Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2024-06-11
High
2024-06-10
Med.
Med.
Med.
2024-06-09
High
2024-06-08
Med.
2024-06-07
Med.
Med.
Med.
High
High
Med.
Med.

The latest CVEs

Dorks

2024-06-12
CVE-2024-1576
SQL Injection vulnerability in MegaBIP software allows attacker to obtain site administrator privileges, including access to the administration panel and the ability to change the administrator password. This issue affects MegaBIP software versions through 5.09.
CVE-2024-1577
Remote Code Execution vulnerability in MegaBIP software allows to execute arbitrary code on the server without requiring authentication by saving crafted by the attacker PHP code to one of the website files. This issue affects all versions of MegaBIP software.
CVE-2024-1659
Arbitrary File Upload vulnerability in MegaBIP software allows attacker to upload any file to the server (including a PHP code file) without an authentication. This issue affects MegaBIP software versions through 5.10.
CVE-2024-23445
It was identified that if a cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-key.html#security-api-create-cross-cluster-api-key-request-body  restricts search for a given index using the query or the field_security parameter, and the same cross-cluster API key also grants r...
CVE-2024-36263
** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: all versions. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to...
CVE-2024-36264
** UNSUPPORTED WHEN ASSIGNED ** Improper Authentication vulnerability in Apache Submarine Commons Utils. This issue affects Apache Submarine Commons Utils: from 0.8.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted us...
CVE-2024-36699
GNU Debugger v8.2 to v14.2 was discovered to contain a buffer overflow via the component gdb.selected_inferior().read_memory at utils.c.
CVE-2024-5891
A vulnerability was found in Quay. If an attacker can obtain the client ID for an application, they can use an OAuth token to authenticate despite not having access to the organization from which the application was created. This issue is limited to authentication and not authorization. However, in configurations where endpoints rely only on authen...
CVE-2024-28964
Dell Common Event Enabler, version 8.9.10.0 and prior, contain an insecure deserialization vulnerability in CAVATools. A local unauthenticated attacker could potentially exploit this vulnerability, leading to arbitrary code execution in the context of the logged in user. Exploitation of this issue requires a victim to open a malicious file.
CVE-2024-29181
Strapi is an open-source content management system. Prior to version 4.19.1, a super admin can create a collection where an item in the collection has an association to another collection. When this happens, another user with Author Role can see the list of associated items they did not create. They should see nothing but their own items they creat...
2024-06-08
Med.
Neetai Tech - Blind Sql Injection
"Reserved By Neetai Tech"
behrouz mansoori
2024-06-07
Med.
Boelter Blue System Management 1.3 SQL Injection( CVE-2024-36840 )
inurl:"Powered by Boelter Blue"
CBKB
2024-05-28
Med.
VSP Softtech - Sql Injection
"Developed By VSP Softtech"
behrouz mansoori
Med.
Designed By San Software - Sql Injection
"Designed By San Software"
behrouz mansoori
Med.
Designed By San Software - Blind Sql Injection
"Designed By San Software"
behrouz mansoori

Copyright 2024, cxsecurity.com

 

Back to Top