CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-05-29
High	Eclipse ThreadX Buffer Overflows Multiple CVE Marco Ivaldi
Med.	HAWKI 1.0.0-beta.1 XSS / File Overwrite / Session Fixation Multiple CVE Thorger Jansen
Med.	Siemens CP-XXXX Series Exposed Serial Shell Gerhard Hechenberger
2024-05-28
Med.	VSP Softtech - Sql Injection behrouz mansoori
Med.	Joomla 4.2.8 Information Disclosure CVE-2023-23752 d4t4s3c
High	NorthStar C2 Cross Site Scripting / Code Execution CVE-2024-28741 h00die
Med.	FleetCart 4.1.1 Information Disclosure CVE-2024-5230 CraCkEr
Med.	Designed By San Software - Sql Injection behrouz mansoori
Med.	OEWS - PHP (by: oretnom23 ) v1.0 Multiple SQLi nu11secur1ty
Med.	Designed By San Software - Blind Sql Injection behrouz mansoori
High	ElkArte Forum 1.1.9 Remote Code Execution tmrswrr
2024-05-24
Med.	Debezium UI 2.5 Credential Disclosure CVE-2024-28736 Ihsan Cetin
Low	Jcow Social Network Cross Site Scripting tmrswrr

Dorks

2024-05-31
CVE-2021-44534	Insufficient user input filtering leads to arbitrary file read by non-authenticated attacker, which results in sensitive information disclosure.
CVE-2023-38042	A local privilege escalation vulnerability in Ivanti Secure Access Client for Windows allows a low privileged user to execute code as SYSTEM.
CVE-2023-38551	A CRLF Injection vulnerability in Ivanti Connect Secure (9.x, 22.x) allows an authenticated high-privileged user to inject malicious code on a victim??s browser, thereby leading to cross-site scripting attack.
CVE-2023-46810	A local privilege escalation vulnerability in Ivanti Secure Access Client for Linux before 22.7R1, allows a low privileged user to execute code as root.
CVE-2024-1275	Use of Default Cryptographic Key vulnerability in Baxter Welch Ally Connex Spot Monitor may allow Configuration/Environment Manipulation.This issue affects Welch Ally Connex Spot Monitor in all versions prior to 1.52.
CVE-2024-22058	A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and older.
CVE-2024-22059	A SQL injection vulnerability in web component of Ivanti Neurons for ITSM allows a remote authenticated user to read/modify/delete information in the underlying database. This may also lead to DoS.
CVE-2024-22060	An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a remote, authenticated, high privileged user to write arbitrary files into sensitive directories of ITSM server.
CVE-2024-29822	An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.
CVE-2024-29823	An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

2024-05-28
Med.	VSP Softtech - Sql Injection "Developed By VSP Softtech"	behrouz mansoori
Med.	Designed By San Software - Sql Injection "Designed By San Software"	behrouz mansoori
Med.	Designed By San Software - Blind Sql Injection "Designed By San Software"	behrouz mansoori
2024-05-22
Med.	Webmirchi - Sql Injection "Powered by Webmirchi"	behrouz mansoori
Med.	Axiomatic - Blind Sql Injection "Design by Axiomatic.it"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-05-29

High

Med.

Med.

2024-05-28

Med.

Med.

High

Med.

Med.

Med.

Med.

High

2024-05-24

Med.

Low

The latest CVEs

2024-05-31

Dorks

2024-05-28

Med.

Med.

Med.

2024-05-22

Med.

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations