CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-04-16
High	BMC Compuware iStrobe Web 20.13 Pre-auth RCE CVE-2023-40304 trancap
Med.	Centreon 23.10-1.el8 SQL Injection Cody Sixteen
High	CrushFTP Remote Code Execution CVE-2023-43177 Christophe de la Fuente
High	kruxton-1.0-FileUpload-RCE nu11secur1ty
High	Backdoor.Win32.Dumador.c / Remote Stack Buffer Overflow (SEH) malvuln
2024-04-15
Med.	Amazon AWS Glue Database Password Disclosure Michael Werner
High	OpenClinic GA 5.247.01 Path Traversal (Authenticated) CVE-2023-40279 V. B.
High	PrusaSlicer 2.6.1 Arbitrary Code Execution CVE-2023-47268 Kamil Brenski
Med.	AMPLE BILLS 0.1 SQL injection nu11secur1ty
Med.	kruxton-1.0-Multiple-SQLi nu11secur1ty
High	Django REST Framework SimpleJWT 5.3.1 Information Disclosure CVE-2024-22513 Dhrumil Mistry
Med.	Jenkins 2.441 Local File Inclusion CVE-2024-23897 Matisse Beckandt
Med.	Moodle 3.10.1 SQL Injection CVE-2021-36393 Julio Ángel Ferrari

The latest CVEs

2024-04-16
CVE-2024-31576	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2024-3797	A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-bookmark.php?bookmark=1. The manipulation of the argument bookmark leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public ...
CVE-2023-38511	iTop is an IT service management platform. Dashboard editor : can load multiple files and URL, and full path disclosure on dashboard config file. This vulnerability is fixed in 3.0.4 and 3.1.1.
CVE-2023-43790	iTop is an IT service management platform. By manipulating HTTP queries, a user can inject malicious content in the fields used for the object friendlyname value. This vulnerability is fixed in 3.1.1 and 3.2.0.
CVE-2023-44396	iTop is an IT service management platform. Dashlet edits ajax endpoints can be used to produce XSS. Fixed in iTop 2.7.10, 3.0.4, and 3.1.1.
CVE-2023-45808	iTop is an IT service management platform. When creating or updating an object, extkey values aren't checked to be in the current user silo. In other words, by forging an http request, the user can create objects pointing to out of silo objects (for example a UserRequest in an out of scope Organization). Fixed in iTop 2.7.10, 3.0.4, 3.1.1, an...
CVE-2023-47123	iTop is an IT service management platform. By filling malicious code in an object friendlyname / complementary name, an XSS attack can be performed when this object will displayed as an n:n relation item in another object. This vulnerability is fixed in 3.1.1 and 3.2.0.
CVE-2023-47622	iTop is an IT service management platform. When dashlet are refreshed, XSS attacks are possible. This vulnerability is fixed in 3.0.4 and 3.1.1.
CVE-2023-47626	iTop is an IT service management platform. When displaying/editing the user's personal tokens, XSS attacks are possible. This vulnerability is fixed in 3.1.1.
CVE-2023-48709	iTop is an IT service management platform. When exporting data from backoffice or portal in CSV or Excel files, users' inputs may include malicious formulas that may be imported into Excel. As Excel 2016 does not prevent Remote Code Execution by default, uninformed users may become victims. This vulnerability is fixed in 2.7.9, 3.0.4, 3.1...

Dorks

2024-04-14
Med.	Bigem Teknoloji - Sql Injection "Designed by Bigem Teknoloji"	behrouz mansoori
2024-04-06
Med.	SolarView Compact 6.00 - Command Injection http.html:"solarview compact"	parsa rezaie khiabanloo
2024-03-30
High	SolarView Compact 6.00 - Command Injection Bypass authentication( CVE-2023-23333 ) http.html:"solarview compact"	parsa rezaie khiabanloo
2024-03-24
Med.	Chenarkhayyam - Sql Injection And Waf , Cdn Bypass "طراحی شده توسط سایت چنار خیام"	parsa rezaie khiabanloo
2024-03-20
High	SolarView Compact 6.00 Command Injection( CVE-2023-23333 ) http.html:"solarview compact"	ByteHunter

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-04-16

High

Med.

High

High

High

2024-04-15

Med.

High

High

Med.

Med.

High

Med.

Med.

The latest CVEs

2024-04-16

Dorks

2024-04-14

Med.

2024-04-06

Med.

2024-03-30

High

2024-03-24

Med.

2024-03-20

High

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations