Skip to content

Commit

Permalink
Updated by Github Bot
Browse files Browse the repository at this point in the history
  • Loading branch information
Github-Bot committed May 24, 2024
1 parent 09b2349 commit c2ec4d8
Show file tree
Hide file tree
Showing 3 changed files with 91 additions and 81 deletions.
10 changes: 10 additions & 0 deletions cache/Tenable (Nessus).dat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -197,3 +197,13 @@ d04c51262bba3b50b37af105eb862484
fc011897f15bd4a27d029bcddcc009e1
f19af93d7c1d7030c96333b968ac6874
c2e1a73c5f37a4b958e0c3ec32e80a1b
54bab2a36410d7fcc7530eac17a4fef6
65af4ab5521a977955ce8e80391b0887
942800735a01fe88dfa69af2e32c1a67
722dd54d08cc5e3a95339bb7e47bc792
b88558ee0323ee23f0cfc62398c0a268
cec3c94f2e5d4b96c5a756ab6bcc8d8c
c519161d468261c9d83db48b2d78cdd5
d966fc4d3a469b3f98fe82495bd83a77
2f4298b754046d75b54f6c23beb4a44c
ecf581cf281a64a57445d2af72657632
Binary file modified data/cves.db
View file
Binary file not shown.
162 changes: 81 additions & 81 deletions docs/index.html
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!-- RELEASE TIME : 2024-05-24 12:36:44 -->
<!-- RELEASE TIME : 2024-05-24 18:26:23 -->
<html lang="zh-cn">

<head>
Expand Down Expand Up @@ -283,6 +283,86 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<th width="43%">TITLE</th>
<th width="5%">URL</th>
</tr>
<tr>
<td>54bab2a36410d7fcc7530eac17a4fef6</td>
<td>CVE-2024-35618</td>
<td>2024-05-24 15:15:24 <img src="imgs/new.gif" /></td>
<td>PingCAP TiDB v7.5.1 was discovered to contain a NULL pointer dereference via the component SortedRowContainer.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-35618">详情</a></td>
</tr>

<tr>
<td>65af4ab5521a977955ce8e80391b0887</td>
<td>CVE-2024-35340</td>
<td>2024-05-24 15:15:24 <img src="imgs/new.gif" /></td>
<td>Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the cmdinput parameter at ip/goform/formexeCommand.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-35340">详情</a></td>
</tr>

<tr>
<td>942800735a01fe88dfa69af2e32c1a67</td>
<td>CVE-2024-35339</td>
<td>2024-05-24 15:15:24 <img src="imgs/new.gif" /></td>
<td>Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-35339">详情</a></td>
</tr>

<tr>
<td>722dd54d08cc5e3a95339bb7e47bc792</td>
<td>CVE-2024-33809</td>
<td>2024-05-24 15:15:24 <img src="imgs/new.gif" /></td>
<td>PingCAP TiDB v7.5.1 was discovered to contain a buffer overflow vulnerability, which could lead to database crashes and denial of service attacks.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33809">详情</a></td>
</tr>

<tr>
<td>b88558ee0323ee23f0cfc62398c0a268</td>
<td>CVE-2024-33470</td>
<td>2024-05-24 15:15:23 <img src="imgs/new.gif" /></td>
<td>An issue in the SMTP Email Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to credentials in plaintext via a passback attack. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33470">详情</a></td>
</tr>

<tr>
<td>cec3c94f2e5d4b96c5a756ab6bcc8d8c</td>
<td>CVE-2024-31510</td>
<td>2024-05-24 15:15:23 <img src="imgs/new.gif" /></td>
<td>An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker to escalate privileges via the crypto_sign_signature parameter in the /pqcrystals-dilithium-standard_ml-dsa-44-ipd_avx2/sign.c component.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-31510">详情</a></td>
</tr>

<tr>
<td>c519161d468261c9d83db48b2d78cdd5</td>
<td>CVE-2024-22588</td>
<td>2024-05-24 15:15:23 <img src="imgs/new.gif" /></td>
<td>Kwik commit 745fd4e2 does not discard unused encryption keys.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-22588">详情</a></td>
</tr>

<tr>
<td>d966fc4d3a469b3f98fe82495bd83a77</td>
<td>CVE-2021-47572</td>
<td>2024-05-24 15:15:22 <img src="imgs/new.gif" /></td>
<td>In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled (!CONFIG_IPV6) we'll hit a NULL pointer dereference[1] in the error path of nh_create_ipv6() due to calling ipv6_stub->fib6_nh_release. The bug has been present since the beginning of IPv6 nexthop gateway support. Commit 1aefd3de7bc6 ("ipv6: Add fib6_nh_init and release to stubs") tells us that only fib6_nh_init has a dummy stub because fib6_nh_release should not be called if fib6_nh_init returns an error, but the commit below added a call to ipv6_stub->fib6_nh_release in its error path. To fix it return the dummy stub's -EAFNOSUPPORT error directly without calling ipv6_stub->fib6_nh_release in nh_create_ipv6()'s error path. [1] Output is a bit truncated, but it clearly shows the error. BUG: kernel NULL pointer dereference, address: 000000000000000000 #PF: supervisor instruction fetch in kernel modede #PF: error_code(0x0010) - not-present pagege PGD 0 P4D 0 Oops: 0010 [#1] PREEMPT SMP NOPTI CPU: 4 PID: 638 Comm: ip Kdump: loaded Not tainted 5.16.0-rc1+ #446 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-4.fc34 04/01/2014 RIP: 0010:0x0 Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. RSP: 0018:ffff888109f5b8f0 EFLAGS: 00010286^Ac RAX: 0000000000000000 RBX: ffff888109f5ba28 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8881008a2860 RBP: ffff888109f5b9d8 R08: 0000000000000000 R09: 0000000000000000 R10: ffff888109f5b978 R11: ffff888109f5b948 R12: 00000000ffffff9f R13: ffff8881008a2a80 R14: ffff8881008a2860 R15: ffff8881008a2840 FS: 00007f98de70f100(0000) GS:ffff88822bf00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffffffffd6 CR3: 0000000100efc000 CR4: 00000000000006e0 Call Trace: <TASK> nh_create_ipv6+0xed/0x10c rtm_new_nexthop+0x6d7/0x13f3 ? check_preemption_disabled+0x3d/0xf2 ? lock_is_held_type+0xbe/0xfd rtnetlink_rcv_msg+0x23f/0x26a ? check_preemption_disabled+0x3d/0xf2 ? rtnl_calcit.isra.0+0x147/0x147 netlink_rcv_skb+0x61/0xb2 netlink_unicast+0x100/0x187 netlink_sendmsg+0x37f/0x3a0 ? netlink_unicast+0x187/0x187 sock_sendmsg_nosec+0x67/0x9b ____sys_sendmsg+0x19d/0x1f9 ? copy_msghdr_from_user+0x4c/0x5e ? rcu_read_lock_any_held+0x2a/0x78 ___sys_sendmsg+0x6c/0x8c ? asm_sysvec_apic_timer_interrupt+0x12/0x20 ? lockdep_hardirqs_on+0xd9/0x102 ? sockfd_lookup_light+0x69/0x99 __sys_sendmsg+0x50/0x6e do_syscall_64+0xcb/0xf2 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f98dea28914 Code: 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b5 0f 1f 80 00 00 00 00 48 8d 05 e9 5d 0c 00 8b 00 85 c0 75 13 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 41 54 41 89 d4 55 48 89 f5 53 RSP: 002b:00007fff859f5e68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e2e RAX: ffffffffffffffda RBX: 00000000619cb810 RCX: 00007f98dea28914 RDX: 0000000000000000 RSI: 00007fff859f5ed0 RDI: 0000000000000003 RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000008 R10: fffffffffffffce6 R11: 0000000000000246 R12: 0000000000000001 R13: 000055c0097ae520 R14: 000055c0097957fd R15: 00007fff859f63a0 </TASK> Modules linked in: bridge stp llc bonding virtio_net</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2021-47572">详情</a></td>
</tr>

<tr>
<td>2f4298b754046d75b54f6c23beb4a44c</td>
<td>CVE-2021-47571</td>
<td>2024-05-24 15:15:22 <img src="imgs/new.gif" /></td>
<td>In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() The free_rtllib() function frees the "dev" pointer so there is use after free on the next line. Re-arrange things to avoid that.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2021-47571">详情</a></td>
</tr>

<tr>
<td>ecf581cf281a64a57445d2af72657632</td>
<td>CVE-2021-47570</td>
<td>2024-05-24 15:15:22 <img src="imgs/new.gif" /></td>
<td>In the Linux kernel, the following vulnerability has been resolved: staging: r8188eu: fix a memory leak in rtw_wx_read32() Free "ptmp" before returning -EINVAL.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2021-47570">详情</a></td>
</tr>

<tr>
<td>63980e84e9a6a05782ca50d4b3984f28</td>
<td>CVE-2024-5315</td>
Expand Down Expand Up @@ -443,86 +523,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-4706">详情</a></td>
</tr>

<tr>
<td>b79854e975ae21c0f3dcc72dcc580a3e</td>
<td>CVE-2024-5147</td>
<td>2024-05-22 08:15:10</td>
<td>The WPZOOM Addons for Elementor (Templates, Widgets) plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.37 via the 'grid_style' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-5147">详情</a></td>
</tr>

<tr>
<td>ac9efb92d819822efdc710d54bf44b33</td>
<td>CVE-2024-4157</td>
<td>2024-05-22 08:15:10</td>
<td>The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.1.15 via deserialization of untrusted input in the extractDynamicValues function. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a PHP Object. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. Successful exploitation requires the attacker to have "View Form" and "Manage Form" permissions, which must be explicitly set by an administrator. However, this requirement can be bypassed when this vulnerability is chained with CVE-2024-2771.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-4157">详情</a></td>
</tr>

<tr>
<td>4afd4d8865b4a7df295569238008caf5</td>
<td>CVE-2024-3671</td>
<td>2024-05-22 08:15:10</td>
<td>The Print-O-Matic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'print-me' shortcode in all versions up to, and including, 2.1.10 due to insufficient input sanitization and output escaping on user supplied attributes such as 'tag'. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-3671">详情</a></td>
</tr>

<tr>
<td>2278a8fd818269d80d4442206b718ad7</td>
<td>CVE-2024-3666</td>
<td>2024-05-22 08:15:10</td>
<td>The Opal Estate Pro – Property Management and Submission plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the agent latitude and longitude parameters in all versions up to, and including, 1.7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-3666">详情</a></td>
</tr>

<tr>
<td>febfb5eefa22ebb80d3c1be7bb3aee60</td>
<td>CVE-2024-32988</td>
<td>2024-05-22 08:15:10</td>
<td>'OfferBox' App for Android versions 2.0.0 to 2.3.17 and 'OfferBox' App for iOS versions 2.1.7 to 2.6.14 use a hard-coded secret key for JWT. Secret key for JWT may be retrieved if the application binary is reverse-engineered.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-32988">详情</a></td>
</tr>

<tr>
<td>6b2f93fb52ca683b9f73d74dfbb95f26</td>
<td>CVE-2024-2953</td>
<td>2024-05-22 08:15:09</td>
<td>The LuckyWP Table of Contents plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Contributor permissions and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-2953">详情</a></td>
</tr>

<tr>
<td>b6a08128fb6324fa906360898beb38be</td>
<td>CVE-2024-2163</td>
<td>2024-05-22 08:15:09</td>
<td>The Ninja Beaver Add-ons for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 2.4.5 due to insufficient input sanitization and output escaping on user supplied attributes such as urls. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-2163">详情</a></td>
</tr>

<tr>
<td>bdd6ef772b8db6f007152bfbf874e509</td>
<td>CVE-2024-2119</td>
<td>2024-05-22 08:15:09</td>
<td>The LuckyWP Table of Contents plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the attrs parameter in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-2119">详情</a></td>
</tr>

<tr>
<td>0cbe9b224644a97ef878b5ba3509dde2</td>
<td>CVE-2024-0632</td>
<td>2024-05-22 08:15:08</td>
<td>The Automatic Translator with Google Translate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom font setting in all versions up to, and including, 1.5.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-0632">详情</a></td>
</tr>

<tr>
<td>40cc13d980b8ee9a91dd41b5b0084d9c</td>
<td>CVE-2023-6487</td>
<td>2024-05-22 08:15:08</td>
<td>The LuckyWP Table of Contents plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Header Title' field in all versions up to and including 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-6487">详情</a></td>
</tr>

</tbody>
</table>
</div>
Expand Down

0 comments on commit c2ec4d8

Please sign in to comment.