Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2022-08-17
Med.
2022-08-15
Med.
High
Med.
Low
High
2022-08-14
Med.
Med.
High
Low
High
Med.
High

The latest CVEs

2022-08-18
CVE-2022-2874
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0223.
CVE-2022-36023
Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. If a gateway client application sends a malformed request to a gateway peer it may crash the peer node. Version 2.4.6 checks for the malformed gateway request and returns an error to the gateway client. There are no known w...
CVE-2022-37060
FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains directory traversal characters to disclose the contents of files located outside of the server's restricted path.
CVE-2022-36024
A fork of discord.py py-cord is a modern, easy to use, feature-rich, and async ready API wrapper for Discord written in Python. This issue allows users to be able to remotely shutdown the a bot running on py-cord, via adding it to a discord server with the `application.commands` scope but not the `bot` scope - then executing a command in that serve...
CVE-2022-29549
An issue was discovered in Qualys Cloud Agent 4.8.0-49. It executes programs at various full pathnames without first making ownership and permission checks (e.g., to help ensure that a program was installed by root) and without integrity checks (e.g., a checksum comparison against known legitimate programs). Also, the vendor recommendation is to in...
CVE-2022-37025
An improper privilege management vulnerability in McAfee Security Scan Plus (MSS+) before 4.1.262.1 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. This could result in the user gaining elevated permissions and being able to execute arbitrary code due to lack of an integrity check of the co...
CVE-2021-30070
An issue was discovered in HestiaCP before v1.3.5. Attackers are able to arbitrarily install packages due to values taken from the pgk [] parameter in the update request being transmitted to the operating system's package manager.
CVE-2021-30071
A cross-site scripting (XSS) vulnerability in /admin/list_key.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVE-2022-35153
FusionPBX 5.0.1 was discovered to contain a command injection vulnerability via /fax/fax_send.php.
CVE-2022-35154
Shopro Mall System v1.3.8 was discovered to contain a SQL injection vulnerability via the value parameter.

Dorks

2022-08-06
Med.
Active PHP Bookmarks v1.3 - Sql Injection Vulnerability
"Active PHP Bookmarks v1.3"
behrouz mansoori
Med.
Picaporte Design - Sql Injection Vulnerability
"Developed By Newgen Technologies"
behrouz mansoori
2022-08-02
Med.
Powered by Compusys e Solutions - Sql Injection Vulnerability
"Powered by Compusys e Solutions"
behrouz mansoori
Med.
Newgen Technologies - Sql Injection Vulnerability
"Developed By Newgen Technologies"
behrouz mansoori
2022-08-01
Med.
Kaivalya Techno Soft Pvt - Sql Injection Vulnerability
"Developed By - Kaivalya Techno Soft Pvt. Ltd."
behrouz mansoori

Copyright 2022, cxsecurity.com

 

Back to Top