CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-10-16
Med.	dolibarr 20.0.1 Multiple security token SQLi nu11secur1ty
High	BYOB Unauthenticated Remote Code Execution Multiple CVE Valentin Lobstein
Med.	Ultra Mini HTTPd 1.21 - POST - Denial of Service (DoS) Fagner Lima - Aka r3ng4f
2024-10-13
Med.	VICIdial 2.14-917a SQL Injection CVE-2024-8503 Jaggar Henry
Med.	WordPress LMS 4.2.7 SQL Injection CVE-2024-8522 Avento
Med.	Netman 204 4.05 SQL Injection / Unauthenticated Password Reset Multiple CVE T. Weber
2024-10-12
Med.	BALC Media - Blind Sql Injection Vulnerability behrouz mansoori
Med.	ABB Cylon Aspect 3.07.02 sshUpdate.php Unauthenticated Remote SSH Service Control LiquidWorm
High	ABB Cylon Aspect 3.08.00 dialupSwitch.php Remote Code Execution LiquidWorm
Med.	ABB Cylon Aspect 3.07.02 user.properties Default Credentials LiquidWorm
2024-10-08
Med.	PHP-Nuke Top Module SQL Injection Emiliano Febbi
2024-10-07
Low	Acronis Cyber Infrastructure Default Password Remote Code Execution h00die-gr3y
Med.	Online Complete - Blind Sql Injection Vulnerability behrouz mansoori

Dorks

2024-10-21
CVE-2022-48946	In the Linux kernel, the following vulnerability has been resolved: udf: Fix preallocation discarding at indirect extent boundary When preallocation extent is the first one in the extent block, the code would corrupt extent tree header instead. Fix the problem and use udf_delete_aext() for deleting extent to avoid some code duplication.
CVE-2022-48947	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix u8 overflow By keep sending L2CAP_CONF_REQ packets, chan->num_conf_rsp increases multiple times and eventually it will wrap around the maximum number (i.e., 255). This patch prevents this by adding a boundary check with L2CAP_MAX_CONF_RSP Btmon log: Blue...
CVE-2022-48948	In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Prevent buffer overflow in setup handler Setup function uvc_function_setup permits control transfer requests with up to 64 bytes of payload (UVC_MAX_REQUEST_SIZE), data stage handler for OUT transfer uses memcpy to copy req->actual bytes to uvc_event->data...
CVE-2022-48949	In the Linux kernel, the following vulnerability has been resolved: igb: Initialize mailbox message for VF reset When a MAC address is not assigned to the VF, that portion of the message sent to the VF is not set. The memory, however, is allocated from the stack meaning that information may be leaked to the VM. Initialize the message buffer to 0 ...
CVE-2022-48950	In the Linux kernel, the following vulnerability has been resolved: perf: Fix perf_pending_task() UaF Per syzbot it is possible for perf_pending_task() to run after the event is free()'d. There are two related but distinct cases: - the task_work was already queued before destroying the event; - destroying the event itself queues the task_...
CVE-2022-48951	In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() The bounds checks in snd_soc_put_volsw_sx() are only being applied to the first channel, meaning it is possible to write out of bounds values to the second channel in stereo controls. Add appropriate checks.
CVE-2022-48952	In the Linux kernel, the following vulnerability has been resolved: PCI: mt7621: Add sentinel to quirks table Current driver is missing a sentinel in the struct soc_device_attribute array, which causes an oops when assessed by the soc_device_match(mt7621_pcie_quirks_match) call. This was only exposed once the CONFIG_SOC_MT7621 mt7621 soc_dev_att...
CVE-2022-48953	In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Because acpi_install_fixed_event_handler() enables the event automatically on success, it is incorrect to call it before the handler routine passed to it is ready to handle events. Unfortunately, the rtc-cmos driver does e...
CVE-2022-48954	In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix use-after-free in hsci KASAN found that addr was dereferenced after br2dev_event_work was freed. ================================================================== BUG: KASAN: use-after-free in qeth_l2_br2dev_worker+0x5ba/0x6b0 Read of size 1 at addr 00000000fdcea...
CVE-2022-48955	In the Linux kernel, the following vulnerability has been resolved: net: thunderbolt: fix memory leak in tbnet_open() When tb_ring_alloc_rx() failed in tbnet_open(), ida that allocated in tb_xdomain_alloc_out_hopid() is not released. Add tb_xdomain_release_out_hopid() to the error path to release ida.

2024-10-12
Med.	BALC Media - Blind Sql Injection Vulnerability "Developed by BALC Media"	behrouz mansoori
2024-10-08
Med.	PHP-Nuke Top Module SQL Injection intext: Powered by PHP-Nuke	Emiliano Febbi
2024-10-07
Med.	Online Complete - Blind Sql Injection Vulnerability "Powered by Online Complete to"	behrouz mansoori
2024-10-05
High	MD-Pro 1.0.76 Shell Upload / SQL Injection intext: Powered by MD-Pro	Emiliano Febbi
2024-09-30
Med.	krishna Tech - Sql Injection "Website Developed By krishna Tech"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-10-16

Med.

High

Med.

2024-10-13

Med.

Med.

Med.

2024-10-12

Med.

Med.

High

Med.

2024-10-08

Med.

2024-10-07

Low

Med.

The latest CVEs

2024-10-21

Dorks

2024-10-12

Med.

2024-10-08

Med.

2024-10-07

Med.

2024-10-05

High

2024-09-30

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations