CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-05-01
High	Kemp LoadMaster Unauthenticated Command Injection Dave Yesland
Low	Doctor Appointment Management System 1.0 Cross Site Scripting CVE-2024-4293 SoSPiro
Low	osCommerce 4 - Reflected XSS CVE-2024-4348 CraCkEr
Med.	Travel-Manager-OTMSP-1.0 Multiple SQLi nu11secur1ty
2024-04-27
High	Positron Broadcast Signal Processor TRA7005 v1.20 Authentication Bypass LiquidWorm
High	GitLens Git Local Configuration Execution h00die
Med.	fvgfl - SQL Injection vulnerability Mahdi Karimi
2024-04-25
Med.	FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution CVE-2023-48788 Spencer McIntyre
High	Relate Learning And Teaching system Version before 2024.1 SSTI(Markup Sandbox function) lead to RCE Multiple CVE kai6u
High	Palo Alto PAN-OS Command Execution / Arbitrary File Creation CVE-2024-3400 Kr0ff
Med.	Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution CVE-2024-3400 sfewer-r7
High	Hikvision Camera - Remote command execution parsa rezaie khiabanloo
Med.	Apache Solr Backup/Restore API Remote Code Execution CVE-2023-50386 jheysel-r7

The latest CVEs

2024-05-01
CVE-2024-29010	The XML document processed in the GMS ECM URL endpoint is vulnerable to XML external entity (XXE) injection, potentially resulting in the disclosure of sensitive information. This issue affects GMS: 9.3.4 and earlier versions.
CVE-2024-30176	In Logpoint before 7.4.0, an attacker can enumerate a valid list of usernames by using publicly exposed URLs of shared widgets.
CVE-2024-32210	The LoMag WareHouse Management application version 1.0.20.120 and older were to utilize hard-coded passwords by default for forms and SQL connections.
CVE-2024-32211	An issue in LOGINT LoMag Inventory Management v1.0.20.120 and before allows a local attacker to obtain sensitive information via the UserClass.cs and Settings.cs components.
CVE-2024-32212	SQL Injection vulnerability in LOGINT LoMag Inventory Management v1.0.20.120 and before allows an attacker to execute arbitrary code via the ArticleGetGroups, DocAddDocument, ClassClickShop and frmSettings components.
CVE-2024-32213	The LoMag WareHouse Management application version 1.0.20.120 and older were found to allow weak passwords. By default, hard-coded passwords of 10 characters with little or no complexity are allowed.
CVE-2024-33078	Tencent Libpag v4.3 is vulnerable to Buffer Overflow. A user can send a crafted image to trigger a overflow leading to remote code execution.
CVE-2024-33442	An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the add_post.php component.
CVE-2023-23019	Cross site scripting (XSS) vulnerability in file main.php in sourcecodester oretnom23 Blog Site 1.0 via the name and email parameters to function user_add.\
CVE-2023-23021	Cross Site Scripting (XSS) vulnerability in sourcecodester oretnom23 pos point sale system 1.0, allows attackers to execute arbitrary code via the code, name, and description inputs in file Main.php.

Dorks

2024-04-27
Med.	fvgfl - SQL Injection vulnerability "Web Design fvgfl"	Mahdi Karimi
2024-04-25
High	Hikvision Camera - Remote command execution In Shodan search engine, the filter is "Web Version="3.1.3.150324" http.favicon.hash:999357577"	parsa rezaie khiabanloo
2024-04-21
Med.	North Wales - Sql Injection "Web Design North Wales"	behrouz mansoori
Med.	Solar-Log Base 2000- Broken Access Control In Shodan search engine, the filter is ""Server: IPC@CHIP"" "http.favicon.hash:-1334408578 "655744600""	parsa rezaie khiabanloo
2024-04-14
Med.	Bigem Teknoloji - Sql Injection "Designed by Bigem Teknoloji"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-05-01

High

Low

Low

Med.

2024-04-27

High

High

Med.

2024-04-25

Med.

High

High

Med.

High

Med.

The latest CVEs

2024-05-01

Dorks

2024-04-27

Med.

2024-04-25

High

2024-04-21

Med.

Med.

2024-04-14

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations