Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2022-05-25
Med.
Med.
Med.
2022-05-24
High
Med.
Med.
High
Med.
2022-05-22
Low
Med.
Low
High
2022-05-19
High

The latest CVEs

2022-05-25
CVE-2022-29248
Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 contains a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets the cookie via the Set-Cookie header, allowing a malicious server to set cookies for unrelated domains. The cookie midd...
CVE-2022-29402
TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console. This vulnerability allows attackers to connect to the UART port via a serial connection and execute commands as the root user without authentication.
CVE-2021-44719
Docker Desktop 4.3.0 has Incorrect Access Control.
CVE-2022-1348
A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist, it is created with world-readable permission, allowing an unprivileged user to lock the state file, stopping any...
CVE-2022-23775
TrueStack Direct Connect 1.4.7 has Incorrect Access Control.
CVE-2022-27305
Gibbon v23 does not generate a new session ID cookie after a user authenticates, making the application vulnerable to session fixation.
CVE-2022-28875
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aemobile component can crash the scanning engine. The exploit can be triggered remotely by an attacker.
CVE-2022-29408
Persistent Cross-Site Scripting (XSS) vulnerability in Vsourz Digital's Advanced Contact form 7 DB plugin <= 1.8.7 at WordPress.
CVE-2022-30427
In ginadmin through 05-10-2022 the incoming path value is not filtered, resulting in directory traversal.
CVE-2022-30428
In ginadmin through 05-10-2022, the incoming path value is not filtered, resulting in arbitrary file reading.

Dorks

2022-05-19
Med.
Will VPN App - VPN App With Admin Panel - Phpthumb Command Injection
- / use your brain
L4663r666h05t
2022-05-14
High
Designed by OG Advertising - Sql Injection Vulnerability
intext:"Designed by OG Advertising"
LeetGh0sts Squ4d
2022-05-11
High
Ruijie Reyee Mesh Router Remote Code Execution( CVE-2021-43164 )
None
Minh Khoa
2022-05-10
Low
Infreshop - Cross-Site Scripting Vulnerability
"Powered by Infreshop"
Gh05t666nero
2022-05-09
Med.
Zimbra - Request URL Override Vulnerability
inurl:/public/launchSidebar.jsp
Gh05t666nero

Copyright 2022, cxsecurity.com

 

Back to Top