Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2020-05-29
Med.
Med.
Med.
2020-05-28
Med.
Low
Med.
Med.
Med.
Med.
Med.
Med.
Med.
Low

The latest CVEs

2020-05-29
CVE-2020-5573
Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors.
CVE-2020-5572
Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker to obtain credential information registered in the product via unspecified vectors.
CVE-2020-13693
An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled.
2020-05-28
CVE-2020-13173
Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing an application which acquires that named pipe.
CVE-2020-5357
Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. The vulnerability is limited to the Dell Dock Firmware Update Utilities during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malic...
CVE-2020-11082
In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. This has been fixed in 1.2.1.
CVE-2019-6342
An access bypass vulnerability exists when the experimental Workspaces module in Drupal 8 core is enabled. This can be mitigated by disabling the Workspaces module. It does not affect any release other than Drupal 8.7.4.
CVE-2020-13660
CMS Made Simple through 2.2.14 allows XSS via a crafted File Picker profile name.
CVE-2020-13245
Certain NETGEAR devices are affected by Missing SSL Certificate Validation. This affects R7000 1.0.9.6_1.2.19 through 1.0.11.100_10.2.10, and possibly R6120, R7800, R6220, R8000, R6350, R9000, R6400, RAX120, R6400v2, RBR20, R6800, XR300, R6850, XR500, and R7000P.
CVE-2020-11079
node-dns-sync (npm module dns-sync) through 0.2.0 allows execution of arbitrary commands . This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This has been fixed in 0.2.1.

Dorks

2020-05-28
Med.
Taiwanese Travel Websites Local File Inclusion
intext:"COPYRIGHT" inurl:?page=regulation.php
Xmall75
2020-05-27
Med.
Novaworks Local File Inclusion
intext:"Novaworks" inurl:.php?
Xmall75
Med.
Chamilo © 2020 Campus v1 ElFinder Backdoor Access Shell Upload Vulnerability( Multiple CVE )
Powered by Chamilo © 2020 site:com
KingSkrupellos
2020-05-26
Med.
Websites of Iranian travel agencies By Aryan chehreghani
[inurl:php?id= intext:طراحی وب سایت : ایران تکنولوژی]
Aryan Chehreghani
2020-05-25
Med.
Dassinfotech CMS SQL Injection Bypass Admin Vulnerability
intext:Design by Dassinfotech.com
Xmall75

Copyright 2020, cxsecurity.com

 

Back to Top