CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2023-06-02
Med.	Trend Micro OfficeScan Client 10.0 ACL Service LPE msd0pe
High	Acelle Email Marketing 3.0.15 Arbitrary File Upload indoushka
Low	Inlislite 3.1 Insecure Settings indoushka
2023-05-30
Med.	PrinterLogic Build 1.0.757 XSS / SQL Injection / Authentication Bypass Nadeem Salim
High	Widevine Trustlet 5.x / 6.x / 7.x PRDiagVerifyProvisioning Buffer Overflow Multiple CVE CyberIntel Team
High	Serenity / StartSharp Software File Upload / XSS / User Enumeration / Reusable Tokens Multiple CVE Fabian Densborn
High	Widevine Trustlet 5.x drm_save_keys Buffer Overflow Multiple CVE CyberIntel Team
2023-05-28
Low	Webkul Qloapps 1.5.2 Cross Site Scripting CVE-2023-30256 Astik Rawat
High	GetSimple CMS 3.3.16 Shell Upload CVE-2022-41544 Youssef Muhammad
Med.	JetSınav SQL Injection + Default Password Vulnerability BQX
Low	SCM Manager 1.60 Cross Site Scripting CVE-2023-33829 neg0x
Med.	Screen SFT DAB 600/C Authentication Bypass Admin Password Change LiquidWorm
Low	TinyWebGallery v2.5 Remote Code Execution (RCE) Mirabbas Ağalarov

The latest CVEs

2023-06-03
CVE-2023-1297	Consul and Consul Enterprise's cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could corrupt Consul state, resulting in denial of service. This vulnerability was resolved in Consul 1.14.5, and 1.15.3
CVE-2023-2816	Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies.
CVE-2023-3044	An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.
CVE-2023-33669	Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the timeZone parameter in the sub_44db3c function.
CVE-2023-33670	Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sub_4a79ec function.
CVE-2023-33671	Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function.
CVE-2023-33672	Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function.
CVE-2023-33673	Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.
CVE-2023-33675	Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the get_parentControl_list_Info function.
CVE-2023-33761	eMedia Consulting simpleRedak up to v2.47.23.05 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /view/cb/format_642.php.

Dorks

2023-05-28
Med.	JetSınav SQL Injection + Default Password Vulnerability allintext:"Powered by Jetsınav"	BQX
Low	SCM Manager 1.60 Cross Site Scripting( CVE-2023-33829 ) intitle:"SCM Manager" intext:1.60	neg0x
2023-05-21
Low	Siemens SIMATIC S7-1200 Cross Site Request Forgery( CVE-2015-5698 ) inurl:/Portal/Portal.mwsl	RoseSecurity
2023-04-25
Med.	Sophos Web Appliance 4.3.10.4 Pre-auth command injection( CVE-2023-1671 ) title:"Sophos Web Appliance"	Behnam Abasi Vanda
2023-04-23
Med.	Bluesoft Infotech - Sql Injection Vulnerability "Designed by Bluesoft Infotech"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2023-06-02

Med.

High

Low

2023-05-30

Med.

High

High

High

2023-05-28

Low

High

Med.

Low

Med.

Low

The latest CVEs

2023-06-03

Dorks

2023-05-28

Med.

Low

2023-05-21

Low

2023-04-25

Med.

2023-04-23

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations