Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2018-07-16
Med.
2018-07-15
Med.
Low
Med.
2018-07-14
Med.
Med.
Med.
Med.
Med.
High
Low
Med.
Low

The latest CVEs

2018-07-16
CVE-2018-14089
An issue was discovered in a smart contract implementation for Virgo_ZodiacToken, an Ethereum token. In this contract, 'bool sufficientAllowance = allowance <= _value' will cause an arbitrary transfer in the function transferFrom because '<=' is used instead of '>=' (which was intended). An attacker can transfer from any address to his address, and...
CVE-2018-14088
An issue was discovered in a smart contract implementation for STeX White List (STE(WL)), an Ethereum token. The contract has an integer overflow. If the owner sets the value of amount to a large number then the "amount * 1000000000000000" will cause an integer overflow in withdrawToFounders().
CVE-2018-14087
An issue was discovered in a smart contract implementation for EUC (EUC), an Ethereum token. The contract has an integer overflow. If the owner sets the value of buyPrice to a large number in setPrices() then the "msg.value * buyPrice" will cause an integer overflow in the fallback function.
CVE-2018-14086
An issue was discovered in a smart contract implementation for SingaporeCoinOrigin (SCO), an Ethereum token. The contract has an integer overflow. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overflow in sell().
CVE-2018-14085
An issue was discovered in a smart contract implementation for UserWallet 0x0a7bca9FB7AfF26c6ED8029BB6f0F5D291587c42, an Ethereum token. First, suppose that the owner adds the evil contract address to his sweepers. The evil contract looks like this: contract Exploit { uint public start; function sweep(address _token, uint _amount) returns (bool) { ...
CVE-2018-14084
An issue was discovered in a smart contract implementation for MKCB, an Ethereum token. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overflow in sell().
2018-07-15
CVE-2018-14073
libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c.
CVE-2018-14072
libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in fromsixel.c, and sixel_decode_raw in fromsixel.c.
CVE-2018-14069
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add a user account via admin.php?m=Admin&c=member&a=add.
CVE-2018-14068
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add an admin account via admin.php?m=Admin&c=manager&a=add.

Dorks

2018-07-15
Med.
Mini Ajax Arbitrary File Upload
intitle:"Mini Ajax File Upload Form"
0N3R1D3R
Low
TSMTS XSS Vulnerability
intext:"TSMTS" inurl:?p=result-search
Rafin Rahman Chy
2018-07-14
Med.
Developed By: VUBIT SQL Injection
"Developed By: VUBIT"
Bl4ck M4n
Med.
Design & Maintenance: Aalo IT SQL Injection
"Design & Maintenance: Aalo IT"
Bl4ck M4n
Med.
Lenule44ka CMS LFI Vulnerability
intext:"by Lenule44ka"
0N3R1D3R

Copyright 2018, cxsecurity.com

 

Back to Top