CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-04-16
High	BMC Compuware iStrobe Web 20.13 Pre-auth RCE CVE-2023-40304 trancap
Med.	Centreon 23.10-1.el8 SQL Injection Cody Sixteen
High	CrushFTP Remote Code Execution CVE-2023-43177 Christophe de la Fuente
High	kruxton-1.0-FileUpload-RCE nu11secur1ty
High	Backdoor.Win32.Dumador.c / Remote Stack Buffer Overflow (SEH) malvuln
2024-04-15
Med.	Amazon AWS Glue Database Password Disclosure Michael Werner
High	OpenClinic GA 5.247.01 Path Traversal (Authenticated) CVE-2023-40279 V. B.
High	PrusaSlicer 2.6.1 Arbitrary Code Execution CVE-2023-47268 Kamil Brenski
Med.	AMPLE BILLS 0.1 SQL injection nu11secur1ty
Med.	kruxton-1.0-Multiple-SQLi nu11secur1ty
High	Django REST Framework SimpleJWT 5.3.1 Information Disclosure CVE-2024-22513 Dhrumil Mistry
Med.	Jenkins 2.441 Local File Inclusion CVE-2024-23897 Matisse Beckandt
Med.	Moodle 3.10.1 SQL Injection CVE-2021-36393 Julio Ángel Ferrari

The latest CVEs

2024-04-16
CVE-2023-50872	The API in Accredible Credential.net December 6th, 2023 allows an Insecure Direct Object Reference attack that discloses partial information about certificates and their respective holder. NOTE: the excellium-services.com web page about this issue mentions "Vendor says that it's not a security issue."
CVE-2024-3302	There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser. This vulnerability affects Firefox < 125 and Firefox ESR < 115.10.
CVE-2024-3852	GetBoundName could return the wrong version of an object when JIT optimizations were applied. This vulnerability affects Firefox < 125 and Firefox ESR < 115.10.
CVE-2024-3853	A use-after-free could result if a JavaScript realm was in the process of being initialized when a garbage collection started. This vulnerability affects Firefox < 125.
CVE-2024-3854	In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability affects Firefox < 125 and Firefox ESR < 115.10.
CVE-2024-3855	In certain cases the JIT incorrectly optimized MSubstr operations, which led to out-of-bounds reads. This vulnerability affects Firefox < 125.
CVE-2024-3856	A use-after-free could occur during WASM execution if garbage collection ran during the creation of an array. This vulnerability affects Firefox < 125.
CVE-2024-3857	The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox < 125 and Firefox ESR < 115.10.
CVE-2024-3858	It was possible to mutate a JavaScript object so that the JIT could crash while tracing it. This vulnerability affects Firefox < 125.
CVE-2024-3859	On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font. This vulnerability affects Firefox < 125 and Firefox ESR < 115.10.

Dorks

2024-04-14
Med.	Bigem Teknoloji - Sql Injection "Designed by Bigem Teknoloji"	behrouz mansoori
2024-04-06
Med.	SolarView Compact 6.00 - Command Injection http.html:"solarview compact"	parsa rezaie khiabanloo
2024-03-30
High	SolarView Compact 6.00 - Command Injection Bypass authentication( CVE-2023-23333 ) http.html:"solarview compact"	parsa rezaie khiabanloo
2024-03-24
Med.	Chenarkhayyam - Sql Injection And Waf , Cdn Bypass "طراحی شده توسط سایت چنار خیام"	parsa rezaie khiabanloo
2024-03-20
High	SolarView Compact 6.00 Command Injection( CVE-2023-23333 ) http.html:"solarview compact"	ByteHunter

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-04-16

High

Med.

High

High

High

2024-04-15

Med.

High

High

Med.

Med.

High

Med.

Med.

The latest CVEs

2024-04-16

Dorks

2024-04-14

Med.

2024-04-06

Med.

2024-03-30

High

2024-03-24

Med.

2024-03-20

High

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations