Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2024-06-11
High
2024-06-10
Med.
Med.
Med.
2024-06-09
High
2024-06-08
Med.
2024-06-07
Med.
Med.
Med.
High
High
Med.
Med.

The latest CVEs

Dorks

2024-06-12
CVE-2023-49559
An issue in vektah gqlparser open-source-library v.2.5.10 allows a remote attacker to cause a denial of service via a crafted script to the parserDirectives function.
CVE-2024-36523
An access control issue in Wvp GB28181 Pro 2.0 allows users to continue to access information in the application after deleting their own or administrator accounts. This is provided that the users do not log out of their deleted accounts.
CVE-2024-37665
An access control issue in Wvp GB28181 Pro 2.0 allows authenticated attackers to escalate privileges to Administrator via a crafted POST request.
CVE-2024-3467
There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to execute on the PI System Explorer environment under the privileges of an interactive user that was socially engineered to import XML supplied by an attacker.
CVE-2024-3468
There is a vulnerability in AVEVA PI Web API that could allow malicious code to execute on the PI Web API environment under the privileges of an interactive user that was socially engineered to use API XML import functionality with content supplied by an attacker.
CVE-2024-0865
CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege escalation when logged in as a non-administrative user.
CVE-2024-24051
Improper input validation of printing files in Monoprice Select Mini V2 V37.115.32 allows attackers to instruct the device's movable parts to destinations that exceed the devices' maximum coordinates via the printing of a malicious .gcode file.
CVE-2024-28762
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 285246.
CVE-2024-2747
CWE-428: Unquoted search path or element vulnerability exists in Easergy Studio, which could cause privilege escalation when a valid user replaces a trusted file name on the system and reboots the machine.
CVE-2024-37629
SummerNote 0.8.18 is vulnerable to Cross Site Scripting (XSS) via the Code View Function.
2024-06-08
Med.
Neetai Tech - Blind Sql Injection
"Reserved By Neetai Tech"
behrouz mansoori
2024-06-07
Med.
Boelter Blue System Management 1.3 SQL Injection( CVE-2024-36840 )
inurl:"Powered by Boelter Blue"
CBKB
2024-05-28
Med.
VSP Softtech - Sql Injection
"Developed By VSP Softtech"
behrouz mansoori
Med.
Designed By San Software - Sql Injection
"Designed By San Software"
behrouz mansoori
Med.
Designed By San Software - Blind Sql Injection
"Designed By San Software"
behrouz mansoori

Copyright 2024, cxsecurity.com

 

Back to Top