Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2022-07-05
Low
Med.
High
Med.
2022-07-04
Med.
Med.
High
Med.
Low
Med.
2022-07-02
Low
Low
High

The latest CVEs

2022-07-06
CVE-2022-32290
The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. It listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional client components running on the device. However, it listens on all network interfaces instead of only the localhost interface. Therefore, any client...
CVE-2022-32383
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the AdvSetMacMtuWan function.
CVE-2022-32385
Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote).
CVE-2022-32386
Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.
CVE-2021-31676
A reflected XSS was discovered in PESCMS-V2.3.3. When combined with CSRF in the same file, they can cause bigger destruction.
CVE-2021-31677
An issue was discovered in PESCMS-V2.3.3. There is a CSRF vulnerability that can modify admin and other members' passwords.
CVE-2021-31678
An issue was discovered in PESCMS-V2.3.3. There is a CSRF vulnerability that can delete import information about a user's company.
CVE-2021-31679
An issue was discovered in PESCMS-V2.3.3. There is a CSRF vulnerability that allows attackers to delete admin and other members' account numbers.
CVE-2021-37839
Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on. This metadata included the dataset name, columns and metrics.
CVE-2022-24138
IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with a malicious executable thus gaining code ...

Dorks

2022-07-05
Low
SEO Nethizmet Admin NoRedirect Bypass
"inurl /yonetici/yonetici-giris.php"
BQX
2022-07-04
Med.
OPSTECH Thailand Gov Management System Multiple Vulnerabilities
1. intext:"Copyright © by OPSTECH All Right Reserved" site:go.th
NaughtySec
2022-06-28
Low
SEO Nethizmet Admin NoRedirect Bypass
"intext:"Web Tasarım Seo Nethizmet""
BQX
Low
Mailhog 1.0.1 Stored Cross-Site Scripting (XSS)
https://www.shodan.io/search?query=mailhog ( > 3500)
Vulnz
2022-06-22
Med.
BLUEWATER MARIBAGO BEACH RESORT - SQL Injection Vulnerability
intext:"BLUEWATER MARIBAGO BEACH RESORT " inurl:/index.php?page=
MR.$UD0

Copyright 2022, cxsecurity.com

 

Back to Top