Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2022-05-14
Med.
High
High
High
High
High
High
High
Low
2022-05-12
High
High
2022-05-11
High
High

The latest CVEs

2022-05-17
CVE-2020-4957
IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information in URL parameters that could aid in future attacks against the system. IBM X-Force ID: 192208.
CVE-2022-22484
IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser's application command history. By accessing browser history, an attacker could exploit this vulnerability to obtain other user accounts' ...
CVE-2022-24108
The Skyoftech So Listing Tabs module 2.2.0 for OpenCart allows a remote attacker to inject a serialized PHP object via the setting parameter, potentially resulting in the ability to write to files on the server, cause DoS, and achieve remote code execution because of deserialization of untrusted data.
CVE-2022-24856
FlyteConsole is the web user interface for the Flyte platform. FlyteConsole prior to version 0.52.0 is vulnerable to server-side request forgery (SSRF) when FlyteConsole is open to the general internet. An attacker can exploit any user of a vulnerable instance to access the internal metadata server or other unauthenticated URLs. Passing of headers ...
CVE-2022-30007
GXCMS V1.5 has a file upload vulnerability in the background. The vulnerability is the template management page. You can edit any template content and then rename to PHP suffix file, after calling PHP file can control the server.
CVE-2022-30073
WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via /admin/users/save.php.
CVE-2020-4994
IBM DataPower Gateway 10.0.1.0 through 10.0.1.4 and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a temporary denial of service by sending invalid HTTP requests. IBM X-Force ID: 192906.
CVE-2021-29726
IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication Server 6.0.3 does not properly ensure that a certificate is actually associated with the host due to improper validation of certificates. IBM X-Force ID: 201104.
CVE-2021-38872
IBM DataPower Gateway 10.0.2.0, 10.0.3.0, 10.0.1.0 through 10.0.1.4, and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a denial of service by consuming resources with multiple requests. IBM X-Force ID: 208348.
CVE-2022-1116
Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions.

Dorks

2022-05-14
High
Designed by OG Advertising - Sql Injection Vulnerability
intext:"Designed by OG Advertising"
LeetGh0sts Squ4d
2022-05-11
High
Ruijie Reyee Mesh Router Remote Code Execution( CVE-2021-43164 )
None
Minh Khoa
2022-05-10
Low
Infreshop - Cross-Site Scripting Vulnerability
"Powered by Infreshop"
Gh05t666nero
2022-05-09
Med.
Zimbra - Request URL Override Vulnerability
inurl:/public/launchSidebar.jsp
Gh05t666nero
Low
Stisla - Open Redirect Vulnerability
intitle:"Login — Stisla"
Gh05t666nero

Copyright 2022, cxsecurity.com

 

Back to Top