CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-05-19
Low	Panel.SmokeLoader MVID-2024-0682 Cross Site Request Forgery / Cross Site Scripting malvuln
Low	Panel.SmokeLoader MVID-2024-0681 Cross Site Scripting malvuln
Med.	Intent Tech Solutions - Sql Injection behrouz mansoori
Med.	Intent Tech Solutions - Blind Sql Injection behrouz mansoori
2024-05-18
Low	TrojanSpy.Win64.EMOTET.A MVID-2024-0684 Code Execution malvuln
2024-05-16
Med.	CrushFTP Directory Traversal Abdualhadi Khalifa
High	Plantronics Hub 3.25.1 Arbitrary File Read CVE-2024-27460 Alaa Kachouh
Med.	SAP Cloud Connector 2.16.1 Missing Validation CVE-2024-25642 Mingshuo Li
Med.	Zope 5.9 Command Injection Ilyase Dehy
Med.	VSP Softtech - Blind Sql Injection behrouz mansoori
2024-05-14
Low	Chyrp 2.5.2 Cross Site Scripting Ahmet Umit Bayram
Med.	82webmaster - Blind Sql Injection behrouz mansoori
Med.	Webmirchi - Blind Sql Injection behrouz mansoori

Dorks

2024-05-20
CVE-2024-2835	A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Enterprise Security Manager and ArcSight Platform. The vulnerability could be remotely exploited.
CVE-2024-34952	taurusxin ncmdump v1.3.2 was discovered to contain a segmentation violation via the NeteaseCrypt::FixMetadata() function at /src/ncmcrypt.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted .ncm file.
CVE-2024-34953	An issue in taurusxin ncmdump v1.3.2 allows attackers to cause a Denial of Service (DoS) via memory exhaustion by supplying a crafted .ncm file
CVE-2024-3482	A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Enterprise Security Manager and ArcSight Platform. The vulnerability could be remotely exploited.
CVE-2024-4151	An Improper Access Control vulnerability exists in lunary-ai/lunary version 1.2.2, where users can view and update any prompts in any projects due to insufficient access control checks in the handling of PATCH and GET requests for template versions. This vulnerability allows unauthorized users to manipulate or access sensitive project data, potenti...
CVE-2024-4323	A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server??s parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution.
CVE-2023-49330	Zoho ManageEngine ADAudit Plus through 7251 allows SQL Injection while getting aggregate report data.
CVE-2024-27312	Zoho ManageEngine PAM360 version 6601 is vulnerable to authorization vulnerability which allows a low-privileged user to perform admin actions. Note: This vulnerability affects only the PAM360 6600 version. No other versions are applicable to this vulnerability.
CVE-2024-4287	In mintplex-labs/anything-llm, a vulnerability exists due to improper input validation in the workspace update process. Specifically, the application fails to validate or format JSON data sent in an HTTP POST request to `/api/workspace/:workspace-slug/update`, allowing it to be executed as part of a database query without restrictions. This flaw en...
CVE-2024-35948	In the Linux kernel, the following vulnerability has been resolved: bcachefs: Check for journal entries overruning end of sb clean section Fix a missing bounds check in superblock validation. Note that we don't yet have repair code for this case - repair code for individual items is generally low priority, since the whole superblock is chec...

2024-05-19
Med.	Intent Tech Solutions - Sql Injection "Designed by Intent Tech Solutions"	behrouz mansoori
Med.	Intent Tech Solutions - Blind Sql Injection "Designed by Intent Tech Solutions"	behrouz mansoori
2024-05-16
Med.	VSP Softtech - Blind Sql Injection "Developed by VSP Softtech"	behrouz mansoori
2024-05-14
Med.	82webmaster - Blind Sql Injection "Design & Developed By: 82webmaster"	behrouz mansoori
Med.	Webmirchi - Blind Sql Injection "Powered by Webmirchi"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-05-19

Low

Low

Med.

Med.

2024-05-18

Low

2024-05-16

Med.

High

Med.

Med.

Med.

2024-05-14

Low

Med.

Med.

The latest CVEs

2024-05-20

Dorks

2024-05-19

Med.

Med.

2024-05-16

Med.

2024-05-14

Med.

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations