Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2021-05-11
High
Low
Low
Med.
Low
2021-05-10
Low
Med.
Low
2021-05-09
High
Med.
Low
2021-05-08
High
Med.

The latest CVEs

2021-05-13
CVE-2021-22155
CVE-2020-36197
An improper access control vulnerability has been reported to affect earlier versions of Music Station. If exploited, this vulnerability allows attackers to compromise the security of the software by gaining privileges, reading sensitive information, executing commands, evading detection, etc. This issue affects: QNAP Systems Inc. Music Station ver...
CVE-2020-36198
A command injection vulnerability has been reported to affect certain versions of Malware Remover. If exploited, this vulnerability allows remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Malware Remover versions prior to 4.6.1.0. This issue does not affect: QNAP Systems Inc. Malware Remover 3.x.
CVE-2021-28799
An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. ) If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to v3.0.210412 on QTS 4.3.6; versions prior to v3.0.210...
CVE-2021-23134
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.2 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
CVE-2021-23135
Exposure of System Data to an Unauthorized Control Sphere vulnerability in web UI of Argo CD allows attacker to cause leaked secret data into web UI error messages and logs. This issue affects Argo CD 1.8 versions prior to 1.8.7; 1.7 versions prior to 1.7.14.
CVE-2020-28722
Deskpro Cloud Platform and on-premise 2020.2.3.48207 from 2020-07-30 contains a cross-site scripting (XSS) vulnerability that can lead to an account takeover via custom email templates.
2021-05-12
CVE-2020-18165
Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by injecting commands into the "Website SEO Keywords" field on the page "admin/info.php?shuyu".
CVE-2020-19275
An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid characters after the normal interface, which causes an error that will leak the physical path.
CVE-2021-29511
evm is a pure Rust implementation of Ethereum Virtual Machine. Prior to the patch, when executing specific EVM opcodes related to memory operations that use `evm_core::Memory::copy_large`, the `evm` crate can over-allocate memory when it is not needed, making it possible for an attacker to perform denial-of-service attack. The flaw was corrected in...

Dorks

2021-05-10
Med.
ENERGY CORPORATION Sql Injection Vulnerability
"Powered By ENERGY CORPORATION"
behrouz mansoori
2021-05-07
Med.
OpenNetAdmin 8.5.14 <= 18.1.1 - Remote Command Execution
inurl:/ona/
Alexandre Zanni
2021-05-05
High
Ghostcat Vulnerability Remote Code Execution( CVE-2020-1938 )
python3 ajpshooter.py IP:ApachePort AjpPort /file/location read/eval
Chaitin Tech
2021-05-04
Med.
ILDIS v2 Applications Multiple Vulnerabilities
intitle:Signin | ILDIS JDIHN
KimiHmei7
2021-05-03
Med.
Technical Assistance explore IT Sql Injection Vulnerability
"Technical Assistance explore IT"
behrouz mansoori

Copyright 2021, cxsecurity.com

 

Back to Top