Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2019-07-19
Med.
Low
2019-07-18
Med.
Low
Low
Low
Low
2019-07-17
Med.
Low
High
High
High
High

The latest CVEs

2019-07-19
CVE-2019-12453
In MicroStrategy Web before 10.1 patch 10, stored XSS is possible in the FLTB parameter due to missing input validation.
CVE-2019-12193
H3C H3Cloud OS all versions allows SQL injection via the ear/grid_event sidx parameter.
CVE-2019-11553
Code42 for Enterprise through 6.8.4 has Incorrect Access Control.
CVE-2019-1010241
Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-257: Storing Passwords in a Recoverable Format. The impact is: Authenticated users can recover credentials. The component is: config-variables.jelly line #30 (passwordVariable). The attack vector is: Attacker creates and executes a Jenkins job.
CVE-2019-1010239
DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions. The impact is: Null dereference, so attack can cause denial of service. The component is: cJSON_GetObjectItemCaseSensitive() function. The attack vector is: crafted json file. The fixed version is: 1.7.9 and later.
CVE-2019-1010238
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions ...
CVE-2019-1010142
scapy 2.4.0 is affected by: Denial of Service. The impact is: infinite loop, resource consumption and program unresponsive. The component is: _RADIUSAttrPacketListField.getfield(self..). The attack vector is: over the network or in a pcap. both work.
CVE-2019-1010136
ChinaMobile GPN2.4P21-C-CN W2001EN-00 is affected by: Incorrect Access Control - Unauthenticated Remote Reboot. The impact is: PLC Wireless Router's are vulnerable to an unauthenticated remote reboot due. The component is: Reboot settings are available to unauthenticated users instead of only authenticaed users. The attack vector is: Remote.
CVE-2019-1010113
Premium Software CLEditor 1.4.5 and earlier is affected by: Cross Site Scripting (XSS). The impact is: An attacker might be able to inject arbitrary html and script code into the web site. The component is: jQuery plug-in. The attack vector is: the victim must open a crafted href attribute of a link (A) element.
CVE-2019-1010101
Akeo Consulting Rufus 3.0 and earlier is affected by: Insecure Permissions. The impact is: arbitrary code execution with escalation of privilege. The component is: Executable installer, portable executable (ALL executables available). The attack vector is: CWE-29, CWE-377, CWE-379.

Dorks

2019-07-18
Med.
Microsoft Windows Remote Desktop BlueKeep Denial of Service (Metasploit)( CVE-2019-0708 )
port:3389
RAMELLA Sebastien
2019-07-17
Med.
phpFK 8.0 version Reinstall Add Admin Vulnerability
Powered by: phpFK
indoushka
2019-07-15
Med.
pixaal sql injection
inurl:.php?id= intext:"Developed by pixaal"
Mikayil Ilyas
2019-07-11
Low
Oracle Support Platform Service XSS Vulnerability
inurl:/app/answers/list
Zunfix
2019-07-07
Med.
Fédération Francaise de Voile SQL Injection Vulnerability
site:www.ffvoile.fr id=
Cerkuday

Copyright 2019, cxsecurity.com

 

Back to Top