CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-05-05
High	htmlLawed 1.2.5 Remote Command Execution CVE-2022-35914 d4t4s3c
Med.	Oracuz - Blind Sql Injection behrouz mansoori
Med.	Kobiz Design - Blind Sql Injection behrouz mansoori
2024-05-04
Med.	Sandhya Branding Agency - Blind Sql Injection behrouz mansoori
Med.	Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Device Config Disclosure Gjoko 'LiquidWorm' Krstic
High	Microsoft PlayReady Cryptography Weakness Adam Gowdiak
Med.	Webenlive - Sql Injection behrouz mansoori
Low	SOPlanning 1.52.00 Cross Site Scripting liquidsky
Med.	SOPlanning 1.52.00 SQL Injection liquidsky
Low	SOPlanning 1.52.00 Cross Site Request Forgery liquidsky
Med.	BitraTech - Sql Injection behrouz mansoori
Med.	Bigem Teknoloji - Blind Sql Injection behrouz mansoori
2024-05-01
High	Kemp LoadMaster Unauthenticated Command Injection Dave Yesland

Dorks

2024-05-06
CVE-2024-34519	Avantra Server 24.x before 24.0.7 and 24.1.x before 24.1.1 mishandles the security of dashboards, aka XAN-5367. If a user can create a dashboard with an auto-login user, data disclosure may occur. Access control can be bypassed when there is a shared dashboard, and its auto-login user has privileges that a dashboard visitor should not have.
CVE-2024-4502	A vulnerability classified as critical has been found in Ruijie RG-UAC up to 20240428. Affected is an unknown function of the file /view/dhcp/dhcpClient/dhcp_client_commit.php. The manipulation of the argument ifName leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be ...
CVE-2024-4503	A vulnerability classified as critical was found in Ruijie RG-UAC up to 20240428. Affected by this vulnerability is an unknown functionality of the file /view/dhcp/dhcpConfig/dhcp_relay_commit.php. The manipulation of the argument interface_from leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to th...
CVE-2024-4504	A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240428. Affected by this issue is some unknown functionality of the file /view/HAconfig/baseConfig/commit.php. The manipulation of the argument peer_ip/local_ip leads to os command injection. The attack may be launched remotely. The exploit has been disclosed...
CVE-2024-4505	A vulnerability, which was classified as critical, was found in Ruijie RG-UAC up to 20240428. This affects an unknown part of the file /view/IPV6/ipv6Addr/ip_addr_add_commit.php. The manipulation of the argument prelen/ethname leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...
CVE-2024-4506	A vulnerability has been found in Ruijie RG-UAC up to 20240428 and classified as critical. This vulnerability affects unknown code of the file /view/IPV6/ipv6Addr/ip_addr_edit_commit.php. The manipulation of the argument text_ip_addr/orgprelen/orgname leads to os command injection. The attack can be initiated remotely. The exploit has been disclose...
2024-05-05
CVE-2024-34508	dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.
CVE-2024-34509	dcmdata in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.
CVE-2024-34510	Gradio before 4.20 allows credential leakage on Windows.
CVE-2024-34511	Component Server in Gradio before 4.13 does not properly consider _is_server_fn for functions.

2024-05-05
Med.	Oracuz - Blind Sql Injection "Design by Oracuz"	behrouz mansoori
Med.	Kobiz Design - Blind Sql Injection "Desing by Kobiz Design Co"	behrouz mansoori
2024-05-04
Med.	Sandhya Branding Agency - Blind Sql Injection "Powered by : Sandhya Branding Agency"	behrouz mansoori
Med.	Webenlive - Sql Injection "Design: Webenlive"	behrouz mansoori
Med.	BitraTech - Sql Injection "Powered By BitraTech"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-05-05

High

Med.

Med.

2024-05-04

Med.

Med.

High

Med.

Low

Med.

Low

Med.

Med.

2024-05-01

High

The latest CVEs

2024-05-06

2024-05-05

Dorks

2024-05-05

Med.

Med.

2024-05-04

Med.

Med.

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations