CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-04-22
Med.	Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass LiquidWorm
Med.	LRMS-PHP-by-oretnom23-v1.0 hat-trick nu11secur1ty
2024-04-21
High	WBCE CMS Version 1.6.1 Remote Command Execution (Authenticated) tmrswrr
Med.	Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference LiquidWorm
Med.	Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass LiquidWorm
Low	Elber Wayber Analog/Digital Audio STL 4.00 Insecure Direct Object Reference LiquidWorm
Med.	North Wales - Sql Injection behrouz mansoori
Med.	Relate Learning And Teaching system Version before 2024.1 Stored XSS Multiple CVE kai6u
Med.	Solar-Log Base 2000- Broken Access Control parsa rezaie khiabanloo
Low	Relate Learning And Teaching system Version before 2024.1 SSTI(Page Sandbox function) lead to RCE Multiple CVE kai6u
Med.	Flowise 1.6.5 Authentication Bypass CVE-2024-31621 Maerifat Majeed
Low	Wordpress Plugin Alemha Watermarker 1.3.1 Stored Cross-Site Scripting (XSS) Erdemstar
2024-04-16
High	BMC Compuware iStrobe Web 20.13 Pre-auth RCE CVE-2023-40304 trancap

The latest CVEs

2024-04-22
CVE-2022-46897	An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The CapsuleIFWUSmm driver does not check the return value from a method or function. This can prevent it from detecting unexpected states and conditions.
CVE-2024-31666	An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted script to the edit_addon_post.php component.
CVE-2024-29376	Sylius 1.12.13 is vulnerable to Cross Site Scripting (XSS) via the "Province" field in Address Book.
CVE-2024-31545	Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/?page=user/manage_user&id=6.
CVE-2024-32407	An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature.
CVE-2024-28436	Cross Site Scripting vulnerability in D-Link DAP products DAP-2230, DAP-2310, DAP-2330, DAP-2360, DAP-2553, DAP-2590, DAP-2690, DAP-2695, DAP-3520, DAP-3662 allows a remote attacker to execute arbitrary code via the reload parameter in the session_login.php component.
CVE-2024-27347	Server-Side Request Forgery (SSRF) vulnerability in Apache HugeGraph-Hubble.This issue affects Apache HugeGraph-Hubble: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue.
CVE-2024-27348	RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue.
CVE-2024-27349	Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue.
CVE-2024-32368	Insecure Permission vulnerability in Agasta Sanketlife 2.0 Pocket 12-Lead ECG Monitor FW Version 3.0 allows a local attacker to cause a denial of service via the Bluetooth Low Energy (BLE) component.

Dorks

2024-04-21
Med.	North Wales - Sql Injection "Web Design North Wales"	behrouz mansoori
Med.	Solar-Log Base 2000- Broken Access Control In Shodan search engine, the filter is ""Server: IPC@CHIP"" "http.favicon.hash:-1334408578 "655744600""	parsa rezaie khiabanloo
2024-04-14
Med.	Bigem Teknoloji - Sql Injection "Designed by Bigem Teknoloji"	behrouz mansoori
2024-04-06
Med.	SolarView Compact 6.00 - Command Injection http.html:"solarview compact"	parsa rezaie khiabanloo
2024-03-30
High	SolarView Compact 6.00 - Command Injection Bypass authentication( CVE-2023-23333 ) http.html:"solarview compact"	parsa rezaie khiabanloo

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-04-22

Med.

Med.

2024-04-21

High

Med.

Med.

Low

Med.

Med.

Med.

Low

Med.

Low

2024-04-16

High

The latest CVEs

2024-04-22

Dorks

2024-04-21

Med.

Med.

2024-04-14

Med.

2024-04-06

Med.

2024-03-30

High

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations