CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-06-11
High	VSCode ipynb Remote Code Execution CVE-2022-41034 h00die
2024-06-10
Med.	Kiuwan Local Analyzer / SAST / SaaS XML Injection / XSS / IDOR Multiple CVE C. Schwarz
Med.	SEH utnserver Pro/ProMAX / INU-100 20.1.22 XSS / DoS / File Disclosure Multiple CVE T. Weber
Med.	FengOffice 3.11.1.2 SQL Injection Andrey Stoykov
2024-06-09
High	changedetection 0.45.20 Remote Code Execution CVE-2024-32651 Zach Crosman
2024-06-08
Med.	Neetai Tech - Blind Sql Injection behrouz mansoori
2024-06-07
Med.	Aquatronica Control System 5.1.6 Password Disclosure LiquidWorm
Med.	Check Point Security Gateway Information Disclosure CVE-2024-24919 Yesith Alvarez
Med.	Online Fire Reporting System OFRS SQL Injection Authentication Bypass Diyar Saadi
High	CMSimple 5.15 Remote Shell Upload Ahmet Umit Bayram
High	appRain CMF 4.0.5 Shell Upload Ahmet Umit Bayram
Med.	Boelter Blue System Management 1.3 SQL Injection CVE-2024-36840 CBKB
Med.	Trojan.Win32.DarkGateLoader (multi variants) / Arbitrary Code Execution malvuln

Dorks

2024-06-12
CVE-2024-1891	A stored cross site scripting vulnerability exists in Tenable Security Center where an authenticated, remote attacker could inject HTML code into a web application scan result page.
CVE-2024-36761	naga v0.14.0 was discovered to contain a stack overflow via the component /wgsl/parse/mod.rs.
CVE-2024-37300	OAuthenticator is software that allows OAuth2 identity providers to be plugged in and used with JupyterHub. JupyterHub < 5.0, when used with `GlobusOAuthenticator`, could be configured to allow all users from a particular institution only. This worked fine prior to JupyterHub 5.0, because `allow_all` did not take precedence over `identity_provid...
CVE-2024-5759	An improper privilege management vulnerability exists in Tenable Security Center where an authenticated, remote attacker could view unauthorized objects and launch scans without having the required privileges
CVE-2024-5896	A vulnerability, which was classified as critical, was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Affected is the function save_users of the file /classes/Users.php?f=save. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the p...
CVE-2024-5897	A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=log_visitor. The manipulation of the argument name leads to cross site scripting. The attack can be launched remotely. The expl...
CVE-2024-22855	A cross-site scripting (XSS) vulnerability in the User Maintenance section of ITSS iMLog v1.307 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name parameter.
CVE-2024-2230	CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege escalation when logged in as a non-administrative user.
CVE-2024-37036	CWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass when sending a malformed POST request and particular configuration parameters are set.
CVE-2024-37037	CWE-22: Improper Limitation of a Pathname to a Restricted Directory (??Path Traversal??) vulnerability exists that could allow an authenticated user with access to the device??s web interface to corrupt files and impact device functionality when sending a crafted HTTP request.

2024-06-08
Med.	Neetai Tech - Blind Sql Injection "Reserved By Neetai Tech"	behrouz mansoori
2024-06-07
Med.	Boelter Blue System Management 1.3 SQL Injection( CVE-2024-36840 ) inurl:"Powered by Boelter Blue"	CBKB
2024-05-28
Med.	VSP Softtech - Sql Injection "Developed By VSP Softtech"	behrouz mansoori
Med.	Designed By San Software - Sql Injection "Designed By San Software"	behrouz mansoori
Med.	Designed By San Software - Blind Sql Injection "Designed By San Software"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-06-11

High

2024-06-10

Med.

Med.

Med.

2024-06-09

High

2024-06-08

Med.

2024-06-07

Med.

Med.

Med.

High

High

Med.

Med.

The latest CVEs

2024-06-12

Dorks

2024-06-08

Med.

2024-06-07

Med.

2024-05-28

Med.

Med.

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations