CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-07-26
High	Prison Management System 1.0 Shell Upload Muhammet Ali Dak
2024-07-24
Med.	SRDB Wordpres Replace Title Multiple CVE Demon King
High	Perten Instruments Process Plus Software 1.11.6507.0 LFI / Hardcoded Credentials Multiple CVE T. Weber
Med.	Designed by Winzone Softech" Bypass Admin With Noredirect Xplo5ionS
2024-07-22
High	Softing Secure Integration Server 1.22 Remote Code Execution Multiple CVE mr_me
Med.	Technocracy Softwares Pvt. Ltd Bypass Admin With Noredirect Xplo5ionS
High	Ghostscript Command Execution / Format String CVE-2024-29510 Thomas Rinsma
Med.	Adobe Commerce / Magento Open Source XML Injection / User Impersonation RedWay Security
2024-07-17
Med.	Bonjour Service mDNSResponder.exe Unquoted Service Path Privilege Escalation bios
Low	XenForo 2.2.15 Cross Site Request Forgery CVE-2024-38457 EgiX
High	Xenforo 2.2.15 Remote Code Execution CVE-2024-38458 EgiX
Med.	Hospital Management System Project In ASP.Net MVC 1 SQL Injection CVE-2024-40502 0xMykull
2024-07-16
Med.	Apache mod_proxy_cluster Stored XSS CVE-2023-6710 Anonymous

Dorks

2024-07-26
CVE-2024-38508	A privilege escalation vulnerability was discovered in the web interface or SSH captive command shell interface of XCC that could allow an authenticated XCC user with elevated privileges to perform command injection via a specially crafted request.
CVE-2024-38509	A privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC user with elevated privileges to execute arbitrary code via a specially crafted IPMI command.
CVE-2024-38510	A privilege escalation vulnerability was discovered in the SSH captive command shell interface that could allow an authenticated XCC user with elevated privileges to perform command injection via specially crafted file uploads.
CVE-2024-38511	A privilege escalation vulnerability was discovered in an upload processing functionality of XCC that could allow an authenticated XCC user with elevated privileges to perform command injection via specially crafted file uploads.
CVE-2024-38512	A privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands.
CVE-2024-40116	An issue in Solar-Log 1000 before v2.8.2 and build 52-23.04.2013 was discovered to store plaintext passwords in the export.html, email.html, and sms.html files.
CVE-2024-40117	Incorrect access control in Solar-Log 1000 before v2.8.2 and build 52- 23.04.2013 allows attackers to obtain Administrative privileges via connecting to the web administration server.
CVE-2024-41112	streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the palette variable in `pages/1_??_Timelapse.py` takes user input, which is later used in the `eval()` function on line 380, leading to remote code execution. Commit c4f81d9616d40c60584e36abb15300853a66e489 fixes...
CVE-2024-41113	streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the `vis_params` variable on line 383 or line 390 in `pages/1_??_Timelapse.py` takes user input, which is later used in the `eval()` function on line 395, leading to remote code execution. Commit c4f81d9616d40c605...
CVE-2024-4786	An improper validation vulnerability was reported in the Lenovo Tab K10 that could allow a specially crafted application to keep the device on.

2024-07-24
Med.	SRDB Wordpres Replace Title( Multiple CVE ) Search-Replace-DB-master	Demon King
Med.	Designed by Winzone Softech" Bypass Admin With Noredirect "Designed by Technocracy Softwares Pvt. Ltd"	Xplo5ionS
2024-07-22
Med.	Technocracy Softwares Pvt. Ltd Bypass Admin With Noredirect "Designed by Technocracy Softwares Pvt. Ltd"	Xplo5ionS
2024-07-15
Med.	lajeh - SQL Injection vulnerability "Powered by lajeh"	Mahdi Karimi
2024-07-12
Med.	lajeh - SQL Injection vulnerability "Powered by lajeh"	Mahdi Karimi

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-07-26

High

2024-07-24

Med.

High

Med.

2024-07-22

High

Med.

High

Med.

2024-07-17

Med.

Low

High

Med.

2024-07-16

Med.

The latest CVEs

2024-07-26

Dorks

2024-07-24

Med.

Med.

2024-07-22

Med.

2024-07-15

Med.

2024-07-12

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations