CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-05-16
Med.	CrushFTP Directory Traversal Abdualhadi Khalifa
High	Plantronics Hub 3.25.1 Arbitrary File Read CVE-2024-27460 Alaa Kachouh
Med.	SAP Cloud Connector 2.16.1 Missing Validation CVE-2024-25642 Mingshuo Li
Med.	Zope 5.9 Command Injection Ilyase Dehy
Med.	VSP Softtech - Blind Sql Injection behrouz mansoori
2024-05-14
Low	Chyrp 2.5.2 Cross Site Scripting Ahmet Umit Bayram
Med.	82webmaster - Blind Sql Injection behrouz mansoori
Med.	Webmirchi - Blind Sql Injection behrouz mansoori
High	Backdoor.Win32.AsyncRat / Arbitrary Code Execution malvuln
High	TrojanSpy.Win64.EMOTET.A / Arbitrary Code Execution malvuln
Low	Apache mod_proxy_cluster Cross Site Scripting CVE-2023-6710 Mohamed Mounir Boudjema
Low	Leafpub 1.1.9 Cross Site Scripting Ahmet Umit Bayram
2024-05-13
Med.	Kemp LoadMaster Local sudo Privilege Escalation bwatters-r7

Dorks

2024-05-17
CVE-2023-26862	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2024-3134	The Master Addons ?? Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the title_html_tag attribute in all versions up to, and including, 2.0.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...
CVE-2024-30060	Azure Monitor Agent Elevation of Privilege Vulnerability
2024-05-16
CVE-2024-4733	The ShiftController Employee Shift Scheduling plugin is vulnerable to PHP Object Injection via deserialization of untrusted input via the `hc3_session`-cookie in versions up to, and including, 4.9.57. This makes it possible for an authenticated attacker with contributor access-level or above to inject a PHP Object. No POP chain is present in the vu...
CVE-2022-37341	Improper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-37410	Improper access control for some Intel(R) Thunderbolt driver software before version 89 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-22656	Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-22662	Improper input validation of EpsdSrMgmtConfig in UEFI firmware for some Intel(R) Server Board S2600BP products may allow a privileged user to potentially enable denial of service via local access.
CVE-2023-24460	Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-27504	Improper conditions check in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access.

2024-05-16
Med.	VSP Softtech - Blind Sql Injection "Developed by VSP Softtech"	behrouz mansoori
2024-05-14
Med.	82webmaster - Blind Sql Injection "Design & Developed By: 82webmaster"	behrouz mansoori
Med.	Webmirchi - Blind Sql Injection "Powered by Webmirchi"	behrouz mansoori
2024-05-12
Med.	Castel Digital Authentication Bypass "Castel Digital"	CCA469
2024-05-06
Med.	Kobiz Design - Sql Injection "Desing by Kobiz Design Co"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-05-16

Med.

High

Med.

Med.

Med.

2024-05-14

Low

Med.

Med.

High

High

Low

Low

2024-05-13

Med.

The latest CVEs

2024-05-17

2024-05-16

Dorks

2024-05-16

Med.

2024-05-14

Med.

Med.

2024-05-12

Med.

2024-05-06

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations