, this integrity is broken. Version 3.7 fixes this issue by removing subscribe.html from `web_accessible_resources`.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-30252">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>fe8aed4b9c5396cbe835bc3e6bd71374</td>
+       <td>CVE-2024-30249</td>
+       <td>2024-04-04 19:15:08 <img src="imgs/new.gif" /></td>
+       <td>Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to `1.0.0.CR1-20240330.101522-15` impacts publicly accessible software depending on the affected versions of Network and allows an attacker to use Network as an amplification vector for a UDP denial of service attack against a third party or as an attempt to trigger service suspension of the host. All consumers of the library should upgrade to at least version `1.0.0.CR1-20240330.101522-15` to receive a fix. There are no known workarounds beyond updating the library.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-30249">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>e55d9623ae214233b037b634f2ee098b</td>
+       <td>CVE-2024-29193</td>
+       <td>2024-04-04 19:15:08 <img src="imgs/new.gif" /></td>
+       <td>gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The index page (`index.html`) shows the available streams by fetching the API (`[0]`) in the client side. Then, it uses `Object.entries` to iterate over the result (`[1]`) whose first item (`name`) gets appended using `innerHTML` (`[2]`). In the event of a victim visiting the server in question, their browser will execute the request against the go2rtc instance. After the request, the browser will be redirected to go2rtc, in which the XSS would be executed in the context of go2rtc’s origin. As of time of publication, no patch is available.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-29193">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>64cc9bbf39a723abaaed7d86349bab1f</td>
+       <td>CVE-2024-25007</td>
+       <td>2024-04-04 19:15:07 <img src="imgs/new.gif" /></td>
+       <td>Ericsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export function of application log where Improper Neutralization of Formula Elements in a CSV File can lead to code execution or information disclosure. There is limited impact to integrity and availability. The attacker on the adjacent network with administration access can exploit the vulnerability.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-25007">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>ac37a39d3585b994812a60a5179bcad2</td>
+       <td>CVE-2024-29192</td>
+       <td>2024-04-04 18:15:14 <img src="imgs/new.gif" /></td>
+       <td>gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to Cross-Site Request Forgery. The `/api/config` endpoint allows one to modify the existing configuration with user-supplied values. While the API is only allowing localhost to interact without authentication, an attacker may be able to achieve that depending on how go2rtc is set up on the upstream application, and given that this endpoint is not protected against CSRF, it allows requests from any origin (e.g. a "drive-by" attack) . The `exec` handler allows for any stream to execute arbitrary commands. An attacker may add a custom stream through `api/config`, which may lead to arbitrary command execution. In the event of a victim visiting the server in question, their browser will execute the requests against the go2rtc instance. Commit 8793c3636493c5efdda08f3b5ed5c6e1ea594fd9 adds a warning about secure API access.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-29192">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>d564b6bbe2e7319823aa9019e48521a5</td>
+       <td>CVE-2024-28787</td>
+       <td>2024-04-04 18:15:14 <img src="imgs/new.gif" /></td>
+       <td>IBM Security Verify Access 10.0.0 through 10.0.7 and IBM Application Gateway 20.01 through 24.03 could allow a remote attacker to obtain highly sensitive private information or cause a denial of service using a specially crafted HTTP request. IBM X-Force ID: 286584.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-28787">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>1c6f68cbab6a0db99ba02ab3143ae8da</td>
+       <td>CVE-2024-2660</td>
+       <td>2024-04-04 18:15:14 <img src="imgs/new.gif" /></td>
+       <td>Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. Fixed in Vault 1.16.0 and Vault Enterprise 1.16.1, 1.15.7, and 1.14.11.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-2660">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>c2d38650dcf41fa2e5137274a5046849</td>
+       <td>CVE-2024-27268</td>
+       <td>2024-04-04 18:15:13 <img src="imgs/new.gif" /></td>
+       <td>IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.3 is vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 284574.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-27268">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>afeaec7f7ecf15b5b945861d3006ddd5</td>
+       <td>CVE-2024-25709</td>
+       <td>2024-04-04 18:15:13 <img src="imgs/new.gif" /></td>
+       <td>There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS versions 10.8.1 – 1121 that may allow a remote, authenticated attacker to create a crafted link that can be saved as a new location when moving an existing item which will potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-25709">详情</a></td>
+      </tr>
+
       <tr>
        <td>1ee9a8746564c6ef08e842a5c4914aea</td>
        <td>CVE-2024-3180</td>
@@ -443,86 +523,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-30335">详情</a></td>
       </tr>
 
-      <tr>
-       <td>6285ff77c699e986c7085e3b8931a019</td>
-       <td>CVE-2024-3135</td>
-       <td>2024-04-01 19:15:46</td>
-       <td>The web server lacked CSRF tokens allowing an attacker to host malicious JavaScript on a host that when visited by a LocalAI user, could allow the attacker to fill disk space to deny service or abuse credits.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-3135">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>406e4641aa027840473d9ad8c327512a</td>
-       <td>CVE-2024-3131</td>
-       <td>2024-04-01 17:16:19</td>
-       <td>A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=save_category. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-258874 is the identifier assigned to this vulnerability.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-3131">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>9d0db5c5a6624477d534ad158a402eef</td>
-       <td>CVE-2024-28232</td>
-       <td>2024-04-01 17:15:45</td>
-       <td>Go package IceWhaleTech/CasaOS-UserService provides user management functionalities to CasaOS. The Casa OS Login page has disclosed the username enumeration vulnerability in the login page which was patched in version 0.4.7. This issue in CVE-2024-28232 has been patched in version 0.4.8 but that version has not yet been uploaded to Go's package manager.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-28232">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>42602cc8a17e6e2daf0c3afad8f72bf5</td>
-       <td>CVE-2024-3129</td>
-       <td>2024-04-01 16:15:59</td>
-       <td>A vulnerability was found in SourceCodester Image Accordion Gallery App 1.0. It has been classified as critical. This affects an unknown part of the file /endpoint/add-image.php. The manipulation of the argument image_name leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258873 was assigned to this vulnerability.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-3129">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>a7d693ba0fac1458a3086e6047bdba79</td>
-       <td>CVE-2024-30867</td>
-       <td>2024-04-01 16:15:54</td>
-       <td>netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_virtual_site_info.php.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-30867">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>939f15b667e7d3b04521bc4ed191dacb</td>
-       <td>CVE-2024-30863</td>
-       <td>2024-04-01 16:15:48</td>
-       <td>netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /WebPages/history.php.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-30863">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>e106658074a911bd601fba353492d69d</td>
-       <td>CVE-2024-30862</td>
-       <td>2024-04-01 16:15:43</td>
-       <td>netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /3g/index.php.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-30862">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>ba92d83794bd15700333efdff69a79b7</td>
-       <td>CVE-2024-30861</td>
-       <td>2024-04-01 16:15:38</td>
-       <td>netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/configguide/ipsec_guide_1.php.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-30861">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>656a67e16474830cb761c1528998403f</td>
-       <td>CVE-2024-30860</td>
-       <td>2024-04-01 16:15:31</td>
-       <td>netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/export_excel_user.php.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-30860">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>2bdd5bc47c3a082ef04edafb44949d06</td>
-       <td>CVE-2024-30859</td>
-       <td>2024-04-01 16:15:20</td>
-       <td>netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/config_ISCGroupSSLCert.php.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-30859">详情</a></td>
-      </tr>
-
      </tbody>
     </table>
    </div>