CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2023-03-27
High	Owlfiles File Manager 12.0.1 Multiple Vulnerabilities Chokri Hammedi
Low	Rental House Management System - Reflected Cross-Site Scripting (XSS) İsmail Can DURNA
High	MODX Revolution v2.8.3-pl Authenticated Remote Code Execution CVE-2022-26149 Sarang Tumne @CyberInsane ...
High	Explorer32++ 1.3.5.531 Buffer Overflow Rafael Pedrero
Med.	Scdbg 1.0 Buffer overflow DoS Rafael Pedrero
Med.	Sysax Multi Server 6.95 Password Denial of Service (PoC) Luis Martinez
Low	Anonymous
Med.	Desktop Central 9.1.0 CRLF Injection / Server-Side Request Forgery Rafael Pedrero
Med.	Scdbg 1.0 Denial Of Service Rafael Pedrero
2023-03-22
Med.	Adobe Connect 11.4.5 / 12.1.5 Local File Disclosure CVE-2023-22232 h4shur
Med.	101+ News Portal 1.0 SQL Injection Abdulhakim Oner
Low	Yoga Class Registration System 1.0 Cross Site Scripting Abdulhakim Oner
Med.	Yoga Class Registration 1.0 SQL Injection nu11secur1ty

The latest CVEs

2023-03-29
CVE-2023-26984	An issue in the password reset function of Peppermint v0.2.4 allows attackers to access the emails and passwords of the Tickets page via a crafted request.
CVE-2022-27641	This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of proper validation of user-supplied data, which can ...
CVE-2022-27642	This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect string matching logic when accessing protected pages. ...
CVE-2022-27643	This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. When parsing the SOAPAction header, the process does not properly validate...
CVE-2022-27644	This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via HTTPS. The issue results from the lack of proper...
CVE-2022-27645	This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloud_control.cgi. The issue results from incorrect string matching logic when accessing protected pa...
CVE-2022-27646	This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the circled daemon. A crafted circleinfo.txt ...
CVE-2022-27647	This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the name or email field provi...
CVE-2022-27648	This vulnerability allows remote attackers to execute arbitrary code on affected installations of KOYO Screen Creator 0.1.1.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SCA2 files. The issue results from the lack ...
CVE-2022-28300	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation 10.16.02.034 CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. Crafted data in a ...

Dorks

2023-03-09
Med.	WordPress Real Estate 7 Theme <= 3.3.4 - Abuse of Functionality inurl:/wp-content/themes/realestate-7/	FearZzZz
2023-03-08
Med.	WordPress WoodMart Theme <= 7.1.0 - Unauthenticated Arbitrary Shortcodes Injection( CVE-2023-25790 ) inurl:/wp-content/themes/woodmart/	FearZzZz
2023-03-05
Low	WordPress Real Estate 7 Theme <= 3.3.4 - Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities inurl:/wp-content/themes/realestate-7/	FearZzZz
Low	WordPress Real Estate 7 Theme <= 3.3.4 - Unauthenticated Reflected Cross-Site Scripting (XSS) inurl:/wp-content/themes/realestate-7/	FearZzZz
Low	WordPress WoodMart Theme <= 7.1.1 - Theme License Options Change via CSRF inurl:/wp-content/themes/woodmart/	FearZzZz

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2023-03-27

High

Low

High

High

Med.

Med.

Low

Med.

Med.

2023-03-22

Med.

Med.

Low

Med.

The latest CVEs

2023-03-29

Dorks

2023-03-09

Med.

2023-03-08

Med.

2023-03-05

Low

Low

Low

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations