Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2022-05-14
Med.
High
High
High
High
High
High
High
Low
2022-05-12
High
High
2022-05-11
High
High

The latest CVEs

2022-05-16
CVE-2021-33318
An Input Validation Vulnerability exists in Joel Christner .NET C# packages WatsonWebserver, IpMatcher 1.0.4.1 and below (IpMatcher) and 4.1.3 and below (WatsonWebserver) due to insufficient validation of input IP addresses and netmasks against the internal Matcher list of IP addresses and subnets.
CVE-2021-23265
A logged-in and authenticated user with a Reviewer Role may lock a content item.
CVE-2021-23266
An anonymous user can craft a URL with text that ends up in the log viewer as is. The text can then include textual messages to mislead the administrator.
CVE-2021-23267
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods.
CVE-2022-25169
The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files.
CVE-2022-30050
Gnuboard 5.55 and 5.56 is vulnerable to Cross Site Scripting (XSS) via bbs/member_confirm.php.
CVE-2022-30055
Prime95 30.7 build 9 suffers from a Buffer Overflow vulnerability that could lead to Remote Code Execution.
CVE-2022-30126
In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.2 and 2.4.0
CVE-2021-42870
ACCEL-PPP 1.12.0 has an out-of-bounds read in post_msg when processing a call_clear_request.
CVE-2021-42897
A remote command execution (RCE) vulnerability was found in FeMiner wms V1.0 in /wms/src/system/datarec.php. The $_POST[r_name] is directly passed into the $mysqlstr and is executed by exec.

Dorks

2022-05-14
High
Designed by OG Advertising - Sql Injection Vulnerability
intext:"Designed by OG Advertising"
LeetGh0sts Squ4d
2022-05-11
High
Ruijie Reyee Mesh Router Remote Code Execution( CVE-2021-43164 )
None
Minh Khoa
2022-05-10
Low
Infreshop - Cross-Site Scripting Vulnerability
"Powered by Infreshop"
Gh05t666nero
2022-05-09
Med.
Zimbra - Request URL Override Vulnerability
inurl:/public/launchSidebar.jsp
Gh05t666nero
Low
Stisla - Open Redirect Vulnerability
intitle:"Login — Stisla"
Gh05t666nero

Copyright 2022, cxsecurity.com

 

Back to Top