Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2020-01-22
Med.
Med.
Med.
Med.
Med.
Low
Low
Med.
2020-01-21
High
Med.
Med.
Med.
Med.

The latest CVEs

2020-01-22
CVE-2019-12490
An issue was discovered in Simple Machines Forum (SMF) before 2.0.16. Reverse tabnabbing can occur because of use of _blank for external links.
CVE-2019-16791
In postfix-mta-sts-resolver before 0.5.1, All users can receive incorrect response from daemon under rare conditions, rendering downgrade of effective STS policy.
CVE-2018-17981
Lifesize Express ls ex2_4.7.10 2000 (14) devices allow XSS via the interface/interface.php brand parameter.
2020-01-21
CVE-2020-7595
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.
CVE-2020-1788
Honor V30 smartphones with versions earlier than 10.0.1.135(C00E130R4P1) have an improper authentication vulnerability. Certain applications do not properly validate the identity of another application who would call its interface. An attacker could trick the user into installing a malicious application. Successful exploit could allow unauthorized ...
CVE-2019-20388
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.
CVE-2019-20387
repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema.
CVE-2019-19414
There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
CVE-2019-19413
There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
CVE-2020-7594
MultiTech Conduit MTCDT-LVW2-24XX 1.4.17-ocea-13592 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Debug Options page and entering shell metacharacters in the interface JSON field of the ping function.

Dorks

2020-01-22
Med.
Bayburt Üniversitesi SQL İnjection
allintext: " bumer.bayburt.edu.tr "
Furkan Özer
Med.
ECTouch ECShop v2.7.3 SQL Injection
inurl:/mobile/index.php?m=default site:cn
KingSkrupellos
Med.
WordPress WP Fanzone 3.1 SQL Injection
Built with WordPress and WP FanZone site:ca
KingSkrupellos
Med.
Balikesir Üniversitesi SQL İnjection
allintext: " nef.balikesir.edu.tr "
Furkan Özer
Med.
Sistem Informasi Akademik SQL Injection
inurl:/detailNews.php?id= inurl:/detailnews.php?no=
s3nt1n3L

Copyright 2020, cxsecurity.com

 

Back to Top