CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-05-20
Med.	Apache OFBiz 18.12.12 Directory Traversal Abdualhadi Khalifa
Med.	Tenant Limited 1.0 SQL Injection nu11secur1ty
Med.	Oracuz - Sql Injection behrouz mansoori
Med.	82webmaster - Sql Injection behrouz mansoori
Med.	VSP Softtech - Sql Injection behrouz mansoori
Med.	Website by MSBu.de - Blind Sql Injection behrouz mansoori
Med.	Backdrop CMS 1.27.1 Remote Command Execution Ahmet Umit Bayram
High	PopojiCMS 2.0.1 Remote Command Execution Ahmet Umit Bayram
2024-05-19
Low	Panel.SmokeLoader MVID-2024-0682 Cross Site Request Forgery / Cross Site Scripting malvuln
Low	Panel.SmokeLoader MVID-2024-0681 Cross Site Scripting malvuln
Med.	Intent Tech Solutions - Sql Injection behrouz mansoori
Med.	Intent Tech Solutions - Blind Sql Injection behrouz mansoori
2024-05-18
Low	TrojanSpy.Win64.EMOTET.A MVID-2024-0684 Code Execution malvuln

Dorks

2024-05-20
CVE-2024-33900	KeePassXC 2.7.7 allows attackers to recover cleartext credentials.
CVE-2024-33901	Issue in KeePassXC 2.7.7 allows an attacker to recover some passwords stored in the .kdbx database.
CVE-2024-35191	Formie is a Craft CMS plugin for creating forms. Prior to 2.1.6, users with access to a form's settings can include malicious Twig code into fields that support Twig. These might be the Submission Title or the Success Message. This code will then be executed upon creating a submission, or rendering the text. This has been fixed in Formie 2.1....
CVE-2024-35192	Trivy is a security scanner. Prior to 0.51.2, if a malicious actor is able to trigger Trivy to scan container images from a crafted malicious registry, it could result in the leakage of credentials for legitimate registries such as AWS Elastic Container Registry (ECR), Google Cloud Artifact/Container Registry, or Azure Container Registry (ACR). The...
CVE-2024-35194	Minder is a software supply chain security platform. Prior to version 0.0.50, Minder engine is susceptible to a denial of service from memory exhaustion that can be triggered from maliciously created templates. Minder engine uses templating to generate strings for various use cases such as URLs, messages for pull requests, descriptions for advisori...
CVE-2024-35195	Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests `Session`, if the first request is made with `verify=False` to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of `verify`. This behavior will continue for the lifecycl...
CVE-2023-49331	Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search option.
CVE-2023-49332	Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares.
CVE-2023-49333	Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature.
CVE-2023-49334	Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report.

2024-05-20
Med.	Oracuz - Sql Injection "Design by Oracuz"	behrouz mansoori
Med.	82webmaster - Sql Injection "Design & Developed By: 82webmaster"	behrouz mansoori
Med.	VSP Softtech - Sql Injection "Developed By VSP Softtech"	behrouz mansoori
Med.	Website by MSBu.de - Blind Sql Injection "Website by MSBu.de"	behrouz mansoori
2024-05-19
Med.	Intent Tech Solutions - Sql Injection "Designed by Intent Tech Solutions"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-05-20

Med.

Med.

Med.

Med.

Med.

Med.

Med.

High

2024-05-19

Low

Low

Med.

Med.

2024-05-18

Low

The latest CVEs

2024-05-20

Dorks

2024-05-20

Med.

Med.

Med.

Med.

2024-05-19

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations