Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

Best Hackers:
{{ te.id }}. {{te.nameDis}}
CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}
Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2024-05-19
Low
Panel.SmokeLoader MVID-2024-0682 Cross Site Request Forgery / Cross Site Scripting
malvuln
Low
Panel.SmokeLoader MVID-2024-0681 Cross Site Scripting
malvuln
Med.
Intent Tech Solutions - Sql Injection
behrouz mansoori
Med.
Intent Tech Solutions - Blind Sql Injection
behrouz mansoori
2024-05-18
Low
TrojanSpy.Win64.EMOTET.A MVID-2024-0684 Code Execution
malvuln
2024-05-16
Med.
CrushFTP Directory Traversal
Abdualhadi Khalifa
High
Plantronics Hub 3.25.1 Arbitrary File Read CVE-2024-27460
Alaa Kachouh
Med.
SAP Cloud Connector 2.16.1 Missing Validation CVE-2024-25642
Mingshuo Li
Med.
Zope 5.9 Command Injection
Ilyase Dehy
Med.
VSP Softtech - Blind Sql Injection
behrouz mansoori
2024-05-14
Low
Chyrp 2.5.2 Cross Site Scripting
Ahmet Umit Bayram
Med.
82webmaster - Blind Sql Injection
behrouz mansoori
Med.
Webmirchi - Blind Sql Injection
behrouz mansoori

The latest CVEs

Dorks

2024-05-20
CVE-2024-4323
A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server??s parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution.
CVE-2023-49330
Zoho ManageEngine ADAudit Plus through 7251 allows SQL Injection while getting aggregate report data.
CVE-2024-27312
Zoho ManageEngine PAM360 version 6601 is vulnerable to authorization vulnerability which allows a low-privileged user to perform admin actions. Note: This vulnerability affects only the PAM360 6600 version. No other versions are applicable to this vulnerability.
CVE-2024-4287
In mintplex-labs/anything-llm, a vulnerability exists due to improper input validation in the workspace update process. Specifically, the application fails to validate or format JSON data sent in an HTTP POST request to `/api/workspace/:workspace-slug/update`, allowing it to be executed as part of a database query without restrictions. This flaw en...
CVE-2024-35948
In the Linux kernel, the following vulnerability has been resolved: bcachefs: Check for journal entries overruning end of sb clean section Fix a missing bounds check in superblock validation. Note that we don't yet have repair code for this case - repair code for individual items is generally low priority, since the whole superblock is chec...
CVE-2024-35949
In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We previously would call btrfs_check_leaf() if we had the check integrity code enabled, which meant that we could only run the extended leaf checks if we had WRITTEN set on the header flags. This leaves a gap in our che...
CVE-2024-35950
In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The modes[] array contains pointers to modes on the connectors' mode lists, which are protected by dev->mode_config.mutex. Thus we need to extend modes[] the same protection or by the time we use it the elem...
CVE-2024-35951
In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() Subject: [PATCH] drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() If some the pages or sgt allocation failed, we shouldn't release the pages ref we got earlier, otherwise we will end up with...
CVE-2024-35952
In the Linux kernel, the following vulnerability has been resolved: drm/ast: Fix soft lockup There is a while-loop in ast_dp_set_on_off() that could lead to infinite-loop. This is because the register, VGACRI-Dx, checked in this API is a scratch register actually controlled by a MCU, named DPMCU, in BMC. These scratch registers are protected by ...
CVE-2024-35953
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix deadlock in context_xa ivpu_device->context_xa is locked both in kernel thread and IRQ context. It requires XA_FLAGS_LOCK_IRQ flag to be passed during initialization otherwise the lock could be acquired from a thread and interrupted by an IRQ that locks it for ...
2024-05-19
Med.
Intent Tech Solutions - Sql Injection
"Designed by Intent Tech Solutions"
 behrouz mansoori
Med.
Intent Tech Solutions - Blind Sql Injection
"Designed by Intent Tech Solutions"
 behrouz mansoori
2024-05-16
Med.
VSP Softtech - Blind Sql Injection
"Developed by VSP Softtech"
 behrouz mansoori
2024-05-14
Med.
82webmaster - Blind Sql Injection
"Design & Developed By: 82webmaster"
 behrouz mansoori
Med.
Webmirchi - Blind Sql Injection
"Powered by Webmirchi"
 behrouz mansoori
Quick goto:

Bugtraq The latest CVEs Dorks
Search

Are you looking CVE for some product?

Top Vendors:

Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla
 
Full List of Vendors

Top Products:

Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx
 

Full List of Products

Top CWE:

CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)
 
Check CWE Dictionary

Donate:
is an open project developed and moderated fully by one independent person.
Help develop the project and make
Donations
Copyright 2024, cxsecurity.com

 

Back to Top