Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2022-01-18
Med.
Med.
Med.
High
Med.
Low
High
High
Med.
Med.
2022-01-17
Med.
Low
Med.

The latest CVEs

2022-01-18
CVE-2020-14107
A stack overflow in the HTTP server of Cast can be exploited to make the app crash in LAN.
CVE-2020-14110
AX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to the web background.
CVE-2021-29215
A potential security vulnerability in HPE Ezmeral Data Fabric that may allow a remote access restriction bypass in the TEZ MapR ecosystem component was discovered in version(s): Prior to Tez-0.8: mapr-tez-0.8.201907081100-1.noarch; prior to Tez-0.9: mapr-tez-0.9.201907090334-1.noarch; prior to Tez-0.9.2: mapr-tez-0.9.2.0.201907081043-1.noarch. HPE ...
CVE-2021-29632
In FreeBSD 13.0-STABLE before n247428-9352de39c3dc, 12.2-STABLE before r370674, 13.0-RELEASE before p6, and 12.2-RELEASE before p12, certain conditions involving use of the highlight buffer while text is scrolling on the console, console data may overwrite data structures associated with the system console or other kernel memory.
CVE-2021-29872
IBM Cloud Pak for Automation 21.0.1 and 21.0.2 - Business Automation Studio Component is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTTP HOST header, which will allow the attacker to conduct...
CVE-2021-37864
Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived channels, which allows authenticated users to view contents of archived channels even when this is denied by system administrators by directly accessing the APIs.
CVE-2021-37865
Mattermost 6.2 and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service.
CVE-2021-37866
Mattermost Boards plugin v0.10.0 and earlier fails to invalidate a session on the server-side when a user logged out of Boards, which allows an attacker to reuse old session token for authorization.
CVE-2021-37867
Mattermost Boards plugin v0.10.0 and earlier fails to protect email addresses of all users via one of the Boards APIs, which allows authenticated and unauthorized users to access this information resulting in sensitive & private information disclosure.
CVE-2021-39892
In all versions of GitLab CE/EE since version 12.0, a lower privileged user can import users from projects that they don't have a maintainer role on and disclose email addresses of those users.

Dorks

2022-01-18
Med.
Archeevo 5.0 Local File Inclusion
intitle:"archeevo"
Miguel Santareno
Med.
Picaporte Design - Sql Injection Vulnerability
"Picaporte Design"
behrouz mansoori
Med.
Nyron 1.0 SQL Injection
inurl:"winlib.aspx"
Miguel Santareno
2022-01-17
Med.
Developed by : Muhammad Jamil - SQL Injection
intext:"Developed by : Muhammad Jamil" .php?id=
Unkn0wn
2022-01-15
Med.
da Grazioli Design - Sql Injection Vulnerability
"Sito web creato da Grazioli Design"
behrouz mansoori

Copyright 2022, cxsecurity.com

 

Back to Top