Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

Best Hackers:
{{ te.id }}. {{te.nameDis}}
CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}
Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2024-04-22
Med.
Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass
LiquidWorm
Med.
LRMS-PHP-by-oretnom23-v1.0 hat-trick
nu11secur1ty
2024-04-21
High
WBCE CMS Version 1.6.1 Remote Command Execution (Authenticated)
tmrswrr
Med.
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference
LiquidWorm
Med.
Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass
LiquidWorm
Low
Elber Wayber Analog/Digital Audio STL 4.00 Insecure Direct Object Reference
LiquidWorm
Med.
North Wales - Sql Injection
behrouz mansoori
Med.
Relate Learning And Teaching system Version before 2024.1 Stored XSS Multiple CVE
kai6u
Med.
Solar-Log Base 2000- Broken Access Control
parsa rezaie khiabanloo
Low
Relate Learning And Teaching system Version before 2024.1 SSTI(Page Sandbox function) lead to RCE Multiple CVE
kai6u
Med.
Flowise 1.6.5 Authentication Bypass CVE-2024-31621
Maerifat Majeed
Low
Wordpress Plugin Alemha Watermarker 1.3.1 Stored Cross-Site Scripting (XSS)
Erdemstar
2024-04-16
High
BMC Compuware iStrobe Web 20.13 Pre-auth RCE CVE-2023-40304
trancap

The latest CVEs

2024-04-23
CVE-2024-32258
The network server of fceux 2.7.0 has a path traversal vulnerability, allowing attackers to overwrite any files on the server without authentication by fake ROM.
CVE-2024-21972
An out of bounds write vulnerability in the AMD Radeon?? user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code execution.
CVE-2024-21979
An out of bounds write vulnerability in the AMD Radeon?? user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code execution.
CVE-2024-28627
An issue in Flipsnack v.18/03/2024 allows a local attacker to obtain sensitive information via the reader.gz.js file.
CVE-2024-2477
The wpDiscuz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Alternative Text' field of an uploaded image in all versions up to, and including, 7.6.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbi...
CVE-2024-28130
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage functionality of OFFIS DCMTK 3.6.8. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2024-31804
An unquoted service path vulnerability in Terratec DMX_6Fire USB v.1.23.0.02 allows a local attacker to escalate privileges via the Program.exe component.
CVE-2024-32679
Missing Authorization vulnerability in Shared Files PRO Shared Files.This issue affects Shared Files: from n/a through 1.7.16.
CVE-2024-33211
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the PPPOEPassword parameter in ip/goform/QuickIndex.
CVE-2024-33212
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter in ip/goform/setcfm.

Dorks

2024-04-21
Med.
North Wales - Sql Injection
"Web Design North Wales"
 behrouz mansoori
Med.
Solar-Log Base 2000- Broken Access Control
In Shodan search engine, the filter is ""Server: IPC@CHIP"" "http.favicon.hash:-1334408578 "655744600""
 parsa rezaie khiabanloo
2024-04-14
Med.
Bigem Teknoloji - Sql Injection
"Designed by Bigem Teknoloji"
 behrouz mansoori
2024-04-06
Med.
SolarView Compact 6.00 - Command Injection
http.html:"solarview compact"
 parsa rezaie khiabanloo
2024-03-30
High
SolarView Compact 6.00 - Command Injection Bypass authentication( CVE-2023-23333 )
http.html:"solarview compact"
 parsa rezaie khiabanloo
Quick goto:

Bugtraq The latest CVEs Dorks
Search

Are you looking CVE for some product?

Top Vendors:

Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla
 
Full List of Vendors

Top Products:

Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx
 

Full List of Products

Top CWE:

CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)
 
Check CWE Dictionary

Donate:
is an open project developed and moderated fully by one independent person.
Help develop the project and make
Donations
Copyright 2024, cxsecurity.com

 

Back to Top