CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-05-07
High	RansomLord v3 - Anti-Ransomware Exploitation Tool / New Release malvuln
High	POMS-PHP-(by oretnom23 )-v1.0-FU-SQLi-RCE-HAT.TRICK nu11secur1ty
2024-05-06
Med.	Systemd Insecure PTY Handling Adam Gowdiak
Med.	Kobiz Design - Sql Injection behrouz mansoori
High	Docker Privileged Container Kernel Escape Eran Ayalon
High	Live2D Cubism Heap Corruption PT
2024-05-05
High	htmlLawed 1.2.5 Remote Command Execution CVE-2022-35914 d4t4s3c
Med.	Oracuz - Blind Sql Injection behrouz mansoori
Med.	Kobiz Design - Blind Sql Injection behrouz mansoori
2024-05-04
Med.	Sandhya Branding Agency - Blind Sql Injection behrouz mansoori
Med.	Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Device Config Disclosure Gjoko 'LiquidWorm' Krstic
High	Microsoft PlayReady Cryptography Weakness Adam Gowdiak
Med.	Webenlive - Sql Injection behrouz mansoori

Dorks

2024-05-07
CVE-2023-6810	The ClickCease Click Fraud Protection plugin for WordPress is vulnerable to unauthorized access of data due to an improper capability check on the get_settings function in all versions up to, and including, 3.2.4. This makes it possible for authenticated attackers, with author access and above, to retrieve the plugin's configured API keys.
CVE-2024-4582	A vulnerability classified as critical has been found in Faraday GM8181 and GM828x up to 20240429. Affected is an unknown function of the component NTP Service. The manipulation of the argument ntp_srv leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is rec...
CVE-2024-4583	A vulnerability classified as problematic was found in Faraday GM8181 and GM828x up to 20240429. Affected by this vulnerability is an unknown functionality of the component Request Handler. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recom...
CVE-2024-4599	Remote denial of service vulnerability in LAN Messenger affecting version 3.4.0. This vulnerability allows an attacker to crash the LAN Messenger service by sending a long string directly and continuously over the UDP protocol.
CVE-2024-20821	A vulnerability possible to reconfigure OTP allows local attackers to transit RMA(Return Merchandise Authorization) mode, which disables security features. This attack needs additional privilege to control TEE.
CVE-2024-20855	Improper access control vulnerability in multitasking framework prior to SMR May-2024 Release 1 allows physical attackers to access unlocked screen for a while.
CVE-2024-20856	Improper Authentication vulnerability in Secure Folder prior to SMR May-2024 Release 1 allows physical attackers to access Secure Folder without proper authentication in a specific scenario.
CVE-2024-20857	Improper access control vulnerability in startListening of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application.
CVE-2024-20858	Improper access control vulnerability in setCocktailHostCallbacks of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application.
CVE-2024-20859	Improper access control vulnerability in FactoryCamera prior to SMR May-2024 Release 1 allows local attackers to take pictures without privilege.

2024-05-06
Med.	Kobiz Design - Sql Injection "Desing by Kobiz Design Co"	behrouz mansoori
2024-05-05
Med.	Oracuz - Blind Sql Injection "Design by Oracuz"	behrouz mansoori
Med.	Kobiz Design - Blind Sql Injection "Desing by Kobiz Design Co"	behrouz mansoori
2024-05-04
Med.	Sandhya Branding Agency - Blind Sql Injection "Powered by : Sandhya Branding Agency"	behrouz mansoori
Med.	Webenlive - Sql Injection "Design: Webenlive"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-05-07

High

High

2024-05-06

Med.

Med.

High

High

2024-05-05

High

Med.

Med.

2024-05-04

Med.

Med.

High

Med.

The latest CVEs

2024-05-07

Dorks

2024-05-06

Med.

2024-05-05

Med.

Med.

2024-05-04

Med.

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations