Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2022-08-08
Med.
Low
Med.
High
2022-08-07
High
2022-08-06
High
Low
High
Med.
Med.
Med.
2022-08-03
Low
High

The latest CVEs

2022-08-11
CVE-2022-38150
In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert and automatically restart through forged HTTP/1 backend responses. An attack uses a crafted reason phrase of the backend response status line. This is fixed in 7.0.3 and 7.1.1.
CVE-2022-38155
TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive Memory Allocation via a large len value, as demonstrated by a Numaker-PFM-M2351 TEE kernel crash.
CVE-2022-38161
The Gumstix Overo SBC on the VSKS board through 2022-08-09, as used on the Orlan-10 and other platforms, allows unrestricted remapping of the NOR flash memory containing the bitstream for the FPGA.
CVE-2021-33643
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.
CVE-2021-33644
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
CVE-2021-33645
The th_read() function doesn??t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.
CVE-2021-33646
The th_read() function doesn??t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.
CVE-2021-39696
In Task.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-185810717
CVE-2021-40030
The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2021-40034
The video framework has the memory overwriting vulnerability caused by addition overflow. Successful exploitation of this vulnerability may affect the availability.

Dorks

2022-08-06
Med.
Active PHP Bookmarks v1.3 - Sql Injection Vulnerability
"Active PHP Bookmarks v1.3"
behrouz mansoori
Med.
Picaporte Design - Sql Injection Vulnerability
"Developed By Newgen Technologies"
behrouz mansoori
2022-08-02
Med.
Powered by Compusys e Solutions - Sql Injection Vulnerability
"Powered by Compusys e Solutions"
behrouz mansoori
Med.
Newgen Technologies - Sql Injection Vulnerability
"Developed By Newgen Technologies"
behrouz mansoori
2022-08-01
Med.
Kaivalya Techno Soft Pvt - Sql Injection Vulnerability
"Developed By - Kaivalya Techno Soft Pvt. Ltd."
behrouz mansoori

Copyright 2022, cxsecurity.com

 

Back to Top