Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2020-05-26
High
High
High
Med.
Med.
2020-05-25
Med.
Med.
2020-05-24
Med.
Med.
Med.
Med.
High
2020-05-23
Med.

The latest CVEs

2020-05-26
CVE-2020-13616
The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS hostname verification.
CVE-2020-13615
lib/QoreSocket.cpp in Qore before 0.9.4.2 lacks hostname verification for X.509 certificates.
CVE-2020-13614
An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification.
CVE-2020-9046
A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files.
CVE-2020-6831
A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
CVE-2020-6830
For native-to-JS bridging, the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. That token was being used for JS-to-native also, but it isn't needed in this case, and its usage was also leaking this token. This vulnerability affects Firefox for iOS < 25.
CVE-2020-12392
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR < 68.8, Firefox <...
CVE-2020-12391
Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin. This vulnerability affects Firefox < 76.
CVE-2020-12390
Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox < 76.
CVE-2020-12389
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.

Dorks

2020-05-26
Med.
Websites of Iranian travel agencies By Aryan chehreghani
[inurl:php?id= intext:طراحی وب سایت : ایران تکنولوژی]
Aryan Chehreghani
2020-05-25
Med.
Dassinfotech CMS SQL Injection Bypass Admin Vulnerability
intext:Design by Dassinfotech.com
Xmall75
2020-05-22
Med.
Default U/P admin on Powered by © 2019 All Rights Reserved by MTech Websolution
Powered by © 2019 All Rights Reserved by MTech
Zaen
Low
Powered by IZYWEBSTORE - Indonesian Academy XSS Vulnerability
intext:"powered by izywebstore.com"
Xmall75
2020-05-21
Med.
DGinteractive Internet Automobile XSS SQL Injection
DGinteractive : création de site internet automobile
KingSkrupellos

Copyright 2020, cxsecurity.com

 

Back to Top