Skip to content

Commit

Permalink
Updated by Github Bot
Browse files Browse the repository at this point in the history
  • Loading branch information
Github-Bot committed Mar 8, 2024
1 parent 8a163b9 commit ccd3cc9
Show file tree
Hide file tree
Showing 3 changed files with 91 additions and 81 deletions.
10 changes: 10 additions & 0 deletions cache/Tenable (Nessus).dat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -188,3 +188,13 @@ d23033babc2b5858785714891b4b3047
641478d1c36094ea083a4cc299fff4b9
b6904d65b01672cdff3000821bef896b
df38e9c0681f8b7afca895a826be8b83
c6ffe0c96c1ac3e96e52ef8eeb05fa54
839b35f73137874fad7c1bea310660c0
5ef65a838951ed7d41460d987aa2e1f3
044aa3fd5f9922c2cf1bd1db16a6a032
10358e6b04c0e803ee5a415306f57d15
e743e265de1c061983e3791b03592b7b
1c6784d7fb80aa7abe35f7285500ad21
48147ffb73be7dd3eb88270e004a88fc
d66a7e526750dbc269ee0a59e65417dc
894dfb29b094ab128a6b189c7d31053d
Binary file modified data/cves.db
View file
Binary file not shown.
162 changes: 81 additions & 81 deletions docs/index.html
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!-- RELEASE TIME : 2024-03-08 07:24:56 -->
<!-- RELEASE TIME : 2024-03-08 20:22:19 -->
<html lang="zh-cn">

<head>
Expand Down Expand Up @@ -283,6 +283,86 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<th width="43%">TITLE</th>
<th width="5%">URL</th>
</tr>
<tr>
<td>c6ffe0c96c1ac3e96e52ef8eeb05fa54</td>
<td>CVE-2024-21901</td>
<td>2024-03-08 17:15:23 <img src="imgs/new.gif" /></td>
<td>A SQL injection vulnerability has been reported to affect myQNAPcloud. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: myQNAPcloud 1.0.52 ( 2023/11/24 ) and later QTS 4.5.4.2627 build 20231225 and later</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-21901">详情</a></td>
</tr>

<tr>
<td>839b35f73137874fad7c1bea310660c0</td>
<td>CVE-2024-21900</td>
<td>2024-03-08 17:15:22 <img src="imgs/new.gif" /></td>
<td>An injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-21900">详情</a></td>
</tr>

<tr>
<td>5ef65a838951ed7d41460d987aa2e1f3</td>
<td>CVE-2024-21899</td>
<td>2024-03-08 17:15:22 <img src="imgs/new.gif" /></td>
<td>An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-21899">详情</a></td>
</tr>

<tr>
<td>044aa3fd5f9922c2cf1bd1db16a6a032</td>
<td>CVE-2023-47221</td>
<td>2024-03-08 17:15:22 <img src="imgs/new.gif" /></td>
<td>A path traversal vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 ( 2023/12/15 ) and later</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-47221">详情</a></td>
</tr>

<tr>
<td>10358e6b04c0e803ee5a415306f57d15</td>
<td>CVE-2023-34980</td>
<td>2024-03-08 17:15:22 <img src="imgs/new.gif" /></td>
<td>An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 4.5.4.2627 build 20231225 and later QuTS hero h4.5.4.2626 build 20231225 and later</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-34980">详情</a></td>
</tr>

<tr>
<td>e743e265de1c061983e3791b03592b7b</td>
<td>CVE-2023-32969</td>
<td>2024-03-08 17:15:21 <img src="imgs/new.gif" /></td>
<td>A cross-site scripting (XSS) vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QuTScloud c5.1.5.2651 and later QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-32969">详情</a></td>
</tr>

<tr>
<td>1c6784d7fb80aa7abe35f7285500ad21</td>
<td>CVE-2024-2319</td>
<td>2024-03-08 14:15:52 <img src="imgs/new.gif" /></td>
<td>Cross-Site Scripting (XSS) vulnerability in the Django MarkdownX project, affecting version 4.0.2. An attacker could store a specially crafted JavaScript payload in the upload functionality due to lack of proper sanitisation of JavaScript elements.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-2319">详情</a></td>
</tr>

<tr>
<td>48147ffb73be7dd3eb88270e004a88fc</td>
<td>CVE-2024-2318</td>
<td>2024-03-08 13:15:07 <img src="imgs/new.gif" /></td>
<td>A vulnerability was found in ZKTeco ZKBio Media 2.0.0_x64_2024-01-29-1028. It has been classified as problematic. Affected is an unknown function of the file /pro/common/download of the component Service Port 9999. The manipulation of the argument fileName with the input ../../../../zkbio_media.sql leads to path traversal: '../filedir'. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256272. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-2318">详情</a></td>
</tr>

<tr>
<td>d66a7e526750dbc269ee0a59e65417dc</td>
<td>CVE-2024-2317</td>
<td>2024-03-08 12:15:50 <img src="imgs/new.gif" /></td>
<td>A vulnerability was found in Bdtask Hospital AutoManager up to 20240227 and classified as problematic. This issue affects some unknown processing of the file /prescription/prescription/delete/ of the component Prescription Page. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256271. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-2317">详情</a></td>
</tr>

<tr>
<td>894dfb29b094ab128a6b189c7d31053d</td>
<td>CVE-2024-2316</td>
<td>2024-03-08 12:15:50 <img src="imgs/new.gif" /></td>
<td>A vulnerability has been found in Bdtask Hospital AutoManager up to 20240227 and classified as problematic. This vulnerability affects unknown code of the file /billing/bill/edit/ of the component Update Bill Page. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-256270 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-2316">详情</a></td>
</tr>

<tr>
<td>7c6e04ba0395f0c422c9a82b8a92cdc4</td>
<td>CVE-2024-2285</td>
Expand Down Expand Up @@ -443,86 +523,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-1170">详情</a></td>
</tr>

<tr>
<td>bcf056f6392e9c7a9510f8294a383740</td>
<td>CVE-2024-27917</td>
<td>2024-03-06 20:15:48</td>
<td>Shopware is an open commerce platform based on Symfony Framework and Vue. The Symfony Session Handler pops the Session Cookie and assigns it to the Response. Since Shopware 6.5.8.0, the 404 pages are cached to improve the performance of 404 pages. So the cached Response which contains a Session Cookie when the Browser accessing the 404 page, has no cookies yet. The Symfony Session Handler is in use, when no explicit Session configuration has been done. When Redis is in use for Sessions using the PHP Redis extension, this exploiting code is not used. Shopware version 6.5.8.7 contains a patch for this issue. As a workaround, use Redis for Sessions, as this does not trigger the exploit code.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-27917">详情</a></td>
</tr>

<tr>
<td>4c1a2fe45d699bbdc3e6c767e1c5f594</td>
<td>CVE-2024-27915</td>
<td>2024-03-06 20:15:47</td>
<td>Sulu is a PHP content management system. Starting in verson 2.2.0 and prior to version 2.4.17 and 2.5.13, access to pages is granted regardless of role permissions for webspaces which have a security system configured and permission check enabled. Webspaces without do not have this issue. The problem is patched in versions 2.4.17 and 2.5.13. Some workarounds are available. One may apply the patch to `vendor/symfony/security-http/HttpUtils.php` manually or avoid installing `symfony/security-http` versions greater equal than `v5.4.30` or `v6.3.6`.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-27915">详情</a></td>
</tr>

<tr>
<td>d0d79cab92c1436582e965179cd50c1e</td>
<td>CVE-2024-27308</td>
<td>2024-03-06 20:15:47</td>
<td>Mio is a Metal I/O library for Rust. When using named pipes on Windows, mio will under some circumstances return invalid tokens that correspond to named pipes that have already been deregistered from the mio registry. The impact of this vulnerability depends on how mio is used. For some applications, invalid tokens may be ignored or cause a warning or a crash. On the other hand, for applications that store pointers in the tokens, this vulnerability may result in a use-after-free. For users of Tokio, this vulnerability is serious and can result in a use-after-free in Tokio. The vulnerability is Windows-specific, and can only happen if you are using named pipes. Other IO resources are not affected. This vulnerability has been fixed in mio v0.8.11. All versions of mio between v0.7.2 and v0.8.10 are vulnerable. Tokio is vulnerable when you are using a vulnerable version of mio AND you are using at least Tokio v1.30.0. Versions of Tokio prior to v1.30.0 will ignore invalid tokens, so they are not vulnerable. Vulnerable libraries that use mio can work around this issue by detecting and ignoring invalid tokens.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-27308">详情</a></td>
</tr>

<tr>
<td>c07e9b9b6b9acb10667975fa4aa693e3</td>
<td>CVE-2024-27307</td>
<td>2024-03-06 20:15:47</td>
<td>JSONata is a JSON query and transformation language. Starting in version 1.4.0 and prior to version 1.8.7 and 2.0.4, a malicious expression can use the transform operator to override properties on the `Object` constructor and prototype. This may lead to denial of service, remote code execution or other unexpected behavior in applications that evaluate user-provided JSONata expressions. This issue has been fixed in JSONata versions 1.8.7 and 2.0.4. Applications that evaluate user-provided expressions should update ASAP to prevent exploitation. As a workaround, one may apply the patch manually.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-27307">详情</a></td>
</tr>

<tr>
<td>f49e911f7e0cc4a3986461bc64f5d427</td>
<td>CVE-2023-48703</td>
<td>2024-03-06 20:15:47</td>
<td>RobotsAndPencils go-saml, a SAML client library written in Go, contains an authentication bypass vulnerability in all known versions. This is due to how the `xmlsec1` command line tool is called internally to verify the signature of SAML assertions. When `xmlsec1` is used without defining the enabled key data, the origin of the public key for the signature verification is, unfortunately, not restricted. That means an attacker can sign the SAML assertions themselves and provide the required public key (e.g. an RSA key) directly embedded in the SAML token. Projects still using RobotsAndPencils/go-saml should move to another SAML library or alternatively remove support for SAML from their projects. The vulnerability can likely temporarily be fixed by forking the go-saml project and adding the command line argument `--enabled-key-data` and specifying a value such as `x509` or `raw-x509-cert` when calling the `xmlsec1` binary in the verify function. Please note that this workaround must be carefully tested before it can be used.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-48703">详情</a></td>
</tr>

<tr>
<td>ea95d9e88f5b6c26b5612f223c42e3a5</td>
<td>CVE-2024-2176</td>
<td>2024-03-06 19:15:09</td>
<td>Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-2176">详情</a></td>
</tr>

<tr>
<td>32d3e67523dbc15d53169a3b8d269771</td>
<td>CVE-2024-2174</td>
<td>2024-03-06 19:15:09</td>
<td>Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-2174">详情</a></td>
</tr>

<tr>
<td>b0b6a6db92fc5e1333838f83f64c2267</td>
<td>CVE-2024-27304</td>
<td>2024-03-06 19:15:08</td>
<td>pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-27304">详情</a></td>
</tr>

<tr>
<td>b39740862ccc3bf6f4f7d8847c144361</td>
<td>CVE-2024-27303</td>
<td>2024-03-06 19:15:08</td>
<td>electron-builder is a solution to package and build a ready for distribution Electron, Proton Native app for macOS, Windows and Linux. A vulnerability that only affects eletron-builder prior to 24.13.2 in Windows, the NSIS installer makes a system call to open cmd.exe via NSExec in the `.nsh` installer script. NSExec by default searches the current directory of where the installer is located before searching `PATH`. This means that if an attacker can place a malicious executable file named cmd.exe in the same folder as the installer, the installer will run the malicious file. Version 24.13.2 fixes this issue. No known workaround exists. The code executes at the installer-level before the app is present on the system, so there's no way to check if it exists in a current installer.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-27303">详情</a></td>
</tr>

<tr>
<td>ac0977b2e9226fa2617a7cdbd31a1eaf</td>
<td>CVE-2024-27302</td>
<td>2024-03-06 19:15:08</td>
<td>go-zero is a web and rpc framework. Go-zero allows user to specify a CORS Filter with a configurable allows param - which is an array of domains allowed in CORS policy. However, the `isOriginAllowed` uses `strings.HasSuffix` to check the origin, which leads to bypass via a malicious domain. This vulnerability is capable of breaking CORS policy and thus allowing any page to make requests and/or retrieve data on behalf of other users. Version 1.4.4 fixes this issue.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-27302">详情</a></td>
</tr>

</tbody>
</table>
</div>
Expand Down

0 comments on commit ccd3cc9

Please sign in to comment.