Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

Best Hackers:
{{ te.id }}. {{te.nameDis}}
CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}
Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2024-06-04
Low
Sitefinity 15.0 Cross Site Scripting CVE-2023-27636
Aldi Saputra Wahyudi
High
FreePBX 16 Remote Code Execution
Cold z3ro
High
WBCE CMS 1.6.2 Remote Code Execution
Ahmet Umit Bayram
High
Dotclear 2.29 Remote Code Execution
Ahmet Umit Bayram
High
Serendipity 2.5.0 Remote Code Execution
Ahmet Umit Bayram
2024-06-02
Med.
Online Payment Hub System - SQLi Authentication Bypass
Hamit AVSAR
Low
iMLog Cross Site Scripting
Gabriel Felipe
Med.
Craft CMS Logs Plugin 3.0.3 Path Traversal (Authenticated) CVE-2022-23409
Steffen Rogge
Med.
Progress Flowmon 12.3.5 Local sudo Privilege Escalation CVE-2024-2389
Dave Yesland
Med.
Akaunting 3.1.8 Client-Side Template Injection
tmrswrr
High
Akaunting 3.1.8 Server-Side Template Injection
tmrswrr
Low
ORing IAP-420 2.01e Cross Site Scripting / Command Injection Multiple CVE
T. Weber
Med.
BWL Advanced FAQ Manager 2.0.3 SQL Injection CVE-2024-32136
Ivan Spiridonov

The latest CVEs

Dorks

2024-06-05
CVE-2024-5171
Integer overflow in libaom internal function img_alloc_helper can lead to heap buffer overflow. This function can be reached via 3 callers: * Calling aom_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t...
CVE-2024-5653
A vulnerability, which was classified as critical, has been found in Chanjet Smooth T+system 3.5. This issue affects some unknown processing of the file /tplus/UFAQD/keyEdit.aspx. The manipulation of the argument KeyID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The ide...
CVE-2024-36129
The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. OTel Collector version 0.102.1 fixes this issue. It is also fixed in the confighttp module version ...
CVE-2024-4008
FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to take control via access to local KNX Bus-System
CVE-2024-4009
Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System
CVE-2024-5037
A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue ("iss") check during JSON web token (JWT) authentication.
CVE-2024-5184
The EmailGPT service contains a prompt injection vulnerability. The service uses an API service that allows a malicious user to inject a direct prompt and take over the service logic. Attackers can exploit the issue by forcing the AI service to leak the standard hard-coded system prompts and/or execute unwanted prompts. When engaging with EmailGP...
CVE-2023-49927
An issue was discovered in Samsung Mobile Processor, Automotive Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. The baseband software does not properly check format types specified by the RRC. This can lead to a lack of encryp...
CVE-2023-49928
An issue was discovered in Samsung Mobile Processor, Automotive Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. The baseband software does not properly check states specified by the RRC. This can lead to disclosure of sensitiv...
CVE-2023-50803
An issue was discovered in Samsung Mobile Processor, Automotive Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, Modem 5123, Modem 5300, and Auto T5123. The baseband software does not properly check replay protection specified by the NAS (Non-Access-Stratum) module. This can lead to denial of service.
2024-05-28
Med.
VSP Softtech - Sql Injection
"Developed By VSP Softtech"
 behrouz mansoori
Med.
Designed By San Software - Sql Injection
"Designed By San Software"
 behrouz mansoori
Med.
Designed By San Software - Blind Sql Injection
"Designed By San Software"
 behrouz mansoori
2024-05-22
Med.
Webmirchi - Sql Injection
"Powered by Webmirchi"
 behrouz mansoori
Med.
Axiomatic - Blind Sql Injection
"Design by Axiomatic.it"
 behrouz mansoori
Quick goto:

Bugtraq The latest CVEs Dorks
Search

Are you looking CVE for some product?

Top Vendors:

Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla
 
Full List of Vendors

Top Products:

Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx
 

Full List of Products

Top CWE:

CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)
 
Check CWE Dictionary

Donate:
is an open project developed and moderated fully by one independent person.
Help develop the project and make
Donations
Copyright 2024, cxsecurity.com

 

Back to Top