Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2022-06-28
Low
Med.
Low
Med.
Low
Med.
Med.
2022-06-26
Med.
Med.
Low
Low
Med.
Low

The latest CVEs

2022-07-02
CVE-2022-32551
Zoho ManageEngine ServiceDesk Plus MSP before 10604 allows path traversal (to WEBINF/web.xml from sample/WEB-INF/web.xml or sample/META-INF/web.xml).
CVE-2022-28200
NVIDIA DGX A100 contains a vulnerability in SBIOS in the BiosCfgTool, where a local user with elevated privileges can read and write beyond intended bounds in SMRAM, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other components.
CVE-2022-32324
PDFAlto v0.4 was discovered to contain a heap buffer overflow via the component /pdfalto/src/pdfalto.cc.
CVE-2022-32325
JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c.
CVE-2022-32411
An issue in the languages config file of HongCMS v3.0 allows attackers to getshell.
CVE-2022-32412
An issue in the /template/edit component of HongCMS v3.0 allows attackers to getshell.
CVE-2022-34903
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
CVE-2022-25758
All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service (ReDoS) via the loadAnnotation() function, due to the usage of insecure regex.
CVE-2022-25876
The package link-preview-js before 2.1.16 are vulnerable to Server-side Request Forgery (SSRF) which allows attackers to send arbitrary requests to the local network and read the response. This is due to flawed DNS rebinding protection.
CVE-2022-25896
This affects the package passport before 0.6.0. When a user logs in or logs out, the session is regenerated instead of being closed.

Dorks

2022-06-28
Low
SEO Nethizmet Admin NoRedirect Bypass
"intext:"Web Tasarım Seo Nethizmet""
BQX
Low
Mailhog 1.0.1 Stored Cross-Site Scripting (XSS)
https://www.shodan.io/search?query=mailhog ( > 3500)
Vulnz
2022-06-22
Med.
BLUEWATER MARIBAGO BEACH RESORT - SQL Injection Vulnerability
intext:"BLUEWATER MARIBAGO BEACH RESORT " inurl:/index.php?page=
MR.$UD0
2022-06-11
Low
WEB SITE Yas Arghavani System XSS( Multiple CVE )
-
E1.Coders
2022-06-05
High
H3k / tiny File Manager
intitle:"h3k File Manager"
Hamza Anonime

Copyright 2022, cxsecurity.com

 

Back to Top