Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2024-09-18
Med.
Med.
Med.
Med.
Med.
Med.
Med.
2024-09-16
High
Low
Low
2024-09-12
Med.
2024-09-10
Med.
Med.

The latest CVEs

Dorks

2024-09-19
CVE-2024-45752
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction.
CVE-2024-45861
Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if accessed may allow an attacker to access sensitive information.
CVE-2024-45862
Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information.
CVE-2024-7736
A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
CVE-2024-7737
A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
CVE-2024-8375
There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, and a ctor is called on each instance. Afterwards, Reverb copies the content in tensor_content...
CVE-2024-8698
A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This f...
CVE-2024-8883
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.
CVE-2024-31570
libfreeimage in FreeImage 3.4.0 through 3.18.0 has a stack-based buffer overflow in the PluginXPM.cpp Load function via an XPM file.
CVE-2024-38016
Microsoft Office Visio Remote Code Execution Vulnerability
2024-08-08
Low
WP-UserOnline 2.88.0 Stored Cross Site Scripting (XSS) (Authenticated)( CVE-2022-2941 )
inurl:/wp-content/plugins/wp-useronline/
Onur Göğebakan
2024-07-24
Med.
SRDB Wordpres Replace Title( Multiple CVE )
Search-Replace-DB-master
Demon King
Med.
Designed by Winzone Softech" Bypass Admin With Noredirect
"Designed by Technocracy Softwares Pvt. Ltd"
Xplo5ionS
2024-07-22
Med.
Technocracy Softwares Pvt. Ltd Bypass Admin With Noredirect
"Designed by Technocracy Softwares Pvt. Ltd"
Xplo5ionS
2024-07-15
Med.
lajeh - SQL Injection vulnerability
"Powered by lajeh"
Mahdi Karimi

Copyright 2024, cxsecurity.com

 

Back to Top