Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

Best Hackers:
{{ te.id }}. {{te.nameDis}}
CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}
Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2024-04-16
High
BMC Compuware iStrobe Web 20.13 Pre-auth RCE CVE-2023-40304
trancap
Med.
Centreon 23.10-1.el8 SQL Injection
Cody Sixteen
High
CrushFTP Remote Code Execution CVE-2023-43177
Christophe de la Fuente
High
kruxton-1.0-FileUpload-RCE
nu11secur1ty
High
Backdoor.Win32.Dumador.c / Remote Stack Buffer Overflow (SEH)
malvuln
2024-04-15
Med.
Amazon AWS Glue Database Password Disclosure
Michael Werner
High
OpenClinic GA 5.247.01 Path Traversal (Authenticated) CVE-2023-40279
V. B.
High
PrusaSlicer 2.6.1 Arbitrary Code Execution CVE-2023-47268
Kamil Brenski
Med.
AMPLE BILLS 0.1 SQL injection
nu11secur1ty
Med.
kruxton-1.0-Multiple-SQLi
nu11secur1ty
High
Django REST Framework SimpleJWT 5.3.1 Information Disclosure CVE-2024-22513
Dhrumil Mistry
Med.
Jenkins 2.441 Local File Inclusion CVE-2024-23897
Matisse Beckandt
Med.
Moodle 3.10.1 SQL Injection CVE-2021-36393
Julio Ángel Ferrari

The latest CVEs

2024-04-18
CVE-2023-4509
It is possible for an API key to be logged in clear text in the audit log file after an invalid login attempt.
CVE-2024-3928
A vulnerability was found in Dromara open-capacity-platform 2.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /actuator/heapdump of the component auth-server. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the p...
CVE-2024-3931
A vulnerability was found in Totara LMS 18.0.1 Build 20231128.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/roles/check.php of the component Profile Handler. The manipulation of the argument ID Number leads to cross site scripting. The attack may be launched remotely. The exploit has be...
CVE-2024-3932
A vulnerability classified as problematic has been found in Totara LMS 18.0.1 Build 20231128.01. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-261369 was assigned to this vulnerabilit...
CVE-2024-29956
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the Brocade SANnav password in clear text in supportsave logs when a user schedules a switch Supportsave from Brocade SANnav.
CVE-2024-29952
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow an authenticated user to print the Auth, Priv, and SSL key store passwords in unencrypted logs by manipulating command variables.
CVE-2024-29955
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow a privileged user to print the SANnav encrypted key in PostgreSQL startup logs. This could provide attackers with an additional, less-protected path to acquiring the encryption key.
CVE-2024-32472
excalidraw is an open source virtual hand-drawn style whiteboard. A stored XSS vulnerability in Excalidraw's web embeddable component. This allows arbitrary JavaScript to be run in the context of the domain where the editor is hosted. There were two vectors. One rendering untrusted string as iframe's `srcdoc` without properly sanitizing a...
CVE-2023-4232
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_status_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), bu...
CVE-2023-4233
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS.

Dorks

2024-04-14
Med.
Bigem Teknoloji - Sql Injection
"Designed by Bigem Teknoloji"
 behrouz mansoori
2024-04-06
Med.
SolarView Compact 6.00 - Command Injection
http.html:"solarview compact"
 parsa rezaie khiabanloo
2024-03-30
High
SolarView Compact 6.00 - Command Injection Bypass authentication( CVE-2023-23333 )
http.html:"solarview compact"
 parsa rezaie khiabanloo
2024-03-24
Med.
Chenarkhayyam - Sql Injection And Waf , Cdn Bypass
"طراحی شده توسط سایت چنار خیام"
 parsa rezaie khiabanloo
2024-03-20
High
SolarView Compact 6.00 Command Injection( CVE-2023-23333 )
http.html:"solarview compact"
 ByteHunter
Quick goto:

Bugtraq The latest CVEs Dorks
Search

Are you looking CVE for some product?

Top Vendors:

Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla
 
Full List of Vendors

Top Products:

Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx
 

Full List of Products

Top CWE:

CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)
 
Check CWE Dictionary

Donate:
is an open project developed and moderated fully by one independent person.
Help develop the project and make
Donations
Copyright 2024, cxsecurity.com

 

Back to Top