CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-05-07
High	RansomLord v3 - Anti-Ransomware Exploitation Tool / New Release malvuln
High	POMS-PHP-(by oretnom23 )-v1.0-FU-SQLi-RCE-HAT.TRICK nu11secur1ty
2024-05-06
Med.	Systemd Insecure PTY Handling Adam Gowdiak
Med.	Kobiz Design - Sql Injection behrouz mansoori
High	Docker Privileged Container Kernel Escape Eran Ayalon
High	Live2D Cubism Heap Corruption PT
2024-05-05
High	htmlLawed 1.2.5 Remote Command Execution CVE-2022-35914 d4t4s3c
Med.	Oracuz - Blind Sql Injection behrouz mansoori
Med.	Kobiz Design - Blind Sql Injection behrouz mansoori
2024-05-04
Med.	Sandhya Branding Agency - Blind Sql Injection behrouz mansoori
Med.	Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Device Config Disclosure Gjoko 'LiquidWorm' Krstic
High	Microsoft PlayReady Cryptography Weakness Adam Gowdiak
Med.	Webenlive - Sql Injection behrouz mansoori

Dorks

2024-05-08
CVE-2024-1076	The SSL Zen WordPress plugin before 4.6.0 only relies on the use of .htaccess to prevent visitors from accessing the site's generated private keys, which allows an attacker to read them if the site runs on a server who doesn't support .htaccess files, like NGINX.
CVE-2024-3494	The Mesmerize Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mesmerize_contact_form' shortcode in all versions up to, and including, 1.6.148 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with co...
CVE-2023-41651	Missing Authorization vulnerability in Multi-column Tag Map.This issue affects Multi-column Tag Map: from n/a through 17.0.26.
CVE-2024-34573	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pootlepress Pootle Pagebuilder ?? WordPress Page builder allows Stored XSS.This issue affects Pootle Pagebuilder ?? WordPress Page builder: from n/a through 5.7.1.
CVE-2024-34574	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wpsoul Table Maker allows Stored XSS.This issue affects Table Maker: from n/a through 1.9.1.
CVE-2024-4436	The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2022-41723. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning it should be updated at compile time instead.
CVE-2024-4437	The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2021-44716. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning it should be updated at compile time instead.
CVE-2024-4438	The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2023-39325/CVE-2023-44487, known as Rapid Reset. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning it should be upd...
CVE-2024-4456	In affected versions of Octopus Server with certain access levels it was possible to embed a Cross-Site Scripting payload on the audit page.
CVE-2024-1929	Local Root Exploit via Configuration Dictionary in dnf5daemon-server before 5.1.17 allows a malicious user to impact Confidentiality and Integrity via Configuration Dictionary. There are issues with the D-Bus interface long before Polkit is invoked. The `org.rpm.dnf.v0.SessionManager.open_session` method takes a key/value map of configuration en...

2024-05-06
Med.	Kobiz Design - Sql Injection "Desing by Kobiz Design Co"	behrouz mansoori
2024-05-05
Med.	Oracuz - Blind Sql Injection "Design by Oracuz"	behrouz mansoori
Med.	Kobiz Design - Blind Sql Injection "Desing by Kobiz Design Co"	behrouz mansoori
2024-05-04
Med.	Sandhya Branding Agency - Blind Sql Injection "Powered by : Sandhya Branding Agency"	behrouz mansoori
Med.	Webenlive - Sql Injection "Design: Webenlive"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-05-07

High

High

2024-05-06

Med.

Med.

High

High

2024-05-05

High

Med.

Med.

2024-05-04

Med.

Med.

High

Med.

The latest CVEs

2024-05-08

Dorks

2024-05-06

Med.

2024-05-05

Med.

Med.

2024-05-04

Med.

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations