Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2021-05-05
High
High
Low
High
Med.
Med.
2021-05-04
Med.
High
High
High
Med.
Med.
2021-05-03
Med.

The latest CVEs

2021-05-06
CVE-2021-3501
A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability.
CVE-2021-29921
Improper input validation of octal strings in Python stdlib ipaddress 3.10 and below allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many programs that rely on Python stdlib ipaddress. IP address octects are left stripped instead of evaluated as valid IP addresses.
CVE-2021-29490
Jellyfin is a free software media system that provides media from a dedicated server to end-user devices via multiple apps. Verions prior to 10.7.3 vulnerable to unauthenticated Server-Side Request Forgery (SSRF) attacks via the imageUrl parameter. This issue potentially exposes both internal and external HTTP servers or other resources available v...
CVE-2021-24250
CVE-2021-24248
CVE-2021-24214
The OpenID Connect Generic Client WordPress plugin 3.8.0 and 3.8.1 did not sanitise the login error when output back in the login form, leading to a reflected Cross-Site Scripting issue. This issue does not require authentication and can be exploited with the default configuration.
CVE-2021-24178
CVE-2021-1535
A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected by this vulnerability, the Cisco SD-WAN vManage Software must be in cluster mode. This vulnerability is due to the absence of authentication for sens...
CVE-2021-1530
A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software could allow an authenticated, remote attacker to access sensitive information or cause a partial denial of service (DoS) condition on an affected system. This vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing...
CVE-2021-31245
omr-admin.py in openmptcprouter-vps-admin 0.57.3 and earlier compares the user provided password with the original password in a length dependent manner, which allows remote attackers to guess the password via a timing attack.

Dorks

2021-05-05
High
Ghostcat Vulnerability Remote Code Execution( CVE-2020-1938 )
python3 ajpshooter.py IP:ApachePort AjpPort /file/location read/eval
Chaitin Tech
2021-05-04
Med.
ILDIS v2 Applications Multiple Vulnerabilities
intitle:Signin | ILDIS JDIHN
KimiHmei7
2021-05-03
Med.
Technical Assistance explore IT Sql Injection Vulnerability
"Technical Assistance explore IT"
behrouz mansoori
2021-04-28
Low
Dulux - Html Injection Vulnerability
inurl : dulux site:.
Hz3666Ghost
2021-04-20
Med.
Irandesign.ir CMS SQL Injection
intext:"طراحی سایت توسط ایران دیزاین"
K0uR0sH3R

Copyright 2021, cxsecurity.com

 

Back to Top