Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2018-10-20
High
Low
Low
High
High
Med.
High
High
High
Med.
Med.
Med.
2018-10-19
High

The latest CVEs

2018-10-19
CVE-2018-18438
Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.
CVE-2018-18428
TP-Link TL-SC3130 1.6.18P12_121101 devices allow unauthenticated RTSP stream access, as demonstrated by a /jpg/image.jpg URI.
CVE-2018-18420
Cross-Site Request Forgery (CSRF) vulnerability was discovered in the 8.3 version of Zenario Content Management System via the admin/organizer.ajax.php?path=zenario__content%2Fpanels%2Fcontent URI.
CVE-2018-18419
Stored XSS has been discovered in the upload section of ARDAWAN.COM User Management 1.1, as demonstrated by a .jpg filename to the /account URI.
CVE-2018-18417
In the 3.1 version of Ekushey Project Manager CRM, Stored XSS has been discovered in the input and upload sections, as demonstrated by the name parameter to the index.php/admin/client/create URI.
CVE-2018-18416
LANGO Codeigniter Multilingual Script 1.0 has XSS in the input and upload sections, as demonstrated by the site_name parameter to the admin/settings/update URI.
CVE-2018-18398
Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read and SEGV. This could potentially be exploited by an arbitrary local user who creates files in /tmp before the victim uses this input method.
CVE-2018-18284
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.
CVE-2018-18224
A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain sensitive information from process memory or cause a crash.
CVE-2018-18223
Open Design Alliance Drawings SDK 2019Update1 has a vulnerability during the reading of malformed files, allowing attackers to obtain sensitive information from process memory or cause a crash.

Dorks

2018-10-20
Med.
جميع الحقوق محفوظة لمعهد صناعة الحياة للتدريب والاستشارات © 2018 SQL Injection Vulnerability
intext:جميع الحقوق محفوظة لمعهد صناعة الحياة للتدريب والاستشارات © 2018 inurl:abroad/page.php?cid=
Rednofozi
2018-10-17
Med.
Heatmiser Wifi Thermostat 1.7 Credential Disclosure
intitle:"Heatmiser Wifi Thermostat"
d0wnp0ur
2018-10-16
Med.
Webmaster Atom Computer Software Counselling Improper Access Control Vulnerability
intext:''Webmaster Atom Bilgisayar Yazılım Danışmanllık'' site:meb.gov.tr
KingSkrupellos
Med.
PROGRAMERS SQL Injection Vulnerability
"Developed by PROGRAMERS"
Mr Hashtag
2018-10-15
Low
Summernote Cross Site Scripting ( XSS ) Vulnerability
inurl:/summernote.php editor
0N3R1D3R

Copyright 2018, cxsecurity.com

 

Back to Top