Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2019-08-25
Low
Med.
High
Med.
Med.
Med.
Med.
Med.
Med.
Med.
Med.
2019-08-23
Low
Med.

The latest CVEs

2019-08-25
CVE-2019-15540
filters/filter-cso/filter-stream.c in the CSO filter in libMirage 3.2.2 in CDemu does not validate the part size, triggering a heap-based buffer overflow that can lead to root access by a local Linux user.
CVE-2019-15538
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as we...
2019-08-23
CVE-2016-6154
The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect).
CVE-2019-7364
DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user into opening a malicious DWG file that may lever...
CVE-2019-7363
Use-after-free vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a use-after-free vulnerability, which may result in code execution.
CVE-2019-7362
DLL preloading vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a DLL preloading vulnerability, which may result in code execution.
CVE-2019-6698
Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device.
CVE-2019-6695
Lack of root file system integrity checking in Fortinet FortiManager VM application images of all versions below 6.2.1 may allow an attacker to implant third-party programs by recreating the image through specific methods.
CVE-2019-5594
An Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in Fortinet FortiNAC 8.3.0 to 8.3.6 and 8.5.0 admin webUI may allow an unauthenticated attacker to perform a reflected XSS attack via the search field in the webUI.
CVE-2019-5592
Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below, when configured with SSL Deep Inspection policies and with the IPS sensor enabled, may allow an attacker to decipher TLS connections ...

Dorks

2019-08-25
Low
vBulletin Reflected XSS via "Click here" ( CVE-2019-14538 )
intext : "Powered by vBulletin® Version 5.5.3 Copyright © 2019 MH Sub I, LLC dba vBulletin"
TrazeR
Med.
Joomla 1.5.26 Com_OrgChart Components 1.0.0 XSS SQL Injection
intext:Realizzato con CMS-PAL 1.0 - Altropiano.com inurl:/index.php?option=com_orgchart
KingSkrupellos
2019-08-22
Med.
OneSource Consultoria Informatica Coimbra Portugal XSS SQL Injection
inurl:/index.php?target=showContent site:pt
KingSkrupellos
Med.
Produzione Izdelava MMvisual SQL Injection
intext:Izdelava: MMstudio site:si
KingSkrupellos
Med.
DomusMondo AgestaNet BeniaStudio Domini e Web Hosting XSS SQL Injection
inurl:/ricerca-immobile.php?prov_imm=
KingSkrupellos

Copyright 2019, cxsecurity.com

 

Back to Top