Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2019-11-20
Low
Low
Low
Low
High
2019-11-19
High
High
Med.
Med.
Low
Low
Med.
Low

The latest CVEs

2019-11-19
CVE-2019-5688
NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool prior to 2019-11, NVIDIA kernel mode driver (nvflash.sys, nvflsh32.sys, and nvflsh64.sys) contains a vulnerability in which authenticated users with administrative privileges can gain access to device memory and registers of other devices not managed by NVIDIA, which may lead to...
CVE-2019-5102
An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any ...
CVE-2019-5101
An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any ...
CVE-2019-3424
authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations.
CVE-2019-3423
permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources.
CVE-2019-19117
/usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter.
CVE-2019-19113
main/resources/mapper/NewBeeMallGoodsMapper.xml in newbee-mall (aka New Bee) before 2019-10-23 allows search?goodsCategoryId=&keyword= SQL Injection.
CVE-2019-19085
A persistent cross-site scripting (XSS) vulnerability in Octopus Server 3.4.0 through 2019.10.5 allows remote authenticated attackers to inject arbitrary web script or HTML.
CVE-2019-19084
In Octopus Deploy 3.3.0 through 2019.10.4, an authenticated user with PackagePush permission to upload packages could upload a maliciously crafted package, triggering an exception that exposes underlying operating system details.
CVE-2019-19083
Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in driv...

Dorks

2019-11-18
Low
Yoncu Domain Take Over Method ( NameServer Take Over )
intext:"Bu Alan Adı Yöncü Bilişim Çözümleri Tarafından Sağlanmıştır"
Gaddar
2019-11-17
Med.
R&D Visions CMS - SQL Injection Vulnerability
intext:"Website by R&D Visions" inurl:.php?id=
FreeBuzz Team
Med.
Maintained By Web Smile India - SQL Injection Vulnerability
intext:"Maintained By Web Smile India " inurl:.php?id=
FreeBuzz Team
2019-11-16
Med.
IceHrm Admin Weak Password
intitle:"Ice Hrm Login" intext:"Forgot Password"
L4663r666h05t
2019-11-15
High
Xfilesharing 2.5.1 Local File Inclusion / Shell Upload( CVE-2019-18952 )
inurl:/?op=registration
Noman Riffat

Copyright 2019, cxsecurity.com

 

Back to Top