CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-05-07
High	RansomLord v3 - Anti-Ransomware Exploitation Tool / New Release malvuln
High	POMS-PHP-(by oretnom23 )-v1.0-FU-SQLi-RCE-HAT.TRICK nu11secur1ty
2024-05-06
Med.	Systemd Insecure PTY Handling Adam Gowdiak
Med.	Kobiz Design - Sql Injection behrouz mansoori
High	Docker Privileged Container Kernel Escape Eran Ayalon
High	Live2D Cubism Heap Corruption PT
2024-05-05
High	htmlLawed 1.2.5 Remote Command Execution CVE-2022-35914 d4t4s3c
Med.	Oracuz - Blind Sql Injection behrouz mansoori
Med.	Kobiz Design - Blind Sql Injection behrouz mansoori
2024-05-04
Med.	Sandhya Branding Agency - Blind Sql Injection behrouz mansoori
Med.	Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Device Config Disclosure Gjoko 'LiquidWorm' Krstic
High	Microsoft PlayReady Cryptography Weakness Adam Gowdiak
Med.	Webenlive - Sql Injection behrouz mansoori

Dorks

2024-05-07
CVE-2023-40694	IBM Watson CP4D Data Stores 4.0.0 through 4.8.4 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 264838.
CVE-2024-0022	In multiple functions of CompanionDeviceManagerService.java, there is a possible launch NotificationAccessConfirmationActivity of another user profile due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-0024	In multiple methods of UserManagerService.java, there is a possible failure to persist or enforce user restrictions due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2024-0025	In sendIntentSender of ActivityManagerService.java, there is a possible background activity launch due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-0026	In multiple functions of SnoozeHelper.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-0027	In multiple functions of SnoozeHelper.java, there is a possible way to cause a boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-0042	In TBD of TBD, there is a possible confusion of OEM and DRM certificates due to improperly used crypto. This could lead to local bypass of DRM content protection with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-0043	In multiple locations, there is a possible notification listener grant to an app running in the work profile due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2024-23704	In onCreate of WifiDialogActivity.java, there is a possible way to bypass the DISALLOW_ADD_WIFI_CONFIG restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-23705	In multiple locations, there is a possible failure to persist or enforce user restrictions due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

2024-05-06
Med.	Kobiz Design - Sql Injection "Desing by Kobiz Design Co"	behrouz mansoori
2024-05-05
Med.	Oracuz - Blind Sql Injection "Design by Oracuz"	behrouz mansoori
Med.	Kobiz Design - Blind Sql Injection "Desing by Kobiz Design Co"	behrouz mansoori
2024-05-04
Med.	Sandhya Branding Agency - Blind Sql Injection "Powered by : Sandhya Branding Agency"	behrouz mansoori
Med.	Webenlive - Sql Injection "Design: Webenlive"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-05-07

High

High

2024-05-06

Med.

Med.

High

High

2024-05-05

High

Med.

Med.

2024-05-04

Med.

Med.

High

Med.

The latest CVEs

2024-05-07

Dorks

2024-05-06

Med.

2024-05-05

Med.

Med.

2024-05-04

Med.

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations