Updated by Github Bot

EXP-Tools · Feb 11, 2024 · e7af400 · e7af400
1 parent 6e530d6
commit e7af400
Show file tree

Hide file tree

Showing 3 changed files with 91 additions and 81 deletions.
diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat
@@ -143,3 +143,13 @@ d66473d0e3a60316e1a21e207a0ee59b
 763b7748b2e954de4bd023c6cab61f4c
 2c2ef9aa4822fe109a011853f0ed7302
 dfcddebbae4da0abacf7b4b259fb76f3
+ed12debe3aa15237e1ce625b8bdc75dc
+061cfacf3d6ab6a1e6e3e8d698165661
+a4a820edf24435c39dfeef8af4bfe37a
+9db7aa02c0ee17ff06abc6c3e9eca064
+6b7d0373962eb9f3491ca8bb2120f89e
+a4f6a250e2a5cceccd57d833a0bc1d09
+4af14b5ecf1632767d889fe4108a3b5f
+321ee7bd3eff437df0ce32737d318c47
+34d2bca3e6d18e59ffc753e611d0daa1
+f4f9ca58a6c1a835ad662c25aa818998
diff --git a/data/cves.db b/data/cves.db
diff --git a/docs/index.html b/docs/index.html
@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2024-02-11 03:23:31 -->
+<!-- RELEASE TIME : 2024-02-11 05:25:03 -->
 <html lang="zh-cn">
 
  <head>
@@ -283,6 +283,86 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <th width="43%">TITLE</th>
        <th width="5%">URL</th>
       </tr>
+      <tr>
+       <td>ed12debe3aa15237e1ce625b8bdc75dc</td>
+       <td>CVE-2023-52427</td>
+       <td>2024-02-11 04:15:08 <img src="imgs/new.gif" /></td>
+       <td>In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of resource_limits.max_samples. NOTE: the vendor's position is that the product is not designed to handle a max_samples value that is too large for the amount of memory on the system.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-52427">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>061cfacf3d6ab6a1e6e3e8d698165661</td>
+       <td>CVE-2024-25715</td>
+       <td>2024-02-11 03:15:09 <img src="imgs/new.gif" /></td>
+       <td>Glewlwyd SSO server 2.x through 2.7.6 allows open redirection via redirect_uri.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-25715">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>a4a820edf24435c39dfeef8af4bfe37a</td>
+       <td>CVE-2024-25714</td>
+       <td>2024-02-11 03:15:09 <img src="imgs/new.gif" /></td>
+       <td>In Rhonabwy through 1.1.13, HMAC signature verification uses a strcmp function that is vulnerable to side-channel attacks, because it stops the comparison when the first difference is spotted in the two signatures. (The fix uses gnutls_memcmp, which has constant-time execution.)</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-25714">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>9db7aa02c0ee17ff06abc6c3e9eca064</td>
+       <td>CVE-2024-1432</td>
+       <td>2024-02-11 03:15:08 <img src="imgs/new.gif" /></td>
+       <td>** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22 and classified as problematic. This issue affects the function apply_xseg of the file main.py. The manipulation leads to deserialization. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-253391. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-1432">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>6b7d0373962eb9f3491ca8bb2120f89e</td>
+       <td>CVE-2024-1431</td>
+       <td>2024-02-11 03:15:07 <img src="imgs/new.gif" /></td>
+       <td>A vulnerability was found in Netgear R7000 1.0.11.136_10.2.120 and classified as problematic. Affected by this issue is some unknown functionality of the file /debuginfo.htm of the component Web Management Interface. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. VDB-253382 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-1431">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>a4f6a250e2a5cceccd57d833a0bc1d09</td>
+       <td>CVE-2024-23724</td>
+       <td>2024-02-11 01:15:08 <img src="imgs/new.gif" /></td>
+       <td>Ghost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. NOTE: The discoverer reports that "The vendor does not view this as a valid vector."</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-23724">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>4af14b5ecf1632767d889fe4108a3b5f</td>
+       <td>CVE-2024-1430</td>
+       <td>2024-02-11 01:15:07 <img src="imgs/new.gif" /></td>
+       <td>A vulnerability has been found in Netgear R7000 1.0.11.136_10.2.120 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /currentsetting.htm of the component Web Management Interface. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. The identifier VDB-253381 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-1430">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>321ee7bd3eff437df0ce32737d318c47</td>
+       <td>CVE-2024-22313</td>
+       <td>2024-02-10 16:15:08 <img src="imgs/new.gif" /></td>
+       <td>IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 278749.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-22313">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>34d2bca3e6d18e59ffc753e611d0daa1</td>
+       <td>CVE-2024-22312</td>
+       <td>2024-02-10 16:15:08 <img src="imgs/new.gif" /></td>
+       <td>IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 278748.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-22312">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>f4f9ca58a6c1a835ad662c25aa818998</td>
+       <td>CVE-2023-50957</td>
+       <td>2024-02-10 16:15:07 <img src="imgs/new.gif" /></td>
+       <td>IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform unauthorized actions after obtaining encrypted data from clear text key storage. IBM X-Force ID: 275783.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-50957">详情</a></td>
+      </tr>
+
       <tr>
        <td>03fffefb6ae52488a2423ab10240a426</td>
        <td>CVE-2023-45718</td>
@@ -443,86 +523,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-1122">详情</a></td>
       </tr>
 
-      <tr>
-       <td>479116192245ec9ff6a728dc9d09567e</td>
-       <td>CVE-2024-24350</td>
-       <td>2024-02-08 01:15:27</td>
-       <td>File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-24350">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>77c21347e652d860e89e006d0de6afb2</td>
-       <td>CVE-2024-24026</td>
-       <td>2024-02-08 01:15:27</td>
-       <td>An arbitrary File upload vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions at com.java2nb.system.controller.SysUserController: uploadImg(). An attacker can pass in specially crafted filename parameter to perform arbitrary File download.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-24026">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>333849acd4a5c1a2af3f3b7d161d2252</td>
-       <td>CVE-2024-24025</td>
-       <td>2024-02-08 01:15:27</td>
-       <td>An arbitrary File upload vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: upload(). An attacker can pass in specially crafted filename parameter to perform arbitrary File download.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-24025">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>4291a34c7d76bd9ad26182719fe6a8f1</td>
-       <td>CVE-2024-24024</td>
-       <td>2024-02-08 01:15:27</td>
-       <td>An arbitrary File download vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: fileDownload(). An attacker can pass in specially crafted filePath and fieName parameters to perform arbitrary File download.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-24024">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>25c7166099e951170ba8abfb2e515c5d</td>
-       <td>CVE-2024-24023</td>
-       <td>2024-02-08 01:15:27</td>
-       <td>A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. An attacker can pass specially crafted offset, limit, and sort parameters to perform SQL injection via /novel/bookContent/list.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-24023">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>95ba57c5db4c1e3295d2538b15d2d63b</td>
-       <td>CVE-2024-24018</td>
-       <td>2024-02-08 01:15:27</td>
-       <td>A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass in crafted offset, limit, and sort parameters to perform SQL injection via /system/dataPerm/list</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-24018">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>96e1de53cecadc04d3dea58ed660b48f</td>
-       <td>CVE-2023-48974</td>
-       <td>2024-02-08 01:15:26</td>
-       <td>Cross Site Scripting vulnerability in Axigen WebMail v.10.5.7 and before allows a remote attacker to escalate privileges via a crafted script to the serverName_input parameter.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-48974">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>0e17b051a9f235afaa8fb218b16197a7</td>
-       <td>CVE-2024-24806</td>
-       <td>2024-02-07 22:15:10</td>
-       <td>libuv is a multi-platform support library with a focus on asynchronous I/O. The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows counterpart `src/win/getaddrinfo.c`), truncates hostnames to 256 characters before calling `getaddrinfo`. This behavior can be exploited to create addresses like `0x00007f000001`, which are considered valid by `getaddrinfo` and could allow an attacker to craft payloads that resolve to unintended IP addresses, bypassing developer checks. The vulnerability arises due to how the `hostname_ascii` variable (with a length of 256 bytes) is handled in `uv_getaddrinfo` and subsequently in `uv__idna_toascii`. When the hostname exceeds 256 characters, it gets truncated without a terminating null byte. As a result attackers may be able to access internal APIs or for websites (similar to MySpace) that allows users to have `username.example.com` pages. Internal services that crawl or cache these user pages can be exposed to SSRF attacks if a malicious user chooses a long vulnerable username. This issue has been addressed in release version 1.48.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-24806">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>c00a2531e0b8c99f91b3a8f4cb5aff41</td>
-       <td>CVE-2024-23448</td>
-       <td>2024-02-07 22:15:09</td>
-       <td>An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest, this could lead to the insertion of sensitive or private information in the APM Server logs.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-23448">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>130dc4379d0320843f5025e232b3bb0f</td>
-       <td>CVE-2024-1066</td>
-       <td>2024-02-07 22:15:09</td>
-       <td>An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using GraphQL `vulnerabilitiesCountByDay`</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-1066">详情</a></td>
-      </tr>
-
      </tbody>
     </table>
    </div>