Skip to content

Commit

Permalink
Updated by Github Bot
Browse files Browse the repository at this point in the history
  • Loading branch information
Github-Bot committed Feb 2, 2024
1 parent 81dff14 commit ef13dca
Show file tree
Hide file tree
Showing 3 changed files with 37 additions and 36 deletions.
1 change: 1 addition & 0 deletions cache/RedQueen.dat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -190,3 +190,4 @@ ee62c86d325d3d16288c8b003fed1c04
b4643f3907b8063dda1bc6cc5035927e
26a58bd91d7615b80f86c1ddbbdaaf2a
646843fe2ecbb1ba268d163768b374af
ad941588557c105933f1e94754923ee3
Binary file modified data/cves.db
View file
Binary file not shown.
72 changes: 36 additions & 36 deletions docs/index.html
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!-- RELEASE TIME : 2024-02-01 23:23:10 -->
<!-- RELEASE TIME : 2024-02-02 03:24:35 -->
<html lang="zh-cn">

<head>
Expand Down Expand Up @@ -366,159 +366,159 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<tr>
<td>7efaec2584d2789a92b5ff0277e6b617</td>
<td>CVE-2024-22159</td>
<td>2024-01-31 19:15:09 <img src="imgs/new.gif" /></td>
<td>2024-01-31 19:15:09</td>
<td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional allows Reflected XSS.This issue affects WOLF – WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-22159">详情</a></td>
</tr>

<tr>
<td>1f26b0c20c004a4d0efbe9e54d30b7aa</td>
<td>CVE-2024-22158</td>
<td>2024-01-31 19:15:09 <img src="imgs/new.gif" /></td>
<td>2024-01-31 19:15:09</td>
<td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles allows Stored XSS.This issue affects Community by PeepSo – Social Network, Membership, Registration, User Profiles: from n/a before 6.3.1.0.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-22158">详情</a></td>
</tr>

<tr>
<td>a03c3f4dc9b9b1f47fd5d3f0a4dc43e7</td>
<td>CVE-2024-22153</td>
<td>2024-01-31 19:15:09 <img src="imgs/new.gif" /></td>
<td>2024-01-31 19:15:09</td>
<td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood & Alexandre Faustino Stock Locations for WooCommerce allows Stored XSS.This issue affects Stock Locations for WooCommerce: from n/a through 2.5.9.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-22153">详情</a></td>
</tr>

<tr>
<td>8eda8b6b9ab8c10e96e1106f3a083d1b</td>
<td>CVE-2024-22150</td>
<td>2024-01-31 19:15:09 <img src="imgs/new.gif" /></td>
<td>2024-01-31 19:15:09</td>
<td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PWR Plugins Portfolio & Image Gallery for WordPress | PowerFolio allows Stored XSS.This issue affects Portfolio & Image Gallery for WordPress | PowerFolio: from n/a through 3.1.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-22150">详情</a></td>
</tr>

<tr>
<td>a40e13b68eb55bdb44f82b08986c96b4</td>
<td>CVE-2024-22146</td>
<td>2024-01-31 19:15:08 <img src="imgs/new.gif" /></td>
<td>2024-01-31 19:15:08</td>
<td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magazine3 Schema & Structured Data for WP & AMP allows Stored XSS.This issue affects Schema & Structured Data for WP & AMP: from n/a through 1.25.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-22146">详情</a></td>
</tr>

<tr>
<td>01dd3d0c761342bc0bf52087cac0a1d4</td>
<td>CVE-2024-21917</td>
<td>2024-01-31 19:15:08 <img src="imgs/new.gif" /></td>
<td>2024-01-31 19:15:08</td>
<td>A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. If exploited, a malicious user could potentially retrieve user information and modify settings without any authentication.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-21917">详情</a></td>
</tr>

<tr>
<td>b15e08907b00af06d9854c719589fadc</td>
<td>CVE-2024-21916</td>
<td>2024-01-31 19:15:08 <img src="imgs/new.gif" /></td>
<td>2024-01-31 19:15:08</td>
<td>A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault (MNRF). The device will restart itself to recover from the MNRF.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-21916">详情</a></td>
</tr>

<tr>
<td>bad4d9d030d56df4acabb8a471192177</td>
<td>CVE-2024-1111</td>
<td>2024-01-31 19:15:08 <img src="imgs/new.gif" /></td>
<td>2024-01-31 19:15:08</td>
<td>A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched remotely. VDB-252470 is the identifier assigned to this vulnerability.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-1111">详情</a></td>
</tr>

<tr>
<td>e8c00b66ad7f031bf982e09b86de5ce0</td>
<td>CVE-2024-23637</td>
<td>2024-01-31 18:15:49 <img src="imgs/new.gif" /></td>
<td>2024-01-31 18:15:49</td>
<td>OctoPrint is a web interface for 3D printer.s OctoPrint versions up until and including 1.9.3 contain a vulnerability that allows malicious admins to change the password of other admin accounts, including their own, without having to repeat their password. An attacker who managed to hijack an admin account might use this to lock out actual admins from their OctoPrint instance. The vulnerability will be patched in version 1.10.0.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-23637">详情</a></td>
</tr>

<tr>
<td>713cef78838587eaf92fe2eba1a3a32d</td>
<td>CVE-2024-22297</td>
<td>2024-01-31 18:15:49 <img src="imgs/new.gif" /></td>
<td>2024-01-31 18:15:49</td>
<td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeboxr CBX Map for Google Map & OpenStreetMap allows Stored XSS.This issue affects CBX Map for Google Map & OpenStreetMap: from n/a through 1.1.11.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-22297">详情</a></td>
</tr>

<tr>
<td>7f4e07b68e2ac54a4c6db5b9cc94c70b</td>
<td>CVE-2023-44313</td>
<td>2024-01-31 09:15:43 <img src="imgs/new.gif" /></td>
<td>2024-01-31 09:15:43</td>
<td>Server-Side Request Forgery (SSRF) vulnerability in Apache ServiceComb Service-Center. Attackers can obtain sensitive server information through specially crafted requests.This issue affects Apache ServiceComb before 2.1.0(include). Users are recommended to upgrade to version 2.2.0, which fixes the issue.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-44313">详情</a></td>
</tr>

<tr>
<td>2e80bc45631c321f7245e5e5a2362e3b</td>
<td>CVE-2023-44312</td>
<td>2024-01-31 09:15:43 <img src="imgs/new.gif" /></td>
<td>2024-01-31 09:15:43</td>
<td>Exposure of Sensitive Information to an Unauthorized Actor in Apache ServiceComb Service-Center.This issue affects Apache ServiceComb Service-Center before 2.1.0 (include). Users are recommended to upgrade to version 2.2.0, which fixes the issue.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-44312">详情</a></td>
</tr>

<tr>
<td>02fcd3d9d7ab0eb47916ae56dc4e99d3</td>
<td>CVE-2024-23775</td>
<td>2024-01-31 08:15:42 <img src="imgs/new.gif" /></td>
<td>2024-01-31 08:15:42</td>
<td>Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers to cause a denial of service (DoS) via mbedtls_x509_set_extension().</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-23775">详情</a></td>
</tr>

<tr>
<td>be1461fa81b2fe6a1ef0c7961b600eb1</td>
<td>CVE-2024-23170</td>
<td>2024-01-31 08:15:42 <img src="imgs/new.gif" /></td>
<td>2024-01-31 08:15:42</td>
<td>An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT: the Marvin Attack" by Hubert Kario.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-23170">详情</a></td>
</tr>

<tr>
<td>d9f85d5b96a278058ae92f76407bc4cc</td>
<td>CVE-2024-1012</td>
<td>2024-01-31 08:15:41 <img src="imgs/new.gif" /></td>
<td>2024-01-31 08:15:41</td>
<td>A vulnerability, which was classified as critical, has been found in Wanhu ezOFFICE 11.1.0. This issue affects some unknown processing of the file defaultroot/platform/bpm/work_flow/operate/wf_printnum.jsp. The manipulation of the argument recordId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252281 was assigned to this vulnerability.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-1012">详情</a></td>
</tr>

<tr>
<td>e63d40401295dcbb772d6c1dd4cb4514</td>
<td>CVE-2024-0836</td>
<td>2024-01-31 08:15:41 <img src="imgs/new.gif" /></td>
<td>2024-01-31 08:15:41</td>
<td>The WordPress Review & Structure Data Schema Plugin – Review Schema plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the rtrs_review_edit() function in all versions up to, and including, 2.1.14. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify arbitrary reviews.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-0836">详情</a></td>
</tr>

<tr>
<td>12eb6a740c2600c2bc8e18d05075f7b9</td>
<td>CVE-2024-22236</td>
<td>2024-01-31 07:15:07 <img src="imgs/new.gif" /></td>
<td>2024-01-31 07:15:07</td>
<td>In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in the org.springframework.cloud:spring-cloud-contract-shade dependency.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-22236">详情</a></td>
</tr>

<tr>
<td>490783c56d358d587d8fb5c54bf885c3</td>
<td>CVE-2023-3934</td>
<td>2024-01-31 06:15:45 <img src="imgs/new.gif" /></td>
<td>2024-01-31 06:15:45</td>
<td>Rejected reason: Please discard this CVE, we are not using this anymore. The vulnerability turned out to be a non-security issue</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-3934">详情</a></td>
</tr>

<tr>
<td>00582fe99a29bb73b013f12fe676249e</td>
<td>CVE-2024-0914</td>
<td>2024-01-31 05:15:08 <img src="imgs/new.gif" /></td>
<td>2024-01-31 05:15:08</td>
<td>A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-0914">详情</a></td>
</tr>

<tr>
<td>8ce42f2177c88d28261110921a12e179</td>
<td>CVE-2024-1069</td>
<td>2024-01-31 03:15:08 <img src="imgs/new.gif" /></td>
<td>2024-01-31 03:15:08</td>
<td>The Contact Form Entries plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'view_page' function in versions up to, and including, 1.3.2. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-1069">详情</a></td>
</tr>
Expand Down Expand Up @@ -1974,119 +1974,119 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<tr>
<td>972f3b21114620f2ab7fa91903c47554</td>
<td>CVE-2023-6212</td>
<td>2024-01-31 09:20:03 <img src="imgs/new.gif" /></td>
<td>2024-01-31 09:20:03</td>
<td>Mozilla多款产品内存破坏漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/90262">详情</a></td>
</tr>

<tr>
<td>6e496427efd15561f3ad9d46528ef3ba</td>
<td>CVE-2023-6213</td>
<td>2024-01-31 09:20:03 <img src="imgs/new.gif" /></td>
<td>2024-01-31 09:20:03</td>
<td>Mozilla Firefox内存破坏漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/90261">详情</a></td>
</tr>

<tr>
<td>74e4ba34d4b2b0dbe3291d6ba422c4bd</td>
<td>CVE-2023-21416</td>
<td>2024-01-31 09:20:03 <img src="imgs/new.gif" /></td>
<td>2024-01-31 09:20:03</td>
<td>AXIS OS拒绝服务漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/90260">详情</a></td>
</tr>

<tr>
<td>90eea45d2b36254835a96f7bb2ebcd5f</td>
<td>CVE-2023-21417</td>
<td>2024-01-31 09:20:03 <img src="imgs/new.gif" /></td>
<td>2024-01-31 09:20:03</td>
<td>AXIS OS路径遍历漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/90259">详情</a></td>
</tr>

<tr>
<td>e0463769e81390bc771df5185d308215</td>
<td>CVE-2023-45886</td>
<td>2024-01-31 09:20:03 <img src="imgs/new.gif" /></td>
<td>2024-01-31 09:20:03</td>
<td>F5 BIG-IP拒绝服务漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/90258">详情</a></td>
</tr>

<tr>
<td>fd548045944d59ff5498d58bfa938b18</td>
<td>CVE-2023-42770</td>
<td>2024-01-31 09:20:03 <img src="imgs/new.gif" /></td>
<td>2024-01-31 09:20:03</td>
<td>Red Lion Controls SixTRAK和VersaTRAK Series RTU身份认证绕过漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/90257">详情</a></td>
</tr>

<tr>
<td>af7b4c71a2247009daecb5eba2f3bda3</td>
<td>CVE-2023-6144</td>
<td>2024-01-31 09:20:03 <img src="imgs/new.gif" /></td>
<td>2024-01-31 09:20:03</td>
<td>DevBlog授权绕过漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/90256">详情</a></td>
</tr>

<tr>
<td>39508da40b5cb2476c498a85ee48a8bf</td>
<td>CVE-2023-6142</td>
<td>2024-01-31 09:20:03 <img src="imgs/new.gif" /></td>
<td>2024-01-31 09:20:03</td>
<td>DevBlog跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/90255">详情</a></td>
</tr>

<tr>
<td>a435207d2571e9adce170c54973f3c6c</td>
<td>CVE-2023-40151</td>
<td>2024-01-31 09:20:03 <img src="imgs/new.gif" /></td>
<td>2024-01-31 09:20:03</td>
<td>Red Lion Controls SixTRAK和VersaTRAK Series RTU危险方法或功能漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/90254">详情</a></td>
</tr>

<tr>
<td>e480554b7c5bbb4fc2deb703af76f66b</td>
<td>CVE-2023-6199</td>
<td>2024-01-31 09:20:03 <img src="imgs/new.gif" /></td>
<td>2024-01-31 09:20:03</td>
<td>Book Stack服务器端请求伪造漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/90253">详情</a></td>
</tr>

<tr>
<td>a84a8041b1a85b1ae386cf32f7fe48ca</td>
<td>CVE-2023-48051</td>
<td>2024-01-31 09:20:03 <img src="imgs/new.gif" /></td>
<td>2024-01-31 09:20:03</td>
<td>upydev加密长度不足漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/90252">详情</a></td>
</tr>

<tr>
<td>fa4e24e1fc791f1b012386989d5f8874</td>
<td>CVE-2023-48310</td>
<td>2024-01-31 09:20:03 <img src="imgs/new.gif" /></td>
<td>2024-01-31 09:20:03</td>
<td>TestingPlatform输入验证错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/90251">详情</a></td>
</tr>

<tr>
<td>696f6288c6a989864563aa3683782e9c</td>
<td>CVE-2023-48192</td>
<td>2024-01-31 09:20:03 <img src="imgs/new.gif" /></td>
<td>2024-01-31 09:20:03</td>
<td>TOTOLINK A3700R代码注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/90250">详情</a></td>
</tr>

<tr>
<td>9cd3f01a1cf3e823c2e7b0185c0f04bf</td>
<td>CVE-2023-48176</td>
<td>2024-01-31 09:20:03 <img src="imgs/new.gif" /></td>
<td>2024-01-31 09:20:03</td>
<td>WebsiteGuide不安全权限漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/90249">详情</a></td>
</tr>

<tr>
<td>74827c4ebfbb3d04707793bc1c7a3daa</td>
<td>CVE-2023-6178</td>
<td>2024-01-31 09:20:03 <img src="imgs/new.gif" /></td>
<td>2024-01-31 09:20:03</td>
<td>Tenable Nessus任意文件写入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/90248">详情</a></td>
</tr>
Expand Down

0 comments on commit ef13dca

Please sign in to comment.