Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

Best Hackers:
{{ te.id }}. {{te.nameDis}}
CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}
Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2024-05-16
Med.
CrushFTP Directory Traversal
Abdualhadi Khalifa
High
Plantronics Hub 3.25.1 Arbitrary File Read CVE-2024-27460
Alaa Kachouh
Med.
SAP Cloud Connector 2.16.1 Missing Validation CVE-2024-25642
Mingshuo Li
Med.
Zope 5.9 Command Injection
Ilyase Dehy
Med.
VSP Softtech - Blind Sql Injection
behrouz mansoori
2024-05-14
Low
Chyrp 2.5.2 Cross Site Scripting
Ahmet Umit Bayram
Med.
82webmaster - Blind Sql Injection
behrouz mansoori
Med.
Webmirchi - Blind Sql Injection
behrouz mansoori
High
Backdoor.Win32.AsyncRat / Arbitrary Code Execution
malvuln
High
TrojanSpy.Win64.EMOTET.A / Arbitrary Code Execution
malvuln
Low
Apache mod_proxy_cluster Cross Site Scripting CVE-2023-6710
Mohamed Mounir Boudjema
Low
Leafpub 1.1.9 Cross Site Scripting
Ahmet Umit Bayram
2024-05-13
Med.
Kemp LoadMaster Local sudo Privilege Escalation
bwatters-r7

The latest CVEs

Dorks

2024-05-16
CVE-2024-4733
The ShiftController Employee Shift Scheduling plugin is vulnerable to PHP Object Injection via deserialization of untrusted input via the `hc3_session`-cookie in versions up to, and including, 4.9.57. This makes it possible for an authenticated attacker with contributor access-level or above to inject a PHP Object. No POP chain is present in the vu...
CVE-2022-37341
Improper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-37410
Improper access control for some Intel(R) Thunderbolt driver software before version 89 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-22656
Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-22662
Improper input validation of EpsdSrMgmtConfig in UEFI firmware for some Intel(R) Server Board S2600BP products may allow a privileged user to potentially enable denial of service via local access.
CVE-2023-24460
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-27504
Improper conditions check in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-28383
Improper conditions check in some Intel(R) BIOS PPAM firmware may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-28402
Improper input validation in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-35192
Uncontrolled search path in some Intel(R) GPA Framework software before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
2024-05-16
Med.
VSP Softtech - Blind Sql Injection
"Developed by VSP Softtech"
 behrouz mansoori
2024-05-14
Med.
82webmaster - Blind Sql Injection
"Design & Developed By: 82webmaster"
 behrouz mansoori
Med.
Webmirchi - Blind Sql Injection
"Powered by Webmirchi"
 behrouz mansoori
2024-05-12
Med.
Castel Digital Authentication Bypass
"Castel Digital"
 CCA469
2024-05-06
Med.
Kobiz Design - Sql Injection
"Desing by Kobiz Design Co"
 behrouz mansoori
Quick goto:

Bugtraq The latest CVEs Dorks
Search

Are you looking CVE for some product?

Top Vendors:

Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla
 
Full List of Vendors

Top Products:

Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx
 

Full List of Products

Top CWE:

CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)
 
Check CWE Dictionary

Donate:
is an open project developed and moderated fully by one independent person.
Help develop the project and make
Donations
Copyright 2024, cxsecurity.com

 

Back to Top