CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-06-10
Med.	Kiuwan Local Analyzer / SAST / SaaS XML Injection / XSS / IDOR Multiple CVE C. Schwarz
Med.	SEH utnserver Pro/ProMAX / INU-100 20.1.22 XSS / DoS / File Disclosure Multiple CVE T. Weber
Med.	FengOffice 3.11.1.2 SQL Injection Andrey Stoykov
2024-06-09
High	changedetection 0.45.20 Remote Code Execution CVE-2024-32651 Zach Crosman
2024-06-08
Med.	Neetai Tech - Blind Sql Injection behrouz mansoori
2024-06-07
Med.	Aquatronica Control System 5.1.6 Password Disclosure LiquidWorm
Med.	Check Point Security Gateway Information Disclosure CVE-2024-24919 Yesith Alvarez
Med.	Online Fire Reporting System OFRS SQL Injection Authentication Bypass Diyar Saadi
High	CMSimple 5.15 Remote Shell Upload Ahmet Umit Bayram
High	appRain CMF 4.0.5 Shell Upload Ahmet Umit Bayram
Med.	Boelter Blue System Management 1.3 SQL Injection CVE-2024-36840 CBKB
Med.	Trojan.Win32.DarkGateLoader (multi variants) / Arbitrary Code Execution malvuln
Med.	opos-1.0 Multiple SQLi nu11secur1ty

Dorks

2024-06-11
CVE-2023-38533	A vulnerability has been identified in TIA Administrator (All versions < V3 SP2). The affected component creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update process.
CVE-2023-50763	A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP ...
CVE-2024-33500	A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.11.0), Mendix Applications using Mendix 10 (V10.6) (All versions < V10.6.9), Mendix Applications using Mendix 9 (All versions >= V9.3.0 < V9.24.22). Affected applications could allow users with the capability to manage a role to elevate the ac...
CVE-2024-35206	A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected application does not expire the session. This could allow an attacker to get unauthorized access.
CVE-2024-35207	A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The web interface of the affected devices are vulnerable to Cross-Site Request Forgery(CSRF) attacks. By tricking an authenticated victim user to click a malicious link, an attacker could perform arbitrary actions on the device on behalf of ...
CVE-2024-35208	A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server stored the password in cleartext. This could allow attacker in a privileged position to obtain access passwords.
CVE-2024-35209	A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server is allowing HTTP methods like PUT and Delete. This could allow an attacker to modify unauthorized files.
CVE-2024-35210	A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server is not enforcing HSTS. This could allow an attacker to perform downgrade attacks exposing confidential information.
CVE-2024-35211	A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes (such as ??Secure?, ??HttpOnly?, or ??SameSite?).
CVE-2024-35212	A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected application lacks input validation due to which an attacker can gain access to the Database entries.

2024-06-08
Med.	Neetai Tech - Blind Sql Injection "Reserved By Neetai Tech"	behrouz mansoori
2024-06-07
Med.	Boelter Blue System Management 1.3 SQL Injection( CVE-2024-36840 ) inurl:"Powered by Boelter Blue"	CBKB
2024-05-28
Med.	VSP Softtech - Sql Injection "Developed By VSP Softtech"	behrouz mansoori
Med.	Designed By San Software - Sql Injection "Designed By San Software"	behrouz mansoori
Med.	Designed By San Software - Blind Sql Injection "Designed By San Software"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-06-10

Med.

Med.

Med.

2024-06-09

High

2024-06-08

Med.

2024-06-07

Med.

Med.

Med.

High

High

Med.

Med.

Med.

The latest CVEs

2024-06-11

Dorks

2024-06-08

Med.

2024-06-07

Med.

2024-05-28

Med.

Med.

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations