CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-06-11
High	VSCode ipynb Remote Code Execution CVE-2022-41034 h00die
2024-06-10
Med.	Kiuwan Local Analyzer / SAST / SaaS XML Injection / XSS / IDOR Multiple CVE C. Schwarz
Med.	SEH utnserver Pro/ProMAX / INU-100 20.1.22 XSS / DoS / File Disclosure Multiple CVE T. Weber
Med.	FengOffice 3.11.1.2 SQL Injection Andrey Stoykov
2024-06-09
High	changedetection 0.45.20 Remote Code Execution CVE-2024-32651 Zach Crosman
2024-06-08
Med.	Neetai Tech - Blind Sql Injection behrouz mansoori
2024-06-07
Med.	Aquatronica Control System 5.1.6 Password Disclosure LiquidWorm
Med.	Check Point Security Gateway Information Disclosure CVE-2024-24919 Yesith Alvarez
Med.	Online Fire Reporting System OFRS SQL Injection Authentication Bypass Diyar Saadi
High	CMSimple 5.15 Remote Shell Upload Ahmet Umit Bayram
High	appRain CMF 4.0.5 Shell Upload Ahmet Umit Bayram
Med.	Boelter Blue System Management 1.3 SQL Injection CVE-2024-36840 CBKB
Med.	Trojan.Win32.DarkGateLoader (multi variants) / Arbitrary Code Execution malvuln

Dorks

2024-06-12
CVE-2024-0865	CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege escalation when logged in as a non-administrative user.
CVE-2024-24051	Improper input validation of printing files in Monoprice Select Mini V2 V37.115.32 allows attackers to instruct the device's movable parts to destinations that exceed the devices' maximum coordinates via the printing of a malicious .gcode file.
CVE-2024-28762	IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 285246.
CVE-2024-2747	CWE-428: Unquoted search path or element vulnerability exists in Easergy Studio, which could cause privilege escalation when a valid user replaces a trusted file name on the system and reboots the machine.
CVE-2024-37629	SummerNote 0.8.18 is vulnerable to Cross Site Scripting (XSS) via the Code View Function.
CVE-2024-5559	CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could cause denial of service, device reboot, or an attacker gaining full control of the relay when a specially crafted reset token is entered into the front panel of the device.
CVE-2023-29267	IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. IBM X-Force ID: 287612.
CVE-2024-31881	IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted query on certain columnar tables by an authenticated user. IBM X-Force ID: 287613.
CVE-2024-5798	Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audience and role-bound claims do not match, allowing an invalid login to succeed when it should have been rejected. This vulnerability, CVE-2024-5798, wa...
CVE-2024-1891	A stored cross site scripting vulnerability exists in Tenable Security Center where an authenticated, remote attacker could inject HTML code into a web application scan result page.

2024-06-08
Med.	Neetai Tech - Blind Sql Injection "Reserved By Neetai Tech"	behrouz mansoori
2024-06-07
Med.	Boelter Blue System Management 1.3 SQL Injection( CVE-2024-36840 ) inurl:"Powered by Boelter Blue"	CBKB
2024-05-28
Med.	VSP Softtech - Sql Injection "Developed By VSP Softtech"	behrouz mansoori
Med.	Designed By San Software - Sql Injection "Designed By San Software"	behrouz mansoori
Med.	Designed By San Software - Blind Sql Injection "Designed By San Software"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-06-11

High

2024-06-10

Med.

Med.

Med.

2024-06-09

High

2024-06-08

Med.

2024-06-07

Med.

Med.

Med.

High

High

Med.

Med.

The latest CVEs

2024-06-12

Dorks

2024-06-08

Med.

2024-06-07

Med.

2024-05-28

Med.

Med.

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations