CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-05-16
Med.	CrushFTP Directory Traversal Abdualhadi Khalifa
High	Plantronics Hub 3.25.1 Arbitrary File Read CVE-2024-27460 Alaa Kachouh
Med.	SAP Cloud Connector 2.16.1 Missing Validation CVE-2024-25642 Mingshuo Li
Med.	Zope 5.9 Command Injection Ilyase Dehy
Med.	VSP Softtech - Blind Sql Injection behrouz mansoori
2024-05-14
Low	Chyrp 2.5.2 Cross Site Scripting Ahmet Umit Bayram
Med.	82webmaster - Blind Sql Injection behrouz mansoori
Med.	Webmirchi - Blind Sql Injection behrouz mansoori
High	Backdoor.Win32.AsyncRat / Arbitrary Code Execution malvuln
High	TrojanSpy.Win64.EMOTET.A / Arbitrary Code Execution malvuln
Low	Apache mod_proxy_cluster Cross Site Scripting CVE-2023-6710 Mohamed Mounir Boudjema
Low	Leafpub 1.1.9 Cross Site Scripting Ahmet Umit Bayram
2024-05-13
Med.	Kemp LoadMaster Local sudo Privilege Escalation bwatters-r7

Dorks

2024-05-16
CVE-2023-47717	IBM Security Guardium 12.0 could allow a privileged user to perform unauthorized actions that could lead to a denial of service. IBM X-Force ID: 271690.
CVE-2024-1417	Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in WatchGuard AuthPoint Password Manager on MacOS allows an a adversary with local access to execute code under the context of the AuthPoint Password Manager application. This issue affects AuthPoint Password Manager for MacOS versions before...
CVE-2024-3286	A buffer overflow vulnerability was identified in some Lenovo printers that could allow an unauthenticated user to trigger a device restart by sending a specially crafted web request.
CVE-2024-5023	Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Netflix ConsoleMe allows Command Injection.This issue affects ConsoleMe: before 1.4.0.
CVE-2024-31226	Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named `C:\Program.exe`, `C:\Program.bat`, or `C:\Program.cmd` on the user's computer. This attack vector isn't exploitable unless ...
CVE-2023-48643	Shrubbery tac_plus 2.x, 3.x. and 4.x through F4.0.4.28 allows unauthenticated Remote Command Execution. The product allows users to configure authorization checks as shell commands through the tac_plus.cfg configuration file. These are executed when a client sends an authorization request with a username that has pre-authorization directives config...
CVE-2024-34273	njwt up to v0.4.0 was discovered to contain a prototype pollution in the Parser.prototype.parse method.
CVE-2024-34751	Deserialization of Untrusted Data vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a through 2.4.9.
CVE-2024-34760	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPBlockart Magazine Blocks allows Stored XSS.This issue affects Magazine Blocks: from n/a through 1.3.6.
CVE-2024-34805	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webvitaly iFrame allows Stored XSS.This issue affects iFrame: from n/a through 5.0.

2024-05-16
Med.	VSP Softtech - Blind Sql Injection "Developed by VSP Softtech"	behrouz mansoori
2024-05-14
Med.	82webmaster - Blind Sql Injection "Design & Developed By: 82webmaster"	behrouz mansoori
Med.	Webmirchi - Blind Sql Injection "Powered by Webmirchi"	behrouz mansoori
2024-05-12
Med.	Castel Digital Authentication Bypass "Castel Digital"	CCA469
2024-05-06
Med.	Kobiz Design - Sql Injection "Desing by Kobiz Design Co"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-05-16

Med.

High

Med.

Med.

Med.

2024-05-14

Low

Med.

Med.

High

High

Low

Low

2024-05-13

Med.

The latest CVEs

2024-05-16

Dorks

2024-05-16

Med.

2024-05-14

Med.

Med.

2024-05-12

Med.

2024-05-06

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations