CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-04-22
Med.	Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass LiquidWorm
Med.	LRMS-PHP-by-oretnom23-v1.0 hat-trick nu11secur1ty
2024-04-21
High	WBCE CMS Version 1.6.1 Remote Command Execution (Authenticated) tmrswrr
Med.	Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference LiquidWorm
Med.	Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass LiquidWorm
Low	Elber Wayber Analog/Digital Audio STL 4.00 Insecure Direct Object Reference LiquidWorm
Med.	North Wales - Sql Injection behrouz mansoori
Med.	Relate Learning And Teaching system Version before 2024.1 Stored XSS Multiple CVE kai6u
Med.	Solar-Log Base 2000- Broken Access Control parsa rezaie khiabanloo
Low	Relate Learning And Teaching system Version before 2024.1 SSTI(Page Sandbox function) lead to RCE Multiple CVE kai6u
Med.	Flowise 1.6.5 Authentication Bypass CVE-2024-31621 Maerifat Majeed
Low	Wordpress Plugin Alemha Watermarker 1.3.1 Stored Cross-Site Scripting (XSS) Erdemstar
2024-04-16
High	BMC Compuware iStrobe Web 20.13 Pre-auth RCE CVE-2023-40304 trancap

The latest CVEs

2024-04-23
CVE-2024-32659	FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if `((nWidth == 0) and (nHeight == 0))`. Version 3.5.1 contains a patch for the issue. No known workarounds are available.
CVE-2024-32660	FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.5.1, a malicious server can crash the FreeRDP client by sending invalid huge allocation size. Version 3.5.1 contains a patch for the issue. No known workarounds are available.
CVE-2024-32661	FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to a possible `NULL` access and crash. Version 3.5.1 contains a patch for the issue. No known workarounds are available.
CVE-2024-4064	A vulnerability was found in Tenda AC8 16.03.34.09. It has been declared as critical. This vulnerability affects the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and ma...
CVE-2024-4065	A vulnerability was found in Tenda AC8 16.03.34.09. It has been rated as critical. This issue affects the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...
CVE-2024-32662	FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. This occurs when `WCHAR` string is read with twice the size it has and converted to `UTF-8`, `base64` decoded. The string is only used to compare against the redirection server certificate. Version 3.5....
CVE-2024-32866	Conform, a type-safe form validation library, allows the parsing of nested objects in the form of `object.property`. Due to an improper implementation of this feature in versions prior to 1.1.1, an attacker can exploit the feature to trigger prototype pollution by passing a crafted input to `parseWith...` functions. Applications that use conform fo...
CVE-2024-32869	Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.2.7, when using serveStatic with deno, it is possible to traverse the directory where `main.ts` is located. This can result in retrieval of unexpected files. Version 4.2.7 contains a patch for the issue.
CVE-2024-32875	Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.125.3, title arguments in Markdown for links and images not escaped in internal render hooks. Hugo users who are impacted are those who have these hooks enabled and do not trust their Markdown content files. The issue is patched in v0.125.3. As a workaround, replace...
CVE-2024-4066	A vulnerability classified as critical has been found in Tenda AC8 16.03.34.09. Affected is the function fromAdvSetMacMtuWan of the file /goform/AdvSetMacMtuWan. The manipulation of the argument wanMTU/wanSpeed/cloneType/mac/serviceName/serverName leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has be...

Dorks

2024-04-21
Med.	North Wales - Sql Injection "Web Design North Wales"	behrouz mansoori
Med.	Solar-Log Base 2000- Broken Access Control In Shodan search engine, the filter is ""Server: IPC@CHIP"" "http.favicon.hash:-1334408578 "655744600""	parsa rezaie khiabanloo
2024-04-14
Med.	Bigem Teknoloji - Sql Injection "Designed by Bigem Teknoloji"	behrouz mansoori
2024-04-06
Med.	SolarView Compact 6.00 - Command Injection http.html:"solarview compact"	parsa rezaie khiabanloo
2024-03-30
High	SolarView Compact 6.00 - Command Injection Bypass authentication( CVE-2023-23333 ) http.html:"solarview compact"	parsa rezaie khiabanloo

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-04-22

Med.

Med.

2024-04-21

High

Med.

Med.

Low

Med.

Med.

Med.

Low

Med.

Low

2024-04-16

High

The latest CVEs

2024-04-23

Dorks

2024-04-21

Med.

Med.

2024-04-14

Med.

2024-04-06

Med.

2024-03-30

High

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations