Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2023-02-01
Low
Low
Med.
Med.
Med.
2023-01-30
High
Low
Low
Med.
2023-01-28
Low
High
Med.
Med.

The latest CVEs

2023-02-02
CVE-2022-30904
In Bestechnic Bluetooth Mesh SDK (BES2300) V1.0, a buffer overflow vulnerability can be triggered during provisioning, because there is no check for the SegN field of the Transaction Start PDU.
CVE-2022-31363
Cypress : https://www.infineon.com/ Cypress Bluetooth Mesh SDK BSA0107_05.01.00-BX8-AMESH-08 is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: affected function is pb_transport_handle_frag_. ?? In Cypress Bluetooth Mesh SDK, there is an out-of-bound write vulnerability that can be triggered during me...
CVE-2022-31364
Cypress : https://www.infineon.com/ Cypress Bluetooth Mesh SDK BSA0107_05.01.00-BX8-AMESH-08 is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: affected function is lower_transport_layer_on_seg. ?? In Cypress Bluetooth Mesh SDK, there is an out-of-bound write vulnerability that can be triggered by sen...
CVE-2022-3083
All versions of Landis+Gyr E850 (ZMQ200) are vulnerable to CWE-784: Reliance on Cookies Without Validation and Integrity. The device's web application navigation depends on the value of the session cookie. The web application could become inaccessible for the user if an attacker changes the cookie values.
CVE-2022-37033
In dotCMS 5.x-22.06, TempFileAPI allows a user to create a temporary file based on a passed in URL, while attempting to block any SSRF access to local IP addresses or private subnets. In resolving this URL, the TempFileAPI follows any 302 redirects that the remote URL returns. Because there is no re-validation of the redirect URL, the TempFileAPI c...
CVE-2022-3913
Rapid7 Nexpose and InsightVM versions 6.6.82 through 6.6.177 fail to validate the certificate of the update server when downloading updates. This failure could allow an attacker in a privileged position on the network to provide their own HTTPS endpoint, or intercept communications to the legitimate endpoint. The attacker would need some pre-existi...
CVE-2022-45782
An issue was discovered in dotCMS core 5.3.8.5 through 5.3.8.15 and 21.03 through 22.10.1. A cryptographically insecure random generation algorithm for password-reset token generation leads to account takeover.
CVE-2022-45783
An issue was discovered in dotCMS core 4.x through 22.10.2. An authenticated directory traversal vulnerability in the dotCMS API can lead to Remote Code Execution.
CVE-2022-47872
maccms10 2021.1000.2000 is vulnerable to Server-side request forgery (SSRF).
CVE-2023-23750
An issue was discovered in Joomla! 4.0.0 through 4.2.6. A missing token check causes a CSRF vulnerability in the handling of post-installation messages.

Dorks

2023-01-30
High
Powered By dokumenary.net Remote Code Execution( Multiple CVE )
intext:dokumenary.net All rights reserved.
UnM@SK
2023-01-23
Med.
Website by MSBu.de - Sql Injection Vulnerability
"Website by MSBu.de"
behrouz mansoori
2023-01-09
Med.
Stealth Media Ltd - Sql Injection Vulnerability
"Website Designed & Developed By Stealth Media Ltd."
behrouz mansoori
2023-01-06
High
SDM-Downloads 9.3.15 Privilege Escalation Arbritrary File Upload
inurl:/sdm-downloads/
Luth1er
Low
Wordpress Dsp Dating Csrf FIle Upload( Multiple CVE )
inurl:wp-content/plugins/dsp_dating
UnM@SK

Copyright 2023, cxsecurity.com

 

Back to Top