Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2021-12-05
High
Med.
2021-12-04
High
Low
Med.
Med.
High
Low
2021-12-03
Med.
Med.
High
High
Med.

The latest CVEs

2021-12-06
CVE-2021-37253
M-Files Web before 20.10.9524.1 allows a denial of service via overlapping ranges (in HTTP requests with crafted Range or Request-Range headers).
CVE-2021-44044
An out-of-bounds write vulnerability exists when reading a JPG file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists with parsing JPG files. Crafted data in a JPG (4 extraneous bytes before the marker 0xca) can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability...
CVE-2021-44045
An out-of-bounds write vulnerability exists when reading a DGN file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DGN files. Crafted data in a DGN file and lack of proper validation for the XFAT sectors count can trigger a write operation past the end of an allocated buffer. An attacker can ...
CVE-2021-44046
An out-of-bounds write vulnerability exists when reading U3D files in Open Design Alliance PRC SDK before 2022.11. An unchecked return value of a function (verifying input data from a U3D file) leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process.
CVE-2021-44047
A use-after-free vulnerability exists when reading a DWF/DWFX file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists with parsing DWF/DWFX files. Crafted data in a DWF/DWFX file and lack of proper validation of input data can trigger a write operation past the end of an allocated buffer. An attacker can leverage this...
CVE-2021-44048
An out-of-bounds write vulnerability exists when reading a TIF file using Open Design Alliance (ODA) Drawings Explorer before 2022.11. The specific issue exists after loading TIF files. Crafted data in a TIF file can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the con...
2021-12-04
CVE-2021-4005
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-35413
A remote code execution (RCE) vulnerability in course_intro_pdf_import.php of Chamilo LMS v1.11.x allows authenticated attackers to execute arbitrary code via a crafted .htaccess file.
CVE-2021-35414
Chamilo LMS v1.11.x was discovered to contain a SQL injection via the doc parameter in main/plagiarism/compilatio/upload.php.
CVE-2021-35415
A stored cross-site scripting (XSS) vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the course "Title" and "Content" fields.

Dorks

2021-12-05
Med.
WordPress DZS Zoomsounds 6.45 Arbitrary File Read( CVE-2021-39316 )
inurl:/wp-content/plugins/dzs-zoomsounds/
Uriel Yochpaz
2021-12-03
Med.
Openbiz Cubi 3.0.8 Unrestricted File Upload Vulnerability
" System Login - Cubi Platform "
indoushka
High
WordPress Plugin DZS Zoomsounds 6.45 Arbitrary File Read (Unauthenticated)( CVE-2021-39316 )
inurl:/wp-content/plugins/dzs-zoomsounds/
Uriel Yochpaz
2021-12-02
Med.
Harshainfotech - Sql Injection Vulnerability
"Designed & Maintained by | Harshainfotech"
behrouz mansoori
2021-11-30
Med.
Design By Magic Mayo - Sql Injection Vulnerability
"Design By Magic Mayo"
behrouz mansoori

Copyright 2021, cxsecurity.com

 

Back to Top