CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-06-10
Med.	Kiuwan Local Analyzer / SAST / SaaS XML Injection / XSS / IDOR Multiple CVE C. Schwarz
Med.	SEH utnserver Pro/ProMAX / INU-100 20.1.22 XSS / DoS / File Disclosure Multiple CVE T. Weber
Med.	FengOffice 3.11.1.2 SQL Injection Andrey Stoykov
2024-06-09
High	changedetection 0.45.20 Remote Code Execution CVE-2024-32651 Zach Crosman
2024-06-08
Med.	Neetai Tech - Blind Sql Injection behrouz mansoori
2024-06-07
Med.	Aquatronica Control System 5.1.6 Password Disclosure LiquidWorm
Med.	Check Point Security Gateway Information Disclosure CVE-2024-24919 Yesith Alvarez
Med.	Online Fire Reporting System OFRS SQL Injection Authentication Bypass Diyar Saadi
High	CMSimple 5.15 Remote Shell Upload Ahmet Umit Bayram
High	appRain CMF 4.0.5 Shell Upload Ahmet Umit Bayram
Med.	Boelter Blue System Management 1.3 SQL Injection CVE-2024-36840 CBKB
Med.	Trojan.Win32.DarkGateLoader (multi variants) / Arbitrary Code Execution malvuln
Med.	opos-1.0 Multiple SQLi nu11secur1ty

Dorks

2024-06-11
CVE-2024-31400	Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.0. If this vulnerability is exploited, unintended data may be left in forwarded mail.
CVE-2024-31401	Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script on the web browser of the user who is logging in to the product.
CVE-2024-31403	Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 6.0.0 allows a remote authenticated attacker to alter and/or obtain the data of Memo.
CVE-2024-31404	Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0, which may allow a user who can log in to the product to view the data of Scheduler.
CVE-2024-35329	libyaml 0.2.5 is vulnerable to a heap-based Buffer Overflow in yaml_document_add_sequence in api.c.
CVE-2024-36360	OS command injection vulnerability exists in awkblog v0.0.1 (commit hash:7b761b192d0e0dc3eef0f30630e00ece01c8d552) and earlier. If a remote unauthenticated attacker sends a specially crafted HTTP request, an arbitrary OS command may be executed with the privileges of the affected product on the machine running the product.
CVE-2024-5530	The ShopLentor ?? WooCommerce Builder for Elementor & Gutenberg +12 Modules ?? All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's WL: Product Horizontal Filter widget in all versions up to, and including, 2.9.0 due to insufficient input sanitization and output escapin...
CVE-2024-31397	Improper handling of extra values issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product with the administrative privilege may be able to cause a denial-of-service (DoS) condition.
CVE-2024-31398	Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of users.
CVE-2024-31399	Excessive platform resource consumption within a loop issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, processing a crafted mail may cause a denial-of-service (DoS) condition.

2024-06-08
Med.	Neetai Tech - Blind Sql Injection "Reserved By Neetai Tech"	behrouz mansoori
2024-06-07
Med.	Boelter Blue System Management 1.3 SQL Injection( CVE-2024-36840 ) inurl:"Powered by Boelter Blue"	CBKB
2024-05-28
Med.	VSP Softtech - Sql Injection "Developed By VSP Softtech"	behrouz mansoori
Med.	Designed By San Software - Sql Injection "Designed By San Software"	behrouz mansoori
Med.	Designed By San Software - Blind Sql Injection "Designed By San Software"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-06-10

Med.

Med.

Med.

2024-06-09

High

2024-06-08

Med.

2024-06-07

Med.

Med.

Med.

High

High

Med.

Med.

Med.

The latest CVEs

2024-06-11

Dorks

2024-06-08

Med.

2024-06-07

Med.

2024-05-28

Med.

Med.

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations