Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2019-09-19
Med.
Med.
Low
2019-09-18
Low
Med.
Med.
Med.
Med.
2019-09-17
Med.
Med.
Med.
2019-09-16
Med.
High

The latest CVEs

2019-09-19
CVE-2019-16413
An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems.
2019-09-18
CVE-2019-5531
VMware vSphere ESXi (6.7 prior to ESXi670-201904101-SG, 6.5 prior to ESXi650-201907101-SG, 6.0 prior to ESXi600-201909001) and VMware vCenter Server (6.7 prior to 6.7 U1b, 6.5 prior to 6.5 U2b and 6.0 prior to 6.0 U3j) contain an information disclosure vulnerability in clients arising from insufficient session expiration. An attacker with physical ...
CVE-2019-3758
RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. The vulnerability allows sysadmins to create user accounts with insufficient credentials. Unauthenticated attackers could gain unauthorized access to the system using those accounts.
CVE-2019-3756
RSA Archer, versions prior to 6.6 P3 (6.6.0.3), contain an information disclosure vulnerability. Information relating to the backend database gets disclosed to low-privileged RSA Archer users' UI under certain error conditions.
CVE-2019-3740
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.
CVE-2019-3739
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA keys.
CVE-2019-3738
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Improper Verification of Cryptographic Signature vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.
CVE-2019-13558
In WebAccess versions 8.4.1 and prior, an exploit executed over the network may cause improper control of generation of code, which may allow remote code execution, data exfiltration, or cause a system crash.
CVE-2019-13556
In WebAccess versions 8.4.1 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.
CVE-2019-11778
If an MQTT v5 client connects to Eclipse Mosquitto versions 1.6.0 to 1.6.4 inclusive, sets a last will and testament, sets a will delay interval, sets a session expiry interval, and the will delay interval is set longer than the session expiry interval, then a use after free error occurs, which has the potential to cause a crash in some situations.

Dorks

2019-09-16
Low
InJob | Multi-purpose for recruitment WordPress Theme v3.3.6 Reflected & Persistent XSS
inurl:/wp-content/themes/injob/
SubversA
Med.
Zoner | Real Estate Joomla Theme Persistent XSS
/templates/bt_zoner/html/
SubversA
2019-09-15
Med.
Cabrera Propiedades (Blind SQL Injection)
"inurl:php?id= site:ar intext:propiedades"
intrackeable
2019-09-14
Med.
La Paz Shopping (SQL Injection / XSS Reflected)
"inurl:.php?id= site:.ar intext:shopping"
intrackeable
2019-09-13
Med.
Laprida Gobierno Municipal (SQL Injection)
"inurl:.php?id= site:.gov.ar"
intrackeable

Copyright 2019, cxsecurity.com

 

Back to Top