CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-05-20
Med.	Apache OFBiz 18.12.12 Directory Traversal Abdualhadi Khalifa
Med.	Tenant Limited 1.0 SQL Injection nu11secur1ty
Med.	Oracuz - Sql Injection behrouz mansoori
Med.	82webmaster - Sql Injection behrouz mansoori
Med.	VSP Softtech - Sql Injection behrouz mansoori
Med.	Website by MSBu.de - Blind Sql Injection behrouz mansoori
Med.	Backdrop CMS 1.27.1 Remote Command Execution Ahmet Umit Bayram
High	PopojiCMS 2.0.1 Remote Command Execution Ahmet Umit Bayram
2024-05-19
Low	Panel.SmokeLoader MVID-2024-0682 Cross Site Request Forgery / Cross Site Scripting malvuln
Low	Panel.SmokeLoader MVID-2024-0681 Cross Site Scripting malvuln
Med.	Intent Tech Solutions - Sql Injection behrouz mansoori
Med.	Intent Tech Solutions - Blind Sql Injection behrouz mansoori
2024-05-18
Low	TrojanSpy.Win64.EMOTET.A MVID-2024-0684 Code Execution malvuln

Dorks

2024-05-21
CVE-2024-22273	The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. A malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue to create a denial of service condition or execute code on the hypervisor from a virtual machine in conjunction with other issues.
CVE-2024-22274	The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system.
CVE-2024-22275	The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data.
CVE-2024-31757	An issue in TeraByte Unlimited Image for Windows v.3.64.0.0 and before and fixed in v.4.0.0.0 allows a local attacker to escalate privileges via the TBOFLHelper64.sys and TBOFLHelper.sys component.
CVE-2024-34240	QDOCS Smart School 7.0.0 is vulnerable to Cross Site Scripting (XSS) resulting in arbitrary code execution in admin functions related to adding or updating records.
CVE-2024-35056	NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the query_packets and insert functions.
CVE-2024-35057	An issue in NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via a crafted packet.
CVE-2024-35058	An issue in the API wait function of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via supplying a crafted string.
CVE-2024-4154	In lunary-ai/lunary version 1.2.2, an incorrect synchronization vulnerability allows unprivileged users to rename projects they do not have access to. Specifically, an unprivileged user can send a PATCH request to the project's endpoint with a new name for a project, despite not having the necessary permissions or being assigned to the project...
CVE-2024-25724	In RTI Connext Professional 5.3.1 through 6.1.0 before 6.1.1, a buffer overflow in XML parsing from Routing Service, Recording Service, Queuing Service, and Cloud Discovery Service allows attackers to execute code with the affected service's privileges, compromise the service's integrity, leak sensitive information, or crash the service. ...

2024-05-20
Med.	Oracuz - Sql Injection "Design by Oracuz"	behrouz mansoori
Med.	82webmaster - Sql Injection "Design & Developed By: 82webmaster"	behrouz mansoori
Med.	VSP Softtech - Sql Injection "Developed By VSP Softtech"	behrouz mansoori
Med.	Website by MSBu.de - Blind Sql Injection "Website by MSBu.de"	behrouz mansoori
2024-05-19
Med.	Intent Tech Solutions - Sql Injection "Designed by Intent Tech Solutions"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-05-20

Med.

Med.

Med.

Med.

Med.

Med.

Med.

High

2024-05-19

Low

Low

Med.

Med.

2024-05-18

Low

The latest CVEs

2024-05-21

Dorks

2024-05-20

Med.

Med.

Med.

Med.

2024-05-19

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations