Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2022-11-26
High
Low
Med.
Low
Med.
Med.
Med.
Med.
2022-11-22
Med.
High
Med.
2022-11-21
High
Med.

The latest CVEs

2022-11-29
CVE-2022-36433
The blog-post creation functionality in the Amasty Blog Pro 2.10.3 plugin for Magento 2 allows injection of JavaScript code in the short_content and full_content fields, leading to XSS attacks against admin panel users via posts/preview or posts/save.
CVE-2022-46146
Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, i someone has access to a Prometheus web.yml file and users' bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix for the issue. There is no workaround, but attac...
CVE-2022-4202
A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-214518 is the...
CVE-2022-45301
Insecure permissions in Chocolatey Ruby package v3.1.2.1 and below grants all users in the Authenticated Users group write privileges for the path C:\tools\ruby31 and all files located in that folder.
CVE-2022-45304
Insecure permissions in Chocolatey Cmder package v1.3.20 and below grants all users in the Authenticated Users group write privileges for the path C:\tools\Cmder and all files located in that folder.
CVE-2022-45305
Insecure permissions in Chocolatey Python3 package v3.11.0 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\Python311 and all files located in that folder.
CVE-2022-45306
Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\agent and all files located in that folder.
CVE-2022-45307
Insecure permissions in Chocolatey PHP package v8.1.12 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\tools\php81 and all files located in that folder.
CVE-2022-32966
RTL8168FP-CG Dash remote management function has missing authorization. An unauthenticated attacker within the adjacent network can connect to DASH service port to disrupt service.
CVE-2022-32967
RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information.

Dorks

2022-11-18
Med.
Remote Code Execution in SimpleMachinesForum 2.1.1( CVE-2022-26982 )
SimpleMachinesForum Exploit
Sarang Tumne
2022-11-15
Med.
Remote Code Execution in MODX Revolution V2.8.3-pl( CVE-2022-26149 )
MODX Exploit
Sarang Tumne
2022-11-13
High
Remote Code Execution in Abantecart-1.3.2( CVE-2022-26521 )
Abantecart exploit
Sarang Tumne
2022-10-23
Low
Khameneie.ir XSS vulnerabilities
site:farsi.khamenei.ir/search-result?q="
E1.Coders
Med.
developway SQL Injection
intext:"Powered By DevelopWay"
cymilad

Copyright 2022, cxsecurity.com

 

Back to Top