Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2024-03-03
High
Med.
Low
High
2024-03-01
Med.
Med.
Med.
2024-02-29
Med.
Med.
Low
Low
Med.
Med.

The latest CVEs

2024-03-04
CVE-2024-1316
The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the existence of certain events they shouldn't have access to. (e.g. draft, private, pending review, pw-protected, and trashed events).
CVE-2024-1319
The Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the attendees list on any post type regardless of status. (e.g. draft, private, pending review, password-protected, and trashed posts).
CVE-2024-2168
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/operations/expense_category.php of the component HTTP POST Request Handler. The manipulation of the argument status leads to sql injection. It is possible to launch the ...
CVE-2023-41827
An improper export vulnerability was reported in the Motorola OTA update application, that could allow a malicious, local application to inject an HTML-based message on screen UI.
CVE-2023-41829
An improper export vulnerability was reported in the Motorola Carrier Services application that could allow a malicious, local application to read files without authorization.
CVE-2024-1936
The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a third party. While this update fixes the bug and avoids future me...
CVE-2021-47104
In the Linux kernel, the following vulnerability has been resolved: IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() The wrong goto label was used for the error case and missed cleanup of the pkt allocation. Addresses-Coverity-ID: 1493352 ("Resource leak")
CVE-2021-47105
In the Linux kernel, the following vulnerability has been resolved: ice: xsk: return xsk buffers back to pool when cleaning the ring Currently we only NULL the xdp_buff pointer in the internal SW ring but we never give it back to the xsk buffer pool. This means that buffers can be leaked out of the buff pool and never be used again. Add missing ...
CVE-2021-47106
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nft_set_catchall_destroy() We need to use list_for_each_entry_safe() iterator because we can not access @catchall after kfree_rcu() call. syzbot reported: BUG: KASAN: use-after-free in nft_set_catchall_destroy net/netfilter/nf_tables_...
CVE-2021-47107
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix READDIR buffer overflow If a client sends a READDIR count argument that is too small (say, zero), then the buffer size calculation in the new init_dirlist helper functions results in an underflow, allowing the XDR stream functions to write beyond the actual buffer. Thi...

Dorks

2024-03-03
Low
GL.iNet AR300M v3.216 Remote Code Execution CVE-2023-46456 Exploit( CVE-2023-46456 )
intitle:"GL.iNet Admin Panel"
Michele 'cyberaz0r�...
2024-02-28
Med.
Agencia NUBA- Sql Injection
"Diseño y Programación Agencia NUBA"
behrouz mansoori
Med.
Ficus Global - Blind Sql Injection
"Designed & Maintained by Ficus Global"
behrouz mansoori
2024-02-25
Med.
Axiomatic - Sql Injection
"Design by Axiomatic.it"
behrouz mansoori
Med.
Stealth Media Ltd - Blind Sql Injection
"Website Designed & Developed By Stealth Media Ltd."
behrouz mansoori

Copyright 2024, cxsecurity.com

 

Back to Top