Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2024-10-07
Low
Med.
Med.
Med.
Low
Med.
2024-10-05
High
High
Med.
High
High
Med.
2024-10-02
Med.

The latest CVEs

Dorks

2024-10-08
CVE-2024-45873
A DLL hijacking vulnerability in VegaBird Yaazhini 2.0.2 allows attackers to execute arbitrary code / maintain persistence via placing a crafted DLL file in the same directory as Yaazhini.exe.
CVE-2024-45874
A DLL hijacking vulnerability in VegaBird Vooki 5.2.9 allows attackers to execute arbitrary code / maintain persistence via placing a crafted DLL file in the same directory as Vooki.exe.
CVE-2024-47781
CreateWiki is an extension used at Miraheze for requesting & creating wikis. The name of requested wikis is not escaped on Special:RequestWikiQueue, so a user can insert arbitrary HTML that is displayed in the request wiki queue when requesting a wiki. If a wiki creator comes across the XSS payload, their user session can be abused to retrieve ...
CVE-2024-47782
WikiDiscover is an extension designed for use with a CreateWiki managed farm to display wikis. Special:WikiDiscover is a special page that lists all wikis on the wiki farm. However, the special page does not make any effort to escape the wiki name or description. Therefore, if a wiki sets its name and/or description to an XSS payload, the XSS will ...
CVE-2024-47814
Vim is an open source, command line text editor. A use-after-free was found in Vim < 9.1.0764. When closing a buffer (visible in a window) a BufWinLeave auto command can cause an use-after-free if this auto command happens to re-open the same buffer in a new split window. Impact is low since the user must have intentionally set up such a strange...
CVE-2024-47817
Lara-zeus Dynamic Dashboard simple way to manage widgets for your website landing page, and filament dashboard and Lara-zeus artemis is a collection of themes for the lara-zeus ecosystem. If values passed to a paragraph widget are not valid and contain a specific set of characters, applications are vulnerable to XSS attack against a user who opens ...
CVE-2024-47818
Saltcorn is an extensible, open source, no-code database application builder. A logged-in user with any role can delete arbitrary files on the filesystem by calling the `sync/clean_sync_dir` endpoint. The `dir_name` POST parameter is not validated/sanitized and is used to construct the `syncDir` that is deleted by calling `fs.rm`. This issue has be...
CVE-2024-47968
Improper resource shutdown in middle of certain operations on some Solidigm DC Products may allow an attacker to potentially enable denial of service.
CVE-2024-47969
Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially enable denial of service.
2024-10-07
CVE-2024-31227
Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem exists in Redis 7 prior to versions 7.2.6 and 7.4.1. Users are advised to upgrade. There are no known workaroun...
2024-10-07
Med.
Online Complete - Blind Sql Injection Vulnerability
"Powered by Online Complete to"
behrouz mansoori
2024-10-05
High
MD-Pro 1.0.76 Shell Upload / SQL Injection
intext: Powered by MD-Pro
Emiliano Febbi
2024-09-30
Med.
krishna Tech - Sql Injection
"Website Developed By krishna Tech"
behrouz mansoori
2024-09-29
Med.
Era infotech - Sql Injection
"Design & Developed By: Era infotech"
behrouz mansoori
Med.
Era infotech - Blind Sql Injection Vulnerability
"Design & Developed By: Era infotech"
behrouz mansoori

Copyright 2024, cxsecurity.com

 

Back to Top