Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2022-09-28
High
Low
Med.
Low
High
High
Low
Low
2022-09-27
Med.
High
Med.
Med.
Med.

The latest CVEs

2022-09-29
CVE-2022-1270
In GraphicsMagick, a heap buffer overflow was found when parsing MIFF.
CVE-2022-23716
A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.
CVE-2022-36781
WiseConnect - ScreenConnect Session Code Bypass. An attacker would have to use a proxy to monitor the traffic, and perform a brute force on the session code in order to get in. Sensitive data about the company , get in a session.
CVE-2022-39246
matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be missing in others. This attack is possible due to the key forwarding stra...
CVE-2022-39248
matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Additionally, a sophisticated attacker cooperating with a malicious homeserver could employ thi...
CVE-2022-39249
Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be missing in others. This attack is possible due to the...
CVE-2022-39251
Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Additionally, a sophisticated attacker cooperating with a malicious homeser...
CVE-2022-3215
NIOHTTP1 and projects using it for generating HTTP responses can be subject to a HTTP Response Injection attack. This occurs when a HTTP/1.1 server accepts user generated input from an incoming request and reflects it into a HTTP/1.1 response header in some form. A malicious user can add newlines to their input (usually in encoded form) and "i...
CVE-2022-3287
When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read the same configuration file.
CVE-2022-29089
Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker could potentially exploit this vulnerability by reverse engineering to retrieve sensitive information and access the REST API with admin privileges.

Dorks

2022-09-25
Low
WordPress WP-UserOnline 2.88.0 Cross Site Scripting( CVE-2022-2941 )
inurl:/wp-content/plugins/wp-useronline/
UnD3sc0n0c1d0
2022-09-22
High
VIAVIWEB Wallpaper Admin SQL Injection / Shell Upload
intext:"Wallpaper Admin" "LOGIN" "password" "Username"
Edd13Mora
2022-09-15
Low
Genesys PureConnect - Interaction Web Tools XSS( CVE-2022-37775 )
inurl:"/I3Root/chatOrCallback.html"
Jake Murphy - Echelon Risk...
2022-09-13
Med.
Equitysoft Technologies Pvt Ltd - SQL Injection Vulnerability
"Equitysoft Technologies Pvt Ltd"
MR.$UD0
Med.
kansascitynova - Sql Injection Vulnerability
"Designed by kansascitynova"
Security Guard

Copyright 2022, cxsecurity.com

 

Back to Top